Erreur NTRedirect.dll

de **ManoAl63** » 20 Aoû 2013 10:36

Bonjour

Au démarrage de mon PC j'ai le message d'erreur suivant :
Problème lors du démarrage de
C:\Users\Archimbaud\AppData\Roaming\BabSolution\Shared\NTRedirect.dll

Le module spécifié est introuvable

Comme évoqué sur le Forum j'ai fait tourné ZHPDiag et le résultat est sous
http://up2sha.re/file?f=gvTWKPSlxCp5

Merci pour l'aide

de **VIRUS/C/C** » 20 Aoû 2013 11:28

Salut

* Bienvenue a toi sur Forum-windows7-windows8.fr :welcome:

* Je vais te prendre en charge et avec une procédure !!!

@+ VIRUS/C/C

de **VIRUS/C/C** » 20 Aoû 2013 11:29

Salut

* Il faut être vigilant quand on installe un programme, jamais via des liens publicitaires
* Prendre le temps de lire les conditions d'utilisation lors d' une installation d' un programme et décocher l'installation d'une barre d 'outil ou de recherches, etc..

1) * Télécharge AdwCleaner (de Xplode) sur ton bureau

* Clique Dessus >>

* Clic droit " Executer en tant que en tant qu'administrateur "sur AdwCleaner.exe.

* Accepte l'avertissement qui suit
* Clique sur >> Recherche

* ne passe qu' une fois l' outil
* Patiente le temps de la recherche
* Le rapport apparait à la fin .

* Clique sur Quitter .

* Poste le lien du rapport .

@+ VIRUS/C/C

de **ManoAl63** » 20 Aoû 2013 13:46

Bounjour et encore merci pour l'aide

Voici le contenu du rapport
================================================================================================
# AdwCleaner v2.306 - Rapport créé le 20/08/2013 à 14:35:48
# Mis à jour le 19/07/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Archimbaud - ARCHIMBAUD-PC
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Archimbaud\Desktop\adwcleaner (1).exe
# Option [Recherche]

***** [Services] *****

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Dossier Présent : C:\Program Files (x86)\ParetoLogic
Dossier Présent : C:\ProgramData\ParetoLogic
Dossier Présent : C:\Users\Archimbaud\AppData\Roaming\DriverCure
Dossier Présent : C:\Users\Archimbaud\AppData\Roaming\Mozilla\Firefox\Profiles\ucwgcla2.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}
Dossier Présent : C:\Users\Archimbaud\AppData\Roaming\ParetoLogic

***** [Registre] *****

Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar

***** [Navigateurs] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v [Impossible d'obtenir la version]

Fichier : C:\Users\Archimbaud\AppData\Roaming\Mozilla\Firefox\Profiles\ucwgcla2.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v28.0.1500.95

Fichier : C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Preferences

Présente [l.46] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Présente [l.49] : keyword = "delta-search.com",
Présente [l.53] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2676722F681D1A5C&affID=119357&tsp=4975",

*************************

AdwCleaner[R1].txt - [28568 octets] - [29/05/2013 06:16:31]
AdwCleaner[R2].txt - [6293 octets] - [15/08/2013 09:03:00]
AdwCleaner[R3].txt - [2795 octets] - [15/08/2013 09:09:42]
AdwCleaner[R4].txt - [13576 octets] - [15/08/2013 14:09:20]
AdwCleaner[R5].txt - [1997 octets] - [20/08/2013 14:35:48]
AdwCleaner[S1].txt - [28500 octets] - [29/05/2013 06:17:35]
AdwCleaner[S2].txt - [6403 octets] - [15/08/2013 09:03:31]
AdwCleaner[S3].txt - [2711 octets] - [15/08/2013 09:10:32]
AdwCleaner[S4].txt - [451 octets] - [15/08/2013 14:09:08]
AdwCleaner[S5].txt - [13777 octets] - [15/08/2013 14:09:45]
AdwCleaner[S6].txt - [2652 octets] - [18/08/2013 10:25:37]

########## EOF - C:\AdwCleaner[R5].txt - [2418 octets] ##########

=============================================================================================

ManoAl63 a écrit:Bonjour

Au démarrage de mon PC j'ai le message d'erreur suivant :
Problème lors du démarrage de
C:\Users\Archimbaud\AppData\Roaming\BabSolution\Shared\NTRedirect.dll

Le module spécifié est introuvable

Comme évoqué sur le Forum j'ai fait tourné ZHPDiag et le résultat est sous
http://up2sha.re/file?f=gvTWKPSlxCp5

Merci pour l'aide

de **VIRUS/C/C** » 20 Aoû 2013 14:35

Salut

Dans l' ordre:

1) * Relances Adwcleaner

* Clic droit " Executer en tant que en tant qu'administrateur "sur AdwCleaner.exe .

* Clique sur >> Suppression

* Accepte l'avertissement qui suit
* Patiente!!!
* ne passe qu' une fois l' outil

* Le rapport apparait à la fin .
* Clique sur Quitter .

* Poste le lien du rapport .

ensuite aprés ceci tu n' auras plus l' "emm*rd*ur au démarrage " de ton Windows :siffle:

2) /!\ ZHPFix /!\

Ce script va cibler certains éléments à supprimer :
>> ATTENTION << : Script personnalisé pour cette Machine et uniquement pour cette Machine , Ne pas reproduire !!!!!!!!!!!!!!!!!!!!!!!

* Copies tout le texte présent ci-dessous
*( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )

* Tu commences bien à partir de SysRestore jusqu' a Emptytemp

SysRestore
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.1 (Activé)
O4 - HKCU\..\Run: [NTRedirect] C:\Users\Archimbaud\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (.not file.)
O4 - HKUS\S-1-5-21-3061313246-2662923334-336010195-1000\..\Run: [NTRedirect] C:\Users\Archimbaud\AppData\Roaming\BabSolution\Shared\NTRedirect.dll (.not file.)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegCure Pro.job
[MD5.00000000000000000000000000000000] [APT] [EPUpdater] (...) -- C:\Users\Archimbaud\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe (.not file.) [MD5.737775BE49C27D51305EF0A64215C673] [APT] [RegCure Pro] (.ParetoLogic, Inc..) -- C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NTRedirect
EmptyCLSID
EmptyFlash
Emptytemp

* Fais un clic-droit sur le raccourci de >> ZHPFix qui se trouve sur ton bureau et choisis "Exécuter en temps qu'administrateur" pour le lancer.

* La fenêtre de Contrôle de Compte Utilisateur s' ouvre >> "Voulez-vous autoriser le programme...." ,

* Clique sur OUI

* Une fois l'outil ZHPFix ouvert ,

* Clique sur l'icone représentant le presse-papier ("coller le presse-papier") => 1

* Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)

* les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix.
* Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes.

* Clique sur le bouton GO=> 2 pour lancer le nettoyage

* Il arrive que l'outil que tu vas utiliser ferme le processus "explorer.exe". Il est possible qu'après son exécution, ton bureau reste sans icône et sans barre des tâches.

* il suffit de relancer explorer.exe

* Pour cela, tu presseras simultanément ctrl+alt+suppr pour ouvrir le gestionnaire de tâches
* Une fois dans le gestionnaire, tu cliqueras sur "fichier" et sur "nouvelle tâche"
* Dans le champ de saisie, tu taperas explorer.exe et tu cliqueras sur OK
* Tout redeviendra normal
* Héberge le rapport ZHPFix.txt

* Poste le lien du rapport hébergé

On fera un autre nettoyage plus tard !!

@+ VIRUS/C/C

de **ManoAl63** » 20 Aoû 2013 20:30

Bonsoir et encore merci

J'ai redémarrer mon PC et je n'ai plus le message d'erreur.

Je ne sais comment comment copier le lien donc voici le contenu du fichier de rapport
================================
Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
Fichier d'export Registre :
Run by Archimbaud at 20/08/2013 21:07:18
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: NTRedirect
ABSENT RunValue: NTRedirect
ABSENT [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NTRedirect

========== Préférences navigateur ==========
ABSENT Folder Chrome: licjnkifamhpbaefhdpacpmihicfbomb

========== Dossier(s) ==========
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{08D19DD2-8B45-41AE-A6FA-E9DEDED11998}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{152D4DD2-8E48-42F4-9ED3-9AA5A856D316}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{15E54226-E005-4541-88F8-A2CE1B005DC0}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{23E912CF-FB8E-4CC5-BA37-22B979BAAEEA}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{26BDA1A6-06A7-4F67-9BF7-4F787922E248}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{2CF4813A-5BA5-4948-A75A-210AD9EE92B5}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{4B7BEC5C-31BE-4442-B1E7-83DECDBFA13D}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{52484E90-1445-4583-8922-7D79FB3396D4}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{5A49FFF7-01F7-4E0A-8F35-F2ECAAE122A5}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{5C07D513-EAB7-49A3-8DE8-780DD617718E}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{5FDCBCA3-B51C-4DBD-95E3-B4732D7BF852}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{61A0F167-528F-4B47-9B59-0B6C3586F644}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{63F6E119-C269-48E9-B109-FF4C40AD4998}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{69664998-610C-44D8-9E78-B484ADDB3589}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{70E234C5-D35C-4C98-AA2A-86BB7C12E5AC}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{77FB574E-DFEB-4C14-9A4A-17A348606C0A}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{841B884A-71AA-4E63-940C-FF199F1CB8BF}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{87BC01EB-3236-46C8-A504-70D81DFE91F7}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{8D844C65-D65B-4EF4-8B5D-15812208EDEA}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{8DD9CF6A-BD8A-47E7-8282-F8D955B44C00}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{8FBB8364-E2A0-4764-9847-B7E346ACA988}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{9B39F67C-67A1-4521-8E56-ADB7E7D70782}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{B3A75A5D-0ACF-4DB0-8B56-59F17BD73C8B}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{B9B33BDA-C844-4DF1-85CB-941CC83AE0C6}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{BACEB463-6CC4-455C-B7DA-427C61CB60CC}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{BB8E588B-F453-401F-BFCC-E47E4D63973C}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{BFFA7FA8-2EA7-4A5F-89CA-AFDCAF0496FB}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{CC5406AD-5EFC-4DFE-92F1-D1EE9AEC7858}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{D6B1C112-FABE-4855-89AE-5D67C8493FEE}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{D819820E-9E1A-451D-BF27-20BDEA492728}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{E03DDFF1-F551-44C7-859F-64692C780331}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{EB3A8C90-A6CE-4263-8FF2-50A61D4EE536}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{FA3B548F-F18D-4723-B9E0-6A2C36A50414}
SUPPRIME Folder: C:\Users\Archimbaud\AppData\Local\{FBDD157E-51F1-4398-AF49-08A4B3718DCF}
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichier(s) ==========
ABSENT File: c:\users\archimbaud\appdata\roaming\babsolution\shared\ntredirect.dll
SUPPRIME File: c:\windows\tasks\regcure pro.job
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Tache planifiée ==========
SUPPRIME Task: EPUpdater

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Récapitulatif ==========
3 : Valeur(s) du Registre
36 : Dossier(s)
4 : Fichier(s)
1 : Préférences navigateur
1 : Tache planifiée
1 : Restauration Système

End of clean in 00mn 53s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 20/08/2013 21:07:19 [4375]
================================

de **VIRUS/C/C** » 21 Aoû 2013 05:35

Salut

Pour les liens à venir tu fais juste un Copié/collé du lien ça ira et en plus ca prend moins de place

1) * Télécharges Malwarebytes

* ICI Clique Dessus >>

* Installe Malwarebytes il faut lancer le fichier par Clic-droit => Exécuter en tant qu'administrateur sur le fichier mbam-setup.exe

* La fenêtre de Contrôle de Compte Utilisateur s' ouvre >> "Voulez-vous autoriser le programme...." ,

* Clique sur OUI

* A la fin tu auras une fenêtre pour lancer Malwarebytes et pour le mettre à jour

* Cliques sur terminer

Une fois la mise à jour faite a la fenêtre clique sur >> OK
* Malwarebytes se lance
* A la petite fenêtre pop up qui apparaît à la fin de l' installation
* Clique sur refuser pour essayer la version " Pro" ou à toi de voir !!

* Puis vas dans l'onglet "Recherche", coche >>Exécuter un examen rapide
* puis "Rechercher"

* A la fin du scan, clique sur Afficher les résultats puis sur Enregistrer le rapport
* Si MalwareBytes détecte des infections, clique sur ==>Afficher les résultats, puis sur ==>Supprimer la sélection.
* S'il t' es demandé de redémarrer, clique sur "oui "
* aprés la suppression(s) de ou des infections trouvées --> poste le rapport ici

!!! Ne vides pas la quarantaine de MBAM sans mon avis !!!

Regarde ce tutoriel

ICI >> Tutoriel Malwarebytes' (mbam)

PS : La couleur des images est différente , mais ca ne change en rien à la procédure !!

@+ VIRUS/C/C

de **ManoAl63** » 21 Aoû 2013 08:17

Bonjour et Merci

Voici le résultat de MalWare
=================================
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2013.08.21.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Archimbaud :: ARCHIMBAUD-PC [administrateur]

Protection: Activé

21/08/2013 08:58:34
mbam-log-2013-08-21 (08-58-34).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 224562
Temps écoulé: 5 minute(s), 22 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 5
C:\Users\Archimbaud\Downloads\FLVPlayerSetup (1).exe (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Archimbaud\Downloads\FLVPlayerSetup.exe (PUP.Optional.InstallCore.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Archimbaud\Local Settings\Temporary Internet Files\Content.IE5\3OOFJ8TJ\wajam_install[1].exe (PUP.Optional.Wajam.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Archimbaud\Local Settings\Temporary Internet Files\Content.IE5\DE1TRA75\pack[2].7z (PUP.Optional.BrowserDefender.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Archimbaud\Videos\Favorites\Online Security Test.url (Rogue.Link) -> Mis en quarantaine et supprimé avec succès.

