virus raletissement 2013-12-10T22:30:40+00:00
  • Auteur
    Messages
  • pat
    Nombre d'articles : 0

    bonsoir,
    j’aimerais savoir si quelqu’un pouvait m’aider, j’ai prete mon ordi a mon petit frere et il a telechargé des fichiers ou programmes, malheureusement je sais pas lesquels… mais ca ralentis a mort mon ordi j’ai aussi des pub qui apparaisse sans que je ne fasse rien ca commence a m’ennerver, sachant que je vais bientot avoir mes partiels et j’ai besoin de mon ordi rapide et fonctionnel pour reviser si quelqu’un pouvait m’aider ca serait super :content32:
    merci

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonjour et bienvenue 🙂

    Je me nomme H.A.W.X et je vais te prendre en charge. Mais avant, je voudrai que tu prennes connaissance de ces quelques règles stp 🙂

    La désinfection ne sera terminée que lorsque je le dirai. Merci de continuer jusqu’au bout, même si les symptômes apparents ont disparu.

    Ne suis pas plusieurs procédures de désinfection sur différents forums, au risque d’endommager ton système d’exploitation.

    Les outils que je te demanderai de télécharger devront être enregistrés sur ton bureau : aide en images

    Ne fais rien de ta propre initiative.

    Je suis bénévole : je ne pourrai donc pas toujours te répondre de suite.

    Si tu as des questions sur ces consignes fait moi en part 😉

    [hr:ckimpqpn]
    Arrêtes on sait tous que c’est toi mais que tu veux pas le dire :fumeunpeco:

    Bon on va faire un scan global pour voir ce qui se passe 😉

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Configurer
      2. Clique sur la loupe (« Lancer le diagnostic »)
      3. Une message va apparaître, clique sur Oui

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.


    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    Bonne soirée 🙂

  • pat
    Nombre d'articles : 0

    merci de bien vouloir m’aider 😀 Voila je suis obligé de te l’envoyer en trois parties parce qu’il rentre pas dans un message desolé 🙂

    https://antimalware.top/log/SosUpload.14f0c1fdd1ae274994a602bdb99444f3.txt” onclick=”window.open(this.href);return false;

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonjour,

    Mais de rien 😉 Bon rien de grave il y a pas grand chose d’inquiétant 🙂 5 étapes à faire dont une que tu connais déjà :P:

    1.

    • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
    • Lance Junkware Removal Tool, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Appuie sur n’importe quelle touche.

    • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
    • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    2.

    • Télécharge MalwareBytes Anti-Malware
    • Installe le. Décoche “Activer l’essai gratuit de Malwarebytes Anti-Malware PRO”
    • Lance Malwarebytes’ Anti-Malware.
    • Clic sur l’onglet “Mises à jours” puis sur “Rechercher des mises à jours”
    • Clic sur l’onglet “Recherche“, coche “éxécuter un examen complet” puis clic sur Rechercher

    • A la fin de l’analyse, si MBAM n’a rien trouvé :
      • Clic sur OK, le rapport s’ouvre spontanément
    • Si des menaces ont été détectées :
      • Clic sur OK puis “Afficher les résultats
      • Choisis l’option “Supprimer la sélection
      • Si MBAM demande le redémarrage de Windows : Clic sur “Oui
      • Une fois le PC redémarré, le rapport se trouve dans l’onglet “Rapports/Logs
      • Sinon le rapport s’ouvre automatiquement après la suppression
      • Poste le rapport dans ta prochaine réponse

    3.

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    4.

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    5.

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Configurer
      2. Clique sur la loupe (« Lancer le diagnostic »)
      3. Une message va apparaître, clique sur Oui

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.


    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    J’attends 5 rapports 🙂

  • pat
    Nombre d'articles : 0

    number 1 😉
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 7 Home Premium x86
    Ran by poe on 11/12/2013 at 13:02:16,25
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~ Services

    Successfully stopped: [Service] backupstack
    Successfully deleted: [Service] backupstack
    Successfully stopped: [Service] pcsuservice
    Successfully deleted: [Service] pcsuservice
    Successfully stopped: [Service] updater service for eazelbar
    Successfully deleted: [Service] updater service for eazelbar

    ~~~ Registry Values

    Suspicious HKCU..Run entries found. Trojan:JS/Medfos.B?

    Value Name Type Value Data
    ========================================================================================
    BackgroundContainer REG_SZ “C:Windowssystem32Rundll32.exe” “C:UserspoeAppDataLocalConduit

    BackgroundContainerBackgroundContainer.dll”,DllRun

    Successfully deleted: [Registry Value] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerURLSearchHooks\{00000000-

    6E41-4FD3-8538-502F5495E5FC}

    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTAppIDdealplylive.exe
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTAppIDtoolbar.dll
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTInterface{75BF416E-4326-45B5-8A2D-AE32D05B930B}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareconduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareinstalledbrowserextensions
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareAppDataLowsoftwareconduit
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareAppDataLowsoftwareconduitsearchscopes
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareAppDataLowsoftwarecrossrider
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareAppDataLowsoftwaresmartbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareAppDataLowtoolbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerInternetRegistryREGISTRYUSER

    S-1-5-21-1393359087-3183399950-3005852446-1001Softwarewajam
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareconduit
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwaresearchprotect
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassestoolbar.bandobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassestoolbar.bandobject.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassestoolbar.toolbarhelperobject
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassestoolbar.toolbarhelperobject.1
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingbackupstack_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftTracingbackupstack_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionApp Pathsmypc backup
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstalldealply
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallmypc backup
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionUninstallsoftwareupdater
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCrossriderApp0035499.BHO
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCrossriderApp0041962.BHO
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{22222222-2222-2222-2222-220322542299}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{22222222-2222-2222-2222-220422192262}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTInterface{55555555-5555-5555-5555-550455195562}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTInterface{66666666-6666-6666-6666-660366546699}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTInterface{66666666-6666-6666-6666-660466196662}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesCrossriderApp0035499.BHO
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesCrossriderApp0041962.BHO
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesToolbar.CT3297124
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesInterface{55555555-5555-5555-5555-550455195562}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesInterface{66666666-6666-6666-6666-660366546699}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareClassesInterface{66666666-6666-6666-6666-660466196662}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{014DB5FA-EAFB-

    4592-A95B-F44D3EE87FA9}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{4EA5619D-5B27-

    4D2E-A3D5-870F3A098480}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerSearchScopes{EBD839AE-B08C-

    4fb7-859B-F54AF16C159F}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper

    Objects{834acc44-e0fc-4f17-8e6b-f1029b3bc0de}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{834acc44-e0fc-4f17-8e6b-f1029b3bc0de}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOTCLSID{00000000-6E41-4FD3-8538-502F5495E5FC}
    Successfully deleted: [Registry Key] “hkey_current_usersoftwareapn”
    Successfully deleted: [Registry Key] “hkey_current_usersoftwaremicrosoftinternet explorerlow rightselevationpolicy

    {a5aa24ea-11b8-4113-95ae-9ed71deaf12a}”
    Successfully deleted: [Registry Key] “hkey_local_machinesoftwareapn”

    ~~~ Files

    Successfully deleted: [File] “C:Userspoeappdatalocalgooglechromeuser datadefaultlocal storage

    http_app.mam.conduit.com_0.localstorage”
    Successfully deleted: [File] “C:Userspoeappdatalocalgooglechromeuser datadefaultlocal storage

    http_app.mam.conduit.com_0.localstorage-journal”
    Successfully deleted: [File] “C:end”

    ~~~ Folders

    Successfully deleted: [Folder] “C:ProgramDataconduit”
    Successfully deleted: [Folder] “C:ProgramDatadealplylive”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingdealply”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingnosibay”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingsearchprotect”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingwebplayer”
    Successfully deleted: [Folder] “C:Userspoeappdatalocalconduit”
    Successfully deleted: [Folder] “C:Userspoeappdatalocalcre”
    Failed to delete: [Folder] “C:Userspoeappdatalocalsearchprotect”
    Successfully deleted: [Folder] “C:Userspoeappdatalocalwajam”
    Successfully deleted: [Folder] “C:Userspoeappdatalocallowconduit”
    Successfully deleted: [Folder] “C:UserspoeLocal SettingsApplication Datasearchprotect”
    Successfully deleted: [Folder] “C:Program Filesconduit”
    Successfully deleted: [Folder] “C:Program Filesmypc backup”
    Successfully deleted: [Folder] “C:Program Filesnosibay”
    Successfully deleted: [Folder] “C:Program Filessearchprotect”
    Successfully deleted: [Folder] “C:Program Fileswebplayer”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingmicrosoftwindowsstart menuprogramsmypc backup”
    Successfully deleted: [Folder] “C:UserspoeAppDataRoamingmicrosoftwindowsstart menuprogramswajam”

    ~~~ Chrome

    Successfully deleted: [Folder] C:UserspoeappdatalocalGoogleChromeUser DataDefaultExtensions

    jpmbfleldcgkldadpdinhjjopdfpjfjp
    Successfully deleted: [Folder] C:UserspoeappdatalocalGoogleChromeUser DataDefaultExtensions

    licjnkifamhpbaefhdpacpmihicfbomb
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINESoftwareGoogleChromeExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp

    ~~~ Event Viewer Logs were cleared

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 11/12/2013 at 13:08:55,46
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • pat
    Nombre d'articles : 0

    Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org

    Version de la base de données: v2013.12.11.03

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 11.0.9600.16428
    poe :: POUPOUILLE [administrateur]

    11/12/2013 14:28:47
    mbam-log-2013-12-11 (14-28-47).txt

    Type d’examen: Examen complet (C:|D:|E:|F:|G:|Q:|)
    Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d’examen désactivées: P2P
    Elément(s) analysé(s): 364866
    Temps écoulé: 2 heure(s), 3 minute(s), 13 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 8
    HKCRAppIDOKitSpace.DLL (PUP.Optional.OKitSpace.A) -> Mis en quarantaine et supprimé avec succès.
    HKCUSoftwareNosibayBubble Dock (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    HKCUSoftwareNosibayBubble Dock Tag (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSOFTWAREOKitSpace (PUP.Optional.OKitSpace.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSOFTWAREGoogleChromeExtensionshifnddafpdkmjljallgdlkjiiieidmec (PUP.Optional.OKitSpace.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSOFTWARESpeedchecker LimitedPC Speed Up (PUP.Optional.PCSpeedUp.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSYSTEMCurrentControlSetServicessrvBrowserProtect (PUP.BrowserProtect.Optional.A) -> Mis en quarantaine et supprimé avec succès.
    HKLMSYSTEMCurrentControlSetServicesWajamUpdaterV3 (PUP.Optional.Wajam.A) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 1
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun|BackgroundContainer (PUP.Optional.Conduit) -> Données: “C:Windowssystem32Rundll32.exe” “C:UserspoeAppDataLocalConduitBackgroundContainerBackgroundContainer.dll”,DllRun -> Mis en quarantaine et supprimé avec succès.

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 1
    C:Program FilesLyricsViewer-2 (PUP.Optional.LyricsViewer.A) -> Mis en quarantaine et supprimé avec succès.

    Fichier(s) détecté(s): 29
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EGPAS42Vservice[1].exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5EGPAS42V59574.Bubble%20Dock%20AddonsUI[1].exe (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5JQT46VQ7DivX_Browser_Bar_FR_wpf[1].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5K0J6BM71SPI[1].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5K0J6BM71Install_BubbleDock[1].exe (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5K0J6BM71checktbexist[2].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5K0J6BM71pricora-US[1].exe (PUP.Optional.Bundler) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5N3355QE159707.Bubble_Dock.BBD023.no[1].exe (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5N3355QE1spstub[1].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempbubble.exe (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempplugin.exe (PUP.Optional.Bundler) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempnse3CF7.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempnst398D.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempSPStub.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTempnse43D6.tmpBubble Dock BSetup.exe (PUP.Optional.BubbleDock.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataLocalTemp_Temp_loqauvu.tmpSPI.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataRoaming~akuwnyo.exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataRoaming~cbdthau.exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataRoaming~emlxlfk.exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataRoaming~hzxpxjq.exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeAppDataRoaming~yjwaobi.exe (Trojan.Banker.Kreapixel) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeDownloadsUsbFix (1).exe (Trojan.Agent.AI) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeDownloadsUsbFix (2).exe (Trojan.Agent.AI) -> Mis en quarantaine et supprimé avec succès.
    C:UserspoeDownloadsUsbFix (3).exe (Trojan.Agent.AI) -> Mis en quarantaine et supprimé avec succès.
    C:Program FilesLyricsViewer-2LyricsViewer-2-buttonutil.dll (PUP.Optional.CrossRider) -> Mis en quarantaine et supprimé avec succès.
    C:Program FilesDivX_Browser_Bar_FRDivX_Browser_Bar_FRToolbarHelper.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:WindowsTempnsl5182.exe (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
    C:WindowsSystem32TasksBackgroundContainer Startup Task (PUP.Optional.Conduit) -> Mis en quarantaine et supprimé avec succès.
    C:Program FilesLyricsViewer-2LyricsViewer-2-bg.exe (PUP.Optional.LyricsViewer.A) -> Mis en quarantaine et supprimé avec succès.

    (fin)

  • pat
    Nombre d'articles : 0

    Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2013.12.11.04

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 11.0.9600.16428
    poe :: POUPOUILLE [administrateur]

    Protection: Activé

    11/12/2013 17:40:54
    mbam-log-2013-12-11 (17-40-54).txt

    Type d’examen: Examen complet (C:|D:|E:|F:|G:|Q:|)
    Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d’examen désactivées: P2P
    Elément(s) analysé(s): 365239
    Temps écoulé: 2 heure(s), 26 minute(s), 32 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)

  • pat
    Nombre d'articles : 0

    # AdwCleaner v3.015 – Rapport créé le 11/12/2013 à 21:50:21
    # Mis à jour le 10/12/2013 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nom d’utilisateur : poe – POUPOUILLE
    # Exécuté depuis : C:UserspoeDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsAccelerer PC
    Dossier Supprimé : C:Program FilesAccelerer PC
    Dossier Supprimé : C:Program FilesEazelBar
    Dossier Supprimé : C:Program FilesPass-Widget
    Dossier Supprimé : C:Program FilesPricora 2.0
    Dossier Supprimé : C:Program FilesDivX_Browser_Bar_FR
    Dossier Supprimé : C:Windowssystem32Searchprotect
    Dossier Supprimé : C:UserspoeAppDataLocalNativeMessaging
    Dossier Supprimé : C:UserspoeAppDataLocalTempConduit
    Dossier Supprimé : C:UserspoeAppDataLocalTempNativeMessaging
    Dossier Supprimé : C:UserspoeAppDataLocalLowPricora 2.0
    Dossier Supprimé : C:UserspoeAppDataLocalLowDivX_Browser_Bar_FR
    Dossier Supprimé : C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsBubble Dock
    Dossier Supprimé : C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsfbdagnimlohkpamglloopgfnoiijpmoj
    Dossier Supprimé : C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsgmookaamlkjilnemkglmedgieblahbcn
    Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramslollipop.lnk
    Fichier Supprimé : C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramslollipop.lnk
    Fichier Supprimé : C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMyPC Backup.lnk
    Fichier Supprimé : C:UserspoeDesktopMyPC Backup.lnk
    Fichier Supprimé : C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_search.conduit.com_0.localstorage
    Fichier Supprimé : C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehxxp_search.conduit.com_0.localstorage-journal
    Fichier Supprimé : C:WindowsTasksPassWidget Update.job
    Fichier Supprimé : C:WindowsSystem32TasksPassWidget Update
    Fichier Supprimé : C:WindowsTasksPricora 2.0-chromeinstaller.job
    Fichier Supprimé : C:WindowsSystem32TasksPricora 2.0-chromeinstaller
    Fichier Supprimé : C:WindowsTasksPricora 2.0-codedownloader.job
    Fichier Supprimé : C:WindowsSystem32TasksPricora 2.0-codedownloader
    Fichier Supprimé : C:WindowsTasksPricora 2.0-enabler.job
    Fichier Supprimé : C:WindowsSystem32TasksPricora 2.0-enabler
    Fichier Supprimé : C:WindowsTasksPricora 2.0-updater.job
    Fichier Supprimé : C:WindowsSystem32TasksPricora 2.0-updater

    ***** [ Raccourcis ] *****

    Raccourci Désinfecté : C:UsersPublicDesktopGoogle Chrome.lnk
    Raccourci Désinfecté : C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle ChromeGoogle Chrome.lnk
    Raccourci Désinfecté : C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
    Raccourci Désinfecté : C:UserspoeAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarGoogle Chrome.lnk
    Raccourci Désinfecté : C:UserspoeAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarInternet Explorer.lnk
    Raccourci Désinfecté : C:UserspoeAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarWindows Explorer.lnk

    ***** [ Registre ] *****

    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [{EBD839AE-B08C-4FB7-859B-F54AF16C159F}]
    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [bubbledock@nosibay.com]
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsfbdagnimlohkpamglloopgfnoiijpmoj
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{C2743967-6215-4475-8329-94641DC98A92}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{C2743967-6215-4475-8329-94641DC98A92}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{B981A066-0125-48E9-9947-16418F2BE279}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{B981A066-0125-48E9-9947-16418F2BE279}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{0139BFEF-572E-47B7-B936-D7F65F949EC4}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{0139BFEF-572E-47B7-B936-D7F65F949EC4}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{FAFC8366-0EA7-48F4-8703-CFED956157C3}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{FAFC8366-0EA7-48F4-8703-CFED956157C3}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{8388CCB1-74F9-4F7C-A8B1-89DFDA0EA9FE}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{8388CCB1-74F9-4F7C-A8B1-89DFDA0EA9FE}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheLogon{5791E29A-7D39-4C37-9DDF-86DBFE5ABB26}
    [#] Clé Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{5791E29A-7D39-4C37-9DDF-86DBFE5ABB26}
    Clé Supprimée : HKCUSoftwareClassesApplicationslollipop.exe
    Clé Supprimée : HKLMSYSTEMCurrentControlSetServicesEventlogApplicationWajamUpdater
    Clé Supprimée : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{23AF19F7-1D5B-442C-B14C-3D1081953C94}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{EBD839AE-B08C-4FB7-859B-F54AF16C159F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{E5D0B3A6-727B-45AB-AFC0-C9DB4F6CC2CE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{1C888195-0160-4883-91B7-294C0CE2F277}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{23AF19F7-1D5B-442C-B14C-3D1081953C94}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{23AF19F7-1D5B-442C-B14C-3D1081953C94}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EBD839AE-B08C-4FB7-859B-F54AF16C159F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{23AF19F7-1D5B-442C-B14C-3D1081953C94}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EBD839AE-B08C-4FB7-859B-F54AF16C159F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{E5D0B3A6-727B-45AB-AFC0-C9DB4F6CC2CE}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{5ccff5d3-96a1-492e-8b44-2a4fbf9c9188}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{65968e1f-875f-4468-b638-b52c8563ebb1}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{66fe73c2-238d-4ebf-a9fb-9693306cd130}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{736edbef-747a-4f98-bafc-3321a1dc5150}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{DE79FC3C-3EFC-430B-B262-28BB86035635}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{B6F944E1-62F9-42EB-BA83-70AAA1801148}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{EBD839AE-B08C-4FB7-859B-F54AF16C159F}]
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}]
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{834ACC44-E0FC-4F17-8E6B-F1029B3BC0DE}]
    Clé Supprimée : HKCUSoftwareEazelBar
    Clé Supprimée : HKCUSoftwareInstalledThirdPartyPrograms
    Clé Supprimée : HKCUSoftwarelollipop
    Clé Supprimée : HKCUSoftwareNosibay
    Clé Supprimée : HKCUSoftwareSpeedchecker Limited
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareBackgroundContainer
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwarePassWidget
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwarePricora 2.0
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareDivX_Browser_Bar_FR
    Clé Supprimée : HKLMSoftwareDivXInstallSetupWizardLayoutConduitToolbar
    Clé Supprimée : HKLMSoftwareEazelBar
    Clé Supprimée : HKLMSoftwareInstalledThirdPartyPrograms
    Clé Supprimée : HKLMSoftwareSoftwareUpdater
    Clé Supprimée : HKLMSoftwareSpeedchecker Limited
    Clé Supprimée : HKLMSoftwareVittalia
    Clé Supprimée : HKLMSoftwarePricora 2.0
    Clé Supprimée : HKLMSoftwareDivX_Browser_Bar_FR
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallEazelBar
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallWebplayer
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPricora 2.0
    Clé Supprimée : HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components8121C32A9C319F4CB0C11FF059552A4

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.16428

    -\ Google Chrome v31.0.1650.63

    [ Fichier : C:UserspoeAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée : homepage
    Supprimée : urls_to_restore_on_startup
    Supprimée : keyword

    *************************

    AdwCleaner[R0].txt – [11628 octets] – [11/12/2013 21:48:18]
    AdwCleaner[S0].txt – [10673 octets] – [11/12/2013 21:50:21]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [10734 octets] ##########

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir,

    Bravo, continue la suite 😉

  • pat
    Nombre d'articles : 0

    Rapport de SFTGC (Pierre13) du Mercredi 11 Décembre 2013 à 22:14:18 version : 2.0.0.60
    Mis à jour le 27/11/2013
    Outil lancé en Mode normal et En tant qu’administrateur
    Windows 7 Home Premium Service Pack 1 32 bits

    Tool start in C:UserspoeDesktop

    823 éléments supprimés => 3.5 Go libérés. (4 mn 28 s)

    C:UserspoeAppDataLocalLowSunJavaDeploymentext
    C:UserspoeAppDataLocalLowSunJavaDeploymentlog
    C:UserspoeAppDataLocalLowSunJavaDeploymentsecurity
    C:UserspoeAppDataLocalLowSunJavaDeploymentsecuritybaseline.timestamp
    C:UserspoeAppDataLocalLowSunJavaDeploymentsecuritybaseline.versions
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.01
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.010
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.011
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.012
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.013
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.014
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.015
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.016
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.017
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.018
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.019
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.02
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.020
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.021
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.022
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.023
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.024
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.025
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.026
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.027
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.028
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.029
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.03
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.030
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.031
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.032
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.033
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.034
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.035
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.036
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.037
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.038
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.039
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.04
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.040
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.041
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.042
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.043
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.044
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.045
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.046
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.047
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.048
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.049
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.05
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.050
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.051
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.052
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.053
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.054
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.055
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.056
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.057
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.058
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.059
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.06
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.060
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.061
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.062
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.063
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.07
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.08
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.09
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0host
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0lastAccessed
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0muffin
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0tmp
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.06050fd86fc-18a50754
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.06050fd86fc-18a50754.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.062d4de006-17d8fd66
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.062d4de006-17d8fd66.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0594a0a68bb-438c8ab6
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0594a0a68bb-438c8ab6.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.05746c252b9-78139268
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.05746c252b9-78139268.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.05020aeb272-6380fdae
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.05020aeb272-6380fdae.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.04634c870ee-2ae9896f
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.04634c870ee-2ae9896f.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.040c1e85e8-21818c29
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.040c1e85e8-21818c29.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.03171fd88df-6840c0cb
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.03171fd88df-6840c0cb.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0264eef171a-4817f08a
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0264eef171a-4817f08a.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0234b416097-585bd118
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.0234b416097-585bd118.idx
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.018151d4e12-7bcb0f81
    C:UserspoeAppDataLocalLowSunJavaDeploymentcache6.018151d4e12-7bcb0f81.idx
    C:UserspoeAppDataLocalLowMicrosoftIME12
    C:UserspoeAppDataLocalLowMicrosoftIMJP12
    C:UserspoeAppDataLocalLowMicrosoftIMJP8_1
    C:UserspoeAppDataLocalLowMicrosoftIMJP9_0
    C:UserspoeAppDataLocalMicrosoftWindowsHistoryHistory.IE5
    C:UserspoeAppDataLocalMicrosoftWindowsHistoryLowHistory.IE5
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesVirtualizedCUserspoeAppDataRoamingMicrosoftInstaller
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesVirtualizedCUserspoeAppDataRoamingMicrosoftWindowsPrivacIE
    C:UserspoeAppDataLocalMicrosoftWindowsTemporary Internet FilesVirtualizedCUserspoeAppDataRoamingMacromediaFlash Player#SharedObjectsHYX6F8W5
    C:UserspoeAppDataLocalTemp95897821-BAB0-7891-A3CC-9839F717F8EB
    C:UserspoeAppDataLocalTempBTN%Copy%1
    C:UserspoeAppDataLocalTempCeement
    C:UserspoeAppDataLocalTempHistory
    C:UserspoeAppDataLocalTempjrt
    C:UserspoeAppDataLocalTempmsohtmlclip1
    C:UserspoeAppDataLocalTempscoped_dir_4952_20492
    C:UserspoeAppDataLocalTempSDIAG_850b3f10-eeac-4157-bcd0-7348467288de
    C:UserspoeAppDataLocalTempSkype
    C:UserspoeAppDataLocalTemp{2599CCA9-F41F-4AD5-B307-CBCD0B713279}
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1WinXPDriversWinXP
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIPEAPHelp
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIPEAPx64
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIPEAPx86
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUILEAPHelp
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUILEAPx64
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUILEAPx86
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIEap-FastHelp
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIEap-Fastx64
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7MUIEap-Fastx86
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7DriversWin7
    C:UserspoeAppDataLocalTemp{00036FE8-CA87-412C-9D60-93B0C5F0665F}Disk1Win7DriversWinVista
    C:UserspoeAppDataLocalTempwlmail663569643supfilesBDE338C
    C:UserspoeAppDataLocalTempTestIfExeExistCT3297124
    C:UserspoeAppDataLocalTempOICE_9DB9B0F0-D066-4995-A145-E858196F7D98.0AppDataRoamingMicrosoft
    C:UserspoeAppDataLocalTempOICE_5AA48CB9-EE66-4257-82D4-BE16939879B8.0AppDataRoamingMicrosoft
    C:UserspoeAppDataLocalTempOICE_1431B889-A540-45FB-903F-4721C2CFEE3D.0AppDataRoamingMicrosoft
    C:UserspoeAppDataLocalTempLowHistory
    C:UserspoeAppDataLocalTempLowFichiers Internet temporairesContent.IE5
    C:UserspoeAppDataLocalTempFichiers Internet temporairesContent.IE5
    C:UserspoeAppDataLocalTempAdobeAcrobat
    C:UserspoeAppDataLocalTempACOProjectsSDMS
    C:WindowsTEMPLow
    C:WindowsTEMPavnwldrtempsetupvista64
    C:WindowsTEMPavnwldrtempsetupwin7
    C:WindowsTEMPavnwldrtempsetupwin8
    C:WindowsTEMPavnwldrtempsetupxp
    C:WindowsTEMPavnwldrtempsetupxp64
    C:WindowsTEMPavnwldrtempsetupxp64avgntflt.inf
    C:WindowsTEMPavnwldrtempsetupxp64avgntflt.sys
    C:WindowsTEMPavnwldrtempsetupxp64avipbb.inf
    C:WindowsTEMPavnwldrtempsetupxp64avipbb.sys
    C:WindowsTEMPavnwldrtempsetupxp64avkmgr.inf
    C:WindowsTEMPavnwldrtempsetupxp64avkmgr.sys
    C:WindowsTEMPavnwldrtempsetupxpavgntflt.cat
    C:WindowsTEMPavnwldrtempsetupxpavgntflt.inf
    C:WindowsTEMPavnwldrtempsetupxpavgntflt.sys
    C:WindowsTEMPavnwldrtempsetupxpavipbb.cat
    C:WindowsTEMPavnwldrtempsetupxpavipbb.inf
    C:WindowsTEMPavnwldrtempsetupxpavipbb.sys
    C:WindowsTEMPavnwldrtempsetupxpavkmgr.cat
    C:WindowsTEMPavnwldrtempsetupxpavkmgr.inf
    C:WindowsTEMPavnwldrtempsetupxpavkmgr.sys
    C:WindowsTEMPavnwldrtempsetupxpavshadow.exe
    C:WindowsTEMPavnwldrtempsetupwin864avgntflt.cat
    C:WindowsTEMPavnwldrtempsetupwin864avgntflt.inf
    C:WindowsTEMPavnwldrtempsetupwin864avgntflt.sys
    C:WindowsTEMPavnwldrtempsetupwin864avipbb.cat
    C:WindowsTEMPavnwldrtempsetupwin864avipbb.inf
    C:WindowsTEMPavnwldrtempsetupwin864avipbb.sys
    C:WindowsTEMPavnwldrtempsetupwin864avkmgr.cat
    C:WindowsTEMPavnwldrtempsetupwin864avkmgr.inf
    C:WindowsTEMPavnwldrtempsetupwin864avkmgr.sys
    C:WindowsTEMPavnwldrtempsetupwin864avnetflt.cat
    C:WindowsTEMPavnwldrtempsetupwin864avnetflt.inf
    C:WindowsTEMPavnwldrtempsetupwin864avnetflt.sys
    C:WindowsTEMPavnwldrtempsetupwin8avnetflt.cat
    C:WindowsTEMPavnwldrtempsetupwin8avnetflt.inf
    C:WindowsTEMPavnwldrtempsetupwin8avnetflt.sys
    C:WindowsTEMPavnwldrtempsetupwin764avnetflt.cat
    C:WindowsTEMPavnwldrtempsetupwin764avnetflt.inf
    C:WindowsTEMPavnwldrtempsetupwin764avnetflt.sys
    C:WindowsTEMPavnwldrtempsetupwin7avnetflt.cat
    C:WindowsTEMPavnwldrtempsetupwin7avnetflt.inf
    C:WindowsTEMPavnwldrtempsetupwin7avnetflt.sys
    C:WindowsTEMPavnwldrtempsetupvista64avgntflt.cat
    C:WindowsTEMPavnwldrtempsetupvista64avgntflt.inf
    C:WindowsTEMPavnwldrtempsetupvista64avgntflt.sys
    C:WindowsTEMPavnwldrtempsetupvista64avipbb.cat
    C:WindowsTEMPavnwldrtempsetupvista64avipbb.inf
    C:WindowsTEMPavnwldrtempsetupvista64avipbb.sys
    C:WindowsTEMPavnwldrtempsetupvista64avipc64.dll
    C:WindowsTEMPavnwldrtempsetupvista64avkmgr.cat
    C:WindowsTEMPavnwldrtempsetupvista64avkmgr.inf
    C:WindowsTEMPavnwldrtempsetupvista64avkmgr.sys
    C:WindowsTEMPavnwldrtempsetupvista64avshadow.exe
    C:WindowsTEMPavnwldrtempsetupfr-frimg
    C:WindowsTEMPavnwldrtempsetupfr-frimgalert_level.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_bl.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_br.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_ml.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_mr.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_tl.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_bg_tr.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_btn_gray_hover.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_btn_gray_normal.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_phone.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_red_arrow.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgandroid_video.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_b.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_bl.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_br.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_m.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_ml.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_mr.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_t.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_tl.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbg_tr.jpg
    C:WindowsTEMPavnwldrtempsetupfr-frimgbtn_gray_hover.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgbtn_gray_normal.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgred_arrow.gif
    C:WindowsTEMPavnwldrtempsetupfr-frimgvideo.gif

  • pat
    Nombre d'articles : 0

    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391appmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391bing.jewelextension.manifest
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391footer
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391icons
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jewel.html
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391JewelExtension.dll
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391JewelExtensionComDll.manifest
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpane
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locca-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locda-dk
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-at
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-ch
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-de
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-au
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-ca
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-gb
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-ie
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-in
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-my
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-nz
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-sg
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-us
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-ar
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-cl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-mx
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loceu-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfi-fi
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-be
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-ca
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-ch
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-fr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnb-no
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-be
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-nl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpl-pl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpt-br
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locru-ru
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locsv-se
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locuk-ua
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-hk
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-tw
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-twappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-twlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-twSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-hkappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-hklocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loczh-hkSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locuk-uaappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locuk-ualocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locuk-uaSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locsv-seappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locsv-selocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locsv-seSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locru-ruappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locru-rulocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locru-ruSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpt-brappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpt-brlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpt-brSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpl-plappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpl-pllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locpl-plSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-nlappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-nllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-nlSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-beappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-belocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnl-beSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnb-noappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnb-nolocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locnb-noSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locit-itappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locit-itlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locit-itSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-frappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-frlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-frSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-chappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-chlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-chSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-caappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-calocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-caSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-beappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-belocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfr-beSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfi-fiappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfi-filocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locfi-fiSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loceu-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loceu-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loceu-esSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-mxappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-mxlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-mxSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-esSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-clappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-cllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-clSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-arappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-arlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391loces-arSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-usappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-uslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-usSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-sgappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-sglocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-sgSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-nzappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-nzlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-nzSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-myappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-mylocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-mySettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-inappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-inlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-inSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-ieappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-ielocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-ieSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-gbappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-gblocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-gbSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-caappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-calocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-caSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-auappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-aulocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locen-auSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-deappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-delocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-deSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-chappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-chlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-chSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-atappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-atlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locde-atSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locda-dkappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locda-dklocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locda-dkSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locca-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locca-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391locca-esSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanedefault.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanedisabled.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanedrag_default.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanedrag_hover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanehover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanejquery.jscrollpane.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanejquery.jscrollpane.min.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanetrack_default.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscrollpanetrack_hover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jscommon.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsdownloadservice.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsfeedContentParser.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsjewel.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsjewelInstrumentation.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsjquery-1.4.2.min.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsjquery.mousewheel.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsjson2.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jslaunchExternalApp.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsnavigateUrl.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsrefresh.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jssettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsstorage.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsstructs.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391jsutility.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesbuttons
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHP-entertainment-button-43×26.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHP-entertainment-button-54×33.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHP-entertainment-button-65×40.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHPNTDF_Games_43X26.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHPNTDF_Games_54X33.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesHPNTDF_Games_65x40.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesbuttonsgradient_a.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391imagesbuttonsgradient_b.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_100.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_125.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_150.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_chinese_100.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_chinese_125.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391iconsjewel_chinese_150.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391footerfooter.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391footerfooter.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391footerprogress_indicator.gif
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391cssbingclient.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton27.1.391cssjewel.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391appmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391bing.jewelextension.manifest
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391footer
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391icons
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jewel.html
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391JewelExtension.dll
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391JewelExtensionComDll.manifest
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpane
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locbg-bg
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locca-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loccs-cz
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locda-dk
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-at
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-ch
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-de
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locel-gr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-145
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-au
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ca
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-gb
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-id
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ie
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-in
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-my
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-nz
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ph
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-sg
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-us
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-za
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-419
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-ar
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-cl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-mx
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locet-ee
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loceu-es
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfi-fi
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-be
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-ca
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-ch
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-fr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochr-hr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochu-hu
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locit-it
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locja-jp
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locko-kr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclt-lt
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclv-lv
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnb-no
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-be
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-nl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpl-pl
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-br
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-pt
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locro-ro
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locru-ru
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsk-sk
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsl-si
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsr-latn-cs
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsv-se
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loctr-tr
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locuk-ua
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-cn
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-hk
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-tw
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-twappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-twlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-twSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-hkappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-hklocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-hkSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-cnappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loczh-cnlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locuk-uaappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locuk-ualocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locuk-uaSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loctr-trappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loctr-trlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loctr-trSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsv-seappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsv-selocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsv-seSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsr-latn-csappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsr-latn-cslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsr-latn-csSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsl-siappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsl-silocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsl-siSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsk-skappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsk-sklocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locsk-skSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locru-ruappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locru-rulocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locro-roappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locro-rolocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locro-roSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-ptappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-ptlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-ptSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-brappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpt-brlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpl-plappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpl-pllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locpl-plSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-nlappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-nllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-nlSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-beappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-belocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnl-beSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnb-noappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnb-nolocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locnb-noSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclv-lvappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclv-lvlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclv-lvSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclt-ltappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclt-ltlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loclt-ltSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locko-krappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locko-krlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locko-krSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locja-jpappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locja-jplocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locit-itappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locit-itlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochu-huappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochu-hulocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochu-huSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochr-hrappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochr-hrlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391lochr-hrSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-frappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-frlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-chappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-chlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-chSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-caappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-calocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-beappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-belocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfr-beSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfi-fiappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfi-filocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locfi-fiSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loceu-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loceu-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locet-eeappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locet-eelocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locet-eeSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-mxappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-mxlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-clappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-cllocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-arappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-arlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-419appmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loces-419locStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-zaappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-zalocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-zaSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-usappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-uslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-sgappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-sglocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-sgSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-phappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-phlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-phSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-nzappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-nzlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-nzSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-myappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-mylocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-mySettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-inappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-inlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-inSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ieappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ielocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-ieSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-idappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-idlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-idSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-gbappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-gblocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-caappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-calocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-auappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-aulocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-145appmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-145locStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locen-145Settings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locel-grappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locel-grlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locel-grSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-deappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-delocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-chappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-chlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-chSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-atappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-atlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locde-atSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locda-dkappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locda-dklocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locda-dkSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loccs-czappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loccs-czlocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391loccs-czSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locca-esappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locca-eslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locbg-bgappmanifest.xml
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locbg-bglocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391locbg-bgSettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanedefault.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanedisabled.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanedrag_default.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanedrag_hover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanehover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanejquery.jscrollpane.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanejquery.jscrollpane.min.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanetrack_default.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscrollpanetrack_hover.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jscommon.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsdownloadservice.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsfeedContentParser.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsjewel.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsjewelInstrumentation.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsjquery-1.4.2.min.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsjquery.mousewheel.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsjson2.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jslaunchExternalApp.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jslocStrings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsnavigateUrl.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsrefresh.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jssettings.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsstorage.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsstructs.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391jsutility.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesbuttons
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesHPNTDF_Tag_43X26.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesHPNTDF_Tag_54X33.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesHPNTDF_Tag_65X40.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imageshpplus_43x26.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imageshpplus_54x33.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imageshpplus_65x40.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesbuttonsgradient_a.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391imagesbuttonsgradient_b.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_100.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_125.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_150.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_chinese_100.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_chinese_125.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391iconsjewel_chinese_150.png
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391footerfooter.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391footerfooter.js
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391footerprogress_indicator.gif
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391cssbingclient.css
    C:WindowsTEMP8B390C822CA44FC09AB88CDFC42CE743HPNTDFButton17.1.391cssjewel.css
    C:WindowsPrefetch31.0.1650.57_30.0.1599.101_CH-665E70FC.pf
    C:WindowsPrefetchACRORD32.EXE-91E1AAD6.pf
    C:WindowsPrefetchADOBE AIR APPLICATION INSTALL-0E77BCFB.pf
    C:WindowsPrefetchADOBE AIR INSTALLER.EXE-D9675C38.pf
    C:WindowsPrefetchADOBE AIR UPDATER.EXE-C0C506F0.pf
    C:WindowsPrefetchADOBE.EXE-BD942195.pf
    C:WindowsPrefetchADOBEARM.EXE-719325FF.pf
    C:WindowsPrefetchAgAppLaunch.db
    C:WindowsPrefetchAgCx_S1_S-1-5-21-1393359087-3183399950-3005852446-1001.snp.db
    C:WindowsPrefetchAgCx_SC1.db
    C:WindowsPrefetchAgCx_SC1.db.trx
    C:WindowsPrefetchAgCx_SC2.db
    C:WindowsPrefetchAgCx_SC4.db
    C:WindowsPrefetchAgGlFaultHistory.db
    C:WindowsPrefetchAgGlFgAppHistory.db
    C:WindowsPrefetchAgGlGlobalHistory.db
    C:WindowsPrefetchAgGlUAD_P_S-1-5-21-1393359087-3183399950-3005852446-1001.db
    C:WindowsPrefetchAgGlUAD_S-1-5-21-1393359087-3183399950-3005852446-1001.db
    C:WindowsPrefetchAgRobust.db
    C:WindowsPrefetchAUDIODG.EXE-BDFD3029.pf
    C:WindowsPrefetchAVNOTIFY.EXE-FEC2FEC4.pf
    C:WindowsPrefetchAVSCAN.EXE-E289CD20.pf
    C:WindowsPrefetchAVWSC.EXE-4630B658.pf
    C:WindowsPrefetchBBSVC.EXE-43C9E48F.pf
    C:WindowsPrefetchBINGAPP.EXE-7E0A7F44.pf
    C:WindowsPrefetchBINGBAR.EXE-3400E0F0.pf
    C:WindowsPrefetchBINGSURROGATE.EXE-F89A080B.pf
    C:WindowsPrefetchBUBBLE DOCK BSETUP.EXE-965EE0C9.pf
    C:WindowsPrefetchBUBBLE DOCK.EXE-990D1A58.pf
    C:WindowsPrefetchBUBBLE.EXE-84C08A71.pf
    C:WindowsPrefetchCHROME.EXE-548E89AE.pf
    C:WindowsPrefetchCHROME.EXE-5A1054AF.pf
    C:WindowsPrefetchCLTMNG.EXE-65F0B2D5.pf
    C:WindowsPrefetchCLTMNGSVC.EXE-405A3D1F.pf
    C:WindowsPrefetchCLTMNGUI.EXE-81934E26.pf
    C:WindowsPrefetchCMD.EXE-4A81B364.pf
    C:WindowsPrefetchCONDUIT.EXE-7314F37C.pf
    C:WindowsPrefetchCONHOST.EXE-1F3E9D7E.pf
    C:WindowsPrefetchCONSENT.EXE-531BD9EA.pf
    C:WindowsPrefetchCSC.EXE-A3B8D95D.pf
    C:WindowsPrefetchCVH.EXE-308EA697.pf
    C:WindowsPrefetchCVTRES.EXE-069169FB.pf
    C:WindowsPrefetchDEFRAG.EXE-588F90AD.pf
    C:WindowsPrefetchDETECTION_NETWORKCHECK.EXE-40458846.pf
    C:WindowsPrefetchDETECT_COOLSENSE.EXE-BC7D5C67.pf
    C:WindowsPrefetchDETECT_INTERNETSECURITY.EXE-9E32375D.pf
    C:WindowsPrefetchDETECT_SMARTFRIENDAWARENESS.E-6B1F76F8.pf
    C:WindowsPrefetchDINOTIFY.EXE-35A869D6.pf
    C:WindowsPrefetchDLLHOST.EXE-5E46FA0D.pf
    C:WindowsPrefetchDLLHOST.EXE-766398D2.pf
    C:WindowsPrefetchDLLHOST.EXE-A8DE6D5B.pf
    C:WindowsPrefetchDLLHOST.EXE-B2EB1806.pf
    C:WindowsPrefetchDRVINST.EXE-4CB4314A.pf
    C:WindowsPrefetchEXPLORER.EXE-A80E4F97.pf
    C:WindowsPrefetchGOOGLEUPDATE.EXE-FE771DDA.pf
    C:WindowsPrefetchGOOGLEUPDATEONDEMAND.EXE-A2BB6A3D.pf
    C:WindowsPrefetchGUARDGUI.EXE-84F705BC.pf
    C:WindowsPrefetchHPASSET.EXE-8CDC49FA.pf
    C:WindowsPrefetchHPCEE.EXE-EAAA87F0.pf
    C:WindowsPrefetchHPDOBJECT.EXE-1CC4D42B.pf
    C:WindowsPrefetchHPRESOURCES.EXE-9D4EC05B.pf
    C:WindowsPrefetchHPSACIPDETECTION.EXE-36B8279B.pf
    C:WindowsPrefetchHPSACIPDETECTION4.EXE-6592AA67.pf
    C:WindowsPrefetchHPSACOMMANDER.EXE-433C08AA.pf
    C:WindowsPrefetchHPSFREPORT.EXE-0CA3F68D.pf
    C:WindowsPrefetchIELOWUTIL.EXE-3885C25E.pf
    C:WindowsPrefetchIEXPLORE.EXE-908C99F8.pf
    C:WindowsPrefetchIE_APPROVEEXT.EXE-BCE065B7.pf
    C:WindowsPrefetchIPMGUI.EXE-EEAE1F1B.pf
    C:WindowsPrefetchJAVA.EXE-633ED9BF.pf
    C:WindowsPrefetchJVNUWBEUA.EXE-987005C3.pf
    C:WindowsPrefetchKREAPIXEL.EXE-12D9DF7F.pf
    C:WindowsPrefetchLayout.ini
    C:WindowsPrefetchLBUBBLE DOCK.EXE-583524DC.pf
    C:WindowsPrefetchLOGONUI.EXE-09140401.pf
    C:WindowsPrefetchMIGRATIONASSISTANT.EXE-FAC78240.pf
    C:WindowsPrefetchMPAS-D.EXE-40FE95BA.pf
    C:WindowsPrefetchMPAS-FE_BD.EXE-BB62FD5E.pf
    C:WindowsPrefetchMPCMDRUN.EXE-F401FBB4.pf
    C:WindowsPrefetchMPSIGSTUB.EXE-4D91D222.pf
    C:WindowsPrefetchMPSIGSTUB.EXE-D5E8756A.pf
    C:WindowsPrefetchNSB775F.EXE-5084EE11.pf
    C:WindowsPrefetchNSG8EB3.EXE-21A4EA17.pf
    C:WindowsPrefetchNSGF341.EXE-19C2B3F3.pf
    C:WindowsPrefetchNSL8AD0.EXE-E398CCA7.pf
    C:WindowsPrefetchNSL98E0.EXE-96B40774.pf
    C:WindowsPrefetchNSLDA63.EXE-A111A7FC.pf
    C:WindowsPrefetchNSQ2FF1.EXE-7402B39A.pf
    C:WindowsPrefetchNSU37CD.EXE-5858C9A8.pf
    C:WindowsPrefetchNTOSBOOT-B00DFAAD.pf
    C:WindowsPrefetchOFFSPON.EXE-C5FABCAD.pf
    C:WindowsPrefetchOSE.EXE-533D8AC9.pf
    C:WindowsPrefetchPfSvPerfStats.bin
    C:WindowsPrefetchPING.EXE-7E94E73E.pf
    C:WindowsPrefetchPLUGIN.EXE-1F520810.pf
    C:WindowsPrefetchPRICORA 2.0-BG.EXE-681C0364.pf
    C:WindowsPrefetchPRICORA 2.0-BUTTONUTIL.EXE-BAC07401.pf
    C:WindowsPrefetchPRICORA 2.0-CHROMEINSTALLER.E-0E04C353.pf
    C:WindowsPrefetchPRICORA 2.0-CODEDOWNLOADER.EX-81AB0209.pf
    C:WindowsPrefetchPRICORA 2.0-ENABLER.EXE-8402ABD4.pf
    C:WindowsPrefetchPRICORA 2.0-HELPER.EXE-054FF7BF.pf
    C:WindowsPrefetchPRODUCTCONFIG.EXE-20D3109F.pf
    C:WindowsPrefetchReadyBoot
    C:WindowsPrefetchREGSVR32.EXE-8461DBEE.pf
    C:WindowsPrefetchRESOURCE.EXE-0C5936A4.pf
    C:WindowsPrefetchRUNDLL32.EXE-EEE06A6E.pf
    C:WindowsPrefetchSCHTASKS.EXE-5CA45734.pf
    C:WindowsPrefetchSEARCHFILTERHOST.EXE-77482212.pf
    C:WindowsPrefetchSEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
    C:WindowsPrefetchSETUP.EXE-29778DCB.pf
    C:WindowsPrefetchSETUP.EXE-4BAA5B62.pf
    C:WindowsPrefetchSPI.EXE-74A65ACD.pf
    C:WindowsPrefetchSPI.EXE-A023609A.pf
    C:WindowsPrefetchSPPSVC.EXE-B0F8131B.pf
    C:WindowsPrefetchSVCHOST.EXE-7AC6742A.pf
    C:WindowsPrefetchSVCHOST.EXE-7CFEDEA3.pf
    C:WindowsPrefetchSVCHOST.EXE-80F4A784.pf
    C:WindowsPrefetchSYSTEMAGEONEYEAR.EXE-22C91381.pf
    C:WindowsPrefetchTASKENG.EXE-48D4E289.pf
    C:WindowsPrefetchTASKHOST.EXE-7238F31D.pf
    C:WindowsPrefetchTASKKILL.EXE-8F5B2253.pf
    C:WindowsPrefetchTRUSTEDINSTALLER.EXE-3CC531E5.pf
    C:WindowsPrefetchUNZIP.EXE-AD9470CD.pf
    C:WindowsPrefetchUPDATE.EXE-026DCA13.pf
    C:WindowsPrefetchUPDRGUI.EXE-650B9264.pf
    C:WindowsPrefetchVSSVC.EXE-B8AFC319.pf
    C:WindowsPrefetchW32TM.EXE-1101AF41.pf
    C:WindowsPrefetchWAJAM.EXE-6CEF84DE.pf
    C:WindowsPrefetchWAJAMUPDATERV3.EXE-5C58BD99.pf
    C:WindowsPrefetchWAJAM_INSTALL.EXE-BFB38809.pf
    C:WindowsPrefetchWAJAM_VALIDATE.EXE-6EB0B8AB.pf
    C:WindowsPrefetchWAJAM_VALIDATE.EXE-9EA4D5F6.pf
    C:WindowsPrefetchWEBPLAYER.EXE-C2919CC4.pf
    C:WindowsPrefetchWEBPLAYER_US (1).EXE-2428BE74.pf
    C:WindowsPrefetchWEBPLAYER_US.EXE-484622D2.pf
    C:WindowsPrefetchWERFAULT.EXE-E69F695A.pf
    C:WindowsPrefetchWINWORDC.EXE-C55681E7.pf
    C:WindowsPrefetchWIRELESSOFFMSG.EXE-57338E6A.pf
    C:WindowsPrefetchWMIADAP.EXE-F8DFDFA2.pf
    C:WindowsPrefetchWMIPRVSE.EXE-1628051C.pf
    C:WindowsPrefetchWSQMCONS.EXE-118B52B7.pf
    C:WindowsPrefetchWUAUCLT.EXE-70318591.pf
    C:WindowsPrefetchWUDFHOST.EXE-AFFEF87C.pf
    C:WindowsPrefetch~CBDTHAU.EXE-A050C75A.pf
    C:WindowsPrefetchReadyBootTrace1.fx
    C:WindowsPrefetchReadyBootTrace2.fx
    C:WindowsPrefetchReadyBootTrace3.fx
    C:WindowsPrefetchReadyBootTrace4.fx
    C:WindowsPrefetchReadyBootTrace5.fx

    Corbeille vidée.

    Fin du rapport.

  • pat
    Nombre d'articles : 0

    ~ Rapport de ZHPDiag v2013.12.10.20 – Nicolas Coolman (10/12/2013)
    ~ Lancé par poe (11/12/2013 22:23:54)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Désactivée par l’utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.16428
    GCIE: Google Chrome v31.0.1650.63 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 3Q6C9
    Windows License : OK
    ~ Windows Remaining Initializations Number : 0
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ Logiciels d’optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 ActiveX
    Adobe Reader X MUI
    Java 7 Update 7

    —\ Informations sur le système
    ~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3578 MB (56% free)
    System Restore: Activé (Enable)
    System drive C: has 319 GB (71%) free of 445 GB

    —\ Mode de connexion au système
    ~ Computer Name: POUPOUILLE
    ~ User Name: poe
    ~ All Users Names: poe, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UserspoeAppDataRoamingZHP
    ~ %AppData% : C:UserspoeAppDataRoaming
    ~ %Desktop% : C:UserspoeDesktop
    ~ %Favorites% : C:UserspoeFavorites
    ~ %LocalAppData% : C:UserspoeAppDataLocal
    ~ %StartMenu% : C:UserspoeAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 319 Go of 445 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
    F: Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go)
    G: Floppy drive, Flash card reader, USB Key (Free 7 Go of 7 Go)
    Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem] DisableTaskMgr: OK
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem] DisableRegistryTools: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKCUSOFTWAREMicrosoftWindows NTCurrentVersionWindows] Load: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 45 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.12/08/2011 – 09:40:47.) — C:WindowsExplorer.exe [2616320]
    [MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
    [MD5.B5EB5BD3066959611E1F7A80FD6CC172] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.09/12/2013 – 03:02:53.) — C:WindowsSystem32wininet.dll [1818112]
    [MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 22:29:06.) — C:WindowsSystem32Winlogon.exe [286720]
    [MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 22:29:24.) — C:WindowsSystem32sppcomapi.dll [193536]
    [MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 01:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
    [MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
    [MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
    [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversCdrom.sys [108544]
    [MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32DriversDfsC.sys [78336]
    [MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32DriversHDAudBus.sys [108544]
    [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
    [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
    [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.12/08/2011 – 09:44:16.) — C:Windowssystem32DriversMRxSmb.sys [123904]
    [MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 22:29:08.) — C:Windowssystem32DriversnetBT.sys [187904]
    [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
    [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
    [MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
    [MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 22:29:07.) — C:Windowssystem32Driverstdx.sys [74752]
    [MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 22:29:03.) — C:Windowssystem32Driversvolsnap.sys [245632]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/9868
    ~ Mes musiques (My Musics) : 1/1918
    ~ Mes Videos (My Videos) : 1/295
    ~ Mes Favoris (My Favorites) : 1/51
    ~ Mes Documents (My Documents) : 1/1798
    ~ Mon Bureau (My Desktop) : 1/20
    ~ Menu demarrer (Programs) : 1/37
    ~ Hidden Files: Scanned in 00mn 12s

    —\ Processus lancés
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2512]
    [MD5.D21D0FFF8D2BAE2822F860BCDECED294] – (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe [2333968] [PID.3324]
    [MD5.DE0045B88E2A0E53457FC3D033F73D91] – (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe [1138780] [PID.3452]
    [MD5.E58BA6B9B0829F08E279088087AE48B6] – (.Hewlett-Packard Company – HP QuickWeb Utilities.) — C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe [169528] [PID.3552]
    [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [932288] [PID.3844]
    [MD5.FE31F1C15D1AFF7A9557BD33406CC4D1] – (.Hewlett-Packard Development Company, L.P. – HP CoolSense.) — C:Program FilesHewlett-PackardHP CoolSenseCoolSense.exe [1342008] [PID.3968]
    [MD5.12916E0642E92561C98B18A2A2D01B14] – (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [252848] [PID.3476]
    [MD5.E4401CF27225C1D6E664E86195978562] – (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe [152544] [PID.3596]
    [MD5.8192B2E274607D1D530F5C191698C544] – (.Hewlett-Packard Development Company, L.P. – HP Message Service.) — C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe [578944] [PID.3788]
    [MD5.8A3B69683E63808719D24E1C68C21CC7] – (.Hewlett-Packard Development Company, L.P. – HP On Screen Display.) — C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe [379960] [PID.3992]
    [MD5.8B4CFEE322B7F3C92342BB6C8E10209D] – (.Pas de propriétaire – HP Taskbar Process HP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe [99896] [PID.4084]
    [MD5.573FB8BBAD721AEBD7D7C457E52B25B4] – (.Hewlett-Packard Development Company, L.P. – HP Taskbar Process TP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe [702008] [PID.3240]
    [MD5.00A66351606CD94EDA4417C07A027DE5] – (…) — C:Program FilesMobogenieDaemonProcess.exe [747712] [PID.3608]
    [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] – (.CyberLink – YouCam Mirage.) — C:Program FilesCyberLinkYouCamYCMMirage.exe [136488] [PID.3956]
    [MD5.FB1A303207C1124C2B61A50E5A32AC21] – (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe [1861968] [PID.3780]
    [MD5.6411B4ECFFFD47D6872506CF8E2258C6] – (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1193176] [PID.4140]
    [MD5.F7128E5772F9312F0D111A5FA5D41773] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20684656] [PID.4744]
    [MD5.D1AB72DB2BEDD2F255D35DA3DA0D4B16] – (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe [141824] [PID.4836]
    [MD5.7E68EC81576FCE3582A566B87E41B926] – (.Broadcom Corporation. – Bluetooth Tray Application.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe [1008928] [PID.4984]
    [MD5.A6B0C674D7ED96EB7C783E8CE2D7CA79] – (.Synaptics Incorporated – Synaptics Pointing Device Helper.) — C:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.exe [109840] [PID.5648]
    [MD5.376A9B411BF8B77D5BF84B24D0C7DACD] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [863184] [PID.2484]
    [MD5.7C3B185D1B2C5B9050AA4F522ACA946E] – (.Broadcom Corporation. – Bluetooth Stack COM Server.) — C:Program FilesWIDCOMMBluetooth SoftwareBtStackServer.exe [3544352] [PID.5684]
    [MD5.C861851A0BBD9903E324487011AA3705] – (.Advanced Micro Devices Inc. – Catalyst Control Center: Monitoring program.) — C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe [299008] [PID.4380]
    [MD5.D28C5A1411BB0B47E05E0D6AAF896690] – (.ATI Technologies Inc. – Catalyst Control Center: Host application.) — C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe [299008] [PID.5032]
    [MD5.075657021D14F61B6B1C57D621A99A86] – (.Broadcom Corporation. – Bluetooth Headset Helper.) — C:Program FilesWIDCOMMBluetooth SoftwareBluetooth Headset Helper.exe [148768] [PID.984]
    [MD5.2E0B0A051FFAA86E358465BB0880D453] – (.Microsoft Corporation – Windows Update.) — C:Windowssystem32wuauclt.exe [53784] [PID.3944]
    [MD5.51138BEEA3E2C21EC44D0932C71762A8] – (…) — ystem32rundll32.exe [0] [PID.636]
    [MD5.CBCC1D0C253EC31D94F5CDBE60866F7B] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8291840] [PID.3952]
    [MD5.D53024C1355615B82DD1526B63623E61] – (…) — C:Program FilesMobogeniemgusb.exe [88256] [PID.3664]
    [MD5.5DAF7081A4BB112FA3F1915819330A3E] – (…) — C:Program FilesZHPDiagpv.exe [61440] [PID.0]
    ~ Processes Running: Scanned in 00mn 02s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] None
    G0 – GCSP: Preference [User DataDefault][HomePage] http://www.google.com” onclick=”window.open(this.href);return false;
    G0 – GCSP: Preference [User DataDefault] http://www.google.com” onclick=”window.open(this.href);return false;
    G2 – GCE: Preference [User DataDefault] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
    G2 – GCE: Preference [User DataDefault] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
    G2 – GCE: Preference [User DataDefault] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
    G2 – GCE: Preference [User DataDefault] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
    G2 – GCE: Preference [User DataDefault] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [gmookaamlkjilnemkglmedgieblahbcn] Pricora 2.0 v.1.25.85, (Activé) =>Adware.Pricora
    G2 – GCE: Preference [User DataDefault] [gnbbmjlpkhenbefmmdjodjfmcamegmpd] LyricsViewer-2 v.1.25.27, (Activé) =>Adware.AddLyrics
    G2 – GCE: Preference [User DataDefault] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.6 (Activé) =>Adware.PricePeep
    G2 – GCE: Preference [User DataDefault] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.3.0.11079 (Désactivé)
    G2 – GCE: Preference [User DataDefault] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
    G2 – GCE: Preference [User DataDefault] [mphpbdjcljebbcnfopfngmfdackbbdgf] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
    G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google?Wallet v.0.0.5.0 (Activé)
    G2 – GCE: Preference [User DataDefault] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
    ~ Google Browser: 19 Scanned in 00mn 09s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 – FPN: [HKLM] [@adobe.com/ShockwavePlayer] – (.Adobe Systems, Inc. – Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) — C:Windowssystem32AdobeDirectornp32dsw.dll
    P2 – FPN: [HKLM] [@Apple.com/iTunes,version=1.0] – (…) — C:Program FilesiTunesMozilla Pluginsnpitunes.dll
    P2 – FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] – (.DivX, LLC. – DivX VOD Helper Plug-in.) — C:Program FilesDivXDivX OVS Helpernpovshelper.dll
    P2 – FPN: [HKLM] [@divx.com/DivX Web Player Plug-In,version=1.0.0] – (.DivX, LLC – DivX Web Player version 3.0.1.5.) — C:Program FilesDivXDivX Web Playernpdivx32.dll
    P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Windowssystem32npDeployJava1.dll
    P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.7.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.7.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.20913.0.) — c:Program FilesMicrosoft Silverlight5.1.20913.0npctrl.dll
    P2 – FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] – (.Microsoft Corporation – The plug-in allows you to open and edit files using Microsoft Office a.) — C:Program FilesMicrosoft OfficeOffice14NPSPWRAP.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] – (.Microsoft Corporation – NPWLPG.) — C:Program FilesWindows LivePhoto GalleryNPWLPG.dll
    P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=3] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.22.3npGoogleUpdate3.dll
    P2 – FPN: [HKLM] [@tools.google.com/Google Update;version=9] – (.Google Inc. – Google Update.) — C:Program FilesGoogleUpdate1.3.22.3npGoogleUpdate3.dll
    P2 – FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] – (…) — C:Program FilesWildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll
    ~ Firefox Browser: 13 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.uk.msn.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (…) (No version) — (.not file.)
    R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    ~ IE Browser: 11 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated – Adobe PDF Helper for Internet Explorer.) — C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binssv.dll
    O2 – BHO: PassWidget – {7f17d90c-aaaa-4e56-91d3-2433e23a62f6} . (…) — C:Program FilesPass-Widget135.dll (.not file.) =>PUP.PassWidget
    O2 – BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    O2 – BHO: Bing Bar Helper – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll =>Toolbar.Bing
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program FilesJavajre7binjp2ssv.dll
    O2 – BHO: HP Network Check Helper – {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard – HP Network Check IE Plug-in.) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll
    ~ BHO: 16 Scanned in 00mn 00s