(fin)
=================================

de **VIRUS/C/C** » 21 Aoû 2013 13:29

Salut

1) >> Malwarebytes

* Clic-droit => Exécuter en tant qu'administrateur sur l'icône de Malwarebytes pour le lancer

* La fenêtre de Contrôle de Compte Utilisateur s' ouvre >> "Voulez-vous autoriser le programme...." ,

* Clique sur OUI

* cliques sur >> quarantaine

* Selectionnes tout et supprimes tout ok !!
* si il te demande de redémarrer >> redémarre ton PC

* tu refais avec Malwarebytes une analyse rapide + Suppression(s) de ce que tu trouveras éventuellement

* Poste le lien du rapport ici

2) * Télécharges et installes Ccleaner

* Clique Dessus >>

* Une fois sur le bureau, clic sur l'install de CCleaner.
* Ensuite, clique sur Options ==> Avancé et décoche la case
* Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 24 heures
* Clique sur l'onglet ==> Nettoyeur puis sur ==>Lancer le Nettoyage.
* Ensuite clique sur l'icone==> Registre , à droite, clique sur ==>Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées.
* Accepte la sauvegarde, de la BDR (base de registre )qu'il propose
* Je te conseille de le repasser au moins deux fois,(ou + jusqu'à qu'il ne trouve plus d'erreurs.)

3)* Poste un nouveau ZHPDiag

* Fais un clic droit sur le logo de ZHPDiag.exe,en forme de parchemin

qui se trouve sur ton bureau « exécuter en tant qu'Administrateur »

* La fenêtre de Contrôle de Compte Utilisateur s' ouvre >> "Voulez-vous autoriser le programme...." ,

Clique sur CONFIGURER

Clique enfin sur la loupe (sans le + ni le -) pour lancer l'analyse

Répondre OUI à cette fenêtre :

* Pour Lancer le diagnostic

* Important >> Pendant l analyse de ton PC par ZHPDiag ne touche à plus rien !!!!! Même si c 'est marqué " Message ( Ne réponds pas ) tu attends

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette

* Héberge le rapport ZHPDiag.txt

Dans la majorité des cas la mention (ne répond pas) apparait dans le titre de la fenêtre lors de la recherche.
Rassure toi, ce n'est pas un plantage du logiciel, laisse le travailler quelques minutes, ce bug n'altèrera pas le contenu du rapport généré."

@+ VIRUS/C/C

de **ManoAl63** » 22 Aoû 2013 08:47

Bonjour et encore merci pour l'aide

Par contre chaque fois que j'ouvre Google Chrome je tombe sur
http://www.qvo6.com/?utm_source=b&utm_medium=adks&from=adks&uid=ST9500325AS_6VET2PSDXXXX6VET2PSD&ts=1377155190
Comme faire sur supprimer ce lien

Voici le rapport ZHPDIAG
=================================
~ Rapport de ZHPDiag v2013.8.18.261 - Nicolas Coolman (19/08/2013)
~ Lancé par Archimbaud (22/08/2013 09:33:31)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16660 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.04 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
Java 7 Update 21

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3948 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 96 GB (48%) free of 196 GB

---\\ Mode de connexion au système
~ Computer Name: ARCHIMBAUD-PC
~ User Name: Archimbaud
~ All Users Names: HomeGroupUser$, Archimbaud, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\Archimbaud\AppData\Roaming\
~ %Desktop% : C:\Users\Archimbaud\Desktop\
~ %Favorites% : C:\Users\Archimbaud\Videos\Favorites\
~ %LocalAppData% : C:\Users\Archimbaud\AppData\Local\
~ %StartMenu% : C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 196 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 244 Go)
E:\ CD-ROM drive (Not Inserted)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 34 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:32.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 20/58
~ Mes Videos (My Videos) : 2/88
~ Mes Favoris (My Favorites) : 1/77
~ Mes Documents (My Documents) : 2/12596
~ Mon Bureau (My Desktop) : 1/480
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 11s