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Bing Bar – [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. – Extensions du client Bing.) — C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll =>Toolbar.Bing
    O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Choix de navigateur .lnk . (.Microsoft Corporation – Choix de navigateur .) — C:WindowsSystem32browserchoice.exe
    O4 – GSDesktop [Public]: DivX Converter.lnk . (.DivX, Inc. – DivX Converter.) — C:Program FilesDivXDivX ConverterDivXConverterLauncher.exe
    O4 – GSDesktop [Public]: DivX Player.lnk . (…) — C:Program FilesDivXDivX PlayerDivX Player.exe
    O4 – GSDesktop [Public]: Découvrez HP webOS.lnk . (…) — C:Program FilesHewlett-PackardSharedWizLink.exe
    O4 – GSDesktop [Public]: Fast Media Converter.lnk . (…) — C:Program FilesFastMediaConverterFastMedia Converter.exe
    O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard Company – HP Support Assistant.) — C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe =>.Hewlett-Packard Co
    O4 – GSDesktop [Public]: iTunes.lnk . (.Apple Inc. – iTunes.) — C:Program FilesiTunesiTunes.exe
    O4 – GSDesktop [Public]: Magic Desktop.lnk . (.EasyBits Software AS – EasyBits Security Shield.) — C:Program FilesEasyBits For KidsezSecShield.exe =>.EasyBits Software AS
    O4 – GSDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembam.exe
    O4 – GSDesktop [Public]: Microsoft Office 2010.lnk . (.Hewlett-Packard Company – OfficeDesktopIconThread.) — C:SYSTEM.SAVutilOfficeDesktopIconThread.exe
    O4 – GSDesktop [Public]: Photos Snapfish.lnk . (…) — C:Program FilesHewlett-PackardSharedWizLink.exe
    O4 – GSDesktop [Public]: WildTangent Games App – hp.lnk . (…) — C:Program FilesHP Gamesonplayonplay.exe
    O4 – GSProgram [Public]: Adobe Reader X.lnk . (…) — C:WindowsInstaller{AC76BA86-7AD7-FFFF-7B44-AA0000000001}SC_Reader.ico
    O4 – GSProgram [Public]: Apple Software Update.lnk . (…) — C:WindowsInstaller{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}AppleSoftwareUpdateIco.exe =>.Apple Inc
    O4 – GSProgram [Public]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacity 1.3 Beta (Unicode)audacity.exe =>.The Audacity Team
    O4 – GSProgram [Public]: Media Center.lnk . (.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Microsoft Office 2010.lnk . (…) — C:WindowsInstaller{95140000-0070-0000-0000-0000000FF1CE}oobeicon.exe
    O4 – GSProgram [Public]: Microsoft Office Word Viewer 2003.lnk . (…) — C:WindowsInstaller{9085040C-6000-11D3-8CFE-0150048383C9}wrdvicon.exe
    O4 – GSProgram [Public]: MusicStation.lnk . (.Omnifone Ltd – MusicStation.) — C:Program FilesOnline ServicesOmnifoneMusicStation.exe
    O4 – GSProgram [Public]: Sidebar.lnk . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Visionneuse Microsoft PowerPoint .lnk . (…) — C:WindowsInstaller{95140000-00AF-040C-0000-0000000FF1CE}ppvwicon.exe
    O4 – GSProgram [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation – Interface utilisateur de Mise à niveau expr.) — C:Windowssystem32WindowsAnytimeUpgradeUI.exe
    O4 – GSProgram [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation – Création de DVD Windows.) — C:Program FilesDVD MakerDVDMaker.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation – Microsoft Windows Fax and Scan.) — C:Windowssystem32WFS.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Windows Live Mail.lnk . (.Microsoft Corporation – Windows Live Mail.) — C:Program FilesWindows LiveMailwlmail.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengermsnmsgr.exe
    O4 – GSProgram [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation – Windows Live Movie Maker.) — C:Program FilesWindows LivePhoto GalleryMovieMaker.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation – Windows Live Photo Gallery.) — C:Program FilesWindows LivePhoto GalleryWLXPhotoGallery.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O4 – GSProgram [Public]: XPS Viewer.lnk . (.Microsoft Corporation – Visionneuse XPS.) — C:Windowssystem32xpsrchvw.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Calculator.lnk . (.Microsoft Corporation – Calculatrice de Windows.) — C:Windowssystem32calc.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: displayswitch.lnk . (.Microsoft Corporation – Afficher le commutateur.) — C:Windowssystem32displayswitch.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Mobility Center.lnk . (.Microsoft Corporation – Centre de mobilité Windows.) — C:Windowssystem32mblctr.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Paint.lnk . (.Microsoft Corporation – Paint.) — C:Windowssystem32mspaint.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation – Connexion Bureau à distance.) — C:Windowssystem32mstsc.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation – Outil Capture.) — C:Windowssystem32SnippingTool.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation – Magnétophone Windows.) — C:Windowssystem32SoundRecorder.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation – Pense-bête.) — C:Windowssystem32StikyNot.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Sync Center.lnk . (.Microsoft Corporation – Microsoft Sync Center.) — C:WindowsSystem32mobsync.exe =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Welcome Center.lnk . (.Microsoft Corporation – Mise en route.) — C:Windowssystem32OobeFldr.dll =>.Microsoft Corporation
    O4 – GSAccessories [Public]: Wordpad.lnk . (.Microsoft Corporation – Application Windows Wordpad.) — C:Program FilesWindows NTAccessorieswordpad.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: Character Map.lnk . (.Microsoft Corporation – Table des caractères.) — C:Windowssystem32charmap.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation – Défragmenteur de disque Microsoft®.) — C:Windowssystem32dfrgui.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation – Gestionnaire de nettoyage de disque pour Wi.) — C:Windowssystem32cleanmgr.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation – Moniteur de ressources et de performances.) — C:Windowssystem32perfmon.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: System Information.lnk . (.Microsoft Corporation – Informations système.) — C:Windowssystem32msinfo32.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: System Restore.lnk . (.Microsoft Corporation – Restauration du système de Microsoft® Windo.) — C:Windowssystem32rstrui.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: Task Scheduler.lnk . (…) — C:Windowssystem32taskschd.msc
    O4 – GSSystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation – Application post-migration de transfert de.) — C:Windowssystem32migwizpostmig.exe =>.Microsoft Corporation
    O4 – GSSystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation – Application Transfert de fichiers et paramè.) — C:Windowssystem32migwizmigwiz.exe =>.Microsoft Corporation
    O4 – GSQuickLaunch [poe]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSQuickLaunch [poe]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSTaskBar [poe]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O4 – GSTaskBar [poe]: HP Recommended.LNK . (…) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar1.exe
    O4 – GSTaskBar [poe]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSTaskBar [poe]: MusicStation.lnk . (.Omnifone Ltd – MusicStation.) — C:Program FilesOnline ServicesOmnifoneMusicStation.exe
    O4 – GSTaskBar [poe]: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe =>.Microsoft Corporation
    O4 – GSTaskBar [poe]: Windows Live.LNK . (.Hewlett-Packard Development Company, L.P. – HP Taskbar Process TP.) — C:Program FilesHewlett-PackardHP LaunchBoxHPTaskBar2.exe
    O4 – GSTaskBar [poe]: Windows Media Player.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O4 – GSProgram [poe]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSProgram [poe]: Spotify.lnk . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifyspotify.exe
    O4 – GSAccessories [poe]: Command Prompt.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    O4 – GSAccessories [poe]: Notepad.lnk . (.Microsoft Corporation – Bloc-notes.) — C:Windowssystem32notepad.exe =>.Microsoft Corporation
    O4 – GSAccessories [poe]: Run.lnk – Clé orpheline
    O4 – GSAccessories [poe]: Windows Explorer.lnk . (.Microsoft Corporation – Explorateur Windows.) — C:Windowsexplorer.exe =>.Microsoft Corporation
    O4 – GSSystemTools [poe]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    O4 – GSSystemTools [poe]: Private Character Editor.lnk . (.Microsoft Corporation – Éditeur de caractères privés.) — C:Windowssystem32eudcedit.exe =>.Microsoft Corporation
    O4 – GSSendTo [poe]: Evernote.lnk . (.Evernote Corp., 333 W Evelyn Ave. Mountain – Evernote.) — C:Program FilesEvernoteEvernoteEvernote.exe
    O4 – GSSendTo [poe]: Skype.lnk . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – GSDesktop [poe]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team – Audacity®, the Free, Cross-Platform Sound E.) — C:Program FilesAudacity 1.3 Beta (Unicode)audacity.exe =>.The Audacity Team
    O4 – GSDesktop [poe]: DivX Movies.lnk . (…) — C:UserspoeVideosDivX Movies
    O4 – GSDesktop [poe]: FoxTab Video Converter.lnk . (…) — C:Program FilesFoxTabVideoConverterVideoConverter.exe
    O4 – GSDesktop [poe]: Mobogenie.lnk . (…) — C:Program FilesMobogenieMobogenie.exe
    O4 – GSDesktop [poe]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [poe]: SosVirus sur Facebook.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe http://www.facebook.com” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [poe]: Spotify.lnk . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifyspotify.exe
    O4 – GSDesktop [poe]: UsbFix Faire un Don.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe http://www.usbfix.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [poe]: VirtualDJ Home FREE.lnk . (.Atomix Productions – VirtualDJ.) — C:Program FilesVirtualDJvirtualdj_home.exe
    O4 – GSDesktop [poe]: ZHPDiag.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPhep.exe =>.Nicolas Coolman
    O4 – GSDesktop [poe]: ZHPFix.lnk . (.Nicolas Coolman – ZHPDiag Setup.) — C:Program FilesZHPDiagZHPFixZHPhep.exe =>.Nicolas Coolman
    ~ Global Startup: 83 Scanned in 00mn 02s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [Public]: Bluetooth.lnk . (.Broadcom Corporation. – Bluetooth Tray Application.) — C:Program FilesWIDCOMMBluetooth SoftwareBTTray.exe
    O4 – GSStartup [Public]: FastMediaConverter.lnk . (…) — C:Program FilesFastMediaConverterFastMediaConverterApp.exe
    O4 – HKLM..Run: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe =>.Advanced Micro Devices, Inc
    O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [SysTrayApp] . (.IDT, Inc. – IDT PC Audio.) — C:Program FilesIDTWDMsttray.exe
    O4 – HKLM..Run: [HPQuickWebProxy] . (.Hewlett-Packard Company – HP QuickWeb Utilities.) — C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe
    O4 – HKLM..Run: [SetDefault] . (.Hewlett-Packard Development Company, L.P. – SetDefault.) — C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
    O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 10.0ReaderReader_sl.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [HP CoolSense] . (.Hewlett-Packard Development Company, L.P. – HP CoolSense.) — C:Program FilesHewlett-PackardHP CoolSenseCoolSense.exe
    O4 – HKLM..Run: [Easybits Recovery] . (.EasyBits Software AS – Pas de description.) — C:Program FilesEasyBits For KidsezRecover.exe =>.EasyBits Software AS
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
    O4 – HKLM..Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. – HP Message Service.) — C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    O4 – HKLM..Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. – HP On Screen Display.) — C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    O4 – HKLM..Run: [mobilegeni daemon] . (…) — C:Program FilesMobogenieDaemonProcess.exe
    O4 – HKLM..Run: [DivXMediaServer] . (.DivX, LLC – DivX DLNA Media Server.) — C:Program FilesDivXDivX Media ServerDivXMediaServer.exe
    O4 – HKLM..Run: [DivXUpdate] . (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe
    O4 – HKLM..RunOnce: [NCPluginUpdater] . (.Hewlett-Packard – NCPluginUpdater.) — C:Program FilesHewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifySpotify.exe
    O4 – HKCU..Run: [Spotify Web Helper] . (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKCU..Run: [Activator] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UserspoeAppDataRoamingSpotifySpotify.exe
    O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Spotify Web Helper] . (…) — C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe
    O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-21-1393359087-3183399950-3005852446-1001..Run: [Activator] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l’icône d’options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: @C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll,-102 – {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (…) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPNetworkCheckResourcesIconsHP.ico
    O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — C:Program FilesSkypeToolbarsInternet Explorericon.ico
    O9 – Extra button: @C:Program FilesEvernoteEvernoteResource.dll,-101 – {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 333 W Evelyn Ave. Mountain – Evernote Clipper for Microsoft Internet Explorer.) — C:Program FilesEvernoteEvernoteEvernoteIE.dll
    O9 – Extra button: @C:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 – {CCA281CA-C863-46ef-9331-5C8D4460577F} . (…) — C:Program FilesWIDCOMMBluetooth Softwarebt_hot_icon.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000009Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
    O10 – WLSP:00000000010Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program FilesBonjourmdnsNSP.dll
    ~ Winsock: 10 Scanned in 00mn 00s

  • pat
    Nombre d'articles : 0

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpNameServer = 138.48.208.2
    O17 – HKLMSystemCCSServicesTcpip..{85D9DB7C-7559-4D8E-84D3-6B80688A0595}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpDomain = student.fundp.ac.be
    O17 – HKLMSystemCS1ServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpNameServer = 138.48.208.2
    O17 – HKLMSystemCS1ServicesTcpip..{85D9DB7C-7559-4D8E-84D3-6B80688A0595}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpDomain = student.fundp.ac.be
    O17 – HKLMSystemCS2ServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpNameServer = 138.48.208.2
    O17 – HKLMSystemCS2ServicesTcpip..{85D9DB7C-7559-4D8E-84D3-6B80688A0595}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{68650587-910E-4190-9BDD-6AECDA0E17FC}: DhcpDomain = student.fundp.ac.be
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: application/x-msdownload – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation – Andrea filters APO access service (32-bit).) – C:Program FilesIDTWDMaestsrv.exe
    O23 – Service: (AMD External Events Utility) . (.AMD – AMD External Events Service Module.) – C:WindowsSystem32atiesrxx.exe
    O23 – Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. – MobileDeviceService.) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program FilesBonjourmDNSResponder.exe
    O23 – Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. – Bluetooth Support Server.) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d’installation de Google.) – C:Program FilesGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company – HP Support Assistant Service.) – C:Program FilesHewlett-PackardHP Support Frameworkhpsa_service.exe =>.Hewlett-Packard Co
    O23 – Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company – HP Client Services.) – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    O23 – Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company – HP Quick Synchronization Service.) – C:Program FilesHewlett-PackardSharedHPDrvMntSvc.exe
    O23 – Service: HP Service (hpsrv) . (.Hewlett-Packard Company – HpService.) – C:WindowsSystem32Hpservice.exe
    O23 – Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. – HP Quick Launch WMI Service.) – C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe
    O23 – Service: (MBAMScheduler) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe
    O23 – Service: (MBAMService) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
    O23 – Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. – Skype C2C Service.) – C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
    O23 – Service: Skype Updater (SkypeUpdate) . (.Skype Technologies – Skype Updater Service.) – C:Program FilesSkypeUpdaterUpdater.exe
    O23 – Service: C:WindowsSystem32stlang.dll (STacSV) . (.IDT, Inc. – IDT PC Audio.) – C:Program FilesIDTWDMSTacSV.exe
    ~ Services: 16 Scanned in 00mn 20s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    O39 – APT:Automatic Planified Task – C:WindowsTasksGoogleUpdateTaskMachineCore.job [1046]
    O39 – APT:Automatic Planified Task – C:WindowsTasksGoogleUpdateTaskMachineUA.job [1050]
    O39 – APT:Automatic Planified Task – C:WindowsTasksHPCeeScheduleForpoe.job [312]
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [136176]
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program FilesGoogleUpdateGoogleUpdate.exe [136176]
    [MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForpoe] (.Hewlett-Packard.) — C:Program FilesHewlett-PackardHP CeementHPCEE.exe [91704]
    [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) — C:Program FilesCyberLinkYouCamYCMMirage.exe [136488]
    [MD5.00000000000000000000000000000000] [APT] [Norton WSC Integration] (…) — C:Program FilesNorton Internet SecurityEngine19.9.1.14WSCStub.exe (.not file.) [0]
    [MD5.FEECD87BAB3ADAEB638959745DD00A2B] [APT] [ServicePlan] (…) — C:Program FilesHewlett-PackardHP SetupRemEngine.exe [38456]
    [MD5.00000000000000000000000000000000] [APT] [wp_update] (…) — C:UserspoeAppDataRoaming~cbdthau.exe (.not file.) [0] =>PUP.WpManager
    [MD5.C155A13687144076286989EF078112C2] [APT] [{B24D65EE-3D47-4037-A797-FF0D9A9BDDF2}] (.Nicolas Coolman.) — C:Program FilesZHPDiagZHPFixZHPhep.exe [1917440]
    [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program FilesApple Software UpdateSoftwareUpdate.exe [561984]
    [MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) — C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe [525728]
    [MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) — C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe [525728]
    [MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [PC Health Analysis Install] (.Hewlett-Packard Company.) — C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe [525728]
    [MD5.28E1A34ED1B810BC2F4734F2DBFF2A76] [APT] [Update Check] (.Hewlett-Packard Company.) — C:ProgramDataHewlett-PackardHP Support FrameworkResourcesUpdater7HPSFUpdater.exe [615736]
    [MD5.A15FA916BD02FE910C2C3017C026FF80] [APT] [Warranty Opt-In(No)] (.Hewlett-Packard.) — c:program fileshewlett-packardhp health checkactivecheckproduct_lineDetection_PostWarrantyAlert.exe [49880]
    [MD5.A15FA916BD02FE910C2C3017C026FF80] [APT] [Warranty Opt-In(Yes)] (.Hewlett-Packard.) — c:program fileshewlett-packardhp health checkactivecheckproduct_lineDetection_PostWarrantyAlert.exe [49880]
    [MD5.ECF92BCD708FF6E52F000EF7A2A84099] [APT] [WarrantyChecker] (.Hewlett-Packard.) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1584856]
    [MD5.ECF92BCD708FF6E52F000EF7A2A84099] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1584856]
    [MD5.00000000000000000000000000000000] [APT] [Norton Error Analyzer] (…) — C:Program FilesNorton Internet SecurityEngine19.9.1.14SymErr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [Norton Error Processor] (…) — C:Program FilesNorton Internet SecurityEngine19.9.1.14SymErr.exe (.not file.) [0]
    ~ Scheduled Task: 23 Scanned in 00mn 05s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSystem32wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Internet Explorer – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program FilesWindows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
    O40 – ASIC: Google Chrome – {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplication31.0.1650.63Installerchrmstp.exe
    ~ Active Setup: 11 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:Windowssystem32driversblbdrive.sys
    O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
    O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
    O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
    O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
    O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
    O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:Windowssystem32driverstermdd.sys
    O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
    O41 – Driver: (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:WindowsSystem32DRIVERSvwififlt.sys
    O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
    O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
    ~ Drivers: 60 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: AMD APP SDK Runtime – (.Advanced Micro Devices Inc..) [HKLM] — {A25FF1C0-80B6-4B8B-A551-DC525697A408}
    O42 – Logiciel: AMD Media Foundation Decoders – (.ATI Technologies Inc..) [HKLM] — {2692478E-43C0-A994-5B05-672DE4F11EA4}
    O42 – Logiciel: ATI Catalyst Install Manager – (.ATI Technologies, Inc..) [HKLM] — {A930C335-3FC8-A452-B8CA-F3998969CA3A}
    O42 – Logiciel: Accelerer PC – (.Speedchecker Limited.) [HKLM] — PCSU-SL_is1 =>Rogue.PCSpeedUp
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM] — Adobe AIR
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM] — {52E225FC-FCB4-41F7-837B-6E37FB05BD7B}
    O42 – Logiciel: Adobe Flash Player 11 ActiveX – (.Adobe Systems Incorporated.) [HKLM] — Adobe Flash Player ActiveX
    O42 – Logiciel: Adobe Reader X MUI – (.Adobe Systems Incorporated.) [HKLM] — {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
    O42 – Logiciel: Adobe Shockwave Player 11.5 – (.Adobe Systems, Inc..) [HKLM] — Adobe Shockwave Player
    O42 – Logiciel: Agatha Christie – Peril at End House – (.WildTangent.) [HKLM] — WTA-254725c8-03f7-44a5-a4be-dfbbf08e80e0
    O42 – Logiciel: Apple Application Support – (.Apple Inc..) [HKLM] — {CCE825DB-347A-4004-A186-5F4A6FDD8547}
    O42 – Logiciel: Apple Mobile Device Support – (.Apple Inc..) [HKLM] — {459699C3-9430-4381-964B-4248D87B49F9}
    O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
    O42 – Logiciel: Audacity 1.3.14 (Unicode) – (.Audacity Team.) [HKLM] — Audacity 1.3 Beta (Unicode)_is1
    O42 – Logiciel: Bejeweled 3 – (.WildTangent.) [HKLM] — WTA-57272e0b-76ae-420e-9da3-7bb073389101
    O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM] — {D322A9E3-758B-4D60-A7C4-65C88FD378D0} =>Toolbar.Bing
    O42 – Logiciel: Blasterball 3 – (.WildTangent.) [HKLM] — WTA-6f372419-fd8a-449a-9008-7368011d4bd1
    O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM] — {79155F2B-9895-49D7-8612-D92580E0DE5B}
    O42 – Logiciel: Bounce Symphony – (.WildTangent.) [HKLM] — WTA-2c93e8db-ca24-4bcf-bed9-1bbc2bc0e6a1
    O42 – Logiciel: Broadcom 802.11 Wireless LAN Adapter – (.Broadcom Corporation.) [HKLM] — Broadcom 802.11 Wireless LAN Adapter
    O42 – Logiciel: Broadcom Bluetooth Software – (.Broadcom Corporation.) [HKLM] — {6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}
    O42 – Logiciel: Broadcom InConcert Maestro – (.Broadcom Corporation.) [HKLM] — {57DD35E9-D9BB-4089-BB05-EF933C586CB3}
    O42 – Logiciel: BrowserProtect – (…) [HKLM] — BrowserProtect =>Hijacker.Eazel
    O42 – Logiciel: Cake Mania – (.WildTangent.) [HKLM] — WTA-42055502-380d-41da-b115-62a731da01e1
    O42 – Logiciel: Catalyst Control Center – Branding – (.Advanced Micro Devices, Inc..) [HKLM] — {F30403FF-0146-4633-AAC5-D5CD5C50AE70}
    O42 – Logiciel: Chronicles of Albian – (.WildTangent.) [HKLM] — WTA-3f417240-5b5d-4762-9341-68e6d8868bc6
    O42 – Logiciel: Chuzzle Deluxe – (.WildTangent.) [HKLM] — WTA-0ab864c8-f64c-4199-a10f-18768c674d99
    O42 – Logiciel: Combined Community Codec Pack 2011-11-11 – (.CCCP Project.) [HKLM] — Combined Community Codec Pack_is1
    O42 – Logiciel: Configuration DivX – (.DivX, LLC.) [HKLM] — DivX Setup
    O42 – Logiciel: Cradle of Rome 2 – (.WildTangent.) [HKLM] — WTA-adc5a340-555a-4fd1-9cbd-241a2e97aa71
    O42 – Logiciel: CyberLink YouCam – (.CyberLink Corp..) [HKLM] — InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 – Logiciel: CyberLink YouCam – (.CyberLink Corp..) [HKLM] — {01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: ESU for Microsoft Windows 7 SP1 – (.Hewlett-Packard.) [HKLM] — {E96CAA2A-0244-4A2A-8403-0C3C9534778B}
    O42 – Logiciel: Evernote v. 4.2.3 – (.Evernote Corp..) [HKLM] — {F761359C-9CED-45AE-9A51-9D6605CD55C4}
    O42 – Logiciel: FATE – (.WildTangent.) [HKLM] — WTA-961e3d7f-6f69-4183-96f3-1a256675c927
    O42 – Logiciel: Farm Frenzy – (.WildTangent.) [HKLM] — WTA-60e0d335-39a8-49dc-b25a-d8411181266e
    O42 – Logiciel: FastMediaConverter – (.Applon.) [HKLM] — FastMediaConverter
    O42 – Logiciel: FoxTab Video Converter – (…) [HKCU] — FoxTab Video Converter
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM] — Google Chrome
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM] — {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: Governor of Poker 2 Premium Edition – (.WildTangent.) [HKLM] — WTA-a89bcfbc-c833-4d13-9908-694f0434bfbb
    O42 – Logiciel: HP 3D DriveGuard – (.Hewlett-Packard Company.) [HKLM] — {E04CE4EA-3CBB-4228-940D-3B8050E870C9}
    O42 – Logiciel: HP Auto – (.Hewlett-Packard Company.) [HKLM] — {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
    O42 – Logiciel: HP Client Services – (.Hewlett-Packard.) [HKLM] — {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
    O42 – Logiciel: HP CoolSense – (.Hewlett-Packard Company.) [HKLM] — {0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}
    O42 – Logiciel: HP Customer Experience Enhancements – (.Hewlett-Packard.) [HKLM] — {07FA4960-B038-49EB-891B-9F95930AA544}
    O42 – Logiciel: HP Documentation – (.Hewlett-Packard.) [HKLM] — {57C760B4-2EBA-4CE6-9695-EC241C8A650E}
    O42 – Logiciel: HP Games – (.WildTangent.) [HKLM] — WildTangent hp Master Uninstall
    O42 – Logiciel: HP Launch Box – (.Hewlett-Packard Company.) [HKLM] — {528EF160-DA62-4524-95D6-30F8C955CAAC}
    O42 – Logiciel: HP On Screen Display – (.Hewlett-Packard Company.) [HKLM] — {ED1BD69A-07E3-418C-91F1-D856582581BF}
    O42 – Logiciel: HP Power Manager – (.Hewlett-Packard Company.) [HKLM] — {872B1C80-38EC-4A31-A25C-980820593900}
    O42 – Logiciel: HP Quick Launch – (.Hewlett-Packard Company.) [HKLM] — {53B17A98-5BF0-40BC-AAFF-850A357975AC}
    O42 – Logiciel: HP QuickWeb – (.Hewlett-Packard Company.) [HKLM] — {57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}
    O42 – Logiciel: HP Setup – (.Hewlett-Packard Company.) [HKLM] — {5036764A-435D-40C9-869C-31085A3D741D}
    O42 – Logiciel: HP Setup Manager – (.Hewlett-Packard Company.) [HKLM] — {AE856388-AFAD-4753-81DF-D96B19D0A17C}
    O42 – Logiciel: HP Software Framework – (.Hewlett-Packard Company.) [HKLM] — {65FF00DC-FB93-4C0B-8906-56412A3C5A59}
    O42 – Logiciel: HP Support Assistant – (.Hewlett-Packard Company.) [HKLM] — {EE202411-2C26-49E8-9784-1BC1DBF7DE96} =>.Hewlett-Packard Co
    O42 – Logiciel: Hewlett-Packard ACLM.NET v1.2.1.1 – (.Hewlett-Packard Company.) [HKLM] — {6F340107-F9AA-47C6-B54C-C3A19F11553F}
    O42 – Logiciel: IDT Audio – (.IDT.) [HKLM] — {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
    O42 – Logiciel: Java 7 Update 7 – (.Oracle.) [HKLM] — {26A24AE4-039D-4CA4-87B4-2F83217007FF}
    O42 – Logiciel: Jewel Quest Solitaire – (.WildTangent.) [HKLM] — WTA-b5e8c680-6212-46bf-8150-6f4b5341f76f
    O42 – Logiciel: Jewel Quest: The Sleepless Star – Collector’s Edition – (.WildTangent.) [HKLM] — WTA-75ea72bd-8444-4bd8-8bd2-7caaff87e24f
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: Magic Desktop – (.EasyBits Software AS.) [HKLM] — EasyBits Magic Desktop =>.EasyBits Software AS
    O42 – Logiciel: Mah Jong Medley – (.WildTangent.) [HKLM] — WTA-76e7ba07-37b9-4b88-a0d6-9b3d93c9d6ff
    O42 – Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 – (.Malwarebytes Corporation.) [HKLM] — Malwarebytes’ Anti-Malware_is1
    O42 – Logiciel: Mesh Runtime – (.Microsoft Corporation.) [HKLM] — {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Mobogenie – (.Mobogenie.com.) [HKLM] — Mobogenie
    O42 – Logiciel: Mystery of Mortlake Mansion – (.WildTangent.) [HKLM] — WTA-346cbff0-82b5-4360-8c4d-6f379414cd16
    O42 – Logiciel: Namco All-Stars: PAC-MAN – (.WildTangent.) [HKLM] — WTA-9e9f2faf-a39f-4fee-adfe-a6be2c9a714f
    O42 – Logiciel: PassWidget – (.PassWidget Software.) [HKLM] — {251f2ea9-5e80-4371-b019-99f9b5f2fa63} =>PUP.PassWidget
    O42 – Logiciel: Penguins! – (.WildTangent.) [HKLM] — WTA-7cec6450-97be-472f-9282-8b20fdd0b321
    O42 – Logiciel: Plants vs. Zombies – Game of the Year – (.WildTangent.) [HKLM] — WTA-a0527aa3-0a26-4e08-8df4-f1b7ad5962be
    O42 – Logiciel: Polar Bowler – (.WildTangent.) [HKLM] — WTA-d1c4dedf-b4cc-4980-adb7-8617b6d41c28
    O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 – Logiciel: Realtek USB 2.0 Card Reader – (.Realtek Semiconductor Corp..) [HKLM] — {96AE7E41-E34E-47D0-AC07-1091A8127911}
    O42 – Logiciel: Recovery Manager – (.Hewlett-Packard.) [HKLM] — {DBCD5E64-7379-4648-9444-8A6558DCB614}
    O42 – Logiciel: Skype Click to Call – (.Skype Technologies S.A..) [HKLM] — {B6CF2967-C81E-40C0-9815-C05774FEF120}
    O42 – Logiciel: Skype™ 6.7 – (.Skype Technologies S.A..) [HKLM] — {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
    O42 – Logiciel: Slingo Deluxe – (.WildTangent.) [HKLM] — WTA-c773b23d-eda4-435a-a8e8-ea45d32a15e0
    O42 – Logiciel: Spotify – (.Spotify AB.) [HKCU] — Spotify
    O42 – Logiciel: Synaptics TouchPad Driver – (.Synaptics Incorporated.) [HKLM] — SynTPDeinstKey
    O42 – Logiciel: Update Installer for WildTangent Games App – (.WildTangent.) [HKLM] — {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
    O42 – Logiciel: VC80CRTRedist – 8.0.50727.6195 – (.DivX, Inc.) [HKLM] — {933B4015-4618-4716-A828-5289FC03165F}
    O42 – Logiciel: Vacation Quest – The Hawaiian Islands – (.WildTangent.) [HKLM] — WTA-6e773c33-faa8-443e-8a3f-6efcad6a641a
    O42 – Logiciel: Virtual Villagers – The Secret City – (.WildTangent.) [HKLM] — WTA-5645d030-6408-462e-8559-761a80495bb5
    O42 – Logiciel: VirtualDJ Home FREE – (.Atomix Productions.) [HKLM] — {5E1375CB-6792-4464-8715-CC3EC83D48FA}
    O42 – Logiciel: Visionneuse Microsoft PowerPoint – (.Microsoft Corporation.) [HKLM] — {95140000-00AF-040C-0000-0000000FF1CE}
    O42 – Logiciel: Webplayer – (.Kreapixel.) [HKLM] — {F750DB0E-D452-3108-63C9-FE16BC686741} =>Adware.SocialSkinz
    O42 – Logiciel: WildTangent Games App (HP Games) – (.WildTangent.) [HKLM] — {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
    O42 – Logiciel: Zuma Deluxe – (.WildTangent.) [HKLM] — WTA-ac352f02-af99-4b01-b624-3f691d465835
    O42 – Logiciel: iTunes – (.Apple Inc..) [HKLM] — {B0261E53-B6F1-474A-864B-E7C3CBF468E0}
    ~ Logic: 68 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareATI]
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAppDataLowAurigma]
    [HKCUSoftwareAppDataLowSoftwareAdobe]
    [HKCUSoftwareAppDataLowSoftwareLyricsViewer-2] =>Adware.AddLyrics
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareApple Inc.]
    [HKCUSoftwareAudacity]
    [HKCUSoftwareBcmSetup]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareCyberLink]
    [HKCUSoftwareDivXNetworks]
    [HKCUSoftwareDivX]
    [HKCUSoftwareEvernote]
    [HKCUSoftwareGNU]
    [HKCUSoftwareGabest]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHaali]
    [HKCUSoftwareHewlett-Packard]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareLAV]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMainConcept]
    [HKCUSoftwareMalwarebytes’ Anti-Malware]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNorton]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareSkype]
    [HKCUSoftwareSymantec]
    [HKCUSoftwareSynaptics]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareUsbfix]
    [HKCUSoftwareVirtualDJ]
    [HKCUSoftwareWidcomm]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwarekde.org]
    [HKLMSoftwareAMD]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareATI]
    [HKLMSoftwareAdobe]
    [HKLMSoftwareAdwCleaner]
    [HKLMSoftwareAppDataLow]
    [HKLMSoftwareApple Computer, Inc.]
    [HKLMSoftwareApple Inc.]
    [HKLMSoftwareBroadcom]
    [HKLMSoftwareBrowserChoice]
    [HKLMSoftwareCBSTEST]
    [HKLMSoftwareCXT]
    [HKLMSoftwareCaphyon]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareCombined-Community-Codec-Pack]
    [HKLMSoftwareCyberlink]
    [HKLMSoftwareDivXNetworks]
    [HKLMSoftwareDivX]
    [HKLMSoftwareEasyBits]
    [HKLMSoftwareEvernote]
    [HKLMSoftwareGEAR Software]
    [HKLMSoftwareGNU]
    [HKLMSoftwareGabest]
    [HKLMSoftwareGoogle]
    [HKLMSoftwareHPQ]
    [HKLMSoftwareHaaliMkx]
    [HKLMSoftwareHewlett-Packard]
    [HKLMSoftwareIDT]
    [HKLMSoftwareIM Providers]
    [HKLMSoftwareInstalledOptions]
    [HKLMSoftwareInsyde]
    [HKLMSoftwareIntel]
    [HKLMSoftwareJavaSoft]
    [HKLMSoftwareJreMetrics]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMalwarebytes’ Anti-Malware (Trial)]
    [HKLMSoftwareMalwarebytes’ Anti-Malware]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRTLSetup]
    [HKLMSoftwareRealtek Semiconductor Corp.]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSkype]
    [HKLMSoftwareSonic]
    [HKLMSoftwareSymNRT]
    [HKLMSoftwareSymantec]
    [HKLMSoftwareSynaptics]
    [HKLMSoftwareVirtualDJ]
    [HKLMSoftwareWOW6432Node]
    [HKLMSoftwareWhlProvider]
    [HKLMSoftwareWidcomm]
    [HKLMSoftwareWildTangent]
    [HKLMSoftwareWin32 Services]
    ~ Key Software: 268 Scanned in 00mn 00s