---\\ Processus lancés au démarrage du système
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3548]
[MD5.5C396DDE6AAFFB64ABC0E0FD88F53553] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3054136] [PID.4064]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.3780]
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2416]
[MD5.868E3486E7EC522330344152A5535783] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720] [PID.3476]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3232]
[MD5.D5C19842C2271327CA20511C30FFEED3] - (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe [909824] [PID.1412]
[MD5.8EEFD0B92F46B6762A5EC41EF55F7043] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.3580]
[MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.4608]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4408]
[MD5.FD22B00049F775E952371E9C3DAC631B] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536] [PID.4660]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11322880] [PID.4504]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11314688] [PID.4248]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.4196]
[MD5.74E1E8B9E7BEAEBFC6DAFB4F16BF2F52] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936] [PID.5020]
[MD5.BEE83619A26F90A6C8273F9CA9680397] - (.asus - ControlDeck.) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [1080448] [PID.5564]
[MD5.C7AA14A215E41463D6345A897D73598D] - (.Google Inc. - Google Chrome.) -- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\chrome.exe [829392] [PID.5528]
[MD5.760FD9037F8E98F5B9CB77891AACC8B4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7831552] [PID.6768]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1376]
[MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1400]
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1428]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1984]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2008]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.1612]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1308]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1260]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.1908]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280] [PID.1972]
[MD5.CBCEC2C45E7D672EC6E46CBFF23BDF8E] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840] [PID.2064]
[MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2232]
[MD5.131216B7B74DEC3CF30689AA0C2D89C1] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [182912] [PID.3956]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.3244]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.2560]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3896]
[MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240] [PID.5240]
~ Processes Running: Scanned in 00mn 02s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://search.qvo6.com =>Hijacker.Qvo6
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.qvo6.com =>Hijacker.Qvo6
G0 - GCSP: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.5 (Désactivé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.8.0.8, (Activé)
G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.7.0.1456 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.0.0.4.1, (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.5.9.0.9216 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet Service v.0.0.4.9 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Désactivé)
~ Google Browser: 16 Scanned in 00mn 13s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Archimbaud\AppData\Roaming\Mozilla\Firefox\Profiles\ucwgcla2.default\prefs.js
M3 - MFPP: Plugins - [Archimbaud] -- C:\Users\Archimbaud\AppData\Roaming\Mozilla\Firefox\Profiles\ucwgcla2.default\searchplugins\bingp.xml
M0 - MFSP: prefs.js [Archimbaud - ucwgcla2.default] r_pref("browser.startup.homepage", );
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.25.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.25.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.25.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Archimbaud\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Archimbaud\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
~ Firefox Browser: 9 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: PDF Architect Helper [64Bits] - {3A2D5EBA-F86D-4BD3-A177-019765996711} . (.pdfforge GmbH - PDF Architect Helper.) -- C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>Toolbar.Avast
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 13 Scanned in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [snp2uvc] . (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [4-Day Forecast] . (.Pas de propriétaire - 4-Day Forecast.) -- C:\Program Files (x86)\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [FileOpenerPro Uninstall] Clé orpheline
O4 - HKUS\S-1-5-18\..\Run: [orangeinside] C:\Windows\system32\config\systemprofile\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3061313246-2662923334-336010195-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-3061313246-2662923334-336010195-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
~ Application: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\chrome.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\TaskBar: Microsoft Outlook 2010.lnk . (...) -- C:\Windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: jZip.lnk . (...) -- C:\Program Files (x86)\jZip\jZip.exe (.not file.)
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\QuickLaunch: Microsoft Outlook.lnk . (...) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.exe (.not file.)
O4 - GS\QuickLaunch: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\SendTo: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop: EXCEL 2010.lnk . (...) -- C:\Windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop: Microsoft Word 2010.lnk . (...) -- C:\Windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: Picthema.lnk . (...) -- C:\Program Files (x86)\Picthema\Loader.exe
O4 - GS\Desktop: PowerPoint 2010.lnk . (...) -- C:\Windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\pptico.exe
~ Global Startup: Scanned in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD7148DC-642A-4195-BF6D-DEEDA81CE790}: DhcpNameServer = 62.201.129.203 62.201.129.201
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF4376CD-4CFE-458A-A68A-2EEF7BA283BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD7148DC-642A-4195-BF6D-DEEDA81CE790}: DhcpNameServer = 62.201.129.203 62.201.129.201
O17 - HKLM\System\CS1\Services\Tcpip\..\{EF4376CD-4CFE-458A-A68A-2EEF7BA283BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DD7148DC-642A-4195-BF6D-DEEDA81CE790}: DhcpNameServer = 62.201.129.203 62.201.129.201
O17 - HKLM\System\CS2\Services\Tcpip\..\{EF4376CD-4CFE-458A-A68A-2EEF7BA283BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PDF Architect Helper Service (PDF Architect Helper Service) . (.pdfforge GmbH - PDF Architect Helper Service.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service (PDF Architect Service) . (.pdfforge GmbH - PDF Architect Conversion Service.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 19 Scanned in 00mn 09s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1072]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1076]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3061313246-2662923334-336010195-1000Core.job [1046]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3061313246-2662923334-336010195-1000UA.job [1098]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [922]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [926]
[MD5.476BB014F3F68C0C15EDDD5B444DA8FF] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768]
[MD5.51459B4AF1611AFA37F839C92CFAEC10] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\P4G\BatteryLife.exe [969344]
[MD5.868E3486E7EC522330344152A5535783] [APT] [ASUS SmartLogon Console Sensor] (.ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720]
[MD5.BEE83619A26F90A6C8273F9CA9680397] [APT] [ASUSControlDeck] (.asus.) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [1080448]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992]
[MD5.5CE2C1433B9B634591F0A1C4C1203A0B] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784]
[MD5.C34968C46A99BBD6248D30F9F1B778C2] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe [177152]
[MD5.E62ED5A7A2F21C5F377F924A33E12792] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3643160] =>Piriform Ltd
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\Archimbaud\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3061313246-2662923334-336010195-1000Core] (.Google Inc..) -- C:\Users\Archimbaud\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3061313246-2662923334-336010195-1000UA] (.Google Inc..) -- C:\Users\Archimbaud\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.B4725170B546863C09583E40E6E7BCED] [APT] [HPCustParticipation HP Photosmart Plus B210 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [3689320]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576]
[MD5.4D83DC461F8F4370274CF6E9AC9A34F4] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208]
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408]
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408]
[MD5.3FE5B38781183C76E9048FB1F8ECFD4D] [APT] [SRS Premium Sound] (.SRS Labs, Inc..) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [1927528]
[MD5.00000000000000000000000000000000] [APT] [{56495958-EB47-4DCE-8A03-44203A5D5622}] (...) -- F:\LACIE\SOFTWARE\Windows Utilities\USB Boost\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C74028E-FC96-4312-86FE-B4BEB4B863C1}] (...) -- C:\Program Files (x86)\Orange\Antivirus Firewall\Uninstall\uninstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C83E72CB-5176-429D-A831-D37138C96496}] (...) -- C:\Program Files (x86)\Orange\Antivirus Firewall\FSGUI\PostInstall.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 36 Scanned in 00mn 06s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 63 Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: 4-Day Forecast - (.4-Day Forecast.) [HKLM][64Bits] -- {7AA7B9FF-F4B4-4B64-8C51-7C3B4D0F5A28}
O42 - Logiciel: ASUS AI Recovery - (.ASUS.) [HKLM][64Bits] -- {38253529-D97D-4901-AE53-5CC9736D3A2E}
O42 - Logiciel: ASUS FancyStart - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {2B81872B-A054-48DA-BE3B-FA5C164C303A}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: ASUS SmartLogon - (.ASUS.) [HKLM][64Bits] -- {64452561-169F-4A36-A2FF-B5E118EC65F5}
O42 - Logiciel: ASUS Virtual Camera - (.asus.) [HKLM][64Bits] -- {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM][64Bits] -- ASUS WebStorage
O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM][64Bits] -- {BEE7DC03-E310-8AD4-F45D-B5A5163F697F}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {583EE643-CF83-A1F2-A90F-ADB75F7B532D}
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.7) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bits] -- InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2F72F540-1F60-4266-9506-952B21D6640D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM][64Bits] -- Asus Vibe2.0
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media Inc..) [HKLM][64Bits] -- Bookworm Deluxe
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {81BEA2F5-4F9B-4AF5-A9B2-3210F71931D3}
O42 - Logiciel: Cheat Engine 6.2 - (.Dark Byte.) [HKLM][64Bits] -- Cheat Engine 6.2_is1
O42 - Logiciel: ControlDeck - (.ASUS.) [HKLM][64Bits] -- {5B65EF64-1DFA-414A-8C94-7BB726158E21}
O42 - Logiciel: Cooking Dash - (.Oberon Media Inc..) [HKLM][64Bits] -- Cooking Dash
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ETDWare PS/2-x64 7.0.5.16_WHQL - (.ELAN Microelectronics Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Fast Boot - (.ASUS.) [HKLM][64Bits] -- {13F4A7F3-EABC-4261-AF6B-1317777F0755}
O42 - Logiciel: Game Park Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {79361740-EAE3-11E2-9911-B8AC6F98CCE3}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Governor of Poker - (.Oberon Media Inc..) [HKLM][64Bits] -- Governor of Poker
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Photosmart Plus B210 series - Enquête sur l'amélioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {61D48648-AC4B-43B5-B544-5217391C8652}
O42 - Logiciel: HP Photosmart Plus B210 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {787D1A33-A97B-4245-87C0-7174609A540C}
O42 - Logiciel: HP ePrint Mobile - (.Hewlett-Packard.) [HKLM][64Bits] -- {2794875B-6CCF-48B8-84A5-5B10DB98BEE6}
O42 - Logiciel: Hotel Dash Suite Success - (.Oberon Media Inc..) [HKLM][64Bits] -- Hotel Dash Suite Success
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Java 7 Update 25 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417025FF}
O42 - Logiciel: Java(TM) 6 Update 45 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416045FF}
O42 - Logiciel: Java(TM) 6 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216045FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Jewel Quest 3 - (.Oberon Media Inc..) [HKLM][64Bits] -- Jewel Quest 3
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K_Series_ScreenSaver_EN - (...) [HKLM][64Bits] -- K_Series_ScreenSaver_EN
O42 - Logiciel: Logiciel de base du périphérique HP Photosmart Plus B210 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {33691844-0DF2-49A6-856E-685968E9BB9C}
O42 - Logiciel: Luxor 3 - (.Oberon Media Inc..) [HKLM][64Bits] -- Luxor 3
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Mahjongg dimensions - (.Oberon Media Inc..) [HKLM][64Bits] -- Mahjongg dimensions
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: PDF Architect - (.pdfforge GmbH.) [HKLM][64Bits] -- {064A929A-4DE8-40CF-A901-BD40C14E4D25}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Picthema - (...) [HKLM][64Bits] -- Picthema_is1
O42 - Logiciel: Plants vs Zombies - (.Oberon Media Inc..) [HKLM][64Bits] -- Plants vs Zombies
O42 - Logiciel: PlayMemories Home - (.Sony Corporation.) [HKLM][64Bits] -- {1E5C7043-09C5-4974-A69F-A5271FD82BBC}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SRS Premium Sound Control Panel - (.SRS Labs, Inc..) [HKLM][64Bits] -- {2998191E-A35E-47E2-BE38-7702C731D722}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {EC5F4C1B-F838-4CB7-8561-8F809296428B}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
O42 - Logiciel: USB2.0 UVC VGA WebCam - (.Sonix.) [HKLM][64Bits] -- USB2.0 UVC VGA WebCam
O42 - Logiciel: VLC media player 2.0.7 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: Wireless Console 3 - (.ASUS.) [HKLM][64Bits] -- {20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
O42 - Logiciel: World of Goo - (.Oberon Media Inc..) [HKLM][64Bits] -- World of Goo
O42 - Logiciel: avast! Free Antivirus v8.0.1489.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {76FF0F03-B707-4332-B5D1-A56C8303514E}
O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM][64Bits] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}
O42 - Logiciel: syncables desktop SE - (.syncables.) [HKLM][64Bits] -- {341697D8-9923-445E-B42A-529E5A99CB7A}
~ Logic: 137 Scanned in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\ATI]
[HKCU\Software\ATK0100]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Cheat Engine]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DxOLabs]
[HKCU\Software\ECAREME]
[HKCU\Software\Elantech]
[HKCU\Software\FLEXnet]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PDF Architect]
[HKCU\Software\PDFCreator]
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\Picthema]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\TomTom]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Visan]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zeon]
[HKCU\Software\kde.org]
[HKLM\Software\AMD]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SONIX]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\FRANCE TELECOM]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\Picthema]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\TUTO_4PC]
[HKLM\Software\Wow6432Node\TomTom]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\optimidata]
[HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6
[HKLM\Software\Wow6432Node\syncables]
[HKLM\Software\Wow6432Node\webtogo]
[HKLM\Software\Wow6432Node]
~ Key Software: 192 Scanned in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/12/2011 - 22:02:07 - [1,120] ----D C:\Program Files (x86)\4-Day Forecast
O43 - CFD: 23/09/2011 - 20:07:13 - [114,279] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 10/07/2011 - 04:52:31 - [2,896] ----D C:\Program Files (x86)\AmIcoSingLun
O43 - CFD: 07/05/2012 - 07:47:04 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 28/08/2011 - 15:55:21 - [499,638] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 10/07/2011 - 04:45:03 - [88,739] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 27/05/2012 - 19:18:09 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 13/03/2013 - 12:52:20 - [27,567] ----D C:\Program Files (x86)\Cheat Engine 6.2
O43 - CFD: 22/08/2013 - 09:08:05 - [380,157] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 10/07/2011 - 04:57:41 - [254,583] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 22/08/2013 - 09:15:54 - [0] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 15/08/2013 - 14:06:31 - [2,077] ----D C:\Program Files (x86)\FLVPlayer
O43 - CFD: 04/10/2011 - 06:57:22 - [0] ----D C:\Program Files (x86)\Fnac
O43 - CFD: 31/07/2013 - 11:01:34 - [207,464] ----D C:\Program Files (x86)\Google
O43 - CFD: 26/08/2011 - 13:05:25 - [27,576] ----D C:\Program Files (x86)\HP
O43 - CFD: 26/08/2011 - 11:39:05 - [0,352] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 23/05/2013 - 19:54:44 - [28,798] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 10/07/2011 - 04:50:08 - [12,371] ----D C:\Program Files (x86)\Intel
O43 - CFD: 18/08/2013 - 08:24:45 - [5,881] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 17/06/2013 - 05:27:35 - [155,998] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 31/05/2013 - 20:11:39 - [210,277] ----D C:\Program Files (x86)\Java
O43 - CFD: 21/08/2013 - 08:55:56 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 23/09/2011 - 20:00:31 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 05/12/2011 - 20:56:50 - [37,927] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 05/12/2011 - 20:51:49 - [36,154] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 12/07/2013 - 06:34:27 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 13/04/2011 - 04:42:56 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 05/12/2011 - 20:58:11 - [1,314] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 05/12/2011 - 20:59:29 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 25/05/2013 - 13:57:38 - [0,274] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 05/12/2011 - 20:59:45 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 28/08/2011 - 08:36:11 - [0] ----D C:\Program Files (x86)\Oodrive
O43 - CFD: 07/11/2011 - 12:51:28 - [338,128] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 16/07/2012 - 19:12:22 - [33,207] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 15/03/2012 - 14:18:12 - [5,590] ----D C:\Program Files (x86)\Orange
O43 - CFD: 20/08/2013 - 10:32:34 - [7,307] ----D C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic
O43 - CFD: 23/05/2013 - 20:17:27 - [94,365] ----D C:\Program Files (x86)\PDF Architect
O43 - CFD: 22/08/2013 - 09:21:58 - [23,696] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 26/03/2012 - 12:16:13 - [56,468] ----D C:\Program Files (x86)\Picthema
O43 - CFD: 26/05/2013 - 20:03:37 - [73,545] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 10/07/2011 - 04:51:35 - [17,028] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27/05/2012 - 19:27:41 - [102,605] ----D C:\Program Files (x86)\Safari
O43 - CFD: 07/06/2013 - 14:20:06 - [34,411] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/08/2013 - 09:07:14 - [5,214] ----D C:\Program Files (x86)\Software
O43 - CFD: 29/07/2012 - 07:17:11 - [420,303] ----D C:\Program Files (x86)\Sony
O43 - CFD: 13/04/2011 - 04:49:28 - [161,465] ----D C:\Program Files (x86)\syncables
O43 - CFD: 10/07/2011 - 04:52:25 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 22/07/2013 - 07:01:56 - [49,285] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 04/09/2011 - 09:50:57 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 23/07/2012 - 06:37:20 - [101,906] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 12/07/2013 - 06:33:17 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 13/04/2011 - 04:45:11 - [314,625] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 16/10/2011 - 18:30:55 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2011 - 18:30:55 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 16/10/2011 - 18:30:55 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 18/02/2011 - 22:09:10 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 16/10/2011 - 18:30:55 - [6,039] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 09:34:05 - [21,312] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 22/08/2013 - 09:08:05 - [33,331] ----D C:\Program Files (x86)\Common Files\337
O43 - CFD: 23/09/2011 - 20:07:22 - [3,812] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 17/06/2013 - 05:26:40 - [148,106] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 27/08/2011 - 10:22:55 - [0,259] ----D C:\Program Files (x86)\Common Files\ControlDeck
O43 - CFD: 25/05/2013 - 12:27:49 - [1,865] ----D C:\Program Files (x86)\Common Files\France Telecom
O43 - CFD: 10/07/2011 - 04:53:17 - [3,111] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 23/04/2013 - 07:19:12 - [1,189] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 06/12/2011 - 08:18:46 - [130,800] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 13/04/2011 - 04:48:00 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 10/07/2011 - 04:50:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 07/06/2013 - 14:20:06 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 05/12/2011 - 20:48:35 - [16,082] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 13/04/2011 - 04:33:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 17/06/2013 - 05:27:38 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 15/12/2011 - 22:02:07 - [1,027] ----D C:\ProgramData\4-Day Forecast
O43 - CFD: 25/02/2013 - 07:51:34 - [147,763] ----D C:\ProgramData\Adobe
O43 - CFD: 10/07/2011 - 04:52:31 - [0,000] ----D C:\ProgramData\AmUStor
O43 - CFD: 27/05/2012 - 19:23:27 - [0,052] ----D C:\ProgramData\Apple
O43 - CFD: 16/12/2012 - 20:23:54 - [0,196] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 27/08/2011 - 20:42:36 - [0,014] ----D C:\ProgramData\ASUS
O43 - CFD: 10/07/2011 - 04:46:57 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 23/05/2013 - 19:51:31 - [0] ----D C:\ProgramData\Avanquest Software
O43 - CFD: 05/08/2012 - 09:17:28 - [18,342] ----D C:\ProgramData\AVAST Software
O43 - CFD: 22/08/2013 - 09:08:27 - [0,169] ----D C:\ProgramData\BoxUpdChk
O43 - CFD: 25/08/2011 - 18:37:33 - [4,522] ----D C:\ProgramData\ChangeFolderView
O43 - CFD: 29/07/2013 - 18:03:33 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 10/07/2011 - 04:57:42 - [0,033] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 13/04/2011 - 04:33:02 - [18,933] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 20/08/2013 - 09:43:26 - [0,000] ----D C:\ProgramData\DxO Labs
O43 - CFD: 22/08/2013 - 09:13:33 - [0,004] ----D C:\ProgramData\eSafe
O43 - CFD: 06/10/2011 - 20:39:45 - [0,002] ----D C:\ProgramData\f-secure
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 13/04/2011 - 04:33:04 - [0,000] ----D C:\ProgramData\FLEXnet
O43 - CFD: 12/10/2011 - 06:48:38 - [2,835] ----D C:\ProgramData\FNET
O43 - CFD: 25/08/2011 - 18:34:33 - [1,209] ----D C:\ProgramData\FolderView
O43 - CFD: 26/08/2011 - 13:05:54 - [16,202] ----D C:\ProgramData\HP
O43 - CFD: 26/08/2011 - 11:49:19 - [2,086] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 21/08/2013 - 08:55:53 - [7,842] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 21/12/2011 - 21:56:43 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 05/12/2011 - 20:59:29 - [405,311] -S--D C:\ProgramData\Microsoft
O43 - CFD: 12/07/2013 - 06:14:40 - [0,078] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 06/09/2012 - 20:35:28 - [0,007] ----D C:\ProgramData\Mozilla
O43 - CFD: 23/09/2011 - 19:58:49 - [0] ----D C:\ProgramData\Nuance
O43 - CFD: 13/04/2011 - 04:48:44 - [27,601] ----D C:\ProgramData\OberonGameConsole
O43 - CFD: 10/03/2012 - 10:45:11 - [0] ----D C:\ProgramData\Orange
O43 - CFD: 04/02/2013 - 11:26:42 - [0,002] ----D C:\ProgramData\P4G
O43 - CFD: 20/08/2013 - 10:38:55 - [0] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 07/06/2013 - 14:20:11 - [89,387] ----D C:\ProgramData\Skype
O43 - CFD: 27/04/2013 - 19:58:35 - [121,168] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 25/09/2011 - 09:13:25 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 10/07/2011 - 04:57:14 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 04/09/2011 - 09:54:31 - [0,000] ----D C:\ProgramData\TomTom