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir,

    ICI comme demandé stp : https://antimalware.top/” onclick=”window.open(this.href);return false;

  • pat
    Nombre d'articles : 0

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 22/11/2013 – 22:43:21 – [448,543] —-D C:Program FilesAdobe
    O43 – CFD: 16/11/2011 – 00:56:53 – [1,861] —-D C:Program FilesAMD APP
    O43 – CFD: 20/12/2011 – 16:04:56 – [2,316] —-D C:Program FilesApple Software Update =>.Apple Inc
    O43 – CFD: 16/11/2011 – 00:55:18 – [16,532] —-D C:Program FilesATI
    O43 – CFD: 16/11/2011 – 00:56:37 – [67,236] —-D C:Program FilesATI Technologies
    O43 – CFD: 31/12/2011 – 15:09:04 – [40,707] —-D C:Program FilesAudacity 1.3 Beta (Unicode)
    O43 – CFD: 20/12/2011 – 16:03:55 – [0,602] —-D C:Program FilesBonjour
    O43 – CFD: 16/11/2011 – 01:06:14 – [13,285] —-D C:Program FilesBroadcom
    O43 – CFD: 16/11/2012 – 13:33:37 – [35,012] —-D C:Program FilesCombined Community Codec Pack
    O43 – CFD: 23/11/2013 – 20:57:38 – [431,348] —-D C:Program FilesCommon Files
    O43 – CFD: 16/11/2011 – 01:12:35 – [119,282] —-D C:Program FilesCyberLink
    O43 – CFD: 23/11/2013 – 20:59:29 – [164,778] —-D C:Program FilesDivX
    O43 – CFD: 31/08/2012 – 22:28:04 – [79,371] —-D C:Program FilesDVD Maker
    O43 – CFD: 12/08/2011 – 00:42:56 – [109,325] —-D C:Program FilesEasyBits For Kids
    O43 – CFD: 12/08/2011 – 00:15:51 – [278,025] —-D C:Program FilesEvernote
    O43 – CFD: 23/11/2013 – 20:10:47 – [31,440] —-D C:Program FilesFastMediaConverter
    O43 – CFD: 15/12/2011 – 16:30:57 – [0] -SH-D C:Program FilesFichiers communs
    O43 – CFD: 31/12/2011 – 13:40:51 – [13,520] —-D C:Program FilesFoxTabVideoConverter
    O43 – CFD: 18/08/2012 – 15:02:17 – [480,275] —-D C:Program FilesGoogle
    O43 – CFD: 12/10/2013 – 12:31:08 – [873,620] —-D C:Program FilesHewlett-Packard
    O43 – CFD: 12/08/2011 – 00:21:48 – [439,530] —-D C:Program FilesHP Games
    O43 – CFD: 16/11/2011 – 00:59:54 – [64,246] —-D C:Program FilesIDT
    O43 – CFD: 18/11/2012 – 04:52:06 – [27,192] –H-D C:Program FilesInstallShield Installation Information
    O43 – CFD: 09/12/2013 – 03:36:43 – [21,566] —-D C:Program FilesInternet Explorer
    O43 – CFD: 20/01/2013 – 03:51:31 – [1,770] —-D C:Program FilesiPod
    O43 – CFD: 20/01/2013 – 03:52:33 – [154,495] —-D C:Program FilesiTunes
    O43 – CFD: 10/09/2012 – 17:50:27 – [121,012] —-D C:Program FilesJava
    O43 – CFD: 11/12/2013 – 17:37:27 – [13,261] —-D C:Program FilesMalwarebytes’ Anti-Malware
    O43 – CFD: 16/11/2011 – 01:19:41 – [47,525] —-D C:Program FilesMicrosoft
    O43 – CFD: 27/09/2013 – 23:01:06 – [10,821] —-D C:Program FilesMicrosoft Application Virtualization Client
    O43 – CFD: 16/11/2011 – 10:45:38 – [140,966] —-D C:Program FilesMicrosoft Games
    O43 – CFD: 01/11/2012 – 13:32:24 – [51,655] —-D C:Program FilesMicrosoft Office
    O43 – CFD: 13/10/2013 – 14:11:56 – [40,851] —-D C:Program FilesMicrosoft Silverlight
    O43 – CFD: 12/08/2011 – 00:32:17 – [1,745] —-D C:Program FilesMicrosoft SQL Server Compact Edition
    O43 – CFD: 20/12/2011 – 00:16:29 – [0,015] —-D C:Program FilesMicrosoft.NET
    O43 – CFD: 23/11/2013 – 21:12:40 – [56,954] —-D C:Program FilesMobogenie
    O43 – CFD: 14/07/2009 – 05:52:30 – [0,025] —-D C:Program FilesMSBuild
    O43 – CFD: 02/11/2012 – 11:10:46 – [89,122] —-D C:Program FilesMSECache
    O43 – CFD: 15/12/2011 – 16:32:29 – [20,926] R—D C:Program FilesOnline Services
    O43 – CFD: 12/10/2013 – 10:49:01 – [16,072] —-D C:Program FilesRealtek
    O43 – CFD: 14/07/2009 – 05:52:30 – [37,357] —-D C:Program FilesReference Assemblies
    O43 – CFD: 28/09/2013 – 21:05:17 – [40,249] R—D C:Program FilesSkype
    O43 – CFD: 16/11/2011 – 01:20:51 – [0,727] —-D C:Program FilesSymSilent
    O43 – CFD: 16/11/2011 – 00:57:33 – [74,440] —-D C:Program FilesSynaptics
    O43 – CFD: 14/07/2009 – 05:53:23 – [0] –H-D C:Program FilesUninstall Information
    O43 – CFD: 31/12/2011 – 15:27:32 – [19,534] —-D C:Program FilesVirtualDJ
    O43 – CFD: 16/11/2011 – 01:03:49 – [161,602] —-D C:Program FilesWIDCOMM
    O43 – CFD: 12/08/2011 – 00:17:29 – [9,237] —-D C:Program FilesWildTangent Games
    O43 – CFD: 18/08/2013 – 16:09:08 – [2,909] —-D C:Program FilesWindows Defender
    O43 – CFD: 12/08/2011 – 00:33:37 – [179,851] —-D C:Program FilesWindows Live
    O43 – CFD: 31/08/2012 – 22:28:04 – [5,895] —-D C:Program FilesWindows Mail =>.Microsoft Corporation
    O43 – CFD: 31/08/2012 – 22:28:04 – [6,298] —-D C:Program FilesWindows Media Player =>.Microsoft Corporation
    O43 – CFD: 15/12/2011 – 16:30:57 – [11,632] —-D C:Program FilesWindows NT
    O43 – CFD: 31/08/2012 – 22:28:04 – [4,213] —-D C:Program FilesWindows Photo Viewer
    O43 – CFD: 20/11/2010 – 22:33:48 – [0,181] —-D C:Program FilesWindows Portable Devices
    O43 – CFD: 15/12/2011 – 16:32:22 – [6,374] —-D C:Program FilesWindows Sidebar
    O43 – CFD: 11/12/2013 – 22:23:46 – [23,820] —-D C:Program FilesZHPDiag =>.Nicolas Coolman
    O43 – CFD: 12/08/2011 – 00:36:17 – [17,968] —-D C:Program FilesCommon FilesAdobe
    O43 – CFD: 22/11/2013 – 22:43:20 – [45,951] —-D C:Program FilesCommon FilesAdobe AIR
    O43 – CFD: 20/01/2013 – 03:51:30 – [112,398] —-D C:Program FilesCommon FilesApple
    O43 – CFD: 16/11/2011 – 00:56:50 – [0,230] —-D C:Program FilesCommon FilesATI Technologies
    O43 – CFD: 07/03/2012 – 22:11:02 – [0,095] —-D C:Program FilesCommon FilesDESIGNER
    O43 – CFD: 23/11/2013 – 20:58:45 – [36,259] —-D C:Program FilesCommon FilesDivX Shared
    O43 – CFD: 10/09/2012 – 17:51:37 – [1,184] —-D C:Program FilesCommon FilesJava
    O43 – CFD: 01/11/2012 – 13:32:25 – [166,390] —-D C:Program FilesCommon Filesmicrosoft shared
    O43 – CFD: 14/07/2009 – 03:37:05 – [0,003] —-D C:Program FilesCommon FilesServices
    O43 – CFD: 12/05/2013 – 07:24:01 – [1,904] —-D C:Program FilesCommon FilesSkype
    O43 – CFD: 14/07/2009 – 03:37:05 – [39,200] —-D C:Program FilesCommon FilesSpeechEngines
    O43 – CFD: 31/08/2012 – 22:28:04 – [9,767] —-D C:Program FilesCommon FilesSystem
    O43 – CFD: 12/08/2011 – 00:26:13 – [0] —-D C:Program FilesCommon FilesWindows Live
    O43 – CFD: 20/01/2013 – 03:52:33 – [2,446] —-D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    O43 – CFD: 22/11/2013 – 22:43:27 – [26,936] —-D C:ProgramDataAdobe
    O43 – CFD: 20/12/2011 – 16:04:50 – [63,465] —-D C:ProgramDataApple
    O43 – CFD: 20/12/2011 – 16:20:14 – [56,778] —-D C:ProgramDataApple Computer
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 16/11/2011 – 01:29:22 – [0] —-D C:ProgramDataATI
    O43 – CFD: 15/12/2011 – 16:30:57 – [0] -SH-D C:ProgramDataBureau
    O43 – CFD: 18/12/2012 – 16:20:36 – [0,013] —-D C:ProgramDataCyberLink
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataDesktop
    O43 – CFD: 23/11/2013 – 20:59:29 – [8,781] —-D C:ProgramDataDivX
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataDocuments
    O43 – CFD: 15/12/2011 – 16:30:57 – [0] -SH-D C:ProgramDataFavoris
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataFavorites
    O43 – CFD: 18/08/2012 – 15:01:05 – [0,012] —-D C:ProgramDataGoogle
    O43 – CFD: 10/06/2013 – 12:56:30 – [4,551] —-D C:ProgramDataHewlett-Packard
    O43 – CFD: 10/11/2013 – 19:22:51 – [6,896] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 15/12/2011 – 16:30:57 – [0] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 07/03/2012 – 22:12:07 – [-1679,883] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 30/10/2012 – 13:17:59 – [0,048] —-D C:ProgramDataMicrosoft Help
    O43 – CFD: 15/12/2011 – 16:30:57 – [0] -SH-D C:ProgramDataModèles
    O43 – CFD: 10/11/2013 – 01:04:04 – [0,022] —-D C:ProgramDataNorton
    O43 – CFD: 10/11/2013 – 00:22:23 – [9,068] —-D C:ProgramDataNortonInstaller
    O43 – CFD: 28/09/2013 – 21:05:31 – [90,363] —-D C:ProgramDataSkype
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 10/09/2012 – 17:51:38 – [0] —-D C:ProgramDataSun
    O43 – CFD: 16/11/2011 – 01:28:24 – [0,002] —-D C:ProgramDataSynaptics
    O43 – CFD: 16/11/2011 – 01:19:01 – [0,086] —-D C:ProgramDataTemp
    O43 – CFD: 14/07/2009 – 05:53:55 – [0] -SH-D C:ProgramDataTemplates
    O43 – CFD: 10/03/2012 – 22:58:17 – [0] —-D C:ProgramDataVirtualizedApplications
    O43 – CFD: 12/08/2011 – 00:21:44 – [1643,968] —-D C:ProgramDataWildTangent
    O43 – CFD: 20/12/2011 – 16:21:52 – [0,003] —-D C:ProgramData{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    O43 – CFD: 18/11/2012 – 04:43:14 – [39,643] —-D C:ProgramData{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    O43 – CFD: 22/11/2013 – 22:43:11 – [15,360] —-D C:UserspoeAppDataRoamingAdobe
    O43 – CFD: 26/12/2011 – 22:26:54 – [-41,088] —-D C:UserspoeAppDataRoamingApple Computer
    O43 – CFD: 15/12/2011 – 16:39:01 – [0] —-D C:UserspoeAppDataRoamingATI
    O43 – CFD: 30/09/2013 – 18:05:36 – [0,005] —-D C:UserspoeAppDataRoamingAudacity
    O43 – CFD: 01/02/2012 – 20:58:35 – [0,073] —-D C:UserspoeAppDataRoamingCyberLink
    O43 – CFD: 23/11/2013 – 21:17:59 – [0,037] —-D C:UserspoeAppDataRoamingDivX
    O43 – CFD: 23/11/2013 – 20:10:47 – [0,014] —-D C:UserspoeAppDataRoamingFastMediaConverter
    O43 – CFD: 23/12/2011 – 17:52:40 – [0,047] —-D C:UserspoeAppDataRoamingHewlett-Packard
    O43 – CFD: 18/11/2012 – 04:44:31 – [0,343] —-D C:UserspoeAppDataRoaminghpqlog
    O43 – CFD: 15/12/2011 – 16:37:34 – [0] —-D C:UserspoeAppDataRoamingIdentities
    O43 – CFD: 31/12/2011 – 15:25:09 – [0,003] —-D C:UserspoeAppDataRoamingIDT
    O43 – CFD: 12/10/2013 – 10:52:25 – [0] —-D C:UserspoeAppDataRoamingInstallShield
    O43 – CFD: 15/12/2011 – 16:42:32 – [0,101] —-D C:UserspoeAppDataRoamingMacromedia
    O43 – CFD: 10/11/2013 – 19:23:09 – [124,963] —-D C:UserspoeAppDataRoamingMalwarebytes
    O43 – CFD: 16/11/2011 – 10:45:35 – [0] —-D C:UserspoeAppDataRoamingMedia Center Programs
    O43 – CFD: 16/11/2012 – 13:35:04 – [0] —-D C:UserspoeAppDataRoamingMedia Player Classic
    O43 – CFD: 22/11/2013 – 22:46:56 – [11,967] -S–D C:UserspoeAppDataRoamingMicrosoft
    O43 – CFD: 11/12/2013 – 21:41:53 – [5,320] —-D C:UserspoeAppDataRoamingSkype
    O43 – CFD: 11/12/2013 – 12:40:20 – [5,063] —-D C:UserspoeAppDataRoamingSoftGrid Client
    O43 – CFD: 11/12/2013 – 21:53:20 – [41,568] —-D C:UserspoeAppDataRoamingSpotify
    O43 – CFD: 15/12/2011 – 16:38:02 – [0] —-D C:UserspoeAppDataRoamingSynaptics
    O43 – CFD: 07/03/2012 – 22:12:48 – [0] —-D C:UserspoeAppDataRoamingTP
    O43 – CFD: 18/11/2012 – 17:00:40 – [0] —-D C:UserspoeAppDataRoamingWindows Live Writer
    O43 – CFD: 11/12/2013 – 12:43:27 – [0] —-D C:UserspoeAppDataRoamingwp_update =>PUP.WpManager
    O43 – CFD: 11/12/2013 – 22:24:57 – [0,387] —-D C:UserspoeAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 22/11/2013 – 22:43:07 – [0,321] —-D C:UserspoeAppDataLocalAdobe
    O43 – CFD: 20/12/2011 – 16:05:01 – [0] —-D C:UserspoeAppDataLocalApple
    O43 – CFD: 20/12/2011 – 16:22:31 – [27,513] —-D C:UserspoeAppDataLocalApple Computer
    O43 – CFD: 15/12/2011 – 16:31:21 – [0] -SH-D C:UserspoeAppDataLocalApplication Data
    O43 – CFD: 15/12/2011 – 16:39:01 – [0,058] —-D C:UserspoeAppDataLocalATI
    O43 – CFD: 15/12/2011 – 16:38:23 – [0] —-D C:UserspoeAppDataLocalBroadcom
    O43 – CFD: 23/11/2013 – 21:12:50 – [0] —-D C:UserspoeAppDataLocalcache
    O43 – CFD: 11/12/2013 – 08:28:58 – [13,090] —-D C:UserspoeAppDataLocalCrashDumps
    O43 – CFD: 01/02/2012 – 20:58:34 – [0,005] —-D C:UserspoeAppDataLocalCyberLink
    O43 – CFD: 10/12/2013 – 22:50:47 – [0,705] —-D C:UserspoeAppDataLocalDiagnostics
    O43 – CFD: 16/11/2013 – 09:37:55 – [0] —-D C:UserspoeAppDataLocalElevatedDiagnostics
    O43 – CFD: 02/01/2013 – 15:27:41 – [0,001] —-D C:UserspoeAppDataLocalEvernote
    O43 – CFD: 18/08/2012 – 15:02:40 – [684,493] —-D C:UserspoeAppDataLocalGoogle
    O43 – CFD: 26/02/2012 – 12:42:40 – [0,023] —-D C:UserspoeAppDataLocalHewlett-Packard
    O43 – CFD: 15/12/2011 – 16:32:19 – [0,002] —-D C:UserspoeAppDataLocalHewlett-Packard_Company
    O43 – CFD: 15/12/2011 – 16:31:21 – [0] -SH-D C:UserspoeAppDataLocalHistorique
    O43 – CFD: 09/12/2013 – 03:38:45 – [1468,286] —-D C:UserspoeAppDataLocalMicrosoft
    O43 – CFD: 30/10/2012 – 13:17:58 – [0] —-D C:UserspoeAppDataLocalMicrosoft Help
    O43 – CFD: 25/11/2013 – 23:06:52 – [78,927] —-D C:UserspoeAppDataLocalMobogenie
    O43 – CFD: 10/11/2013 – 19:22:09 – [0] —-D C:UserspoeAppDataLocalPrograms
    O43 – CFD: 15/12/2011 – 16:36:47 – [0] —-D C:UserspoeAppDataLocalRemEngine
    O43 – CFD: 07/03/2012 – 22:12:32 – [4,719] —-D C:UserspoeAppDataLocalSoftGrid Client
    O43 – CFD: 21/10/2012 – 12:55:58 – [130,852] —-D C:UserspoeAppDataLocalSpotify
    O43 – CFD: 11/12/2013 – 22:23:26 – [0,102] —-D C:UserspoeAppDataLocalTemp
    O43 – CFD: 15/12/2011 – 16:31:21 – [0] -SH-D C:UserspoeAppDataLocalTemporary Internet Files
    O43 – CFD: 15/12/2011 – 16:31:22 – [0] —-D C:UserspoeAppDataLocalVirtualStore
    O43 – CFD: 18/11/2012 – 17:00:10 – [0,129] —-D C:UserspoeAppDataLocalWindows Live
    O43 – CFD: 18/11/2012 – 17:00:52 – [0,618] —-D C:UserspoeAppDataLocalWindows Live Writer
    O43 – CFD: 14/07/2009 – 05:42:04 – [0,014] R—D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 28/09/2013 – 21:03:06 – [0] R—D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 14/02/2012 – 23:13:57 – [0,001] —-D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsFoxTab Video Converter
    O43 – CFD: 14/07/2009 – 05:37:42 – [0,001] R—D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 23/11/2013 – 20:56:22 – [0,003] —-D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsMobogenie
    O43 – CFD: 11/12/2013 – 21:50:26 – [0,070] R—D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 31/12/2011 – 15:27:38 – [0,007] —-D C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsVirtualDJ
    ~ Program Folder: 162 Scanned in 00mn 33s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.F7B6E341F4B1947BEC0E14EEBE3C627E] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – ADVPACK.) — C:WindowsSystem32IEAdvpack.dll [111616]
    O44 – LFC:[MD5.5EC13202430A3EB68DFF44CF1FEEA2BE] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – DAC for Trident DOM.) — C:WindowsSystem32MshtmlDac.dll [61952]
    O44 – LFC:[MD5.AE6A2C5ECD3E96556E22F12816842F60] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – DLL de ressource du composant d’édition HTM.) — C:WindowsSystem32mshtmler.dll [48640]
    O44 – LFC:[MD5.ABDFC692D9FE43E2BA8FE6CB5A8CB95A] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Hôte des applications HTML de Microsoft(R).) — C:WindowsSystem32mshta.exe [13312]
    O44 – LFC:[MD5.4D4726D1AD5ED1590A62685F92900594] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE ETW Collector Proxy Stub Resources.) — C:WindowsSystem32ieetwproxystub.dll [51200]
    O44 – LFC:[MD5.C629D814E48CAA81E0D806BD7ECA98B8] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE ETW Collector Service Resources.) — C:WindowsSystem32ieetwcollectorres.dll [4096]
    O44 – LFC:[MD5.14E18520903F925D296C8E29BDE6BD43] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE ETW Collector Service.) — C:WindowsSystem32ieetwcollector.exe [108032]
    O44 – LFC:[MD5.4BCC7EB5F20840DA67943BD86AE95735] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE PNG plugin image decoder.) — C:WindowsSystem32pngfilt.dll [56832]
    O44 – LFC:[MD5.83F49FD1BC0A999B006D564C540C7258] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE Sysprep Provider.) — C:WindowsSystem32iesysprep.dll [86016]
    O44 – LFC:[MD5.6EB0B7301E00F717BD68A742D1391FAF] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – IE plugin image decoder support DLL.) — C:WindowsSystem32imgutil.dll [36352]
    O44 – LFC:[MD5.779E142FE2159935E78C0FA2E190FF1E] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript.dll [610304]
    O44 – LFC:[MD5.AE254DBF16E3E3D7C35ED017B4B55EC6] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Microsoft (R) JScript.) — C:WindowsSystem32jscript9.dll [4240384]
    O44 – LFC:[MD5.53FC62C51CB18C9100A7DFAF2D2A6C47] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Microsoft Feeds Synchronization.) — C:WindowsSystem32msfeedssync.exe [12800]
    O44 – LFC:[MD5.809804D8AED97AEA96B3D4B66A4C5C70] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Microsoft ® JScript Diagnostics.) — C:WindowsSystem32jscript9diag.dll [553472]
    O44 – LFC:[MD5.BC2C13A3B664B686DA52D558FE5502FC] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Microsoft® MSHTML Typelib.) — C:WindowsSystem32mshtml.tlb [2724864]
    O44 – LFC:[MD5.F705F52FC41577641E82B9934728B02C] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Moteur de l’interface utilisateur d’Interne.) — C:WindowsSystem32ieui.dll [440832]
    O44 – LFC:[MD5.22868FAAF9C851BFA924B8D7EDB6CBC1] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Navigateur Internet.) — C:WindowsSystem32ieframe.dll [11220992]
    O44 – LFC:[MD5.1200D9C7DB0ADC1B8143A0A9921BF7DA] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Object Control Viewer.) — C:WindowsSystem32occache.dll [127488]
    O44 – LFC:[MD5.1AFBAA54BDF637F69B8E02A5578286B0] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Objets homologues Internet Explorer.) — C:WindowsSystem32iepeers.dll [116736]
    O44 – LFC:[MD5.F8DE2F74CD4323BABBDACAADD9A39254] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Outil d’installation sans assistance d’IE 7.) — C:WindowsSystem32ieUnatt.exe [112128]
    O44 – LFC:[MD5.887055A3C8DD6C87D200D11EAFDBD45B] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Sets the date that IE was installed.) — C:WindowsSystem32SetIEInstalledDate.exe [74240]
    O44 – LFC:[MD5.55969AADF0210A614700F89B48976F68] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Synchronisation en arrière-plan des flux Mi.) — C:WindowsSystem32msfeedsbs.dll [43008]
    O44 – LFC:[MD5.F9F114B2A6F876C92D317A755494F233] – 09/12/2013 – 03:02:52 —A- . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll [17142784]
    O44 – LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] – 09/12/2013 – 03:02:53 —A- . (…) — C:WindowsSystem32ieuinit.inf [16284]
    O44 – LFC:[MD5.6A92CEC8532056791C6832B2725D170D] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Auto-extracteur de fichier CAB Win32.) — C:WindowsSystem32wextract.exe [139264]
    O44 – LFC:[MD5.03B3541AE6986602CF9CB5B3AD169C33] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Contrôleur de site Web.) — C:WindowsSystem32webcheck.dll [208384]
    O44 – LFC:[MD5.D9F12F54E3B5A092F1D5F191F5286E53] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Convertisseur Microsoft HTML.) — C:WindowsSystem32html.iec [337408]
    O44 – LFC:[MD5.44D5C650C971910827EA65B4D989ED94] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – DLL de gestion d’utilisateur local et de co.) — C:WindowsSystem32msrating.dll [164864]
    O44 – LFC:[MD5.AB3B2CA52AFB695AFCDD2620A21E5B21] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – DLL du Gestionnaire de licences Microsoft®.) — C:WindowsSystem32licmgr10.dll [24576]
    O44 – LFC:[MD5.AD27563BC16AB1EAACAE3033E99C2F78] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – ELS Hyphenation Service.) — C:WindowsSystem32elshyph.dll [194048]
    O44 – LFC:[MD5.B5EB5BD3066959611E1F7A80FD6CC172] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Extensions Internet pour Win32.) — C:WindowsSystem32wininet.dll [1818112]
    O44 – LFC:[MD5.2EE1E467D73642AFDDB03019F58C252B] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Extensions OLE32 pour Win32.) — C:WindowsSystem32urlmon.dll [1156608]
    O44 – LFC:[MD5.BE8B10D84DDD8F43A32EE013B54F5287] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – IOD Version Map.) — C:WindowsSystem32iesetup.dll [61952]
    O44 – LFC:[MD5.CFCE4EFF1D6D909EE2EA3AFCB8F1E677] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Internet Shortcut Shell Extension DLL.) — C:WindowsSystem32url.dll [233472]
    O44 – LFC:[MD5.4A7956EE34BE56D20C54CF6A47693C25] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – JScript Proxy Auto-Configuration.) — C:WindowsSystem32jsproxy.dll [43008]
    O44 – LFC:[MD5.FB0D1CC2911A0645DDA6C0608473EB55] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – JavaScript Performance Collection Agent.) — C:WindowsSystem32JavaScriptCollectionAgent.dll [34816]
    O44 – LFC:[MD5.2AF48780D879AFC43733159CB29CD8BD] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft (R) HTML Media DLL.) — C:WindowsSystem32mshtmlmedia.dll [1051136]
    O44 – LFC:[MD5.71144A47CD02FDDC77DDF5EB5315767F] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft Feeds Manager.) — C:WindowsSystem32msfeeds.dll [523776]
    O44 – LFC:[MD5.4F032F1FDEFEA5EC8EEA3562643B5EE8] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft Information Card IE Helper.) — C:WindowsSystem32icardie.dll [69120]
    O44 – LFC:[MD5.298FDE634538B62CEEEC266D8773B21A] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft Line Services library file.) — C:WindowsSystem32msls31.dll [182272]
    O44 – LFC:[MD5.C17139EAF939964142C7A1AEEE02DC81] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter Data File.) — C:WindowsSystem32ieapfltr.dat [616104]
    O44 – LFC:[MD5.433161597584186EF806EFC8EA530433] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft SmartScreen Filter.) — C:WindowsSystem32ieapfltr.dll [703488]
    O44 – LFC:[MD5.C611C6ED5ECFE4608BA79472DFE3D49C] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft Spell Checking Facility.) — C:WindowsSystem32MsSpellCheckingFacility.exe [646144]
    O44 – LFC:[MD5.6A794439B6612E43FEDE0217C919B652] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft ® VBScript.) — C:WindowsSystem32vbscript.dll [454656]
    O44 – LFC:[MD5.64831CAD496A073398853A34A5813675] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Microsoft® HTML Editing Component.) — C:WindowsSystem32mshtmled.dll [69632]
    O44 – LFC:[MD5.EC7038154490E50ACD405A022F51B204] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Moteur d’installation.) — C:WindowsSystem32inseng.dll [83456]
    O44 – LFC:[MD5.81A605B0F3A29A117AB83A08D40F772F] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Panneau de configuration Internet.) — C:WindowsSystem32inetcpl.cpl [1926656]
    O44 – LFC:[MD5.6922D7ED84AE102504174922D5D42F49] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Personnalisation d’IEAK.) — C:WindowsSystem32iedkcs32.dll [238288]
    O44 – LFC:[MD5.C1A6E565B2782C09BC40AD749B46D9ED] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Registers custom PKEYs for IE.) — C:WindowsSystem32RegisterIEPKEYs.exe [71680]
    O44 – LFC:[MD5.B68750104FBA545C633B7E9AEA660208] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Run time utility for Internet Explorer.) — C:WindowsSystem32iertutil.dll [2166272]
    O44 – LFC:[MD5.9E170B0AF156B478BD2B1FD6A2250C9E] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – TDC ActiveX Control.) — C:WindowsSystem32tdc.ocx [62464]
    O44 – LFC:[MD5.5DFE55E0221F0C5FA4D6CECFA72B1D78] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Traitement de RunOnce complet avec interfac.) — C:WindowsSystem32iernonce.dll [32768]
    O44 – LFC:[MD5.D6BC25D55501DE093757675B3B120867] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Expl.) — C:WindowsSystem32ie4uinit.exe [208896]
    O44 – LFC:[MD5.9B8701A380CEE1B05D651B4ED4048C8F] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Windows Globalization.) — C:WindowsSystem32jsIntl.dll [645120]
    O44 – LFC:[MD5.9A33FDDD687A836A1FD478B43C5A95FD] – 09/12/2013 – 03:02:53 —A- . (.Microsoft Corporation – Wizard.) — C:WindowsSystem32iexpress.exe [151552]
    O44 – LFC:[MD5.C730B24DC5547D82BA3EF17FD4363552] – 09/12/2013 – 03:09:24 —A- . (…) — C:WindowsIE11_main.log [9945]
    O44 – LFC:[MD5.A6EA2865715B5E7CE24F4325D27C8A88] – 11/12/2013 – 08:33:15 —A- . (…) — C:PhysicalDisk0_MBR.bin [512]
    O44 – LFC:[MD5.F4BEFB6085B2E6541E2C7B0D2D3E8381] – 11/12/2013 – 13:18:34 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1551212]
    O44 – LFC:[MD5.6DF48A502C8B58F00B7B9FBF177450E4] – 11/12/2013 – 13:18:34 —A- . (…) — C:WindowsSystem32perfc009.dat [106574]
    O44 – LFC:[MD5.025F0901DEBDADCC0DA0929241D9AFB8] – 11/12/2013 – 13:18:34 —A- . (…) — C:WindowsSystem32perfc00C.dat [130940]
    O44 – LFC:[MD5.519B5E9664EDAC391D33F4796AA7977B] – 11/12/2013 – 13:18:34 —A- . (…) — C:WindowsSystem32perfh009.dat [616452]
    O44 – LFC:[MD5.1720017382749E401EBAFD188B991471] – 11/12/2013 – 13:18:34 —A- . (…) — C:WindowsSystem32perfh00C.dat [704924]
    O44 – LFC:[MD5.40F5DBC46E7F6154DE8918473C2E66CF] – 11/12/2013 – 16:37:06 —A- . (…) — C:WindowsPFRO.log [774038]
    O44 – LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] – 11/12/2013 – 17:40:32 —A- . (.Malwarebytes Corporation – Malwarebytes’ Anti-Malware.) — C:WindowsSystem32Driversmbamswissarmy.sys [40776]
    O44 – LFC:[MD5.7211337538433AD9F0B211879D1013D0] – 11/12/2013 – 21:52:05 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.88B3E89F2DD76A3410227F7B06006C01] – 11/12/2013 – 21:52:06 —A- . (…) — C:Windowssetupact.log [77765]
    O44 – LFC:[MD5.BFA6AC29EA163334EE7E3BD8E62BD2E9] – 11/12/2013 – 21:57:25 —A- . (…) — C:WindowsWindowsUpdate.log [1148718]
    O44 – LFC:[MD5.72F2D357120F95C1E725C22915FE95E1] – 11/12/2013 – 22:14:28 —A- . (…) — C:WindowsWORDPAD.INI [193]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 29/11/2013 – 22:30:41 —A- . (…) — C:WindowsSystem32HP_ActiveX_Patch_NOT_DETECTED.txt [0]
    O44 – LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] – 29/11/2013 – 22:31:18 —A- . (…) — C:WindowsSystem32DOErrors.log [52]
    ~ Files: 72 Scanned in 00mn 08s