O43 - CFD: 26/08/2011 - 10:10:18 - [2,809] ----D C:\ProgramData\Trend Micro
O43 - CFD: 29/07/2013 - 18:03:50 - [0,541] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 29/07/2013 - 20:15:08 - [0] ----D C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
O43 - CFD: 29/07/2013 - 20:15:08 - [0] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 29/07/2013 - 20:15:08 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 23/09/2011 - 20:08:58 - [8,035] ----D C:\Users\Archimbaud\AppData\Roaming\Adobe
O43 - CFD: 12/01/2013 - 18:58:08 - [0,138] ----D C:\Users\Archimbaud\AppData\Roaming\AdSigner_Certificate
O43 - CFD: 13/01/2013 - 14:52:57 - [98,587] ----D C:\Users\Archimbaud\AppData\Roaming\Apple Computer
O43 - CFD: 26/08/2011 - 09:49:08 - [0,001] ----D C:\Users\Archimbaud\AppData\Roaming\ASUS WebStorage
O43 - CFD: 25/08/2011 - 18:36:18 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\ATI
O43 - CFD: 20/08/2013 - 10:32:46 - [0,000] ----D C:\Users\Archimbaud\AppData\Roaming\DriverCure =>PUP.DriverCure
O43 - CFD: 12/08/2013 - 13:03:08 - [0,062] ----D C:\Users\Archimbaud\AppData\Roaming\DxO Labs
O43 - CFD: 25/08/2011 - 18:58:52 - [0,000] ----D C:\Users\Archimbaud\AppData\Roaming\FLEXnet
O43 - CFD: 08/07/2012 - 22:55:46 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Google
O43 - CFD: 26/08/2011 - 11:38:55 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\HpUpdate
O43 - CFD: 25/08/2011 - 18:34:56 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Identities
O43 - CFD: 25/08/2011 - 18:37:03 - [0,001] ----D C:\Users\Archimbaud\AppData\Roaming\Macromedia
O43 - CFD: 21/08/2013 - 08:56:24 - [0,005] ----D C:\Users\Archimbaud\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Media Center Programs
O43 - CFD: 28/07/2013 - 12:23:36 - [18,365] -S--D C:\Users\Archimbaud\AppData\Roaming\Microsoft
O43 - CFD: 21/12/2011 - 22:15:07 - [13,248] ----D C:\Users\Archimbaud\AppData\Roaming\Mozilla
O43 - CFD: 25/08/2011 - 18:58:51 - [0,000] ----D C:\Users\Archimbaud\AppData\Roaming\Nuance
O43 - CFD: 07/11/2011 - 12:53:59 - [1,833] ----D C:\Users\Archimbaud\AppData\Roaming\OpenOffice.org
O43 - CFD: 10/03/2012 - 10:41:07 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Orange
O43 - CFD: 20/08/2013 - 10:32:46 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 23/05/2013 - 20:36:28 - [0,002] ----D C:\Users\Archimbaud\AppData\Roaming\PDF Architect
O43 - CFD: 23/05/2013 - 19:52:16 - [0,003] ----D C:\Users\Archimbaud\AppData\Roaming\PDF Pro 10
O43 - CFD: 27/08/2011 - 21:02:50 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\QuickScan
O43 - CFD: 22/08/2013 - 09:21:58 - [4,780] ----D C:\Users\Archimbaud\AppData\Roaming\Skype
O43 - CFD: 29/07/2012 - 07:17:31 - [3,487] ----D C:\Users\Archimbaud\AppData\Roaming\Sony Corporation
O43 - CFD: 04/09/2011 - 09:51:13 - [85,819] ----D C:\Users\Archimbaud\AppData\Roaming\TomTom
O43 - CFD: 29/07/2013 - 18:03:50 - [3,687] ----D C:\Users\Archimbaud\AppData\Roaming\TuneUp Software
O43 - CFD: 15/08/2013 - 19:53:17 - [0,079] ----D C:\Users\Archimbaud\AppData\Roaming\vlc
O43 - CFD: 28/09/2011 - 07:26:22 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Windows Live Writer
O43 - CFD: 25/08/2011 - 18:58:48 - [0,049] ----D C:\Users\Archimbaud\AppData\Roaming\Zeon
O43 - CFD: 21/08/2013 - 09:12:01 - [1,034] ----D C:\Users\Archimbaud\AppData\Local\4-Day Forecast
O43 - CFD: 09/08/2013 - 21:38:37 - [15,480] ----D C:\Users\Archimbaud\AppData\Local\Adobe
O43 - CFD: 07/05/2012 - 07:47:05 - [0] ----D C:\Users\Archimbaud\AppData\Local\Apple
O43 - CFD: 27/05/2012 - 19:24:47 - [45,603] ----D C:\Users\Archimbaud\AppData\Local\Apple Computer
O43 - CFD: 25/08/2011 - 18:34:16 - [0] ----D C:\Users\Archimbaud\AppData\Local\Application Data
O43 - CFD: 24/09/2011 - 10:07:30 - [1,222] ----D C:\Users\Archimbaud\AppData\Local\Apps
O43 - CFD: 27/08/2011 - 20:42:35 - [1,310] ----D C:\Users\Archimbaud\AppData\Local\ASUS
O43 - CFD: 25/08/2011 - 18:36:17 - [0,066] ----D C:\Users\Archimbaud\AppData\Local\ATI
O43 - CFD: 24/09/2011 - 10:07:50 - [0] ----D C:\Users\Archimbaud\AppData\Local\Deployment
O43 - CFD: 17/07/2013 - 22:29:44 - [5,281] ----D C:\Users\Archimbaud\AppData\Local\Diagnostics
O43 - CFD: 29/07/2013 - 20:15:08 - [0] ----D C:\Users\Archimbaud\AppData\Local\Downloaded Installations
O43 - CFD: 12/08/2013 - 13:03:08 - [4,263] ----D C:\Users\Archimbaud\AppData\Local\DxO_Labs
O43 - CFD: 21/04/2013 - 01:00:44 - [0] ----D C:\Users\Archimbaud\AppData\Local\ElevatedDiagnostics
O43 - CFD: 08/07/2012 - 22:55:46 - [664,114] ----D C:\Users\Archimbaud\AppData\Local\Google
O43 - CFD: 25/08/2011 - 18:34:16 - [0] ----D C:\Users\Archimbaud\AppData\Local\Historique
O43 - CFD: 26/08/2011 - 11:48:34 - [0,053] ----D C:\Users\Archimbaud\AppData\Local\HP
O43 - CFD: 23/03/2013 - 09:47:13 - [0] ----D C:\Users\Archimbaud\AppData\Local\Macromedia
O43 - CFD: 04/02/2013 - 07:36:03 - [862,981] ----D C:\Users\Archimbaud\AppData\Local\Microsoft
O43 - CFD: 28/08/2011 - 14:16:54 - [0,082] ----D C:\Users\Archimbaud\AppData\Local\Microsoft Games
O43 - CFD: 16/08/2013 - 15:22:26 - [0,218] ----D C:\Users\Archimbaud\AppData\Local\Microsoft Help
O43 - CFD: 22/08/2013 - 09:21:24 - [0] ----D C:\Users\Archimbaud\AppData\Local\MigWiz
O43 - CFD: 21/12/2011 - 22:15:07 - [17,513] ----D C:\Users\Archimbaud\AppData\Local\Mozilla
O43 - CFD: 26/08/2011 - 10:12:27 - [0,001] ----D C:\Users\Archimbaud\AppData\Local\Orange
O43 - CFD: 11/06/2012 - 08:55:26 - [0,054] ----D C:\Users\Archimbaud\AppData\Local\Picthema Extension
O43 - CFD: 26/08/2011 - 09:47:49 - [0,039] ----D C:\Users\Archimbaud\AppData\Local\Power2Go
O43 - CFD: 23/05/2013 - 20:06:47 - [0] ----D C:\Users\Archimbaud\AppData\Local\Programs
O43 - CFD: 22/08/2013 - 09:07:14 - [0] ----D C:\Users\Archimbaud\AppData\Local\Software
O43 - CFD: 25/08/2011 - 18:34:59 - [0,008] ----D C:\Users\Archimbaud\AppData\Local\SRS Labs
O43 - CFD: 22/08/2013 - 09:26:35 - [0] ----D C:\Users\Archimbaud\AppData\Local\Temp
O43 - CFD: 25/08/2011 - 18:34:16 - [0] ----D C:\Users\Archimbaud\AppData\Local\Temporary Internet Files
O43 - CFD: 04/09/2011 - 09:51:13 - [1,892] ----D C:\Users\Archimbaud\AppData\Local\TomTom
O43 - CFD: 09/10/2011 - 20:36:14 - [1,988] ----D C:\Users\Archimbaud\AppData\Local\VirtualStore
O43 - CFD: 30/10/2012 - 17:49:08 - [0,113] ----D C:\Users\Archimbaud\AppData\Local\Windows Live
O43 - CFD: 28/09/2011 - 07:26:30 - [0,618] ----D C:\Users\Archimbaud\AppData\Local\Windows Live Writer
O43 - CFD: 09/09/2011 - 19:58:34 - [0,006] ----D C:\Users\Archimbaud\AppData\Local\WindowsUpdate
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/05/2013 - 06:32:23 - [0,000] R---D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/07/2011 - 04:58:05 - [0,013] ----D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
O43 - CFD: 12/01/2013 - 23:58:20 - [0,003] ----D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 26/08/2011 - 13:05:26 - [0,001] ----D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/08/2011 - 10:05:30 - [0] ----D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 24/05/2013 - 06:13:18 - [0,003] R---D C:\Users\Archimbaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 198 Scanned in 00mn 20s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5B62385022A330844E98A0DCB7208B9C] - 22/08/2013 - 08:16:53 ----- . (...) -- C:\Windows\WindowsUpdate.log [1208371]
O44 - LFC:[MD5.1D0092D0F9DDA387E31873A9CC5B253D] - 22/08/2013 - 07:58:17 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.18B5105C6D4056FE0A6538233DD89856] - 21/08/2013 - 08:10:47 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini [1643]
O44 - LFC:[MD5.18B5105C6D4056FE0A6538233DD89856] - 21/08/2013 - 08:10:47 RSHAD . (...) -- C:\Windows\System32\ServiceFilter.ini [1643]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 21/08/2013 - 07:55:51 RSHAD . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O44 - LFC:[MD5.50664B1D8ED1E8DE1107A9D3BEAC128C] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1595842]
O44 - LFC:[MD5.6FA808605E2865ABD1A3AFCB855D6B0F] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [112632]
O44 - LFC:[MD5.FF573BB39C54DC983C1DA67867C77689] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [136978]
O44 - LFC:[MD5.254F0D5AF57C6D7E334EE33110B64C50] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [632934]
O44 - LFC:[MD5.3FE1C713AF8202C47B77351550BAF07B] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [721424]
O44 - LFC:[MD5.50664B1D8ED1E8DE1107A9D3BEAC128C] - 20/08/2013 - 14:16:34 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1595842]
O44 - LFC:[MD5.6FA808605E2865ABD1A3AFCB855D6B0F] - 20/08/2013 - 14:16:34 RSHAD . (...) -- C:\Windows\System32\perfc009.dat [112632]
O44 - LFC:[MD5.FF573BB39C54DC983C1DA67867C77689] - 20/08/2013 - 14:16:34 RSHAD . (...) -- C:\Windows\System32\perfc00C.dat [136978]
O44 - LFC:[MD5.254F0D5AF57C6D7E334EE33110B64C50] - 20/08/2013 - 14:16:34 RSHAD . (...) -- C:\Windows\System32\perfh009.dat [632934]
O44 - LFC:[MD5.3FE1C713AF8202C47B77351550BAF07B] - 20/08/2013 - 14:16:34 RSHAD . (...) -- C:\Windows\System32\perfh00C.dat [721424]
O44 - LFC:[MD5.4BD711E6798932EF86A94904728D5F1F] - 20/08/2013 - 13:36:02 ---A- . (...) -- C:\AdwCleaner[R5].txt [2487]
O44 - LFC:[MD5.C2AD39325A613D0FA4926660FDC3EE28] - 20/08/2013 - 10:15:47 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.6F5B8F32BCB2EEB8F36651800DEA3BD6] - 20/08/2013 - 09:55:40 ---A- . (.Pas de propriétaire - DllTool.) -- C:\Windows\SysNative\setup.exe [8254240]
O44 - LFC:[MD5.6F5B8F32BCB2EEB8F36651800DEA3BD6] - 20/08/2013 - 09:55:40 RSHAD . (.Pas de propriétaire - DllTool.) -- C:\Windows\System32\setup.exe [8254240]
O44 - LFC:[MD5.5D51547411D0144337C65B8A20356CBC] - 18/08/2013 - 09:26:00 ---A- . (...) -- C:\AdwCleaner[S6].txt [2652]
O44 - LFC:[MD5.283706CF1B2AA811A78B8C76BD1E16FF] - 18/08/2013 - 09:26:00 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [1642]
O44 - LFC:[MD5.3A2FD42F11CD325A4ACAFE7FB0EEA83A] - 18/08/2013 - 07:22:49 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb [2706432]
O44 - LFC:[MD5.3A2FD42F11CD325A4ACAFE7FB0EEA83A] - 18/08/2013 - 07:22:49 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432]
O44 - LFC:[MD5.69F5E016A98CE1908DB08382F2ACF882] - 18/08/2013 - 07:22:48 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\SysNative\ieui.dll [526336]
O44 - LFC:[MD5.69F5E016A98CE1908DB08382F2ACF882] - 18/08/2013 - 07:22:48 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [526336]
O44 - LFC:[MD5.963B29E0EFB20D66436214DB7C43D7F7] - 18/08/2013 - 07:22:46 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\SysNative\iesetup.dll [67072]
O44 - LFC:[MD5.963B29E0EFB20D66436214DB7C43D7F7] - 18/08/2013 - 07:22:46 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [67072]
O44 - LFC:[MD5.622C7C8D39609FCEACE3508715D48C7F] - 18/08/2013 - 07:22:46 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\SysNative\iernonce.dll [39936]
O44 - LFC:[MD5.622C7C8D39609FCEACE3508715D48C7F] - 18/08/2013 - 07:22:46 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [39936]
O44 - LFC:[MD5.6C8BDC9F16943D626DFE8A987BCCFD20] - 18/08/2013 - 07:22:46 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\SysNative\ie4uinit.exe [51712]
O44 - LFC:[MD5.6C8BDC9F16943D626DFE8A987BCCFD20] - 18/08/2013 - 07:22:46 RSHAD . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]
O44 - LFC:[MD5.D8CC9A20C517A54678363C4C77B930A4] - 18/08/2013 - 07:22:45 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\SysNative\iesysprep.dll [136704]
O44 - LFC:[MD5.D8CC9A20C517A54678363C4C77B930A4] - 18/08/2013 - 07:22:45 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [136704]
O44 - LFC:[MD5.28C2F8C7DBE11AA3DA041D35F4E59481] - 18/08/2013 - 07:22:45 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [89600]
O44 - LFC:[MD5.28C2F8C7DBE11AA3DA041D35F4E59481] - 18/08/2013 - 07:22:45 ---A- . (.Microsoft Corporation - Registers custom PKEYs for IE.) -- C:\Windows\System32\RegisterIEPKEYs.exe [89600]
O44 - LFC:[MD5.65546D87F7A78AB31841A536456CB94D] - 18/08/2013 - 07:22:44 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\SysNative\iertutil.dll [2647040]
O44 - LFC:[MD5.65546D87F7A78AB31841A536456CB94D] - 18/08/2013 - 07:22:44 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2647040]
O44 - LFC:[MD5.8C12653BEA781902AA60E4A855A55D5C] - 18/08/2013 - 07:22:42 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll [603136]
O44 - LFC:[MD5.8C12653BEA781902AA60E4A855A55D5C] - 18/08/2013 - 07:22:42 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.16FE878530FDFC9AB08B7FFC32335958] - 18/08/2013 - 07:22:41 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript.dll [855552]
O44 - LFC:[MD5.16FE878530FDFC9AB08B7FFC32335958] - 18/08/2013 - 07:22:41 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [855552]
O44 - LFC:[MD5.5A7FA01EEC393A3E0D0F3EBAA1FD959E] - 18/08/2013 - 07:22:40 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\SysNative\jscript9.dll [3958784]
O44 - LFC:[MD5.5A7FA01EEC393A3E0D0F3EBAA1FD959E] - 18/08/2013 - 07:22:40 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3958784]
O44 - LFC:[MD5.289C5E0A386E7B6CA9539D66D15E22CC] - 18/08/2013 - 07:22:38 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysNative\urlmon.dll [1365504]
O44 - LFC:[MD5.289C5E0A386E7B6CA9539D66D15E22CC] - 18/08/2013 - 07:22:38 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1365504]
O44 - LFC:[MD5.04DE09B1E287F6DC5C7FD655B6E84AB9] - 18/08/2013 - 07:22:37 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll [53760]
O44 - LFC:[MD5.04DE09B1E287F6DC5C7FD655B6E84AB9] - 18/08/2013 - 07:22:37 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [53760]
O44 - LFC:[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - 18/08/2013 - 07:22:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\SysNative\wininet.dll [2241024]
O44 - LFC:[MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - 18/08/2013 - 07:22:36 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2241024]
O44 - LFC:[MD5.677A1C1B0F254EC918D84A7FE29274CA] - 18/08/2013 - 07:22:33 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\SysNative\ieframe.dll [15405056]
O44 - LFC:[MD5.677A1C1B0F254EC918D84A7FE29274CA] - 18/08/2013 - 07:22:33 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15405056]
O44 - LFC:[MD5.396889142BD839DB8A055A0BE0AD2F79] - 18/08/2013 - 07:22:32 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysNative\mshtml.dll [19239424]
O44 - LFC:[MD5.396889142BD839DB8A055A0BE0AD2F79] - 18/08/2013 - 07:22:32 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19239424]
O44 - LFC:[MD5.19AEF9DE6A175C85DFF87C0ED0AB5386] - 18/08/2013 - 07:15:01 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\SysNative\MRT.exe [78161360]
O44 - LFC:[MD5.19AEF9DE6A175C85DFF87C0ED0AB5386] - 18/08/2013 - 07:15:01 RSHAD . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [78161360]
O44 - LFC:[MD5.D2B0CC828CC46CB8E122778E07A3A618] - 15/08/2013 - 13:10:02 ---A- . (...) -- C:\AdwCleaner[S5].txt [13777]
O44 - LFC:[MD5.EECDDCD827FFE7CF598AFA9AE1300F74] - 15/08/2013 - 13:09:34 ---A- . (...) -- C:\AdwCleaner[R4].txt [13576]
O44 - LFC:[MD5.502A8FA1D7185C9B9C8891E7ABC8BD0B] - 15/08/2013 - 13:09:09 ---A- . (...) -- C:\AdwCleaner[S4].txt [451]
O44 - LFC:[MD5.2BBBD1723CD7A39C14F985F6F60ED9ED] - 15/08/2013 - 08:10:44 ---A- . (...) -- C:\AdwCleaner[S3].txt [2711]
O44 - LFC:[MD5.3A8219B024D145409CA89A8D287056B2] - 15/08/2013 - 08:09:59 ---A- . (...) -- C:\AdwCleaner[R3].txt [2795]
O44 - LFC:[MD5.F295911695680D7974109F7A60C43E2A] - 15/08/2013 - 08:03:57 ---A- . (...) -- C:\AdwCleaner[S2].txt [6403]
O44 - LFC:[MD5.5B0CCC6781B6AB687AC6AA45FBE6850C] - 15/08/2013 - 08:03:15 ---A- . (...) -- C:\AdwCleaner[R2].txt [6293]
O44 - LFC:[MD5.287998A9BA0140ABB59792CDEB2F8483] - 14/08/2013 - 07:28:32 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\SysNative\crypt32.dll [1472512]
O44 - LFC:[MD5.287998A9BA0140ABB59792CDEB2F8483] - 14/08/2013 - 07:28:32 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1472512]
O44 - LFC:[MD5.959041D7014C97133D859B45BCA0FC58] - 14/08/2013 - 07:28:32 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\SysNative\wintrust.dll [224256]
O44 - LFC:[MD5.959041D7014C97133D859B45BCA0FC58] - 14/08/2013 - 07:28:32 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll [224256]
O44 - LFC:[MD5.6B400F211BEE880A37A1ED0368776BF4] - 14/08/2013 - 07:28:26 ---A- . (.Microsoft Corporation - Services de chiffrement.) -- C:\Windows\SysNative\cryptsvc.dll [184320]
O44 - LFC:[MD5.6B400F211BEE880A37A1ED0368776BF4] - 14/08/2013 - 07:28:26 ---A- . (.Microsoft Corporation - Services de chiffrement.) -- C:\Windows\System32\cryptsvc.dll [184320]
O44 - LFC:[MD5.A6B726DCA228F7878E38368A1BDC68BE] - 14/08/2013 - 07:28:23 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\SysNative\cryptnet.dll [139776]
O44 - LFC:[MD5.A6B726DCA228F7878E38368A1BDC68BE] - 14/08/2013 - 07:28:23 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll [139776]
O44 - LFC:[MD5.B3CA3253009D26666F5BCB16E77D2618] - 14/08/2013 - 07:28:12 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\SysNative\tzres.dll [2048]
O44 - LFC:[MD5.B3CA3253009D26666F5BCB16E77D2618] - 14/08/2013 - 07:28:12 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.D29200AB0B37B7293C6942EAF755295E] - 14/08/2013 - 07:28:08 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\SysNative\WMVDECOD.DLL [1888768]
O44 - LFC:[MD5.D29200AB0B37B7293C6942EAF755295E] - 14/08/2013 - 07:28:08 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\System32\WMVDECOD.DLL [1888768]
O44 - LFC:[MD5.26036E228D2467DE6975AD819C22C043] - 14/08/2013 - 07:28:07 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\SysNative\rpcrt4.dll [1217024]
O44 - LFC:[MD5.26036E228D2467DE6975AD819C22C043] - 14/08/2013 - 07:28:07 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll [1217024]
O44 - LFC:[MD5.8E45DD84F8F786B2DB94AD95225B9246] - 14/08/2013 - 07:28:02 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\SysNative\ntdll.dll [1732032]
O44 - LFC:[MD5.8E45DD84F8F786B2DB94AD95225B9246] - 14/08/2013 - 07:28:02 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1732032]
O44 - LFC:[MD5.C19DCA1024135D5485E25AB1047F77BC] - 14/08/2013 - 07:28:02 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe [5550528]
O44 - LFC:[MD5.C19DCA1024135D5485E25AB1047F77BC] - 14/08/2013 - 07:28:02 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5550528]
O44 - LFC:[MD5.D6180FBBADA79BC28E5FD8187EBE7F64] - 14/08/2013 - 07:28:01 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\SysNative\wow64.dll [243712]
O44 - LFC:[MD5.D6180FBBADA79BC28E5FD8187EBE7F64] - 14/08/2013 - 07:28:01 RSHAD . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712]
O44 - LFC:[MD5.4CE278FC9671BA81A138D70823FCAA09] - 14/08/2013 - 07:27:54 RSHAD . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Drivers\tssecsrv.sys [39936]
O44 - LFC:[MD5.DB74544B75566C974815E79A62433F29] - 14/08/2013 - 07:27:53 RSHAD . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys [1910208]
O44 - LFC:[MD5.1AF7AE1FDE027A30B9097280819A0A86] - 12/08/2013 - 11:59:04 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\Windows\SysNative\D3DX9_42.dll [2475352]
O44 - LFC:[MD5.1AF7AE1FDE027A30B9097280819A0A86] - 12/08/2013 - 11:59:04 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\Windows\System32\D3DX9_42.dll [2475352]
~ Files: 86 Scanned in 00mn 10s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.49E816E3992F004CE0180FC1D1028772] - 05/08/2013 - 07:25:03 ---A- - C:\Windows\Prefetch\UPDATER.EXE-EA1310CB.pf
O45 - LFCP:[MD5.60069FA28EB5CBA0CBF5D892EAFBEC3C] - 05/08/2013 - 07:28:16 ---A- - C:\Windows\Prefetch\SKYPE.EXE-E71BF59F.pf
O45 - LFCP:[MD5.3C6B8A108395AB55FD7D560C4418A04F] - 05/08/2013 - 11:01:05 ---A- - C:\Windows\Prefetch\TOMTOMHOME.EXE-5C6B8B9D.pf
O45 - LFCP:[MD5.028CF60E2C2FAFF3265DBF9CCBD67F54] - 05/08/2013 - 11:01:10 ---A- - C:\Windows\Prefetch\TOMTOMHOMERUNTIME.EXE-007B2194.pf
O45 - LFCP:[MD5.893CDC0FE41C369546F24D23D9636076] - 05/08/2013 - 12:07:51 ---A- - C:\Windows\Prefetch\FLASHUTIL64_11_7_700_224_ACTI-0BE4FF3F.pf
O45 - LFCP:[MD5.FAA698DA1EE8A04258ABD111BDFE3367] - 05/08/2013 - 12:12:56 ---A- - C:\Windows\Prefetch\EXCEL.EXE-53A22446.pf
O45 - LFCP:[MD5.93100DE7FACFF5FE06CC79572B2B8379] - 12/08/2013 - 07:45:08 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-EEE13F6D.pf
O45 - LFCP:[MD5.524B935C0AD762C0C091F46C5A31AF53] - 12/08/2013 - 13:12:03 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.506DCDDD20551D0ECE196AB09BD296B7] - 12/08/2013 - 19:14:03 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf
O45 - LFCP:[MD5.E8199D574210A9D810C927EEEF48A822] - 16/08/2013 - 11:49:01 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
O45 - LFCP:[MD5.DFE59DB17D353CCE2328F3310B25AA25] - 16/08/2013 - 11:49:09 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf
O45 - LFCP:[MD5.66778470A82A3B32FADD521785117A71] - 16/08/2013 - 11:50:07 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf
O45 - LFCP:[MD5.9A85873D54ABF6C7485359DFE8C29033] - 16/08/2013 - 16:14:07 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3061313246-2662923334-336010195-1000.snp.db
O45 - LFCP:[MD5.BBB48F9E5529566C3D0F2484F6C61580] - 16/08/2013 - 16:15:44 ---A- - C:\Windows\Prefetch\AgCx_SC3_9F4352A8EDF3D3CF.db
O45 - LFCP:[MD5.A4D93DC1407DDD7E3CB84E3585F5AF86] - 17/08/2013 - 07:12:23 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-97743AA9.pf
O45 - LFCP:[MD5.AA6A0AB9F88BCD4699D9486B08E2EBCF] - 17/08/2013 - 07:12:55 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-7105D3A2.pf
O45 - LFCP:[MD5.86A9261C8FB7D197DC9D36F883C38403] - 18/08/2013 - 18:47:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-97229F6A.pf
O45 - LFCP:[MD5.87D456090AA8FB578AB21D8155CD57B3] - 19/08/2013 - 11:04:15 ---A- - C:\Windows\Prefetch\ASSCRPRO.EXE-2426B5AB.pf
O45 - LFCP:[MD5.3222221CF42D676D8ED9340FADDCD2B3] - 19/08/2013 - 11:13:09 ---A- - C:\Windows\Prefetch\HPWUSCHD2.EXE-DE9C9D03.pf
O45 - LFCP:[MD5.34DDFD7C4E5CC52E18585ADA4A1A3C77] - 20/08/2013 - 08:29:31 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf
O45 - LFCP:[MD5.51314CEAF6E64353D2C2FE21B5D13BFD] - 20/08/2013 - 08:36:57 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.50DEEA7E8D0A4B30B907A8813DB2741F] - 20/08/2013 - 08:36:59 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
O45 - LFCP:[MD5.3A270B297F001B40B528E98DF6F88476] - 20/08/2013 - 08:37:25 ---A- - C:\Windows\Prefetch\DMEDIA.EXE-7CE60415.pf
O45 - LFCP:[MD5.4CD38E77CA7A9A8FB4D7DD7D5CEE553A] - 20/08/2013 - 08:43:44 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7FAA2E4C.pf
O45 - LFCP:[MD5.5F249EFD7935394A9C48A17C8011C27E] - 20/08/2013 - 10:01:04 ---A- - C:\Windows\Prefetch\CLMLSVC.EXE-2A642111.pf
O45 - LFCP:[MD5.899BF1CDE62DCBEDE039DD98D9A320F2] - 20/08/2013 - 10:01:17 ---A- - C:\Windows\Prefetch\SOFFICE.EXE-8BFABAE3.pf
O45 - LFCP:[MD5.8D4DB4DD1B830AC1F3F7B3BCB556FB2C] - 20/08/2013 - 10:03:09 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.EEE321EC4226C1F8C13313F8CD3F94A9] - 20/08/2013 - 10:08:00 ---A- - C:\Windows\Prefetch\OSE.EXE-533D8AC9.pf
O45 - LFCP:[MD5.F2BBEBCB57EAD55F55D5B9E130B19464] - 20/08/2013 - 14:21:37 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
O45 - LFCP:[MD5.12A78C3B6A873CD92471A2A0DC889751] - 20/08/2013 - 14:21:39 ---A- - C:\Windows\Prefetch\PMBBROWSER.EXE-B4AFB4B1.pf
O45 - LFCP:[MD5.3278E8948D496CCC35F88EB9714CB5BA] - 20/08/2013 - 20:06:56 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.0E09BB45071B3F70106E704D227BDFE8] - 20/08/2013 - 20:20:10 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.501D376409D13C5A59D8637F093D7793] - 20/08/2013 - 20:20:21 ---A- - C:\Windows\Prefetch\ASUSVIBE2.0.EXE-42B102D5.pf
O45 - LFCP:[MD5.31E89E652DBDE3049E1E80C57B08DE79] - 20/08/2013 - 20:20:24 ---A- - C:\Windows\Prefetch\APRP.EXE-A549635F.pf
O45 - LFCP:[MD5.68B8EE0BBF28193613A7ECCA6AB99A2A] - 20/08/2013 - 20:20:26 ---A- - C:\Windows\Prefetch\ASUSWSPANEL.EXE-40B13933.pf
O45 - LFCP:[MD5.084BB3F47D85DC1DB858EB6ED3A596A8] - 20/08/2013 - 20:20:35 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.A93085B13F0A9BB2FE0C3503FB576B4B] - 20/08/2013 - 20:20:47 ---A- - C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf
O45 - LFCP:[MD5.6B91FB95F1AA3E4B4E02E83BA016CE52] - 20/08/2013 - 20:21:10 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.256DED61A8141E7459F0D7D92CDA747B] - 20/08/2013 - 20:22:39 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-4F1C4E0F.pf
O45 - LFCP:[MD5.A78D75686F28856F41FD6F918EEA89ED] - 20/08/2013 - 20:31:02 ---A- - C:\Windows\Prefetch\LIVEUPDT.EXE-DAF7AD9D.pf
O45 - LFCP:[MD5.9DD70938DFF6582023FCA71DE6A2B871] - 20/08/2013 - 20:40:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf
O45 - LFCP:[MD5.15C2F8917814E7233AFEF38635023D65] - 21/08/2013 - 07:55:51 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.19496637AAF122DC8581F916BF2E0796] - 21/08/2013 - 08:09:22 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.8B035381DC2247EB89FD61D354B52B91] - 21/08/2013 - 08:11:02 ---A- - C:\Windows\Prefetch\ATKOSD.EXE-C5A3162B.pf