    —\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 – SEH:ShellExecuteHooks – EasyBits Security Shield Hook – prevents launching insecure programs by kids – {E54729E8-BB3D-4270-9D49-7389EA579090} – C:Windowssystem32EZUPBH~1.DLL
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Broadcom Corporation. – BtwProximityCP DLL.) — C:Program FilesWIDCOMMBluetooth SoftwareBtwProximityCP.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corp. – LiveSSP.) — C:WindowsSystem32livessp.dll
    ~ LSA: 10 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Encoder Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 13 Scanned in 00mn 00s

    —\ Recherche d’infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: Drivers32″vidc.cvid”=”iccvid.dll” . (.Radius Inc. – Codec Cinepak®.) — C:WindowsSystem32iccvid.dll
    O52 – TDSD: Drivers32″vidc.DIVX”=”DivX.dll” . (.DivX, Inc. – DivX.) — C:WindowsSystem32DivX.dll
    O52 – TDSD: Drivers32″vidc.yv12″=”DivX.dll” . (.DivX, Inc. – DivX.) — C:WindowsSystem32DivX.dll
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 5 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKCU…PoliciesSystem] – “DisableRegistryTools”=0
    O55 – MWPS:[HKCU…PoliciesSystem] – “DisableTaskMgr”=0
    ~ MWPS: 18 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “EnableShellExecuteHooks”=1
    ~ MWPE Keys: 1 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] – 27/05/2011 – 11:20:12 —A- . (.Hewlett-Packard Company – HP Accelerometer.) — C:WindowsSystem32DriversAccelerometer.sys [35896]
    O58 – SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] – 14/07/2009 – 02:26:15 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [422976]
    O58 – SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] – 14/07/2009 – 02:26:17 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [297552]
    O58 – SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] – 14/07/2009 – 02:26:15 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver.) — C:WindowsSystem32Driversadpu320.sys [146512]
    O58 – SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] – 14/07/2009 – 02:26:15 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [14400]
    O58 – SDL:[MD5.D320BF87125326F996D4904FE24300FC] – 12/08/2011 – 09:45:40 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [80256]
    O58 – SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] – 14/07/2009 – 02:26:15 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows fa.) — C:WindowsSystem32Driversamdsbs.sys [159312]
    O58 – SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] – 12/08/2011 – 09:45:40 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [22400]
    O58 – SDL:[MD5.D4D9F054F50CC176B8AD96957CBF34A0] – 16/04/2011 – 11:37:46 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamd_sata.sys [66688]
    O58 – SDL:[MD5.3D50F8F1A7BEC39E3225203A34BB2BF6] – 16/04/2011 – 11:37:46 —A- . (.Advanced Micro Devices – Stor Filter Driver.) — C:WindowsSystem32Driversamd_xata.sys [33408]
    O58 – SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] – 14/07/2009 – 02:26:15 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [76368]
    O58 – SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] – 14/07/2009 – 02:26:15 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [86608]
    O58 – SDL:[MD5.95B1E9804CA10D096C0383F7C6684950] – 18/11/2010 – 05:04:24 —A- . (.Advanced Micro Devices – AMD High Definition Audio Function Driver.) — C:WindowsSystem32DriversAtihdW73.sys [101392]
    O58 – SDL:[MD5.6911F33DAA966A55E334A5EDB2EC72E7] – 29/06/2011 – 21:11:20 —A- . (.ATI Technologies Inc. – ATI Radeon Kernel Mode Driver.) — C:WindowsSystem32Driversatikmdag.sys [7811072]
    O58 – SDL:[MD5.BB997F7D3C818018D79B9502A022F9D0] – 29/06/2011 – 19:11:00 —A- . (.Advanced Micro Devices, Inc. – AMD multi-vendor Miniport Driver.) — C:WindowsSystem32Driversatikmpag.sys [245760]
    O58 – SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] – 13/07/2009 – 23:02:49 —A- . (.Broadcom Corporation – Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) — C:WindowsSystem32Driversb57nd60x.sys [229888]
    O58 – SDL:[MD5.4F9912EACECCE9D12CCFBFCAA156BEE7] – 15/07/2011 – 09:15:40 —A- . (.Broadcom Corporation. – Broadcom Bluetooth Firmware Download Filter.) — C:WindowsSystem32Driversbcbtums.sys [142504]
    O58 – SDL:[MD5.2F99646BFA13BDBAD5798B2AF7EE68F8] – 12/10/2013 – 10:51:50 —A- . (.Broadcom Corporation – Broadcom 802.11 Network Adapter wireless driver.) — C:WindowsSystem32DriversBCMWL6.SYS [4267072]
    O58 – SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] – 13/07/2009 – 23:53:28 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [13568]
    O58 – SDL:[MD5.56801AD62213A41F6497F96DEE83755A] – 13/07/2009 – 23:53:28 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [5248]
    O58 – SDL:[MD5.845B8CE732E67F3B4133164868C666EA] – 14/07/2009 – 01:57:25 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [272128]
    O58 – SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] – 13/07/2009 – 23:53:32 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [62336]
    O58 – SDL:[MD5.BD456606156BA17E60A04E18016AE54B] – 13/07/2009 – 23:53:33 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [12160]
    O58 – SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] – 13/07/2009 – 23:53:33 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [11904]
    O58 – SDL:[MD5.65CEF580FA6FB48244B9D464E45EF1B1] – 15/07/2011 – 09:15:40 —A- . (.Broadcom Corporation. – Broadcom Bluetooth USB AMP Filter for Windows Vista.) — C:WindowsSystem32Driversbtwampfl.sys [551976]
    O58 – SDL:[MD5.3061375777DDEEA15F971FF2AD76616C] – 15/07/2011 – 09:15:38 —A- . (.Broadcom Corporation. – Bluetooth Audio Device.) — C:WindowsSystem32Driversbtwaudio.sys [140328]
    O58 – SDL:[MD5.9A56B7B15ACE85B6E711445D19773A20] – 15/07/2011 – 09:15:38 —A- . (.Broadcom Corporation. – Broadcom Bluetooth AVDT Service.) — C:WindowsSystem32Driversbtwavdt.sys [148520]
    O58 – SDL:[MD5.4C0B3D7ED5B6057FD14895355E6F3F26] – 15/07/2011 – 09:15:40 —A- . (.Broadcom Corporation. – Bluetooth LAN Access Server Driver.) — C:WindowsSystem32Driversbtwdpan.sys [76328]
    O58 – SDL:[MD5.53F0EDC6FAF9CE6C5E53EE7EF8D411C0] – 15/07/2011 – 09:15:38 —A- . (.Broadcom Corporation. – Broadcom Bluetooth L2CAP Service.) — C:WindowsSystem32Driversbtwl2cap.sys [33832]
    O58 – SDL:[MD5.56E6441AD2BE1BA9EF6E3757A4A71C82] – 15/07/2011 – 09:15:38 —A- . (.Broadcom Corporation. – Bluetooth Remote Control HID Minidriver.) — C:WindowsSystem32Driversbtwrchid.sys [18728]
    O58 – SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] – 13/07/2009 – 23:02:48 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbdx.sys [430080]
    O58 – SDL:[MD5.125C828BF3673406DFD642D7BEE8434F] – 28/07/2010 – 09:13:42 —A- . (.CyberLink Corporation – CyberLink WebCam Virtual Driver.) — C:WindowsSystem32Driversclwvd.sys [27632]
    O58 – SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] – 14/07/2009 – 02:26:21 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [15952]
    O58 – SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] – 14/07/2009 – 02:20:28 —A- . (.Adaptec, Inc. – Adaptec Ultra SCSI miniport.) — C:WindowsSystem32Driversdjsvs.sys [70720]
    O58 – SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] – 14/07/2009 – 02:20:28 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [453712]
    O58 – SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] – 13/07/2009 – 23:02:48 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbdx.sys [3100160]
    O58 – SDL:[MD5.185ADA973B5020655CEE342059A86CBB] – 21/08/2012 – 13:01:22 —A- . (.GEAR Software Inc. – CD DVD Filter.) — C:WindowsSystem32DriversGEARAspiWDM.sys [26840]
    O58 – SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] – 13/07/2009 – 23:54:14 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [26624]
    O58 – SDL:[MD5.4EF10B866C62ABBEAF7511CDD05A19BE] – 27/05/2011 – 11:20:12 —A- . (.Hewlett-Packard Company – HP Disk Filter – SATA/RAID.) — C:WindowsSystem32Drivershpdskflt.sys [25656]
    O58 – SDL:[MD5.295FDC419039090EB8B49FFDBB374549] – 14/07/2009 – 02:20:28 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [67152]
    O58 – SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] – 12/08/2011 – 09:45:40 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – ia32.) — C:WindowsSystem32DriversiaStorV.sys [332160]
    O58 – SDL:[MD5.4173FF5708F3236CF25195FECD742915] – 14/07/2009 – 02:20:36 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [41040]
    O58 – SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] – 14/07/2009 – 02:20:36 —A- . (.LSI Corporation – LSI Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [95824]
    O58 – SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] – 14/07/2009 – 02:20:37 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [89168]
    O58 – SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] – 14/07/2009 – 02:20:36 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [54864]
    O58 – SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] – 14/07/2009 – 02:20:36 —A- . (.LSI Corporation – LSI Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [96848]
    O58 – SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] – 04/04/2013 – 14:50:32 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [22856]
    O58 – SDL:[MD5.0DB7527DB188C7D967A37BB51BBF3963] – 11/12/2013 – 17:40:32 —A- . (.Malwarebytes Corporation – Malwarebytes’ Anti-Malware.) — C:WindowsSystem32Driversmbamswissarmy.sys [40776]
    O58 – SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] – 14/07/2009 – 02:20:36 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows 7 for x86.) — C:WindowsSystem32Driversmegasas.sys [30800]
    O58 – SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] – 14/07/2009 – 02:20:36 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [235584]
    O58 – SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] – 14/07/2009 – 02:20:44 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [44624]
    O58 – SDL:[MD5.B5E37E31C053BC9950455A257526514B] – 13/07/2009 – 23:02:52 —A- . (.NVIDIA Corporation – NVIDIA MCP Networking Function Driver..) — C:WindowsSystem32Driversnvm62x32.sys [347264]
    O58 – SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] – 12/08/2011 – 09:45:40 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [117120]
    O58 – SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] – 12/08/2011 – 09:45:40 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [143744]
    O58 – SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] – 14/07/2009 – 02:19:04 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1383488]
    O58 – SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] – 14/07/2009 – 02:19:04 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [106064]
    O58 – SDL:[MD5.5283B9A27FF230F2FF70D92451FF409A] – 10/06/2011 – 23:34:52 —A- . (.Realtek – Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) — C:WindowsSystem32DriversRt86win7.sys [394856]
    O58 – SDL:[MD5.A43334B2E6561290B30BF95C6E7799C9] – 12/10/2013 – 10:48:22 —A- . (.Realtek Semiconductor Corp. – Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) — C:WindowsSystem32DriversRtsUStor.sys [197736]
    O58 – SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] – 13/07/2009 – 21:50:20 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [20480]
    O58 – SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] – 14/07/2009 – 02:19:04 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [40016]
    O58 – SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] – 14/07/2009 – 02:19:04 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [77888]
    O58 – SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] – 14/07/2009 – 02:19:04 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [21072]
    O58 – SDL:[MD5.F5B7B248B27C35D1B1C8FC19D65B25C9] – 01/07/2011 – 06:26:56 —A- . (.IDT, Inc. – IDT PC Audio.) — C:WindowsSystem32Driversstwrt.sys [442368]
    O58 – SDL:[MD5.3B89A6A7F5F1D6983D1620C11A429871] – 18/10/2013 – 21:51:38 —A- . (.Synaptics Incorporated – Synaptics Touchpad Driver.) — C:WindowsSystem32DriversSynTP.sys [320272]
    O58 – SDL:[MD5.8BF5D980CDCE35FB26F05047144BB57E] – 28/09/2012 – 10:32:56 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [44544]
    O58 – SDL:[MD5.08369F1FDD7C0D4287373D253D64D75E] – 16/12/2010 – 20:06:46 —A- . (.Advanced Micro Devices – AMD USB Filter Driver.) — C:WindowsSystem32Driversusbfilter.sys [37504]
    O58 – SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] – 14/07/2009 – 02:19:10 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [16976]
    O58 – SDL:[MD5.9DFA0CC2F8855A04816729651175B631] – 14/07/2009 – 02:19:11 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [141904]
    O58 – SDL:[MD5.E00FDFAFF025E94F9821153750C35A6D] – 13/07/2009 – 23:13:45 —A- . (.Conexant Systems, Inc. – HSF_HWAZL WDM driver.) — C:WindowsSystem32DriversVSTAZL3.SYS [207360]
    O58 – SDL:[MD5.BC0C7EA89194C299F051C24119000E17] – 13/07/2009 – 23:13:45 —A- . (.Conexant Systems, Inc. – HSF_CNXT driver.) — C:WindowsSystem32DriversVSTCNXT3.SYS [661504]
    O58 – SDL:[MD5.CEB4E3B6890E1E42DCA6694D9E59E1A0] – 13/07/2009 – 23:13:46 —A- . (.Conexant Systems, Inc. – HSF_DP driver.) — C:WindowsSystem32DriversVSTDPV3.SYS [980992]
    O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 13/07/2009 – 22:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 13/07/2009 – 22:40:44 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 13/07/2009 – 22:40:40 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 13/07/2009 – 22:40:23 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 13/07/2009 – 22:40:31 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 13/07/2009 – 22:40:35 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 13/07/2009 – 22:40:39 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 13/07/2009 – 22:40:27 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 13/07/2009 – 22:40:11 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 13/07/2009 – 22:40:15 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 13/07/2009 – 22:40:17 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 13/07/2009 – 22:40:19 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 13/07/2009 – 22:40:13 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 18 Scanned in 00mn 05s