O45 - LFCP:[MD5.4DB28EE88E1D65061B3E48550C25868D] - 21/08/2013 - 08:11:07 ---A- - C:\Windows\Prefetch\KBFILTR.EXE-3F28552B.pf
O45 - LFCP:[MD5.80A94E3DD6BDC5F8F74A3663897E3F62] - 21/08/2013 - 08:11:07 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf
O45 - LFCP:[MD5.E8CFFC68E04EC0BEC8A01BBEB125447B] - 21/08/2013 - 08:11:09 ---A- - C:\Windows\Prefetch\RAVCPL64.EXE-D6B4B613.pf
O45 - LFCP:[MD5.04AADE454EE01584D5111C252B6FC1C2] - 21/08/2013 - 08:11:09 ---A- - C:\Windows\Prefetch\WDC.EXE-37A6A0A3.pf
O45 - LFCP:[MD5.CE892529348D0DC9371D859286E3698C] - 21/08/2013 - 08:11:19 ---A- - C:\Windows\Prefetch\BCSSYNC.EXE-3F6C64A2.pf
O45 - LFCP:[MD5.4A0D5B80E6CD208DBCD158956376E0EB] - 21/08/2013 - 08:11:26 ---A- - C:\Windows\Prefetch\AMICOSINGLUN64.EXE-2E50420D.pf
O45 - LFCP:[MD5.2B8D68B1F0AD68CC7B39C93C71A6A7C5] - 21/08/2013 - 08:11:27 ---A- - C:\Windows\Prefetch\ETDCTRL.EXE-EC9938C4.pf
O45 - LFCP:[MD5.4E521F2734660FF0A76651272B0F319E] - 21/08/2013 - 08:11:29 ---A- - C:\Windows\Prefetch\VSNP2UVC.EXE-9B01A32D.pf
O45 - LFCP:[MD5.ABE52CEE9C92840C6FB7DF3FAEBA125A] - 21/08/2013 - 08:11:30 ---A- - C:\Windows\Prefetch\MUISTARTMENU.EXE-F128F39F.pf
O45 - LFCP:[MD5.CD90B20EAE327AAAB613F07517CD2004] - 21/08/2013 - 08:11:31 ---A- - C:\Windows\Prefetch\QUICKS~1.EXE-4BF77181.pf
O45 - LFCP:[MD5.C08599DA46AA9F24D503B308024D80EC] - 21/08/2013 - 08:11:31 ---A- - C:\Windows\Prefetch\TOMTOMHOMERUNNER.EXE-7784BEE7.pf
O45 - LFCP:[MD5.637A4120E0E2FB96F411F9F11023A6DC] - 21/08/2013 - 08:11:43 ---A- - C:\Windows\Prefetch\APSDAEMON.EXE-4484BAA6.pf
O45 - LFCP:[MD5.9D5BB53B3FD3B3808632946EBEE94951] - 21/08/2013 - 08:11:45 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-7F88D3BE.pf
O45 - LFCP:[MD5.2731829A5A06E62C87F4D3CF39D3C046] - 21/08/2013 - 08:11:49 ---A- - C:\Windows\Prefetch\4-DAY FORECAST.EXE-3429CFCF.pf
O45 - LFCP:[MD5.78A1D87BC1EAD2C3AA647BF98DB38A76] - 21/08/2013 - 08:11:49 ---A- - C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf
O45 - LFCP:[MD5.782F546AF51C39FB67DC9E33882C1BF6] - 21/08/2013 - 08:11:49 ---A- - C:\Windows\Prefetch\PMBVOLUMEWATCHER.EXE-981DA6CB.pf
O45 - LFCP:[MD5.EC38D8F057A63A04DF1C3EFAB1E6DE64] - 21/08/2013 - 08:11:52 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-56B29A08.pf
O45 - LFCP:[MD5.59F612F60FA63F78756FE8B169B2CD2F] - 21/08/2013 - 08:12:03 ---A- - C:\Windows\Prefetch\CCC.EXE-B637C9BF.pf
O45 - LFCP:[MD5.CF1BB274D76E76CC3B59B1CFB4DA7D63] - 21/08/2013 - 08:12:05 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf
O45 - LFCP:[MD5.D56940540C05F10D5285EC18C15D49D5] - 21/08/2013 - 08:12:28 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.F1663F61769AF95714FF959FADDB5BE2] - 21/08/2013 - 08:12:29 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf
O45 - LFCP:[MD5.F11495589800ED8F6CE3C448E797E1A6] - 21/08/2013 - 08:12:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf
O45 - LFCP:[MD5.B791C1111E4B967F95322785CDA98BEA] - 21/08/2013 - 08:12:58 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.00AF17CCE3135B7ADD1129DA39244D1B] - 21/08/2013 - 08:12:58 ---A- - C:\Windows\Prefetch\UNS.EXE-E6E49771.pf
O45 - LFCP:[MD5.1788309A298EF4170D67C992B0B976E1] - 21/08/2013 - 08:13:03 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-73BE9E78.pf
O45 - LFCP:[MD5.A30C94EA73D30C39067F5E7A22CA6D74] - 21/08/2013 - 08:13:17 ---A- - C:\Windows\Prefetch\OSPPSVC.EXE-E53D3CC0.pf
O45 - LFCP:[MD5.D5AF3C153B8676EC858B8CC3E0692C24] - 21/08/2013 - 08:14:19 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.345578C411C33B39D7308534C41AB9D3] - 21/08/2013 - 08:23:28 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.A1DF24D36B1ABAED02C02BC667DC2CA7] - 21/08/2013 - 08:23:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf
O45 - LFCP:[MD5.F5059855608CB632709D9B0838788629] - 21/08/2013 - 08:25:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf
O45 - LFCP:[MD5.1A41B31117A880A4FA47A6684F439E14] - 21/08/2013 - 13:30:24 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.C4A458C7EA529381DAEC0C9177FF491D] - 21/08/2013 - 13:31:24 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.601474CC61FEBA547DF78E89011D9F11] - 21/08/2013 - 13:40:36 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.EB0374B41012E981767F389F694F7DCA] - 22/08/2013 - 07:58:24 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.02FFDB42006855361DCF75CACA2C9C4C] - 22/08/2013 - 07:58:36 ---A- - C:\Windows\Prefetch\ELANTPCFG64.EXE-578825C3.pf
O45 - LFCP:[MD5.CBE7E4D3E649A74BCE1065975F6B8E3E] - 22/08/2013 - 07:58:44 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf
O45 - LFCP:[MD5.AE261F4F87B8FA0653D8AE955F6CF8AE] - 22/08/2013 - 07:58:45 ---A- - C:\Windows\Prefetch\SMARTLOGON.EXE-8F794AF5.pf
O45 - LFCP:[MD5.71E3249A8C8C6FBD638B8734FE69AA85] - 22/08/2013 - 07:58:51 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
O45 - LFCP:[MD5.E54C789779062F87D385528007FD9B13] - 22/08/2013 - 07:59:16 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-6EF4B603.pf
O45 - LFCP:[MD5.B33D8C1195AE7DB0DB149CE2C257BF0D] - 22/08/2013 - 07:59:22 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-3B5B9E84.pf
O45 - LFCP:[MD5.9BD7B02213003E81DE1A86F4C8B64676] - 22/08/2013 - 07:59:29 ---A- - C:\Windows\Prefetch\PHOTOSCREENSAVER.SCR-BE555075.pf
O45 - LFCP:[MD5.235B0AA1F2FC876DB9FDC62683101E93] - 22/08/2013 - 08:00:15 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.B14ACE26EE31200BE6A71BFEA4190F3B] - 22/08/2013 - 08:04:11 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3061313246-2662923334-336010195-1000.db
O45 - LFCP:[MD5.51166AA5B37C851E5CD86C7D5C45B42B] - 22/08/2013 - 08:04:11 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3061313246-2662923334-336010195-1000.db
O45 - LFCP:[MD5.A94606DA6757A5AED0A869098EB8C33A] - 22/08/2013 - 08:06:23 ---A- - C:\Windows\Prefetch\OUTLOOK.EXE-C6B7F77A.pf
O45 - LFCP:[MD5.A967B5D89C10D63032684DC72746F5B2] - 22/08/2013 - 08:08:40 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
O45 - LFCP:[MD5.FB3986D7E70780D79777EAAC934F2AE2] - 22/08/2013 - 08:08:57 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.5351402542AF381572FEB0D5990272FC] - 22/08/2013 - 08:09:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-8128F3B7.pf
O45 - LFCP:[MD5.6DBAD6A0AC93893635D27F79EFCDE0CC] - 22/08/2013 - 08:11:46 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf
O45 - LFCP:[MD5.66299B5D64083FC99F9BB420456D19FA] - 22/08/2013 - 08:12:00 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf
O45 - LFCP:[MD5.467A302DE4174AC1285F3F51F53463CF] - 22/08/2013 - 08:12:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
O45 - LFCP:[MD5.35A06CCB40F5300F9B33CCBFE0601B69] - 22/08/2013 - 08:12:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.40E70E159FB04EC0F3AC60D8BC63605A] - 22/08/2013 - 08:12:34 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.FDA70984AF1EF549C8EF2E6D1A1A1EBA] - 22/08/2013 - 08:12:35 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.3259724360B60266169459618347D273] - 22/08/2013 - 08:14:44 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.A968FF51AD4DDFA31B398168CC838FF4] - 22/08/2013 - 08:14:45 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
O45 - LFCP:[MD5.7C985C36F494B2799B7858808172F5B1] - 22/08/2013 - 08:15:27 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.D5F53805EFA0A6EC5003096C6AC881D5] - 22/08/2013 - 08:18:27 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.9455BB695482E1E5B04C2A6F167D34B1] - 22/08/2013 - 08:22:09 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.50F0216D93C84D54C7211D04ECAFD867] - 22/08/2013 - 08:22:09 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.B1094D6B3EFB59592C1F904A4BE6D24C] - 22/08/2013 - 08:22:10 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.6267A3EACB720D55BA8159FBDD159ED2] - 22/08/2013 - 08:22:10 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.52626B693F59E5CFB9FE5D425C00019C] - 22/08/2013 - 08:24:43 ---A- - C:\Windows\Prefetch\CHROME.EXE-D613371C.pf
O45 - LFCP:[MD5.4D1FECE9478594414E5972207A1B56B1] - 22/08/2013 - 08:26:35 ---A- - C:\Windows\Prefetch\WINWORD.EXE-778F7C2B.pf
O45 - LFCP:[MD5.A388C918B8F54D3D627A9491EE8B0D6C] - 22/08/2013 - 08:26:37 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.77C08895EDDE4F946739F8C6D1D1EF94] - 22/08/2013 - 08:28:21 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.DF2D155C23B6AAE844E1999A6A4F2242] - 22/08/2013 - 08:30:21 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.443545BAC9420B80E4B3DCD32266B986] - 22/08/2013 - 08:30:54 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.D3276DCBD8FA14AA6008930F6FBCB790] - 22/08/2013 - 08:30:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.B6BFF2B2402D9AC1855AD17CB09E028A] - 22/08/2013 - 08:31:02 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.230E855CC8251BFC836C83EF6E9EB854] - 22/08/2013 - 08:31:13 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf
O45 - LFCP:[MD5.538EDBCC53BB7E689BBF2AC554DFEA4D] - 22/08/2013 - 08:33:36 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.B036367870714D75D1075169E5469C76] - 22/08/2013 - 08:33:42 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.D68AD4042FBB647BA4F5D2FF6DFD9F42] - 22/08/2013 - 08:33:52 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.4AB10B5ABD0CF643199712349A67CED7] - 26/07/2013 - 16:38:18 ---A- - C:\Windows\Prefetch\BESTREMOVALTOOL_SETUP.TMP-C5105C76.pf
O45 - LFCP:[MD5.EC19E236AF0F81BC3B755612418D1C5E] - 26/07/2013 - 16:38:21 ---A- - C:\Windows\Prefetch\BESTREMOVALTOOL_SETUP.EXE-6EDDC576.pf
O45 - LFCP:[MD5.AC5C3347035AF06D9704E5D5582F6870] - 26/07/2013 - 16:38:22 ---A- - C:\Windows\Prefetch\BESTREMOVALTOOL_SETUP.TMP-12EC7861.pf
O45 - LFCP:[MD5.009930160CF3DDF2BDD36EA2E0C5101B] - 26/07/2013 - 16:38:56 ---A- - C:\Windows\Prefetch\BRT.EXE-B441DD40.pf
O45 - LFCP:[MD5.E1F188CC0F77F6843BFC466AFD73AC97] - 26/07/2013 - 19:11:38 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf
O45 - LFCP:[MD5.DB86CDD880EE2FBAFAADF67D340EBD6C] - 27/07/2013 - 06:54:03 ---A- - C:\Windows\Prefetch\MPAS-D_BD_1.155.565.0.EXE-7A10822C.pf
O45 - LFCP:[MD5.BF2C0B3EAAD839AF97C01451AC8FC03A] - 27/07/2013 - 06:54:04 ---A- - C:\Windows\Prefetch\MPMINISIGSTUB.EXE-242A7F79.pf
O45 - LFCP:[MD5.6466BEBB1A3B886B24088BB9403BD06F] - 27/07/2013 - 08:52:34 ---A- - C:\Windows\Prefetch\GEPLUGIN.EXE-91770AC9.pf
O45 - LFCP:[MD5.9A63C14320FFF2D2E67F320A34B4A689] - 27/07/2013 - 09:57:10 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
O45 - LFCP:[MD5.AB87056D3454069CC8FB40A84B2D4A26] - 27/07/2013 - 10:00:05 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.58C815E4225DDEDE5164C01909687B41] - 27/07/2013 - 12:15:30 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.F1832B9EACF6D40D907C563B8668BB1F] - 27/07/2013 - 16:59:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A8137E34.pf
O45 - LFCP:[MD5.C0B028B9E9779B830056C973AEC7C843] - 27/07/2013 - 16:59:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FB31593F.pf
O45 - LFCP:[MD5.2B9166A1DFDB1E5CFC2B2A9FC5095852] - 28/07/2013 - 08:05:10 ---A- - C:\Windows\Prefetch\UNINS000.EXE-1D936D51.pf
O45 - LFCP:[MD5.0F77194126BFE5A7718BB8D76F263246] - 28/07/2013 - 10:35:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0BB35052.pf
O45 - LFCP:[MD5.F822725542EDCD453CECBE10BE3FCF3E] - 28/07/2013 - 10:36:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-54EBA86D.pf
O45 - LFCP:[MD5.61694A88421BA2904635A75E52A170D4] - 28/07/2013 - 11:23:45 ---A- - C:\Windows\Prefetch\MSSPELLCHECKINGFACILITY.EXE-AF326815.pf
O45 - LFCP:[MD5.80C2974B2AE9FEA987D11DF998BB3054] - 28/07/2013 - 11:33:51 ---A- - C:\Windows\Prefetch\LIFEFRAME.EXE-AB7409EA.pf
O45 - LFCP:[MD5.84DAF5531F3FADD1CD56F67E6533D142] - 28/07/2013 - 11:33:56 ---A- - C:\Windows\Prefetch\VIRCAMWS.EXE-33DC32DD.pf
O45 - LFCP:[MD5.FD19891C5425B4B4C312A64305589E34] - 28/07/2013 - 19:12:20 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92F69952.pf
O45 - LFCP:[MD5.EB76C609AD19383A4C579E053DC9BDC9] - 28/07/2013 - 20:53:49 ---A- - C:\Windows\Prefetch\READER_SL.EXE-B1C62096.pf
O45 - LFCP:[MD5.111BA83D488B0826C1C4F78E68F3CF6B] - 28/07/2013 - 20:54:27 ---A- - C:\Windows\Prefetch\QTTASK.EXE-D20C213D.pf
O45 - LFCP:[MD5.C58BF96D2315E494FCCA31B1E5154BB4] - 29/07/2013 - 16:27:44 ---A- - C:\Windows\Prefetch\POWERPNT.EXE-158B76A4.pf
O45 - LFCP:[MD5.2C6DFF4C30EF9DCE8C0EC166C167B92C] - 29/07/2013 - 19:11:40 ---A- - C:\Windows\Prefetch\PREVIEWERSURROGATE.EXE-D4342B87.pf
O45 - LFCP:[MD5.7AD7577B863FC95899C721DD64DB25DA] - 29/07/2013 - 22:23:28 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-7D3CAB29.pf
~ Prefetcher: 143 Scanned in 00mn 03s