  • pat
    Nombre d'articles : 0

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 09/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00067.ldb [982380] =>Adware.Pricora
    O61 – LFC: 09/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_ib.adnxs.com_0.localstorage [3072]
    O61 – LFC: 09/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_ib.adnxs.com_0.localstorage-journal [3608]
    O61 – LFC: 09/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_sports.bwin.be_0.localstorage [3072]
    O61 – LFC: 09/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_sports.bwin.be_0.localstorage-journal [3608]
    O61 – LFC: 09/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYsoftware.hiro.tvHIRO_REPO.sol [108]
    O61 – LFC: 09/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYtag.mediashakers.hiro.tv##209FB6427C8CBB570000001.sol [275]
    O61 – LFC: 09/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYtag.mediashakers.hiro.tvHIRO_NETWORK_CAPPING_COOKIE.sol [1498]
    O61 – LFC: 09/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYtag.mediashakers.hiro.tvhiro_companion_cookie.sol [106]
    O61 – LFC: 09/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYvk.comVkontaktePlayer.sol [68]
    O61 – LFC: 09/12/2013 – 22:26:07 —A- . (…) — C:UserspoeAppDataLocalMobogeniedamo.time [10]
    O61 – LFC: 09/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentQCM JUIN 2011-1.LNK [1490]
    O61 – LFC: 09/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftTemplatesLiveContentManagedDocument Themes1036TC101955421fn=Emploi du temps.dotx [276683]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.00043FBDE87-2158-4862-BDC7-52E9C24716AC.Diagnose.0.etl [196608]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.00043FBDE87-2158-4862-BDC7-52E9C24716AC.Repair.1.etl [131072]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.00043FBDE87-2158-4862-BDC7-52E9C24716AC.Verify.2.etl [131072]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000NetworkConfiguration.cab [1706]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000NetworkDiagnostics.0.debugreport.xml [73647]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000NetworkDiagnostics.1.debugreport.xml [65635]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000ResultReport.xml [50219]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000results.xml [256]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics4609110902013121021.000results.xsl [49097]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalDiagnostics460911090latest.cab [39637]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultBookmarks [13263]
    O61 – LFC: 10/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultBookmarks.bak [13263]
    O61 – LFC: 10/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00070.ldb [245] =>Adware.Pricora
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.facebook.com_0.localstorage [15360]
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.facebook.com_0.localstorage-journal [15992]
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.google.be_0.localstorage [35840]
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.google.be_0.localstorage-journal [10832]
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.superfish.com_0.localstorage [5120]
    O61 – LFC: 10/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttps_www.superfish.com_0.localstorage-journal [5672]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultShortcuts [135168]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultShortcuts-journal [16384]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376_platform_specificwin_x86widevinecdm.dll [6940304]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376imgsicon-128×128.png [1630]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376manifest.fingerprint [66]
    O61 – LFC: 10/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376manifest.json [848]
    O61 – LFC: 10/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0SecurityCRLCache48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898]
    O61 – LFC: 10/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0SecurityCRLCacheA9B8213768ADC68AF64FCC6409E8BE414726687F.crl [37213]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecent(1) Les Protistes (1).LNK [1086]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecent(2) némathelmintes et plathelmintes (1).LNK [1176]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentBiologie des organismes.LNK [1096]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentCHIMIE tuyau!!!!!.LNK [1082]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentChimie gé.LNK [1021]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentDisque amovible (F).LNK [179]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentMes documents.LNK [895]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_httpfeQ1386712147M90592498.dat [13641]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_httpfeQ1386712244M1513386242.dat [8971]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_httpfequeue.db [69632]
    O61 – LFC: 10/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_httpfequeue.db-journal [25136]
    O61 – LFC: 10/12/2013 – 22:26:16 –H– . (…) — C:UserspoeAppDataRoamingMicrosoftOfficeRecentindex.dat [6126]
    O61 – LFC: 10/12/2013 – 22:26:17 —A- . (…) — C:UserspoeDocumentsCHIMIE tuyau!!!!!.docx [18650]
    O61 – LFC: 10/12/2013 – 22:26:17 —A- . (…) — C:UserspoeDocumentsLes origines de l’homme tableau récap.docx [370519]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revision15_minutes_lecture_rapide.lnk [770]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revision7StrategiesMF.lnk [722]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionJour-1.lnk [1524]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionJour-2.lnk [1524]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionJour-3.lnk [1524]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionJour-4.lnk [1524]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionJour-5.lnk [1524]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionProgramme formation Mind Mapping en ligne.lnk [1614]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionauto-hypnose.lnk [718]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisiongestion mentale coquet.lnk [1564]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisioninduction01.lnk [1534]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionlivre_memoire.lnk [1538]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionmentalisme.lnk [1532]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDocumentsmethodo revisionpodcast04.lnk [1530]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloads(1) Les Protistes (1).xlsx [3628651]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloads(1) Les Protistes (2).xlsx [3628651]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloads(2) némathelmintes et plathelmintes (1).xlsx [1607012]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloadsBiologie des organismes.docx [987019]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloadsChimie gé.odt [23470]
    O61 – LFC: 10/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloadsLes origines de l’homme tableau récap.docx [370469]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalATIACEManifest.Bin [27473]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalATIACEManifest.xml [19813]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalATIACEProfiles.xml [13964]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalCrashDumpswscript.exe.4660.dmp [749508]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [267110]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultCookies [954368]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultCookies-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension RulesCURRENT [16]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension RulesLOG [0]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension RulesLOG.old [148]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension RulesMANIFEST-000207 [1649]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension StateCURRENT [16]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension StateLOG [0]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension StateLOG.old [267]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtension StateMANIFEST-000493 [451] =>.Google Inc
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabasesDatabases.db [7168]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabasesDatabases.db-journal [5672]
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_gmookaamlkjilnemkglmedgieblahbcn_08 [26624] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:02 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_09 [19456] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFavicons [825344]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFavicons-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFile SystemOriginsCURRENT [16]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFile SystemOriginsLOG [0]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFile SystemOriginsLOG.old [148]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultFile SystemOriginsMANIFEST-000129 [112]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultHistory [1859584]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultHistory Provider Cache [147760]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultHistory-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLast Session [1923736]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLast Tabs [138190]
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00076.ldb [491479] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00088.ldb [494574] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00090.ldb [505435] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnCURRENT [16] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnLOG [535] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnLOG.old [262] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnMANIFEST-000087 [446] =>Adware.Pricora
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00078.ldb [415925] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00080.ldb [185] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdCURRENT [16] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdLOG [0] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdLOG.old [775] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdMANIFEST-000079 [170] =>Adware.AddLyrics
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [427008] =>Adware.PricePeep
    O61 – LFC: 11/12/2013 – 22:26:03 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal [16384] =>Adware.PricePeep
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_c.betrad.com_0.localstorage [146432]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_c.betrad.com_0.localstorage-journal [3608]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_cdncache1-a.akamaihd.net_0.localstorage [3072]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_cdncache1-a.akamaihd.net_0.localstorage-journal [3608]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_static.deeal.net_0.localstorage [2746368]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_static.deeal.net_0.localstorage-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.superfish.com_0.localstorage [5120]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.superfish.com_0.localstorage-journal [5672]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultNetwork Action Predictor [749568]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultNetwork Action Predictor-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:04 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYcdncache1-a.akamaihd.netitemse6a00storage.swfgpl.sol [195]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPepper DataShockwave FlashWritableRoot#SharedObjectsFXP4NRLYwww.ajaxcdn.orgswf.swfdm_cookie.sol [417]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultPreferences [80401]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultQuotaManager [20480]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultQuotaManager-journal [8768]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultSession Storage00536.ldb [194]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultSession StorageCURRENT [16]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultSession StorageLOG [0]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultSession StorageLOG.old [269]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultSession StorageMANIFEST-000533 [735] =>.Google Inc
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultTop Sites [192512]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultTop Sites-journal [16384]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultTransportSecurity [1918]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultVisited Links [131072]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultWeb Data [83968]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataDefaultWeb Data-journal [12848]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataLocal State [48861]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Bloom [7434908]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Bloom Prefix Set [1381376]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Cookies [6144]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Cookies-journal [4640]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Csd Whitelist [135388]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Download [1458812]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Download Whitelist [19428]
    O61 – LFC: 11/12/2013 – 22:26:05 —A- . (…) — C:UserspoeAppDataLocalGoogleChromeUser DataSafe Browsing Extension Blacklist [6852]
    O61 – LFC: 11/12/2013 – 22:26:06 –HA- . (…) — C:UserspoeAppDataLocalIconCache.db [6291456]
    O61 – LFC: 11/12/2013 – 22:26:08 —A- . (…) — C:UserspoeAppDataLocalMobogenieupdatepop.time [10]
    O61 – LFC: 11/12/2013 – 22:26:09 —A- . (…) — C:UserspoeAppDataLocalTempFXSAPIDebugLogFile.txt [0]
    O61 – LFC: 11/12/2013 – 22:26:09 —A- . (…) — C:UserspoeAppDataLocalWindows Liveuxcore_WLXPhotoGallery_00.etl [12288]
    O61 – LFC: 11/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0JavaScriptsglob.js [0]
    O61 – LFC: 11/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0JavaScriptsglob.settings.js [10]
    O61 – LFC: 11/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0TMDocs.sav [36]
    O61 – LFC: 11/12/2013 – 22:26:10 —A- . (…) — C:UserspoeAppDataRoamingAdobeAcrobat10.0TMGrpPrm.sav [54]
    O61 – LFC: 11/12/2013 – 22:26:15 —A- . (…) — C:UserspoeAppDataRoamingMalwarebytesMalwarebytes’ Anti-MalwareLogsmbam-log-2013-12-11 (14-28-47).txt [12812]
    O61 – LFC: 11/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingMalwarebytesMalwarebytes’ Anti-MalwareLogsmbam-log-2013-12-11 (17-40-54).txt [2252]
    O61 – LFC: 11/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared.xml [84292]
    O61 – LFC: 11/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_dyncodc.db [2052096]
    O61 – LFC: 11/12/2013 – 22:26:16 —A- . (…) — C:UserspoeAppDataRoamingSkypeshared_dyncodc.db-journal [1211192]
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingSoftGrid Client140066.FRA-90140011-66-40CUsrVol_sftfs_v1.pkg [4948480]
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingSoftGrid ClientIcon Cacheicon_ex.dat [925]
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingSoftGrid Clientshortcut_ex.dat [17]
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingSpotifysettings [902]
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingZHPLog.txt [140913] =>.Nicolas Coolman
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingZHPTestsZHPDiag.txt [2759] =>.Nicolas Coolman
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingZHPZHPADSReport.txt [351] =>.Nicolas Coolman
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingZHPZHPDiag.txt [265085] =>.Nicolas Coolman
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:UserspoeAppDataRoamingwp_updatecurrentVersion.txt [1] =>PUP.WpManager
    O61 – LFC: 11/12/2013 – 22:26:17 —A- . (…) — C:Userspoedaemonprocess.txt [7055]
    O61 – LFC: 11/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloadsSFTGC.exe [1064612]
    O61 – LFC: 11/12/2013 – 22:26:18 —A- . (…) — C:UserspoeDownloadsadwcleaner.exe [1226802]
    O61 – LFC: 11/12/2013 – 22:26:18 —A- . (.Malwarebytes Corporation.) — C:UserspoeDownloadsmbam-setup-1.75.0.1300 (1).exe [10285040]
    O61 – LFC: 11/12/2013 – 22:26:18 —A- . (.Thisisu.) — C:UserspoeDownloadsJRT (2).exe [1034531]
    O61 – LFC: 11/12/2013 – 22:26:18 —A- . (.Thisisu.) — C:UserspoeDownloadsJRT (3).exe [1034531]
    O61 – LFC: 11/12/2013 – 22:26:24 —A- . (…) — C:UserspoeVideosAdwCleaner[S0].txt [10815]
    O61 – LFC: 11/12/2013 – 22:26:24 —A- . (…) — C:UserspoeVideosJRT.txt [8596]
    O61 – LFC: 11/12/2013 – 22:26:24 —A- . (…) — C:UserspoeVideosSFTGC.txt [63920]
    O61 – LFC: 11/12/2013 – 22:26:24 —A- . (…) — C:UserspoeVideosZHPDiag.txt [265085] =>.Nicolas Coolman
    O61 – LFC: 11/12/2013 – 22:26:24 —A- . (…) — C:UserspoeVideosmbam-log-2013-12-11 (17-40-54).txt [2252]
    ~ 1 Fichiers temporaires (Temporary files)
    ~ Files: 187 Scanned in 00mn 23s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 14/09/2013 – C:Windowssystem32driversafd.sys (AFD) .(.Microsoft Corporation – Ancillary Function Driver for WinSock.) – LEGACY_AFD
    O64 – Services: CurCS – 29/06/2011 – C:WindowsSystem32DRIVERSatikmdag.sys (amdkmdag) .(.ATI Technologies Inc. – ATI Radeon Kernel Mode Driver.) – LEGACY_AMDKMDAG
    O64 – Services: CurCS – 12/08/2011 – C:WindowsSystem32driversamdsata.sys (amdsata) .(.Advanced Micro Devices – AHCI 1.2 Device Driver.) – LEGACY_AMDSATA
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DriversBeep.sys (Beep) .(.Microsoft Corporation – BEEP Driver.) – LEGACY_BEEP
    O64 – Services: CurCS – 04/07/2012 – C:Windowssystem32browser.dll (bowser) .(.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) – LEGACY_BOWSER
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32clfs.sys (CLFS) .(.Microsoft Corporation – Common Log File System Driver.) – LEGACY_CLFS
    O64 – Services: CurCS – 04/07/2013 – C:WindowsSystem32Driverscng.sys (CNG) .(.Microsoft Corporation – Kernel Cryptography, Next Generation.) – LEGACY_CNG
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32driversdfsc.sys (DfsC) .(.Microsoft Corporation – DFS Namespace Client Driver.) – LEGACY_DFSC
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversdiscache.sys (discache) .(.Microsoft Corporation – System Indexer/Cache Driver.) – LEGACY_DISCACHE
    O64 – Services: CurCS – 01/08/2013 – C:Windowssystem32driversdxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation – DirectX Graphics Kernel.) – LEGACY_DXGKRNL
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32Driversfastfat.sys (fastfat) .(.Microsoft Corporation – Fast FAT File System Driver.) – LEGACY_FASTFAT
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversfileinfo.sys (FileInfo) .(.Microsoft Corporation – FileInfo Filter Driver.) – LEGACY_FILEINFO
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversfltmgr.sys (FltMgr) .(.Microsoft Corporation – Gestionnaire de filtres de système de fichi.) – LEGACY_FLTMGR
    O64 – Services: CurCS – 24/01/2013 – C:Windowssystem32driversfvevol.sys (fvevol) .(.Microsoft Corporation – BitLocker Drive Encryption Driver.) – LEGACY_FVEVOL
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32drivershttp.sys (HTTP) .(.Microsoft Corporation – HTTP Pile du protocole.) – LEGACY_HTTP
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32drivershwpolicy.sys (hwpolicy) .(.Microsoft Corporation – Hardware Policy Driver.) – LEGACY_HWPOLICY
    O64 – Services: CurCS – 25/09/2013 – C:WindowsSystem32Driversksecdd.sys (KSecDD) .(.Microsoft Corporation – Kernel Security Support Provider Interface.) – LEGACY_KSECDD
    O64 – Services: CurCS – 25/09/2013 – C:WindowsSystem32Driversksecpkg.sys (KSecPkg) .(.Microsoft Corporation – Kernel Security Support Provider Interface.) – LEGACY_KSECPKG
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSlltdio.sys (lltdio) .(.Microsoft Corporation – Link-Layer Topology Mapper I/O Driver.) – LEGACY_LLTDIO
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversluafv.sys (luafv) .(.Microsoft Corporation – Pilote de filtre de virtualisation de fichi.) – LEGACY_LUAFV
    O64 – Services: CurCS – 04/04/2013 – C:Windowssystem32driversmbam.sys (MBAMProtector) .(.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – LEGACY_MBAMPROTECTOR
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32driversmountmgr.sys (mountmgr) .(.Microsoft Corporation – Gestionnaire des points de montage.) – LEGACY_MOUNTMGR
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation – API du Pare-feu Windows.) – LEGACY_MPSDRV
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32wkssvc.dll (mrxsmb) .(.Microsoft Corporation – DLL du service Station de travail.) – LEGACY_MRXSMB
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32wkssvc.dll (mrxsmb10) .(.Microsoft Corporation – DLL du service Station de travail.) – LEGACY_MRXSMB10
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32wkssvc.dll (mrxsmb20) .(.Microsoft Corporation – DLL du service Station de travail.) – LEGACY_MRXSMB20
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32driversmsisadrv.sys (msisadrv) .(.Microsoft Corporation – ISA Driver.) – LEGACY_MSISADRV
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversmup.sys (Mup) .(.Microsoft Corporation – Multiple UNC Provider Driver.) – LEGACY_MUP
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSnwifi.sys (NativeWifiP) .(.Microsoft Corporation – Pilote de miniport WiFi natif.) – LEGACY_NATIVEWIFIP
    O64 – Services: CurCS – 22/08/2012 – C:Windowssystem32driversndis.sys (NDIS) .(.Microsoft Corporation – Pilote NDIS 6.20.) – LEGACY_NDIS
    O64 – Services: CurCS – 20/11/2010 – C:WindowsSystem32DRIVERSndisuio.sys (Ndisuio) .(.Microsoft Corporation – Pilote d’E/S du mode utilisateur NDIS.) – LEGACY_NDISUIO
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSnetbios.sys (NetBIOS) .(.Microsoft Corporation – NetBIOS interface driver.) – LEGACY_NETBIOS
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32driversnetbt.sys (NetBT) .(.Microsoft Corporation – MBT Transport driver.) – LEGACY_NETBT
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversnsiproxy.sys (nsiproxy) .(.Microsoft Corporation – NSI Proxy.) – LEGACY_NSIPROXY
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32driverspcw.sys (pcw) .(.Microsoft Corporation – Performance Counters for Windows Driver.) – LEGACY_PCW
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32driverspeauth.sys (PEAUTH) .(.Microsoft Corporation – Protected Environment Authentication and Au.) – LEGACY_PEAUTH
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32driverspacer.sys (Psched) .(.Microsoft Corporation – Planificateur de paquets QoS.) – LEGACY_PSCHED
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32wkssvc.dll (rdbss) .(.Microsoft Corporation – DLL du service Station de travail.) – LEGACY_RDBSS
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32DRIVERSRDPCDD.sys (RDPCDD) .(.Microsoft Corporation – RDP Miniport.) – LEGACY_RDPCDD
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversRDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation – RDP Encoder Miniport.) – LEGACY_RDPENCDD
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversRdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation – RDP Reflector Driver Miniport.) – LEGACY_RDPREFMP
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSrspndr.sys (rspndr) .(.Microsoft Corporation – Link-Layer Topology Responder Driver for ND.) – LEGACY_RSPNDR
    O64 – Services: CurCS – 13/07/2009 – C:WindowsSystem32Driverssecdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) – LEGACY_SECDRV
    O64 – Services: CurCS – 26/06/2013 – C:WindowsSystem32DRIVERSSftfslh.sys (Sftfs) .(.Microsoft Corporation – Microsoft Application Virtualization File S.) – LEGACY_SFTFS
    O64 – Services: CurCS – 26/06/2013 – C:WindowsSystem32DRIVERSSftplaylh.sys (Sftplay) .(.Microsoft Corporation – Microsoft Application Virtualization System.) – LEGACY_SFTPLAY
    O64 – Services: CurCS – 26/06/2013 – C:WindowsSystem32DRIVERSSftredirlh.sys (Sftredir) .(.Microsoft Corporation – Microsoft Application Virtualization System.) – LEGACY_SFTREDIR
    O64 – Services: CurCS – 26/06/2013 – C:WindowsSystem32DRIVERSSftvollh.sys (Sftvol) .(.Microsoft Corporation – Microsoft Application Virtualization Volume.) – LEGACY_SFTVOL
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32Driversspldr.sys (spldr) .(.Microsoft Corporation – loader for security processor.) – LEGACY_SPLDR
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32srvsvc.dll (srv) .(.Microsoft Corporation – DLL du service Serveur.) – LEGACY_SRV
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32srvsvc.dll (srv2) .(.Microsoft Corporation – DLL du service Serveur.) – LEGACY_SRV2
    O64 – Services: CurCS – 12/08/2011 – C:WindowsSystem32DRIVERSsrvnet.sys (srvnet) .(.Microsoft Corporation – Server Network driver.) – LEGACY_SRVNET
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32tcpipcfg.dll (Tcpip) .(.Microsoft Corporation – Objets de configuration du réseau.) – LEGACY_TCPIP
    O64 – Services: CurCS – 03/10/2012 – C:WindowsSystem32driverstcpipreg.sys (tcpipreg) .(.Microsoft Corporation – TCP/IP Registry Compatibility Driver.) – LEGACY_TCPIPREG
    O64 – Services: CurCS – 20/11/2010 – C:Windowssystem32tcpipcfg.dll (tdx) .(.Microsoft Corporation – Objets de configuration du réseau.) – LEGACY_TDX
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversvga.sys (VgaSave) .(.Microsoft Corporation – VGA/Super VGA Video Driver.) – LEGACY_VGASAVE
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32driversvolmgrx.sys (volmgrx) .(.Microsoft Corporation – Pilote d’extension du gestionnaire de volum.) – LEGACY_VOLMGRX
    O64 – Services: CurCS – 20/11/2010 – C:WindowsSystem32driversvolsnap.sys (volsnap) .(.Microsoft Corporation – Pilote de cliché instantané du volume.) – LEGACY_VOLSNAP
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSvwififlt.sys (vwififlt) .(.Microsoft Corporation – Virtual WiFi Filter Driver.) – LEGACY_VWIFIFLT
    O64 – Services: CurCS – 14/07/2009 – C:Windowssystem32rascfg.dll (Wanarpv6) .(.Microsoft Corporation – Objets de configuration RAS.) – LEGACY_WANARPV6
    O64 – Services: CurCS – 25/06/2013 – C:WindowsSystem32driversWdf01000.sys (Wdf01000) .(.Microsoft Corporation – Runtime de l’infrastructure de pilotes en m.) – LEGACY_WDF01000
    O64 – Services: CurCS – 14/07/2009 – C:WindowsSystem32DRIVERSwfplwf.sys (WfpLwf) .(.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – LEGACY_WFPLWF
    O64 – Services: CurCS – 26/07/2012 – C:WindowsSystem32driversWudfPf.sys (WudfPf) .(.Microsoft Corporation – Windows Driver Foundation – User-mode Drive.) – LEGACY_WUDFPF
    ~ Legacy: 90 Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: < .bat> [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: < .cpl> [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: < .cmd> [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: < .com> [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: < .evt> [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: < .exe> [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: < .html> [HKLM..openCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O67 – Shell Spawning: < .js> [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: < .reg> [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: < .scr> [HKLM..openCommand] (…) — “%1” /S
    O67 – Shell Spawning: < .html> [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} – (eBay) – http://rover.ebay.com” onclick=”window.open(this.href);return false; =>Toolbar.eBay
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [62464]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [67584]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [67584]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [168960]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [593408]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [679424]
    O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [473600]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [90624]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [286208]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [75264]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [49664]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [300544]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [242176]
    O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes du serveur hôte de session Burea.) — C:WindowsSystem32termsrv.dll [521216]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [1933848]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [585728]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [328192]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [499712]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [21504]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [47104]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [114688]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [49664]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [61440]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [98304]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [164352]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [750592]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [71168]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [113664]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [168960]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [102912]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [37376]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [76800]
    ~ Services: 32 Scanned in 00mn 00s

  • pat
    Nombre d'articles : 0

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.CC145E67B909BB879D38292352A90822] [SPRF][25/04/2012] (.CCCP Project – Playback Pack Installer.) — C:UserspoeDesktopCombined-Community-Codec-Pack-2011-11-11.exe [9889896]
    [MD5.650FDD22B05F011915ADBD38D456DE59] [SPRF][31/12/2011] (.Microsoft Corporation – Software Installer.) — C:UserspoeDesktopinstall_virtualdj_home_v7.0.5.exe [36608000]
    [MD5.D6F9E4A54019805A991502E9C26BA6EE] [SPRF][11/12/2013] (.Pas de propriétaire – Nettoyage des fichiers temporaires.) — C:UserspoeDesktopSFTGC (1).exe [1064612]
    ~ Files: 3 Scanned in 00mn 01s
    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “RVM-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RVM-VDSLDR-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Virtual Disk Service Loader.) — C:Windowssystem32vdsldr.exe
    O87 – FAEL: “RVM-VDS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Service de disque virtuel.) — C:Windowssystem32vds.exe
    O87 – FAEL: “RVM-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RVM-VDSLDR-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Virtual Disk Service Loader.) — C:Windowssystem32vdsldr.exe
    O87 – FAEL: “RVM-VDS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Service de disque virtuel.) — C:Windowssystem32vds.exe
    O87 – FAEL: “RemoteFwAdmin-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteFwAdmin-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteFwAdmin-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteFwAdmin-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteTask-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteTask-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteTask-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteTask-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteEventLogSvc-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteEventLogSvc-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteEventLogSvc-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteEventLogSvc-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PNRPMNRS-SSDPSrv-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PNRPMNRS-SSDPSrv-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PNRPMNRS-PNRP-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PNRPMNRS-PNRP-In-UDP” | In – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-ASYNC-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Sink to receive asynchronous callbacks for WMI client application.) — C:Windowssystem32wbemunsecapp.exe
    O87 – FAEL: “WMI-WINMGMT-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-WINMGMT-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-ASYNC-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Sink to receive asynchronous callbacks for WMI client application.) — C:Windowssystem32wbemunsecapp.exe
    O87 – FAEL: “WMI-WINMGMT-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-WINMGMT-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMI-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PerfLogsAlerts-DCOM-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PerfLogsAlerts-PLASrv-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Performance Logs and Alerts DCOM Server.) — C:Windowssystem32plasrv.exe
    O87 – FAEL: “PerfLogsAlerts-DCOM-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “PerfLogsAlerts-PLASrv-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Performance Logs and Alerts DCOM Server.) — C:Windowssystem32plasrv.exe
    O87 – FAEL: “RemoteSvcAdmin-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteSvcAdmin-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Applications Services et Contrôleur.) — C:Windowssystem32services.exe
    O87 – FAEL: “RemoteSvcAdmin-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteSvcAdmin-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Applications Services et Contrôleur.) — C:Windowssystem32services.exe
    O87 – FAEL: “MSDTC-RPCSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MSDTC-KTMRM-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MSDTC-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Service Microsoft Distributed Transaction Coordinator.) — C:Windowssystem32msdtc.exe
    O87 – FAEL: “MSDTC-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Service Microsoft Distributed Transaction Coordinator.) — C:Windowssystem32msdtc.exe
    O87 – FAEL: “MSDTC-RPCSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MSDTC-KTMRM-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MSDTC-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Service Microsoft Distributed Transaction Coordinator.) — C:Windowssystem32msdtc.exe
    O87 – FAEL: “MSDTC-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Service Microsoft Distributed Transaction Coordinator.) — C:Windowssystem32msdtc.exe
    O87 – FAEL: “MsiScsi-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MsiScsi-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MsiScsi-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MsiScsi-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDRESPUB-WSD-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDRESPUB-WSD-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-LLMNR-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-LLMNR-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDPHOST-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDPHOST-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-UPnP-Out-TCP” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-SSDPSrv-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-SSDPSrv-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDRESPUB-WSD-Out-UDP-Active” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDRESPUB-WSD-In-UDP-Active” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-LLMNR-Out-UDP-Active” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-LLMNR-In-UDP-Active” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDPHOST-Out-UDP-Active” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-FDPHOST-In-UDP-Active” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-UPnP-Out-TCP-Active” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-SSDPSrv-Out-UDP-Active” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NETDIS-SSDPSrv-In-UDP-Active” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-GP-LSASS-Out-TCP” | Out – Domain – P6 – TRUE | .(.Microsoft Corporation – Local Security Authority Process.) — C:Windowssystem32lsass.exe
    O87 – FAEL: “CoreNet-DNS-Out-UDP” | Out – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-GP-Out-TCP” | Out – Domain – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-IPHTTPS-Out” | Out – None – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-Teredo-Out” | Out – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-Teredo-In” | In – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-DHCPV6-Out” | Out – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-DHCPV6-In” | In – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-DHCP-Out” | Out – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “CoreNet-DHCP-In” | In – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “FPS-LLMNR-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “FPS-LLMNR-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “FPS-SpoolSvc-In-TCP” | In – Public – P6 – TRUE | .(.Microsoft Corporation – Application sous-système spouleur.) — C:Windowssystem32spoolsv.exe
    O87 – FAEL: “FPS-SpoolSvc-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Application sous-système spouleur.) — C:Windowssystem32spoolsv.exe
    O87 – FAEL: “RemoteAssistance-PnrpSvc-UDP-OUT-Active” | Out – Domain – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active” | In – Domain – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-SSDPSrv-Out-TCP-Active” | Out – Domain – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-SSDPSrv-In-TCP-Active” | In – Domain – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-SSDPSrv-Out-UDP-Active” | Out – Domain – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-SSDPSrv-In-UDP-Active” | In – Domain – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-Out-TCP-Active” | Out – Domain – P6 – TRUE | .(.Microsoft Corporation – Assistance à distance Windows.) — C:Windowssystem32msra.exe
    O87 – FAEL: “RemoteAssistance-In-TCP-EdgeScope-Active” | In – Domain – P6 – TRUE | .(.Microsoft Corporation – Assistance à distance Windows.) — C:Windowssystem32msra.exe
    O87 – FAEL: “RemoteAssistance-DCOM-In-TCP-NoScope-Active” | In – Domain – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-RAServer-Out-TCP-NoScope-Active” | Out – Domain – P6 – TRUE | .(.Microsoft Corporation – Serveur COM d’assistance à distance Windows.) — C:Windowssystem32raserver.exe
    O87 – FAEL: “RemoteAssistance-RAServer-In-TCP-NoScope-Active” | In – Domain – P6 – TRUE | .(.Microsoft Corporation – Serveur COM d’assistance à distance Windows.) — C:Windowssystem32raserver.exe
    O87 – FAEL: “RemoteAssistance-PnrpSvc-UDP-OUT” | Out – Public – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-PnrpSvc-UDP-In-EdgeScope” | In – Public – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “RemoteAssistance-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Assistance à distance Windows.) — C:Windowssystem32msra.exe
    O87 – FAEL: “RemoteAssistance-In-TCP-EdgeScope” | In – Public – P6 – TRUE | .(.Microsoft Corporation – Assistance à distance Windows.) — C:Windowssystem32msra.exe
    O87 – FAEL: “Collab-PNRP-SSDPSrv-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Collab-PNRP-SSDPSrv-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Collab-PNRP-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Collab-PNRP-In-UDP” | In – None – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Collab-P2PHost-WSD-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Voisinage immédiat.) — C:Windowssystem32p2phost.exe
    O87 – FAEL: “Collab-P2PHost-WSD-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Voisinage immédiat.) — C:Windowssystem32p2phost.exe
    O87 – FAEL: “Collab-P2PHost-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Voisinage immédiat.) — C:Windowssystem32p2phost.exe
    O87 – FAEL: “Collab-P2PHost-In-TCP” | In – None – P6 – TRUE | .(.Microsoft Corporation – Voisinage immédiat.) — C:Windowssystem32p2phost.exe
    O87 – FAEL: “Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In” | In – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-UPnP-Out-TCP” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-Out-UDP” | Out – Public – P17 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-In-UDP” | In – Public – P17 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-Out-UDP” | Out – Public – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-In-UDP” | In – Public – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-SSDPSrv-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-SSDPSrv-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-In-TCP” | In – Public – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-Out-UDP” | Out – Public – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-In-UDP” | In – Public – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-Out-UDP-NoScope” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-In-UDP-NoScope” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-Out-UDP-NoScope” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-WMP-In-UDP-NoScope” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMPNSS-QWave-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-In-TCP-NoScope” | In – Domain – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-Out-UDP-NoScope” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMPNSS-QWave-In-UDP-NoScope” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WMP-Out-TCP” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMP-Out-UDP” | Out – Domain – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “WMP-In-UDP” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “SNMPTRAP-In-UDP-NoScope” | In – Domain – P17 – FALSE | .(.Microsoft Corporation – Interruption SNMP.) — C:Windowssystem32snmptrap.exe
    O87 – FAEL: “SNMPTRAP-In-UDP” | In – Public – P17 – FALSE | .(.Microsoft Corporation – Interruption SNMP.) — C:Windowssystem32snmptrap.exe
    O87 – FAEL: “{CCC15172-C3F8-424E-8357-E0E3066BF9E9}” | In – None – P17 – TRUE | .(.Microsoft Corporation – Windows Live Communications Platform.) — C:Program FilesWindows LiveContactswlcomm.exe
    O87 – FAEL: “{149C091F-2FAC-42AF-B437-88AA7EF314FB}” | In – None – P17 – TRUE | .(.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengermsnmsgr.exe
    O87 – FAEL: “{83786797-FA17-4CD0-8D10-7307D0E1D793}” | In – None – P17 – TRUE | .(.Microsoft Corporation – Mesh Operating Environment.) — C:Program FilesWindows LiveMeshMOE.exe
    O87 – FAEL: “{AA072EAF-BB5C-4CC2-87D5-195EBAFE762D}” | In – Domain – P17 – TRUE | .(.EasyBits Software AS – Shared EasyBits services for Windows.) — C:Windowssystem32ezSharedSvcHost.exe =>.EasyBits Software AS
    O87 – FAEL: “{AFD0C7A2-55B9-4A10-BEFE-7C97F5E099E4}” | In – Domain – P17 – TRUE | .(.EasyBits Software AS – EasyBits Magic Desktop for Kids.) — C:Program FilesEasyBits For KidsezDesktop.exe =>.EasyBits Software AS
    O87 – FAEL: “MCX-SSDPSrv-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-SSDPSrv-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-In-TCP” | In – None – P6 – FALSE | .(.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
    O87 – FAEL: “MCX-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
    O87 – FAEL: “MCX-QWave-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-QWave-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-QWave-In-TCP” | In – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-QWave-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
    O87 – FAEL: “MCX-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Windows Media Center.) — C:Windowsehomeehshell.exe =>.Microsoft Corporation
    O87 – FAEL: “MCX-MCX2SVC-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-Prov-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – MCX2 Provisioning library.) — C:Windowsehomemcx2prov.exe
    O87 – FAEL: “MCX-PlayTo-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-McrMgr-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Media Center Extender Manager.) — C:Windowsehomemcrmgr.exe
    O87 – FAEL: “MCX-PlayTo-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “MCX-FDPHost-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “NetPres-In-TCP-NoScope” |In – Domain – P6 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “NetPres-Out-TCP-NoScope” |Out – Domain – P6 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “NetPres-WSD-In-UDP” |In – None – P17 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “NetPres-WSD-Out-UDP” |Out – None – P17 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “NetPres-In-TCP” |In – Public – P6 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “NetPres-Out-TCP” |Out – Public – P6 – FALSE | .(…) — C:Windowssystem32netproj.exe (.not file.)
    O87 – FAEL: “WPDMTP-Out-TCP-NoScope” | Out – Domain – P6 – FALSE | .(.Microsoft Corporation – Windows Driver Foundation – Processus hôte de l’infrastructure de pilotes.) — C:Windowssystem32wudfhost.exe
    O87 – FAEL: “WPDMTP-Out-TCP” | Out – Public – P6 – FALSE | .(.Microsoft Corporation – Windows Driver Foundation – Processus hôte de l’infrastructure de pilotes.) — C:Windowssystem32wudfhost.exe
    O87 – FAEL: “WPDMTP-SSDPSrv-In-UDP” | In – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WPDMTP-SSDPSrv-Out-UDP” | Out – None – P17 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WPDMTP-UPnPHost-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “WPDMTP-UPnP-Out-TCP” | Out – None – P6 – FALSE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{13127D5A-8428-48EE-A050-947FB91933D4}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{A5B5FFDB-C20B-407A-B366-DA047B4B4F4C}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{CB6CC791-56E5-4576-937A-BF6E00DAB958}” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{D557B150-4181-4B1D-9DA1-90F0CF54A708}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{CFE30150-506C-4BB3-BCFD-8BA1F92ACF85}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{34803454-8E37-415B-AB6B-F446DC7097B4}” | In – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{3352F708-7DBB-4906-AAA6-A227616AE696}” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{B1B3F572-AA3D-46A6-9C49-CC13E4D48B76}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{FDF3D4E3-5124-437F-BA13-1F2C9A027728}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{E1146725-F5F5-4663-9F32-E57598858730}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{2CA0BAD5-FB84-4939-87AF-FA8F9EB6F92B}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{CC0D6A0B-4903-43FB-96D0-9B55E1C67CA4}” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
    O87 – FAEL: “{BEE7CE72-3FD4-4DD5-AEC4-D97375462A3C}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “{D8466BE1-67B0-45BC-95C7-E58C8EEE69C3}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “{3D46B67D-9380-4060-A69E-B80F30E8807D}” | In – Private – P6 – TRUE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “{2338F6C9-7B35-451B-ACD9-EA13CBEC428B}” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Service Partage réseau du Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    O87 – FAEL: “{3A521EB8-AA3D-4794-9A2C-ED7326177121}” | Out – Private – P6 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{41974DFB-CEB8-452B-A938-A6911CBD0A0F}” | In – Private – P6 – TRUE | .(.Microsoft Corporation – Application sous-système spouleur.) — C:Windowssystem32spoolsv.exe
    O87 – FAEL: “{27A67430-B8DB-4BA1-A558-FFAF6F0C2D97}” | In – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{C679D4CF-DE80-4DDE-A9A9-BEF9C5FCAA0D}” | Out – Private – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{46CD899B-6F4A-4040-9BEE-B1689D30B05E}” | In – None – P17 – TRUE | .(.Apple Inc. – WebKit2WebProcess.exe.) — C:Program FilesCommon FilesAppleApple Application SupportWebKit2WebProcess.exe
    O87 – FAEL: “{72F917B7-3E2B-4F7A-A15D-56DC32C8AED5}” | In – Private – P6 – TRUE | .(.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe
    O87 – FAEL: “{5989EA9E-0C03-43FA-AF78-B7832CB14369}” | In – Private – P17 – TRUE | .(.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe
    O87 – FAEL: “{FFE2B944-AEBB-4560-A908-BB47C88F8373}” | In – None – P17 – TRUE | .(.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O87 – FAEL: “TCP Query User{B16360AF-524F-4651-BDEF-CC78C666851C}C:userspoeappdataroamingspotifyspotify.exe” | In – Private – P6 – TRUE | .(.Spotify Ltd – Spotify.) — C:userspoeappdataroamingspotifyspotify.exe
    O87 – FAEL: “UDP Query User{7D2E9C3B-DAC3-4F88-A480-74F39D402673}C:userspoeappdataroamingspotifyspotify.exe” | In – Private – P17 – TRUE | .(.Spotify Ltd – Spotify.) — C:userspoeappdataroamingspotifyspotify.exe
    O87 – FAEL: “TCP Query User{842B0E89-61A2-482D-8F39-7A2866C3DAF9}C:userspoeappdataroamingspotifyspotify.exe” | In – Public – P6 – TRUE | .(.Spotify Ltd – Spotify.) — C:userspoeappdataroamingspotifyspotify.exe
    O87 – FAEL: “UDP Query User{02596AF9-2235-4AD2-80CB-618BC02A4035}C:userspoeappdataroamingspotifyspotify.exe” | In – Public – P17 – TRUE | .(.Spotify Ltd – Spotify.) — C:userspoeappdataroamingspotifyspotify.exe
    O87 – FAEL: “{25DFA2CD-1605-474C-8E35-D4F850146778}” | In – None – P17 – TRUE | .(.Apple Inc. – iTunes.) — C:Program FilesiTunesiTunes.exe
    O87 – FAEL: “{AC2EE059-CECF-4550-B3CB-E92B7F060CDC}” | In – Public – P17 – TRUE

  • pat
    Nombre d'articles : 0

    | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{13F6EFC2-9F9F-491A-B711-7D54E3FFC3CC}” | Out – Public – P17 – TRUE | .(.Microsoft Corporation – Processus hôte pour les services Windows.) — C:Windowssystem32svchost.exe
    O87 – FAEL: “{E23492C9-6E86-4B6A-9C22-C02DA86D6280}” |In – Public – P6 – TRUE | .(…) — C:UserspoeAppDataLocalTemp7zS10BB.tmpSymNRT.exe (.not file.)
    O87 – FAEL: “{58F1C53E-1E07-413B-9E9F-5D865C50DA6C}” |In – Public – P17 – TRUE | .(…) — C:UserspoeAppDataLocalTemp7zS10BB.tmpSymNRT.exe (.not file.)
    O87 – FAEL: “{6A095F4F-F361-40F2-838A-A0E03833ADC6}” |In – Public – P6 – TRUE | .(…) — C:UserspoeAppDataLocalTemp7zS7AE9.tmpSymNRT.exe (.not file.)
    O87 – FAEL: “{D2E1C381-9585-44A2-AF42-80AFB1D8DFFB}” |In – Public – P17 – TRUE | .(…) — C:UserspoeAppDataLocalTemp7zS7AE9.tmpSymNRT.exe (.not file.)
    O87 – FAEL: “{30FD6C60-93F4-4FD7-8A16-BC0A44943F9D}” | In – None – P17 – TRUE | .(.Hewlett-Packard Company – HP Device Detection.) — C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPDeviceDetection3.exe
    ~ Firewall: 208 Scanned in 00mn 02s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “00004159070000000000000000F01FEC” . (.Microsoft Office 2010.) — C:WindowsInstaller{95140000-0070-0000-0000-0000000FF1CE}oobeicon.exe
    O90 – PUC: “01B1A872364A9A74ED7096BE33F8418E” . (.Catalyst Control Center InstallProxy.) — C:WindowsInstaller{278A1B10-A463-47A9-DE07-69EB338F14E8}ARPPRODUCTICON.exe
    O90 – PUC: “02B4215BDDB3B3DCCD11EC89349ADCB9” . (.AMD VISION Engine Control Center.) — C:WindowsInstaller{B5124B20-3BDD-CD3B-DC11-CE9843A9CD9B}ARPPRODUCTICON.exe
    O90 – PUC: “061FE82526AD4254596D038F9C55ACCA” . (.HP Launch Box.) — C:WindowsInstaller{528EF160-DA62-4524-95D6-30F8C955CAAC}_853F67D554F05449430E7E.exe
    O90 – PUC: “0694AF70830BBE9498B1F95939A05A44” . (.HP Customer Experience Enhancements.) — C:WindowsInstaller{07FA4960-B038-49EB-891B-9F95930AA544}ARPPRODUCTICON.exe
    O90 – PUC: “076CFAAAB965F2A4284B2449E5D03EFE” . (.Windows Live Writer.) — C:WindowsInstaller{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}ApplicationIcon.ico
    O90 – PUC: “08C1B278CE8313A42AC5898002959300” . (.HP Power Manager.) — C:WindowsInstaller{872B1C80-38EC-4A31-A25C-980820593900}_853F67D554F05449430E7E.exe
    O90 – PUC: “0C1FF52A6B08B8B45A15CD2565794A80” . (.AMD APP SDK Runtime.) — C:WindowsInstaller{A25FF1C0-80B6-4B8B-A551-DC525697A408}ARPPRODUCTICON.exe
    O90 – PUC: “114202EE62C28E947948B11CBD7FED69” . (.HP Support Assistant.) — C:WindowsInstaller{EE202411-2C26-49E8-9784-1BC1DBF7DE96}ARPPRODUCTICON.exe =>.Hewlett-Packard Co
    O90 – PUC: “1C3BC43A3D5EADD15821FEED591EF6BA” . (.Catalyst Control Center Localization All.) — C:WindowsInstaller{A34CB3C1-E5D3-1DDA-8512-EFDE95E16FAB}ARPPRODUCTICON.exe
    O90 – PUC: “1D034B0FAA6BD374B960AAD30DF10D8B” . (.Microsoft SQL Server 2005 Compact Edition [ENU].) — C:WindowsInstaller{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}ProductIcon
    O90 – PUC: “2C1A65825C073CE4FA7F5E5BE155032A” . (.HP Client Services.) — C:WindowsInstaller{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}ARPPRODUCTICON.exe
    O90 – PUC: “35E1620B1F6BA47468B47E3CBC4F860E” . (.iTunes.) — C:WindowsInstaller{B0261E53-B6F1-474A-864B-E7C3CBF468E0}Installer.ico
    O90 – PUC: “3AC4F7E6ED2BC3147A1A34AAB51EE91A” . (.Broadcom Bluetooth Software.) — C:WindowsInstaller{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}ARPPRODUCTICON.exe
    O90 – PUC: “3C9969540349183469B424848DB7949F” . (.Apple Mobile Device Support.) — C:WindowsInstaller{459699C3-9430-4381-964B-4248D87B49F9}Installer.ico
    O90 – PUC: “3E9A223DB85706D47A4C568CF83D870D” . (.Bing Bar.) — C:WindowsInstaller{D322A9E3-758B-4D60-A7C4-65C88FD378D0}icon_installer_ico =>Toolbar.Bing
    O90 – PUC: “46B5A9879DD95AB419A50FCFA0B1B7EF” . (.Apple Software Update.) — C:WindowsInstaller{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}Installer.ico =>.Apple Inc
    O90 – PUC: “46E5DCBD973784644944A85685CD6B41” . (.Recovery Manager.) — C:WindowsInstaller{DBCD5E64-7379-4648-9444-8A6558DCB614}_6FEFF9B68218417F98F549.exe
    O90 – PUC: “4B067C75ABE26EC46959CE42C1A856E0” . (.HP Documentation.) — C:WindowsInstaller{57C760B4-2EBA-4CE6-9695-EC241C8A650E}NotebookDocs.exe
    O90 – PUC: “533C039A8CF3254A8BAC3F999896ACA3” . (.ATI Catalyst Install Manager.) — C:WindowsInstaller{A930C335-3FC8-A452-B8CA-F3998969CA3A}ARPPRODUCTICON.exe
    O90 – PUC: “673E8D75A8E0DFA40904ADD2337BFF49” . (.HP QuickWeb.) — C:WindowsInstaller{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}ARPPRODUCTICON.exe
    O90 – PUC: “68AB67CA7DA7FFFFB744AA0000000010” . (.Adobe Reader X MUI.) — C:WindowsInstaller{AC76BA86-7AD7-FFFF-7B44-AA0000000001}SC_Reader.ico
    O90 – PUC: “6963B8D0D25E19248B33F9A6BEC14CBA” . (.HP CoolSense.) — C:WindowsInstaller{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}_853F67D554F05449430E7E.exe
    O90 – PUC: “701043F6AA9F6C745BC43C1AF91155F3” . (.Hewlett-Packard ACLM.NET v1.2.1.1.) — C:WindowsInstaller{6F340107-F9AA-47C6-B54C-C3A19F11553F}ARPPRODUCTICON.exe
    O90 – PUC: “7692FC6BE18C0C0489510C7547EF1F02” . (.Skype Click to Call.) — C:WindowsInstaller{B6CF2967-C81E-40C0-9815-C05774FEF120}IconUninstallIco
    O90 – PUC: “7B65D4CC81F6B0747843BADC57CB4F1F” . (.HP Auto.) — C:WindowsInstaller{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}ARPPRODUCTICON.exe
    O90 – PUC: “8612CF0A7B7C40BF2EEDD528FFD64609” . (.ccc-utility.) — C:WindowsInstaller{A0FC2168-C7B7-FB04-E2DE-5D82FF6D6490}ARPPRODUCTICON.exe
    O90 – PUC: “883658EADAFA357418FD9DB6910D1AC7” . (.HP Setup Manager.) — C:WindowsInstaller{AE856388-AFAD-4753-81DF-D96B19D0A17C}ARPPRODUCTICON.exe
    O90 – PUC: “884FD4BEFEAAF6043A14BCA2AA13B509” . (.Windows Live Messenger.) — C:WindowsInstaller{EB4DF488-AAEF-406F-A341-CB2AAA315B90}MsblIco.Exe
    O90 – PUC: “8994BF104C33134458DE70E9E3FE7ED5” . (.YouCam.) — C:WindowsInstaller{01FB4998-33C4-4431-85ED-079E3EEFE75D}ARPPRODUCTICON.exe
    O90 – PUC: “89A71B350FB5CB04AAFF58A0539757CA” . (.HP Quick Launch.) — C:WindowsInstaller{53B17A98-5BF0-40BC-AAFF-850A357975AC}_853F67D554F05449430E7E.exe
    O90 – PUC: “9E53DD75BB9D9804BB50FE39C385C63B” . (.Broadcom InConcert Maestro.) — C:WindowsInstaller{57DD35E9-D9BB-4089-BB05-EF933C586CB3}ARPPRODUCTICON.exe
    O90 – PUC: “A4676305D5349C0468C91380A5D347D1” . (.HP Setup.) — C:WindowsInstaller{5036764A-435D-40C9-869C-31085A3D741D}ARPPRODUCTICON.exe
    O90 – PUC: “A96DB1DE3E70C814191F8D65855218FB” . (.HP On Screen Display.) — C:WindowsInstaller{ED1BD69A-07E3-418C-91F1-D856582581BF}_853F67D554F05449430E7E.exe
    O90 – PUC: “AE4EC40EBBC3822449D0B308058E079C” . (.HP 3D DriveGuard.) — C:WindowsInstaller{E04CE4EA-3CBB-4228-940D-3B8050E870C9}controlPanelIcon.exe
    O90 – PUC: “AFA8D9E7CE702F3A592C7C8FADAAF3F0” . (.Catalyst Control Center Graphics Previews Common.) — C:WindowsInstaller{7E9D8AFA-07EC-A3F2-95C2-C7F8DAAA3F0F}ARPPRODUCTICON.exe
    O90 – PUC: “B2F5519759897D9468219D52080EEDB5” . (.Bonjour.) — C:WindowsInstaller{79155F2B-9895-49D7-8612-D92580E0DE5B}Bonjour.ico
    O90 – PUC: “BD528ECCA74340041A68F5A4F6DD5874” . (.Apple Application Support.) — C:WindowsInstaller{CCE825DB-347A-4004-A186-5F4A6FDD8547}WinInstall.ico
    O90 – PUC: “C040580900063D11C8EF10054038389C” . (.Microsoft Office Word Viewer 2003.) — C:WindowsInstaller{9085040C-6000-11D3-8CFE-0150048383C9}wrdvicon.exe,1
    O90 – PUC: “C953167FDEC9EA54A915D96650DC554C” . (.Evernote v. 4.2.3.) — C:WindowsInstaller{F761359C-9CED-45AE-9A51-9D6605CD55C4}Evernote.ico
    O90 – PUC: “CD00FF5639BFB0C498606514A2C3A595” . (.HP Software Framework.) — C:WindowsInstaller{65FF00DC-FB93-4C0B-8906-56412A3C5A59}app_1.exe
    O90 – PUC: “D7314F9862C648A4DB8BE2A5B47BE100” . (.Microsoft Silverlight.) — c:WindowsInstaller{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}ARPIcon
    O90 – PUC: “E7FF67E4ABEA78C47B88DC745E24B5D9” . (.Skype™ 6.7.) — C:WindowsInstaller{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}SkypeIcon.exe
    O90 – PUC: “E87429620C34499AB55076D24E1FE14A” . (.AMD Media Foundation Decoders.) — C:WindowsInstaller{2692478E-43C0-A994-5B05-672DE4F11EA4}ARPPRODUCTICON.exe
    O90 – PUC: “FF30403F64103364AA5C5DDCC505EA07” . (.Catalyst Control Center – Branding.) — C:WindowsInstaller{F30403FF-0146-4633-AAC5-D5CD5C50AE70}ARPPRODUCTICON.exe
    ~ Update Products: 130 Scanned in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd – BabylonObjectInstaller.) — C:WindowsInstaller1c3eac.msi [353280] =>PUP.Babylon
    [MD5.058363A0C7713C620A39962E848B6E78] [WIS][22/11/2013] (.Kreapixel – Webplayer.) — C:WindowsInstaller22da9.msi [21504] =>Adware.SocialSkinz
    [MD5.EF65CC2C59994892F543AC8D8DE210D2] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8cc.msi [1773056]
    [MD5.0B4A43935B756B7451C7B1FBF0C6A76B] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8d1.msi [1182208]
    [MD5.FA504F152B85B567E268A21350B75053] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8d6.msi [1166848]
    [MD5.45A944BFADFC42B6EEEBE7CD8F7493FC] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8db.msi [1153024]
    [MD5.29D8F2A4BF34921A804A91C208069386] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8e0.msi [1221120]
    [MD5.60A61D89399E7AB5885A82D823146101] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8e5.msi [615936]
    [MD5.6F6A67E1C906F171A20C3CED146926EF] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8ea.msi [1169408]
    [MD5.37B66D028365C17D75C7C25DEF7D2E66] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8ef.msi [1171456]
    [MD5.E21D2793B0DEB908B1FDE33D7294B9C7] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8f4.msi [1180160]
    [MD5.11740CB780DC03F1E9213949C8D5AB94] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8f9.msi [1186816]
    [MD5.C39788A3A40F4B1DC2848D0FC95CF92B] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b8fe.msi [1171456]
    [MD5.065BB17A76E62B238112D1FC50C339ED] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b903.msi [1199104]
    [MD5.CCAB130AEADF76A7B674FC171E9F80BC] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b908.msi [1183232]
    [MD5.923F17B8D878645BE26B1A0635C7DD49] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b90d.msi [1174528]
    [MD5.937D47E26B7EF977C1B277C9703502FD] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b912.msi [1162752]
    [MD5.394EBE6324E119310352C1814C316D93] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b917.msi [1176064]
    [MD5.E975C7E1674DDF2D4EF63C9FE9759E1C] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b91c.msi [1174528]
    [MD5.B36C9B4105569990A345F73A5389C14E] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b921.msi [1207808]
    [MD5.1D4DC49DE6DCFE5A9DCCD06474123746] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b926.msi [1164800]
    [MD5.46C091118112E5E33A187955F2A85983] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b92b.msi [1195520]
    [MD5.6B9CA7BBE32433ADC31BA97C57407F75] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b930.msi [1171968]
    [MD5.5A4C22B394BE6E9F3B844DB953415F35] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b935.msi [861696]
    [MD5.D166C7DDB4DFE076D6C2A44CDD6DD708] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b93a.msi [1164288]
    [MD5.20AEB542A043941012E8A92271020515] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b93f.msi [1260032]
    [MD5.A00FA593CFC7A72773205B70693A2FF4] [WIS][07/07/2011] (.ATI – Catalyst Control Center Utility Package.) — C:WindowsInstaller2b944.msi [194048]
    [MD5.F884735D8EFD2A49488F8FE3B186FC4D] [WIS][07/07/2011] (.ATI – Catalyst Control Center.) — C:WindowsInstaller2b94a.msi [11001344]
    [MD5.26EFAC041742AC19AEA0417703A39114] [WIS][15/07/2011] (.Broadcom Corp. – WIDCOMM Bluetooth Profile Pack.) — C:WindowsInstaller2b95f.msi [3691812]
    [MD5.FE8BBCCD42FE324FB531E45F45EB9170] [WIS][16/11/2011] (.Broadcom Corporation – Broadcom InConcert Maestro Installer.) — C:WindowsInstaller2b965.msi [1691648]
    [MD5.B1C861317B5A5D0755FBC53352C4B0A3] [WIS][28/09/2013] (.Skype Technologies S.A. – Skype.) — C:WindowsInstaller3e703.msi [22614016]
    [MD5.3E765C9DA387C8C8C067266C3AE3FB9B] [WIS][24/10/2012] (.Skype Technologies S.A. – Skype Click to Call.) — C:WindowsInstaller4c8eb.msi [10137600]
    [MD5.8797F3592E055284D113FEAA21B71ED3] [WIS][18/08/2012] (.Google Inc. – Google Toolbar for Internet Explorer.) — C:WindowsInstaller5317c5.msi [28160] =>Toolbar.Google
    [MD5.2ED9D985B866B6574AC0DC2BE43B5214] [WIS][25/10/2013] (.Ask.com – Blank Project Template.) — C:WindowsInstallerbb62142.msi [3928576]
    ~ WIS: 134 Scanned in 00mn 19s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Auto 23/07/2013 193696 | (BBSvc) . (.Microsoft Corporation..) – C:Program FilesMicrosoftBingBar7.2.241.0BBSvc.exe
    SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program FilesWildTangent GamesAppGamesAppService.exe
    SS – | Auto 18/08/2012 136176 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 18/08/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 04/09/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe

    SR – | Auto 03/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) – C:Program FilesIDTWDMaestsrv.exe
    SR – | Auto 29/06/2011 176128 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SR – | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Demand 23/07/2013 240288 | (BBUpdate) . (.Microsoft Corporation..) – C:Program FilesMicrosoftBingBar7.2.241.0SeaPort.exe
    SR – | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 14/07/2011 742688 | (btwdins) . (.Broadcom Corporation..) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
    SR – | Auto 23/04/2010 514232 | (ezSharedSvc) . (.EasyBits Software AS.) – C:WindowsSystem32ezSharedSvcHost.exe =>.EasyBits Software AS
    SR – | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardHP Support Frameworkhpsa_service.exe =>.Hewlett-Packard Co
    SR – | Auto 11/10/2010 246840 | (HPClientSvc) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    SR – | Auto 10/08/2012 197536 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardSharedHPDrvMntSvc.exe
    SR – | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardSharedhpqWmiEx.exe
    SR – | Auto 27/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) – C:WindowsSystem32Hpservice.exe
    SR – | Auto 05/03/2012 35200 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe
    SR – | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe
    SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
    SR – | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) – C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
    SR – | Auto 01/07/2011 282706 | (STacSV) . (.IDT, Inc..) – C:Program FilesIDTWDMSTacSV.exe
    SR – | Auto 14/07/2009 20992 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 14/07/2009 20992 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe

    ~ Services: Scanned in 00mn 21s

    —\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;

    ~ MBR: 1 Scanned in 00mn 02s

    —\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by poe at 11/12/2013 22:27:46

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin

    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13013 – (10/12/2013)
    Clés trouvées (Keys found) : 18
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 5
    Fichiers trouvés (Files found) : 4

    [HKLMSoftwareGoogleChromeExtensionsgmookaamlkjilnemkglmedgieblahbcn] =>Adware.Pricora^
    [HKLMSoftwareGoogleChromeExtensionsgnbbmjlpkhenbefmmdjodjfmcamegmpd] =>Adware.AddLyrics^
    [HKLMSoftwareGoogleChromeExtensionslicjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
    [HKLMSoftwareGoogleChromeExtensionsmphpbdjcljebbcnfopfngmfdackbbdgf] =>PUP.DealPly^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7F17D90C-AAAA-4E56-91D3-2433E23A62F6}] =>PUP.PassWidget^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallPCSU-SL_is1] =>Rogue.PCSpeedUp^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{D322A9E3-758B-4D60-A7C4-65C88FD378D0}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallBrowserProtect] =>Hijacker.Eazel^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{251f2ea9-5e80-4371-b019-99f9b5f2fa63}] =>PUP.PassWidget^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{F750DB0E-D452-3108-63C9-FE16BC686741}] =>Adware.SocialSkinz^
    [HKLMSoftwareMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
    [HKLMSoftwareGoogleChromeExtensionslkgikdljlijdigcpknpecodlmihmdmij] =>Toolbar.DivXBrowserBar
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110311541199}] =>PUP.CrossRider
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110411191162}] =>PUP.CrossRider
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{8dcb7100-df86-4384-8842-8fa844297b3f} =>Toolbar.Bing^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsgmookaamlkjilnemkglmedgieblahbcn =>Adware.Pricora^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsgnbbmjlpkhenbefmmdjodjfmcamegmpd =>Adware.AddLyrics^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionslicjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsmphpbdjcljebbcnfopfngmfdackbbdgf =>PUP.DealPly^
    C:UserspoeAppDataRoamingwp_update =>PUP.WpManager^
    [HKCUSoftwareAppDataLowSoftwareLyricsViewer-2] =>Adware.AddLyrics^
    C:WindowsInstaller1c3eac.msi =>PUP.Babylon^
    C:WindowsInstaller22da9.msi =>Adware.SocialSkinz^
    C:WindowsInstaller5317c5.msi =>Toolbar.Google^
    ~ Additionnel Scan: 275903 Items scanned in 00mn 36s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora” onclick=”window.open(this.href);return false; =>Adware.Pricora
    ~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics” onclick=”window.open(this.href);return false; =>Adware.AddLyrics
    ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply” onclick=”window.open(this.href);return false; =>PUP.DealPly
    ~ http://nicolascoolman.webs.com/apps/blog/show/34453908-pup-passwidget” onclick=”window.open(this.href);return false; =>PUP.PassWidget
    ~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager” onclick=”window.open(this.href);return false; =>PUP.WpManager
    ~ http://nicolascoolman.webs.com/apps/blog/show/27765487-rogue-pcspeedup” onclick=”window.open(this.href);return false; =>Rogue.PCSpeedUp
    ~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel” onclick=”window.open(this.href);return false; =>Hijacker.Eazel
    ~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz” onclick=”window.open(this.href);return false; =>Adware.SocialSkinz
    ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
    ~ http://nicolascoolman.webs.com/apps/blog/show/34518540-toolbar-divxbrowserbar” onclick=”window.open(this.href);return false; =>Toolbar.DivXBrowserBar
    ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider” onclick=”window.open(this.href);return false; =>PUP.CrossRider
    ~ MSI: 11 link(s) detected in 00mn 38s

    End of the scan (1936 lines in 04mn 37s)(0)

  • pat
    Nombre d'articles : 0

    bonsoir, voila les 6 RAPPORTS sont fais 😉

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir,

    Les rapports étaient à mettre sur SOSUPLOAD :what:

    Enfin bon, ce n’est pas grave 😉

    • Copie les lignes ci dessous :


    Script ZHPFix
    SysRestore
    G2 - GCE: Preference [User DataDefault] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
    G2 - GCE: Preference [User DataDefault] [gmookaamlkjilnemkglmedgieblahbcn] Pricora 2.0 v.1.25.85, (Activé) =>Adware.Pricora
    G2 - GCE: Preference [User DataDefault] [gnbbmjlpkhenbefmmdjodjfmcamegmpd] LyricsViewer-2 v.1.25.27, (Activé) =>Adware.AddLyrics
    G2 - GCE: Preference [User DataDefault] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.6 (Activé) =>Adware.PricePeep
    G2 - GCE: Preference [User DataDefault] [mphpbdjcljebbcnfopfngmfdackbbdgf] DealPly Shopping v.3.5.0.0 (Activé) =>PUP.DealPly
    O2 - BHO: PassWidget - {7f17d90c-aaaa-4e56-91d3-2433e23a62f6} . (...) -- C:Program FilesPass-Widget135.dll (.not file.) =>PUP.PassWidget
    [MD5.00000000000000000000000000000000] [APT] [wp_update] (...) -- C:UserspoeAppDataRoaming~cbdthau.exe (.not file.) [0] =>PUP.WpManager
    O42 - Logiciel: Accelerer PC - (.Speedchecker Limited.) [HKLM] -- PCSU-SL_is1 =>Rogue.PCSpeedUp
    O42 - Logiciel: BrowserProtect - (...) [HKLM] -- BrowserProtect =>Hijacker.Eazel
    O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM] -- {251f2ea9-5e80-4371-b019-99f9b5f2fa63} =>PUP.PassWidget
    O42 - Logiciel: Webplayer - (.Kreapixel.) [HKLM] -- {F750DB0E-D452-3108-63C9-FE16BC686741} =>Adware.SocialSkinz
    [HKCUSoftwareAppDataLowSoftwareLyricsViewer-2] =>Adware.AddLyrics
    O43 - CFD: 11/12/2013 - 12:43:27 - [0] ----D C:UserspoeAppDataRoamingwp_update =>PUP.WpManager
    O61 - LFC: 09/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00067.ldb [982380] =>Adware.Pricora
    O61 - LFC: 10/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00070.ldb [245] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:02 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_gmookaamlkjilnemkglmedgieblahbcn_08 [26624] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:02 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultdatabaseschrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_09 [19456] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00076.ldb [491479] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00088.ldb [494574] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgmookaamlkjilnemkglmedgieblahbcn00090.ldb [505435] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnCURRENT [16] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnLOG [535] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnLOG.old [262] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgmookaamlkjilnemkglmedgieblahbcnMANIFEST-000087 [446] =>Adware.Pricora
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00078.ldb [415925] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension Settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00080.ldb [185] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdCURRENT [16] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdLOG [0] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdLOG.old [775] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Extension SettingsgnbbmjlpkhenbefmmdjodjfmcamegmpdMANIFEST-000079 [170] =>Adware.AddLyrics
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [427008] =>Adware.PricePeep
    O61 - LFC: 11/12/2013 - 22:26:03 ---A- . (...) -- C:UserspoeAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal [16384] =>Adware.PricePeep
    O61 - LFC: 11/12/2013 - 22:26:17 ---A- . (...) -- C:UserspoeAppDataRoamingwp_updatecurrentVersion.txt [1] =>PUP.WpManager
    [MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:WindowsInstaller1c3eac.msi [353280] =>PUP.Babylon
    [MD5.058363A0C7713C620A39962E848B6E78] [WIS][22/11/2013] (.Kreapixel - Webplayer.) -- C:WindowsInstaller22da9.msi [21504] =>Adware.SocialSkinz
    [HKLMSoftwareGoogleChromeExtensionsgmookaamlkjilnemkglmedgieblahbcn] =>Adware.Pricora^
    [HKLMSoftwareGoogleChromeExtensionsgnbbmjlpkhenbefmmdjodjfmcamegmpd] =>Adware.AddLyrics^
    [HKLMSoftwareGoogleChromeExtensionslicjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
    [HKLMSoftwareGoogleChromeExtensionsmphpbdjcljebbcnfopfngmfdackbbdgf] =>PUP.DealPly^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7F17D90C-AAAA-4E56-91D3-2433E23A62F6}] =>PUP.PassWidget^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallPCSU-SL_is1] =>Rogue.PCSpeedUp^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallBrowserProtect] =>Hijacker.Eazel^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{251f2ea9-5e80-4371-b019-99f9b5f2fa63}] =>PUP.PassWidget^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{F750DB0E-D452-3108-63C9-FE16BC686741}] =>Adware.SocialSkinz^
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110311541199}] =>PUP.CrossRider
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110411191162}] =>PUP.CrossRider
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsgmookaamlkjilnemkglmedgieblahbcn =>Adware.Pricora^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsgnbbmjlpkhenbefmmdjodjfmcamegmpd =>Adware.AddLyrics^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionslicjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
    C:UserspoeAppDataLocalGoogleChromeUser DataDefaultExtensionsmphpbdjcljebbcnfopfngmfdackbbdgf =>PUP.DealPly^
    C:UserspoeAppDataRoamingwp_update =>PUP.WpManager^
    [HKCUSoftwareAppDataLowSoftwareLyricsViewer-2] =>Adware.AddLyrics^
    C:WindowsInstaller1c3eac.msi =>PUP.Babylon^
    C:WindowsInstaller22da9.msi =>Adware.SocialSkinz^
    O4 - GSAccessories [poe]: Run.lnk - Clé orpheline
    O3 - ToolbarWebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline

    EmptyCLSID

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Puis Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    Reviens vers moi pour me dire ce qu’il en ai après ça 😉 Attention : Ce n’est pas encore fini ! 😉

  • pat
    Nombre d'articles : 0

    Rapport de ZHPFix 2013.12.6.4 par Nicolas Coolman, Update du 06/12/2013
    Fichier d’export Registre :
    Run by poe at 11/12/2013 23:50:07
    High Elevated Privileges : OK
    Windows Vista Home Premium Edition, 32-bit (Build 6000)

    Corbeille vid�e (00mn 58s)

    ========== Logiciels ==========
    ABSENT Uninstall Process: c:program filesaccelerer pcunins000.exe
    ABSENT Uninstall Process: c:program filesbrowserprotectuninstall.exe
    ABSENT Uninstall Process: c:program filespass-widgetuninstall.exe
    SUPPRIM�: Webplayer

    ========== Cl�s du Registre ==========
    SUPPRIM� Logiciel Key: [HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPCSU-SL_is1]
    SUPPRIM� Logiciel Key: [HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallBrowserProtect]
    SUPPRIM� Logiciel Key: [HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{251f2ea9-5e80-4371-b019-99f9b5f2fa63}]
    SUPPRIM�: [HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{F750DB0E-D452-3108-63C9-FE16BC686741}]
    SUPPRIM�: CLSID BHO: {7f17d90c-aaaa-4e56-91d3-2433e23a62f6}
    SUPPRIM�: [HKLMSOFTWAREClassesCLSID{7f17d90c-aaaa-4e56-91d3-2433e23a62f6}]
    SUPPRIM�: HKCUSoftwareAppDataLowSoftwareLyricsViewer-2
    SUPPRIM�: HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110311541199}
    SUPPRIM�: HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110411191162}

    ========== Valeurs du Registre ==========
    SUPPRIM�: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}

    ========== Dossiers ==========
    Aucun dossiers CLSID Local utilisateur vide

    ========== Fichiers ==========
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcn00067.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcn00070.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultdatabaseschrome-extension_gmookaamlkjilnemkglmedgieblahbcn_08
    SUPPRIM� Red�marrage: c:userspoeappdatalocalgooglechromeuser datadefaultdatabaseschrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_09
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcn00076.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcn00088.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcn00090.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcncurrent
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcnlog
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcnlog.old
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgmookaamlkjilnemkglmedgieblahbcnmanifest-000087
    SUPPRIM� Red�marrage: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00078.ldb
    SUPPRIM� Red�marrage: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00080.ldb
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpdcurrent
    SUPPRIM� Red�marrage: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpdlog
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpdlog.old
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
    SUPPRIM�: c:userspoeappdatalocalgooglechromeuser datadefaultlocal storagechrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
    SUPPRIM�: C:WindowsInstaller1c3eac.msi
    SUPPRIM�: C:WindowsInstaller22da9.msi

    ========== Tache planifi�e ==========
    SUPPRIM�: wp_update

    ========== Restauration Syst�me ==========
    Point de restauration du syst�me cr�� avec succ�s

    ========== R�capitulatif ==========
    9 : Cl�s du Registre
    1 : Valeurs du Registre
    1 : Dossiers
    20 : Fichiers
    4 : Logiciels
    1 : Tache planifi�e
    1 : Restauration Syst�me

    End of clean in 02mn 46s

    ========== Chemin de fichier rapport ==========
    C:UserspoeAppDataRoamingZHPZHPFix[R1].tx

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    @H.A.W.X wrote:

    Reviens vers moi pour me dire ce qu’il en ai après ça 😉 Attention : Ce n’est pas encore fini ! 😉

  • pat
    Nombre d'articles : 0

    Rapport de ZHPFix 2013.12.6.4 par Nicolas Coolman, Update du 06/12/2013
    Fichier d’export Registre :
    Run by poe at 12/12/2013 21:05:32
    High Elevated Privileges : OK
    Windows Vista Home Premium Edition, 32-bit (Build 6000)

    Corbeille vidée (00mn 07s)

    ========== Dossiers ==========
    Aucun dossiers CLSID Local utilisateur vide

    ========== Fichiers ==========
    SUPPRIMÉ: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00078.ldb
    SUPPRIMÉ: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpd00080.ldb
    SUPPRIMÉ: c:userspoeappdatalocalgooglechromeuser datadefaultlocal extension settingsgnbbmjlpkhenbefmmdjodjfmcamegmpdlog

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès

    ========== Récapitulatif ==========
    1 : Dossiers
    3 : Fichiers
    1 : Restauration Système

    End of clean in 00mn 31s

    ========== Chemin de fichier rapport ==========
    C:UserspoeAppDataRoamingZHPZHPFix[R1].txt – 11/12/2013 23:51:06 [4789]
    C:UserspoeAppDataRoamingZHPZHPFix[R2].txt – 12/12/2013 21:05:39 [1131]

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Non 🙁

    Je te demande comment vas ton PC ?

  • pat
    Nombre d'articles : 0

    ba pour l’instant c’est top ca semble avoir marché merci beaucoup :bravo1: 🙂

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir 🙂

    Ah super ! 😀 Et bien dernière manip ET bien lire les recommandations sinon ça reviendra 😉

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Coche la case suivantes :
      • Réactiver l’UAC
      • Supprimer les outils de désinfection
      • Effectuer une sauvegarde du registre
      • Purger la restauration système
      • Réinitialisation des paramètres système

    [fin2desinf:km21ykcz][/fin2desinf:km21ykcz]

  • pat
    Nombre d'articles : 0

    MERCI BEAUCOUP 😀 ca m’a beaucoup aidé !!!!
    # DelFix v10.6 – Rapport créé le 12/12/2013 à 22:01:46
    # Mis à jour le 11/11/2013 par Xplode
    # Nom d’utilisateur : poe – POUPOUILLE
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)

    ~ Activation de l’UAC … OK

    ~ Suppression des outils de désinfection …

    Supprimé : C:USBFix
    Supprimé : C:AdwCleaner
    Supprimé : C:UserspoeAppDataRoamingZHP
    Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP
    Supprimé : C:Program FilesZHPDiag
    Supprimé : C:PhysicalDisk0_MBR.bin
    Supprimé : C:UsbFix [Clean 4] POUPOUILLE.txt
    Supprimé : C:UsbFix [Scan 1] POUPOUILLE.txt
    Supprimé : C:UsbFix [Scan 2] POUPOUILLE.txt
    Supprimé : C:UsbFix [Scan 3] POUPOUILLE.txt
    Supprimé : C:UserspoeDesktopJRT.txt
    Supprimé : C:UserspoeDesktopSFTGC (1).exe
    Supprimé : C:UserspoeDesktopSFTGC.txt
    Supprimé : C:UserspoeDesktopUsbFix Faire un Don.lnk
    Supprimé : C:UserspoeDesktopZHPDiag.lnk
    Supprimé : C:UserspoeDesktopZHPDiag.txt
    Supprimé : C:UserspoeDesktopZHPFix.lnk
    Supprimé : C:UserspoeDesktopZHPFixReport.txt
    Supprimé : C:UserspoeDownloadsadwcleaner.exe
    Supprimé : C:UserspoeDownloadsJRT (1).exe
    Supprimé : C:UserspoeDownloadsJRT (2).exe
    Supprimé : C:UserspoeDownloadsJRT (3).exe
    Supprimé : C:UserspoeDownloadsJRT.exe
    Supprimé : C:UserspoeDownloadsSFTGC.exe
    Supprimé : C:UserspoeDownloadsUsbFix (4).exe
    Supprimé : C:UserspoeDownloadsUsbFix.exe
    Supprimé : C:UserspoeDownloadsZHPDiag2 (1).exe
    Supprimé : C:UserspoeDownloadsZHPDiag2.exe
    Supprimée : HKCUSoftwareUSBFix
    Supprimée : HKLMSOFTWAREAdwCleaner
    Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallUSBFix
    Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallZHPDiag_is1

    ~ Sauvegarde de la base de registre … OK

    ~ Purge de la restauration système …

    Supprimé : RP #151 [Windows Update | 11/14/2013 21:18:01]
    Supprimé : RP #152 [Windows Update | 11/20/2013 12:40:41]
    Supprimé : RP #153 [Windows Update | 11/27/2013 18:47:59]
    Supprimé : RP #154 [Windows Update | 12/04/2013 22:37:29]
    Supprimé : RP #155 [Windows Update | 12/08/2013 21:55:11]
    Supprimé : RP #156 [Windows Update | 12/09/2013 02:00:15]
    Supprimé : RP #158 [ZHPFix Restore System Point | 12/11/2013 22:49:22]
    Supprimé : RP #160 [ZHPFix Restore System Point | 12/12/2013 20:05:14]

    Nouveau point de restauration créé !

    ~ Réinitialisation des paramètres système … OK

    ########## – EOF – ##########

  • pat
    Nombre d'articles : 0

    ha oui je voulais te demander,et ce que tu serais m’aider je crois que mes clef usb ont un probleme elles me mettent tous en raccourcis je sais pas trop si c’est grave ou c’est moi qui sais pas m’en servir 🙂 ?

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Oui, c’est une infection Usb 😉

    • Télécharge UsbFix (de El Desaparecido) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Branchez toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Choisis l’option Suppression

      Note : Si UsbFix bloque à 14%, démarrer en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse

    Bonne nuit

  • pat
    Nombre d'articles : 0

    Bonsoir,
    j’essaie desesperement d’obtenir un rapport de usbfix mais ca s’arrete à 16 pourcent 🙁 qu’est ce que tu me conseille ? 🙂

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Ah tu essayés ceci ? :
    @H.A.W.X wrote:

    Note : Si UsbFix bloque à 14%, démarrer en mode sans échec. (Voir >> ICI <<)

  • pat
    Nombre d'articles : 0

    ############################## | UsbFix V 7.154 | [Suppression]

    Utilisateur: poe (Administrateur) # POUPOUILLE
    Mis à jour le 13/12/2013 par El Desaparecido – Team SosVirus
    Lancé à 12:52:41 | 15/12/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (3387)
    CPU: AMD E-450 APU with Radeon(tm) HD Graphics
    RAM -> [Total : 3579 | Free : 2597]
    Bios: Hewlett-Packard
    Boot: Fail-safe with network boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.16476
    WB: Google Chrome : 31.0.1650.63

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AS: Windows Defender [Enabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes’ Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 445 Go (327 Go libre(s) – 73%) [] # NTFS
    D: -> Disque fixe # 17 Go (2 Go libre(s) – 11%) [Recovery] # NTFS
    E: -> Disque fixe # 4 Go (1 Go libre(s) – 28%) [HP_TOOLS] # FAT32
    F: -> Disque amovible # 4 Go (423 Mo libre(s) – 11%) [] # FAT32
    G: -> Disque amovible # 7 Go (7 Go libre(s) – 99%) [FLASH DRIVE] # FAT32
    H: -> Disque amovible # 4 Go (3 Go libre(s) – 85%) [VN_713PC] # FAT32

    ################## | Processus Stoppés |

    Stoppé! C:WindowsExplorer.EXE (ID: 1200 |ParentID: 1188)
    Stoppé! C:Windowssystem32ctfmon.exe (ID: 1340 |ParentID: 1200)
    Stoppé! C:Windowshelppane.exe (ID: 1608 |ParentID: 620)
    Stoppé! C:Windowssystem32DllHost.exe (ID: 1660 |ParentID: 620)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 548 |ParentID: 1200)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 648 |ParentID: 548)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1708 |ParentID: 548)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLMSOFTWARE | Run : [SynTPEnh] – %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – HKLMSOFTWARE | Run : [SysTrayApp] – C:Program FilesIDTWDMsttray.exe
    04 – HKLMSOFTWARE | Run : [HPQuickWebProxy] – “C:Program FilesHewlett-PackardHP QuickWebhpqwutils.exe”
    04 – HKLMSOFTWARE | Run : [SetDefault] – C:Program FilesHewlett-PackardHP LaunchBoxSetDefault.exe
    04 – HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program FilesAdobeReader 10.0ReaderReader_sl.exe”
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [HP CoolSense] – C:Program FilesHewlett-PackardHP CoolSenseCoolSense.exe -byrunkey
    04 – HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program FilesEasyBits For KidsezRecover.exe
    04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLMSOFTWARE | Run : [] –
    04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program FilesiTunesiTunesHelper.exe”
    04 – HKLMSOFTWARE | Run : [HP Quick Launch] – C:Program FilesHewlett-PackardHP Quick LaunchHPMSGSVC.exe
    04 – HKLMSOFTWARE | Run : [HPOSD] – C:Program FilesHewlett-PackardHP On Screen DisplayHPOSD.exe
    04 – HKLMSOFTWARE | Run : [mobilegeni daemon] – C:Program FilesMobogenieDaemonProcess.exe
    04 – HKLMSOFTWARE | Run : [DivXMediaServer] – C:Program FilesDivXDivX Media ServerDivXMediaServer.exe
    04 – HKLMSOFTWARE | Run : [DivXUpdate] – “C:Program FilesDivXDivX UpdateDivXUpdate.exe” /CHECKNOW
    04 – HKLMSOFTWARE | Run : [Activator] – wscript.exe //B “C:UserspoeAppDataLocalTempActivator.vbs”
    04 – HKLMSOFTWARE | RunOnce : [NCPluginUpdater] – “C:Program FilesHewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe” Update
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-1393359087-3183399950-3005852446-1001SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-1393359087-3183399950-3005852446-1001SOFTWARE | Run : [Spotify] – “C:UserspoeAppDataRoamingSpotifySpotify.exe” /uri spotify:autostart
    04 – HKUS-1-5-21-1393359087-3183399950-3005852446-1001SOFTWARE | Run : [Spotify Web Helper] – “C:UserspoeAppDataRoamingSpotifyDataSpotifyWebHelper.exe”
    04 – HKUS-1-5-21-1393359087-3183399950-3005852446-1001SOFTWARE | Run : [Skype] – “C:Program FilesSkypePhoneSkype.exe” /minimized /regrun
    04 – HKUS-1-5-21-1393359087-3183399950-3005852446-1001SOFTWARE | Run : [Activator] – wscript.exe //B “C:UserspoeAppDataLocalTempActivator.vbs”
    04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Supprimé! F:Activator.vbs
    Supprimé! G:iTunesHelper.vbe
    Supprimé! G:Activator.vbs
    Supprimé! H:Activator.vbs
    Supprimé! C:UserspoeAppDataLocalTempActivator.vbs
    Supprimé! C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupActivator.vbs
    Supprimé! F:Optique.lnk
    Supprimé! F:tpe oral ana.lnk
    Supprimé! F:Partie 1_chap1.lnk
    Supprimé! F:Curriculum Vitae france.lnk
    Supprimé! F:Partie 1_chap2.lnk
    Supprimé! F:cytologie poumet.lnk
    Supprimé! F:Groupements_fonctionnels_de_base.lnk
    Supprimé! F:Synthèses séminaire anthropo.lnk
    Supprimé! F:liste des éléments.lnk
    Supprimé! F:Notes_BioAnimale_2012-2013-2-.lnk
    Supprimé! F:Les origines de l’homme tableau récap.lnk
    Supprimé! F:Partie1_chap3.lnk
    Supprimé! F:Joyeux Anniversaire !.lnk
    Supprimé! F:tt.lnk
    Supprimé! F:Résumé 2011.lnk
    Supprimé! F:Bac 1.lnk
    Supprimé! G:Activator.lnk
    Supprimé! G:Autorun.inf.lnk
    Supprimé! G:cours LV1 p4.lnk
    Supprimé! G:(RAES) Tableaux comparatifs (1).lnk
    Supprimé! G:(RAES) Comparaisons cycles.lnk
    Supprimé! G:Curriculum Vitae france.lnk
    Supprimé! G:Thumbs.lnk
    Supprimé! G:iTunesHelper.lnk
    Supprimé! G: .lnk
    Supprimé! G:xxx.lnk
    Supprimé! G:liste des éléments.lnk
    Supprimé! G:e-ticket_0822162164978 (1).lnk
    Supprimé! G:Partie 1_chap1.lnk
    Supprimé! G:Partie1_chap3.lnk
    Supprimé! G:Partie 1_chap2.lnk
    Supprimé! G:Résumé 2011.lnk
    Supprimé! H:RECORDER.lnk
    Supprimé! H:OL_MANUAL.lnk
    Supprimé! H:SYSTEM.lnk

    ################## | Référence de comparaison MD5 |

    Md5 : 9A193F949004F78F28193859BE75F13B -> C:UserspoeAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupActivator.vbs
    Md5 : 9A193F949004F78F28193859BE75F13B -> C:UserspoeAppDataLocalTempActivator.vbs
    Md5 : 9A193F949004F78F28193859BE75F13B -> F:Activator.vbs
    Md5 : AED4FAF279ABF7D7605E81707BE3CE64 -> G:iTunesHelper.vbe
    Md5 : 9A193F949004F78F28193859BE75F13B -> G:Activator.vbs
    Md5 : 9A193F949004F78F28193859BE75F13B -> H:Activator.vbs

    ################## | Comparaison MD5 |

    -> Pas de valeur Md5 identique trouvée.

    ################## | Registre |

    Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0
    Supprimé! HKUS-1-5-21-1393359087-3183399950-3005852446-1001SoftwareMicrosoftWindowsCurrentVersionRun|Activator
    Supprimé! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|Activator
    Supprimé! HKLMSoftwareActivator

    ################## | Listing |

    [12/12/2013 – 22:04:20 | N | 2 Ko] – C:DelFix.txt
    [13/12/2013 – 07:28:08 | N | 12 Ko] – C:UsbFix [Scan 1] POUPOUILLE.txt
    [13/12/2013 – 18:57:53 | N | 12 Ko] – C:UsbFix [Scan 2] POUPOUILLE.txt
    [13/12/2013 – 19:51:44 | N | 7 Ko] – C:UsbFix [Clean 3] POUPOUILLE.txt
    [15/12/2013 – 13:02:28 | A | 8 Ko] – C:UsbFix [Clean 4] POUPOUILLE.txt
    [10/06/2009 – 22:42:20 | N | 0 Ko] – C:config.sys
    [15/12/2013 – 12:50:12 | ASH | 2748600 Ko] – C:hiberfil.sys
    [15/12/2013 – 12:50:13 | ASH | 3664800 Ko] – C:pagefile.sys
    [15/12/2011 – 16:32:06 | D] – C:SYSTEM.SAV
    [09/07/2012 – 21:30:29 | N | 4 Ko] – C:user.js
    [22/11/2013 – 23:12:40 | SHD] – C:$Recycle.Bin
    [10/06/2009 – 22:42:20 | N | 0 Ko] – C:autoexec.bat
    [14/07/2009 – 03:37:05 | D] – C:PerfLogs
    [14/07/2009 – 05:53:55 | SHD] – C:Documents and Settings
    [20/11/2010 – 22:29:06 | RASH | 375 Ko] – C:bootmgr
    [12/08/2011 – 10:59:32 | SHD] – C:boot
    [16/11/2011 – 01:20:56 | D] – C:HP
    [15/12/2011 – 16:31:06 | D] – C:Users
    [15/12/2011 – 16:31:59 | SHD] – C:Recovery
    [17/12/2011 – 22:25:53 | D] – C:ordinateur poë
    [31/12/2011 – 15:27:50 | D] – C:Firefox
    [07/03/2012 – 22:17:45 | RHD] – C:MSOCache
    [05/06/2012 – 20:49:32 | D] – C:cf7c4178d0fb8ff52087d0b4c116f56d
    [18/10/2013 – 21:51:43 | D] – C:SWSetup
    [11/12/2013 – 13:04:04 | HD] – C:ProgramData
    [12/12/2013 – 22:01:51 | D] – C:Program Files
    [15/12/2013 – 08:11:31 | SHD] – C:System Volume Information
    [15/12/2013 – 12:50:13 | D] – C:Windows
    [15/12/2013 – 13:01:08 | D] – C:UsbFix
    [10/03/2012 – 19:20:43 | N | 0 Ko] – D:HPSF_Rep.txt
    [15/12/2011 – 16:37:04 | N | 0 Ko] – D:HP_WSD.dat
    [15/12/2011 – 16:37:32 | SHD] – D:$RECYCLE.BIN
    [14/07/2009 – 19:39:00 | RASH | 375 Ko] – D:bootmgr
    [15/12/2011 – 16:37:24 | D] – D:hp
    [15/12/2011 – 16:37:24 | RASHD] – D:boot
    [15/12/2011 – 16:37:24 | RSHD] – D:preload
    [15/12/2011 – 16:37:24 | RSD] – D:recovery
    [15/12/2011 – 16:37:24 | D] – D:RM_Reserve
    [15/12/2011 – 16:37:24 | D] – D:FactoryUpdate
    [14/02/2012 – 01:46:31 | SHD] – D:System Volume Information
    [10/03/2012 – 19:20:46 | N | 0 Ko] – E:HPSF_Rep.txt
    [07/11/2012 – 12:59:22 | N | 0 Ko] – E:HP_WSD.dat
    [16/11/2011 – 01:28:24 | SHD] – E:$RECYCLE.BIN
    [16/11/2011 – 01:07:04 | D] – E:Hewlett-Packard
    [06/10/2013 – 00:14:18 | N | 679 Ko] – F:cytologie poumet.pdf
    [11/10/2013 – 00:59:24 | N | 3918 Ko] – F:Optique.pdf
    [11/10/2013 – 01:03:26 | N | 27 Ko] – F:Groupements_fonctionnels_de_base.pdf
    [11/10/2013 – 01:18:08 | N | 232 Ko] – F:Synthèses séminaire anthropo.pdf
    [11/10/2013 – 01:37:00 | N | 61 Ko] – F:liste des éléments.pdf
    [11/10/2013 – 01:38:18 | N | 2078 Ko] – F:Notes_BioAnimale_2012-2013-2-.pdf
    [16/03/2011 – 17:11:54 | N | 13 Ko] – F:tpe oral ana.odt
    [12/12/2013 – 23:10:44 | SH | 0 Ko] – F:autorun.inf
    [11/10/2013 – 00:47:32 | N | 38 Ko] – F:Curriculum Vitae france.docx
    [11/10/2013 – 01:40:48 | N | 2031 Ko] – F:Partie 1_chap1.docx
    [11/10/2013 – 01:41:26 | N | 1279 Ko] – F:Partie 1_chap2.docx
    [11/10/2013 – 01:42:18 | N | 2253 Ko] – F:Partie1_chap3.docx
    [10/12/2013 – 23:00:00 | N | 362 Ko] – F:Les origines de l’homme tableau récap.docx
    [11/10/2013 – 01:34:44 | N | 100 Ko] – F:Résumé 2011.doc
    [27/07/2012 – 17:54:56 | D] – F:Joyeux Anniversaire !
    [21/10/2013 – 11:48:54 | D] – F:Bac 1
    [28/10/2013 – 16:00:58 | D] – F:tt
    [11/10/2013 – 01:37:00 | N | 61 Ko] – G:liste des éléments.pdf
    [15/11/2013 – 00:00:16 | N | 245 Ko] – G:e-ticket_0822162164978 (1).pdf
    [15/11/2013 – 00:29:10 | N | 453 Ko] – G:(RAES) Tableaux comparatifs (1).pdf
    [15/11/2013 – 00:32:44 | N | 1665 Ko] – G:(RAES) Comparaisons cycles.pdf
    [13/09/2011 – 21:48:58 | N | 565 Ko] – G:cours LV1 p4.jpg
    [12/12/2013 – 23:10:52 | SH | 0 Ko] – G:autorun.inf
    [11/10/2013 – 00:48:42 | N | 38 Ko] – G:Curriculum Vitae france.docx
    [11/10/2013 – 01:40:48 | N | 2031 Ko] – G:Partie 1_chap1.docx
    [11/10/2013 – 01:41:26 | N | 1279 Ko] – G:Partie 1_chap2.docx
    [11/10/2013 – 01:42:18 | N | 2253 Ko] – G:Partie1_chap3.docx
    [11/10/2013 – 01:34:44 | N | 100 Ko] – G:Résumé 2011.doc
    [07/10/2013 – 14:25:54 | SH | 313 Ko] – G:Thumbs.db
    [07/10/2013 – 14:25:44 | D] – G: 
    [11/10/2013 – 07:18:48 | D] – G:xxx
    [01/01/2012 – 00:01:34 | D] – H:RECORDER
    [01/01/2012 – 00:01:34 | SHD] – H:SYSTEM
    [17/06/2013 – 08:59:42 | D] – H:OL_MANUAL

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par Bitdefender USB Immunizer (Bitdefender Antivirus)
    G:Autorun.inf -> Vaccin créé par Bitdefender USB Immunizer (Bitdefender Antivirus)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • pat
    Nombre d'articles : 0

    Ca y est merci 🙂

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Ok comment ça vas ? 🙂

  • pat
    Nombre d'articles : 0

    bonsoir, ba ecoute ca a l’air d’aller il y a plus de raccourcis 🙂

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    :super:

    [fin2desinf:161ty6a8][/fin2desinf:161ty6a8]

  • pat
    Nombre d'articles : 0

    MERCI BEAUCOUP !! 🙂 :bravo1: :bravo1:

Le sujet ‘virus raletissement’ est fermé à de nouvelles réponses.