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{522f1ee1-6d01-11e1-ab7e-f46d04f944fc}\AutoRun\command. (...) -- F:\AutoRunCardDetector.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\orangeinside [Key] . (...) -- C:\Users\Archimbaud\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
~ SMSR Keys: 4 Scanned in 00mn 00s

---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.343786E182B9C9AE3066E00DEC650F50] - 26/08/2011 - 09:20:49 ---A- . (...) -- C:\Windows\SysWOW64\drivers\fsbts.sys [42672]
~ Drivers: Scanned in 00mn 00s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/08/2013 - 11:56:39 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\OldAllServicesInfo.xml [2894]
O61 - LFC: 20/08/2013 - 08:41:18 ---A- C:\Users\Archimbaud\AppData\Roaming\Microsoft\Templates\LiveContent\Managed\Document Themes\1036\TC101955421[[fn=Emploi du temps]].dotx [276683]
O61 - LFC: 20/08/2013 - 09:31:50 ---A- C:\Users\Archimbaud\Downloads\Repair-tool.exe [5162600]
O61 - LFC: 20/08/2013 - 09:38:55 ---A- C:\Users\Archimbaud\AppData\Roaming\DriverCure\LogFile.txt [115] =>PUP.DriverCure
O61 - LFC: 20/08/2013 - 09:46:05 ---A- C:\Users\Archimbaud\Downloads\adwcleaner.exe [666633]
O61 - LFC: 20/08/2013 - 13:36:18 ---A- C:\Users\Archimbaud\AppData\Roaming\ASUS WebStorage\Logs\AWS-notepad.txt [0]
O61 - LFC: 20/08/2013 - 14:13:52 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Announce\2013082001.xml [1661]
O61 - LFC: 20/08/2013 - 14:13:52 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Announce\{BB14B52C-046F-45e2-A9BD-A3AD7B5C7682}.png [2218]
O61 - LFC: 20/08/2013 - 14:13:52 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Announce\{FE966721-40FC-4901-9ADA-EC309ECDA23B}.png [6956]
O61 - LFC: 20/08/2013 - 14:13:53 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Announce\2013050801.xml [886]
O61 - LFC: 20/08/2013 - 14:13:53 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Announce\{0E235A57-35B0-499a-9071-521B7679E9F0}.png [6796]
O61 - LFC: 20/08/2013 - 14:13:56 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\AllServicesInfo.xml [2894]
O61 - LFC: 20/08/2013 - 14:13:56 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\personalspace_logo.jpg [1406]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\personalspace_icon.ico [7886]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\dailymotion_icon.ico [15686]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\facebookphoto_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\youtube_icon.ico [15086]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\dailymotion_logo.jpg [22332]
O61 - LFC: 20/08/2013 - 14:13:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\youtube_logo.jpg [31283]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\personalspace_service.xml [2276]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\facebookvideo_icon.ico [17542]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\flickr_icon.ico [15078]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\facebookphoto_logo.jpg [2944]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\facebookvideo_logo.jpg [2944]
O61 - LFC: 20/08/2013 - 14:13:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\flickr_logo.jpg [3860]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\dailymotion_service.xml [2607]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\youtube_service.xml [2461]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\picasavideo_icon.ico [22926]
O61 - LFC: 20/08/2013 - 14:14:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\snapfish_icon.ico [26918]
O61 - LFC: 20/08/2013 - 14:14:01 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\picasavideo_logo.jpg [17608]
O61 - LFC: 20/08/2013 - 14:14:01 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\snapfish_logo.jpg [2885]
O61 - LFC: 20/08/2013 - 14:14:02 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\facebookphoto_service.xml [1776]
O61 - LFC: 20/08/2013 - 14:14:03 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\facebookvideo_service.xml [1916]
O61 - LFC: 20/08/2013 - 14:14:03 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\flickr_service.xml [1835]
O61 - LFC: 20/08/2013 - 14:14:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\picasavideo_service.xml [2001]
O61 - LFC: 20/08/2013 - 14:14:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\fr-FR\ServiceUploader\snapfish_service.xml [2251]
O61 - LFC: 20/08/2013 - 14:14:06 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\AllServicesInfo.xml [2894]
O61 - LFC: 20/08/2013 - 14:14:07 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\personalspace_service.xml [2262]
O61 - LFC: 20/08/2013 - 14:14:07 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\youtube_service.xml [2410]
O61 - LFC: 20/08/2013 - 14:14:08 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\dailymotion_service.xml [2594]
O61 - LFC: 20/08/2013 - 14:14:08 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\facebookphoto_service.xml [1776]
O61 - LFC: 20/08/2013 - 14:14:09 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\facebookvideo_service.xml [1915]
O61 - LFC: 20/08/2013 - 14:14:09 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\flickr_service.xml [1822]
O61 - LFC: 20/08/2013 - 14:14:10 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\picasavideo_service.xml [1998]
O61 - LFC: 20/08/2013 - 14:14:10 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\en-US\ServiceUploader\snapfish_service.xml [2193]
O61 - LFC: 20/08/2013 - 14:14:11 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\AllServicesInfo.xml [2912]
O61 - LFC: 20/08/2013 - 14:14:11 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\personalspace_service.xml [2295]
O61 - LFC: 20/08/2013 - 14:14:12 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\dailymotion_service.xml [2609]
O61 - LFC: 20/08/2013 - 14:14:12 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\youtube_service.xml [2452]
O61 - LFC: 20/08/2013 - 14:14:13 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\facebookphoto_service.xml [1776]
O61 - LFC: 20/08/2013 - 14:14:15 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\facebookvideo_service.xml [1916]
O61 - LFC: 20/08/2013 - 14:14:17 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\flickr_service.xml [1836]
O61 - LFC: 20/08/2013 - 14:14:18 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\picasavideo_service.xml [2028]
O61 - LFC: 20/08/2013 - 14:14:19 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ja-JP\ServiceUploader\snapfish_service.xml [2183]
O61 - LFC: 20/08/2013 - 14:14:20 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\AllServicesInfo.xml [2891]
O61 - LFC: 20/08/2013 - 14:14:20 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\personalspace_service.xml [2274]
O61 - LFC: 20/08/2013 - 14:14:21 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\youtube_service.xml [2466]
O61 - LFC: 20/08/2013 - 14:14:22 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\dailymotion_service.xml [2603]
O61 - LFC: 20/08/2013 - 14:14:22 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\facebookphoto_service.xml [1776]
O61 - LFC: 20/08/2013 - 14:14:23 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\facebookvideo_service.xml [1915]
O61 - LFC: 20/08/2013 - 14:14:23 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\flickr_service.xml [1830]
O61 - LFC: 20/08/2013 - 14:14:24 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\picasavideo_service.xml [2003]
O61 - LFC: 20/08/2013 - 14:14:24 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\nl-NL\ServiceUploader\snapfish_service.xml [2232]
O61 - LFC: 20/08/2013 - 14:14:25 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\AllServicesInfo.xml [2892]
O61 - LFC: 20/08/2013 - 14:14:25 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\personalspace_service.xml [2275]
O61 - LFC: 20/08/2013 - 14:14:26 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\dailymotion_service.xml [2606]
O61 - LFC: 20/08/2013 - 14:14:26 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\youtube_service.xml [2447]
O61 - LFC: 20/08/2013 - 14:14:27 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\facebookphoto_service.xml [1775]
O61 - LFC: 20/08/2013 - 14:14:27 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\facebookvideo_service.xml [1916]
O61 - LFC: 20/08/2013 - 14:14:28 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\flickr_service.xml [1826]
O61 - LFC: 20/08/2013 - 14:14:28 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\picasavideo_service.xml [2006]
O61 - LFC: 20/08/2013 - 14:14:29 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\de-DE\ServiceUploader\snapfish_service.xml [2233]
O61 - LFC: 20/08/2013 - 14:14:29 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\AllServicesInfo.xml [2893]
O61 - LFC: 20/08/2013 - 14:14:30 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\personalspace_service.xml [2294]
O61 - LFC: 20/08/2013 - 14:14:30 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\youtube_service.xml [2485]
O61 - LFC: 20/08/2013 - 14:14:31 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\dailymotion_service.xml [2614]
O61 - LFC: 20/08/2013 - 14:14:31 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\facebookphoto_service.xml [1775]
O61 - LFC: 20/08/2013 - 14:14:32 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\facebookvideo_service.xml [1916]
O61 - LFC: 20/08/2013 - 14:14:32 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\flickr_service.xml [1834]
O61 - LFC: 20/08/2013 - 14:14:33 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\picasavideo_service.xml [2023]
O61 - LFC: 20/08/2013 - 14:14:33 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\es-ES\ServiceUploader\snapfish_service.xml [2263]
O61 - LFC: 20/08/2013 - 14:14:34 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\AllServicesInfo.xml [2896]
O61 - LFC: 20/08/2013 - 14:14:34 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\personalspace_service.xml [2265]
O61 - LFC: 20/08/2013 - 14:14:35 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\dailymotion_service.xml [2593]
O61 - LFC: 20/08/2013 - 14:14:35 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\youtube_service.xml [2344]
O61 - LFC: 20/08/2013 - 14:14:36 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\facebookphoto_service.xml [1784]
O61 - LFC: 20/08/2013 - 14:14:36 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\facebookvideo_service.xml [1922]
O61 - LFC: 20/08/2013 - 14:14:37 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\flickr_service.xml [1829]
O61 - LFC: 20/08/2013 - 14:14:37 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\picasavideo_service.xml [2005]
O61 - LFC: 20/08/2013 - 14:14:38 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-CN\ServiceUploader\snapfish_service.xml [2208]
O61 - LFC: 20/08/2013 - 14:14:38 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\AllServicesInfo.xml [2895]
O61 - LFC: 20/08/2013 - 14:14:39 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\personalspace_service.xml [2271]
O61 - LFC: 20/08/2013 - 14:14:39 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\youtube_service.xml [2356]
O61 - LFC: 20/08/2013 - 14:14:40 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\dailymotion_service.xml [2599]
O61 - LFC: 20/08/2013 - 14:14:40 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\facebookvideo_service.xml [1922]
O61 - LFC: 20/08/2013 - 14:14:41 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\facebookphoto_service.xml [1784]
O61 - LFC: 20/08/2013 - 14:14:41 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\flickr_service.xml [1835]
O61 - LFC: 20/08/2013 - 14:14:41 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\picasavideo_service.xml [2005]
O61 - LFC: 20/08/2013 - 14:14:42 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\zh-TW\ServiceUploader\snapfish_service.xml [1965]
O61 - LFC: 20/08/2013 - 14:14:43 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\AllServicesInfo.xml [2899]
O61 - LFC: 20/08/2013 - 14:14:43 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\personalspace_service.xml [2281]
O61 - LFC: 20/08/2013 - 14:14:44 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\dailymotion_service.xml [2604]
O61 - LFC: 20/08/2013 - 14:14:44 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\youtube_service.xml [2475]
O61 - LFC: 20/08/2013 - 14:14:45 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\facebookphoto_service.xml [1776]
O61 - LFC: 20/08/2013 - 14:14:45 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\facebookvideo_service.xml [1919]
O61 - LFC: 20/08/2013 - 14:14:46 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\flickr_service.xml [1828]
O61 - LFC: 20/08/2013 - 14:14:46 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\picasavideo_service.xml [2010]
O61 - LFC: 20/08/2013 - 14:14:46 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ko-KR\ServiceUploader\snapfish_service.xml [1981]
O61 - LFC: 20/08/2013 - 14:14:47 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\AllServicesInfo.xml [2912]
O61 - LFC: 20/08/2013 - 14:14:48 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\personalspace_service.xml [2343]
O61 - LFC: 20/08/2013 - 14:14:48 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\youtube_service.xml [2814]
O61 - LFC: 20/08/2013 - 14:14:49 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\dailymotion_service.xml [2667]
O61 - LFC: 20/08/2013 - 14:14:49 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\facebookphoto_service.xml [1790]
O61 - LFC: 20/08/2013 - 14:14:49 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\facebookvideo_service.xml [1920]
O61 - LFC: 20/08/2013 - 14:14:50 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\flickr_service.xml [1849]
O61 - LFC: 20/08/2013 - 14:14:50 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\picasavideo_service.xml [2041]
O61 - LFC: 20/08/2013 - 14:14:51 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\AllServicesInfo.xml [2891]
O61 - LFC: 20/08/2013 - 14:14:51 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\ru-RU\ServiceUploader\snapfish_service.xml [2056]
O61 - LFC: 20/08/2013 - 14:14:52 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\personalspace_service.xml [2262]
O61 - LFC: 20/08/2013 - 14:14:52 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\youtube_service.xml [2444]
O61 - LFC: 20/08/2013 - 14:14:53 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\dailymotion_service.xml [2596]
O61 - LFC: 20/08/2013 - 14:14:53 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\facebookphoto_service.xml [1774]
O61 - LFC: 20/08/2013 - 14:14:54 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\facebookvideo_service.xml [1915]
O61 - LFC: 20/08/2013 - 14:14:54 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\flickr_service.xml [1825]
O61 - LFC: 20/08/2013 - 14:14:55 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\picasavideo_service.xml [1997]
O61 - LFC: 20/08/2013 - 14:14:55 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\it-IT\ServiceUploader\snapfish_service.xml [2239]
O61 - LFC: 20/08/2013 - 14:14:56 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\AllServicesInfo.xml [2912]
O61 - LFC: 20/08/2013 - 14:14:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\dailymotion_service.xml [2613]
O61 - LFC: 20/08/2013 - 14:14:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\personalspace_service.xml [2286]
O61 - LFC: 20/08/2013 - 14:14:57 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\youtube_service.xml [2461]
O61 - LFC: 20/08/2013 - 14:14:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\facebookphoto_service.xml [1778]
O61 - LFC: 20/08/2013 - 14:14:58 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\facebookvideo_service.xml [1915]
O61 - LFC: 20/08/2013 - 14:14:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\flickr_service.xml [1830]
O61 - LFC: 20/08/2013 - 14:14:59 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\picasavideo_service.xml [2013]
O61 - LFC: 20/08/2013 - 14:15:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pl-PL\ServiceUploader\snapfish_service.xml [1983]
O61 - LFC: 20/08/2013 - 14:15:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\AllServicesInfo.xml [2894]
O61 - LFC: 20/08/2013 - 14:15:01 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\personalspace_service.xml [2273]
O61 - LFC: 20/08/2013 - 14:15:01 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\youtube_service.xml [2466]
O61 - LFC: 20/08/2013 - 14:15:02 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\dailymotion_service.xml [2608]
O61 - LFC: 20/08/2013 - 14:15:02 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\facebookphoto_service.xml [1775]
O61 - LFC: 20/08/2013 - 14:15:03 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\facebookvideo_service.xml [1917]
O61 - LFC: 20/08/2013 - 14:15:03 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\flickr_service.xml [1827]
O61 - LFC: 20/08/2013 - 14:15:04 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\picasavideo_service.xml [2004]
O61 - LFC: 20/08/2013 - 14:15:04 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\pt-BR\ServiceUploader\snapfish_service.xml [2203]
O61 - LFC: 20/08/2013 - 14:15:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\AllServicesInfo.xml [2897]
O61 - LFC: 20/08/2013 - 14:15:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\personalspace_service.xml [2279]
O61 - LFC: 20/08/2013 - 14:15:06 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\youtube_service.xml [2500]
O61 - LFC: 20/08/2013 - 14:15:07 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\dailymotion_service.xml [2614]
O61 - LFC: 20/08/2013 - 14:15:07 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\facebookvideo_service.xml [1919]
O61 - LFC: 20/08/2013 - 14:15:08 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\facebookphoto_service.xml [1775]
O61 - LFC: 20/08/2013 - 14:15:08 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\flickr_service.xml [1828]
O61 - LFC: 20/08/2013 - 14:15:09 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\picasavideo_service.xml [2013]
O61 - LFC: 20/08/2013 - 14:15:09 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\Resources\sv-SE\ServiceUploader\snapfish_service.xml [2128]
O61 - LFC: 20/08/2013 - 14:21:33 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Media\DevDBAcc\Clone_F\AVIMNG01.dat [69]
O61 - LFC: 20/08/2013 - 14:21:53 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\ActionLog\media.db [9216]
O61 - LFC: 20/08/2013 - 14:22:00 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\StatisticsInformation\b78c0b5c431fa2c1b5b2c7ac7acfc564d9cbf615 [301080]
O61 - LFC: 20/08/2013 - 14:22:35 ---A- C:\Users\Archimbaud\AppData\Local\Windows Live\uxcore_WLXPhotoGallery_00.etl [12288]
O61 - LFC: 20/08/2013 - 16:16:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Sony Corporation\PMB\Uploader\ServiceUploader\PSLoginfo.dat [272]
O61 - LFC: 20/08/2013 - 17:50:00 ---A- C:\Users\Archimbaud\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.57\29.0.1547.57_28.0.1500.95_chrome_updater.exe [7906144]
O61 - LFC: 21/08/2013 - 07:48:14 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\29.0.1547.57\Installer\setup.exe [1177552]
O61 - LFC: 21/08/2013 - 07:50:37 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\29.0.1547.57\Installer\chrome.7z [131217685]
O61 - LFC: 21/08/2013 - 07:50:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\VisualElementsManifest.xml [396]
O61 - LFC: 21/08/2013 - 08:05:05 ---A- C:\Users\Archimbaud\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-08-21 (08-58-34).txt [3572]
O61 - LFC: 21/08/2013 - 08:09:17 --HA- C:\Users\Archimbaud\AppData\Local\IconCache.db [6291456]
O61 - LFC: 21/08/2013 - 08:11:50 ---A- C:\Users\Archimbaud\AppData\Local\SRS Labs\SRS Premium Sound\SRS_Premium_Sound_NoPreset_Settings.xml [7840]
O61 - LFC: 21/08/2013 - 08:11:52 ---A- C:\Users\Archimbaud\AppData\Local\4-Day Forecast\temp.dat [0]
O61 - LFC: 21/08/2013 - 08:11:58 ---A- C:\Users\Archimbaud\AppData\Local\4-Day Forecast\mcudata.bin [1365]
O61 - LFC: 21/08/2013 - 08:11:58 ---A- C:\Users\Archimbaud\AppData\Local\ATI\ACE\Manifest.Bin [32089]
O61 - LFC: 21/08/2013 - 08:11:58 ---A- C:\Users\Archimbaud\AppData\Local\ATI\ACE\Manifest.xml [23698]
O61 - LFC: 21/08/2013 - 08:12:01 ---A- C:\Users\Archimbaud\AppData\Local\4-Day Forecast\pcdata.bin [6124]
O61 - LFC: 21/08/2013 - 08:12:02 ---A- C:\Users\Archimbaud\AppData\Roaming\OpenOffice.org\3\.lock [152]
O61 - LFC: 21/08/2013 - 08:12:04 ---A- C:\Users\Archimbaud\AppData\Roaming\OpenOffice.org\3\user\registrymodifications.xcu [129196]
O61 - LFC: 21/08/2013 - 08:12:08 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\001518.sst [231]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\iw\messages.json [17412]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\no\messages.json [11008]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\background.js [1368]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\load_symbols.js [2447]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name.js [13935]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ar.js [54117]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_bg.js [51067]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ca.js [15513]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_cs.js [19494]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_da.js [14038]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_de.js [15552]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_el.js [55324]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_en_gb.js [13942]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_es.js [15179]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_es_419.js [15179]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_fi.js [14370]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_fil.js [13992]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_fr.js [15435]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_hi.js [47597]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_hr.js [14656]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_hu.js [16140]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_id.js [13888]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_it.js [13943]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_iw.js [35117]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ja.js [34352]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ko.js [29930]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_lt.js [17128]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_lv.js [17105]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_nl.js [14243]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_no.js [14395]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_pl.js [15282]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_pt_br.js [15497]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_pt_pt.js [15486]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ro.js [16064]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_ru.js [54888]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_sk.js [19282]
O61 - LFC: 21/08/2013 - 08:12:48 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_sl.js [19834]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_sr.js [50705]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_sv.js [14839]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_th.js [50049]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_tr.js [15702]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_uk.js [55785]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_vi.js [22382]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_zh_cn.js [26826]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\locale_name_zh_tw.js [26509]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols.js [3135]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ar.js [6384]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_bg.js [5653]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ca.js [3447]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_cs.js [3639]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_da.js [3294]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_de.js [3287]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_el.js [5843]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_en_gb.js [3245]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_es.js [3342]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_es_419.js [3336]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_fi.js [3591]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_fil.js [3259]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_fr.js [3422]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_hi.js [6181]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_hr.js [3414]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_hu.js [3644]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_id.js [3203]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_it.js [3307]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_iw.js [5722]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ja.js [3798]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ko.js [4048]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_lt.js [3562]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_lv.js [3569]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_nl.js [3286]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_no.js [3307]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_pl.js [3430]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_pt_br.js [3405]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_pt_pt.js [3425]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ro.js [3418]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_ru.js [5819]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_sk.js [3430]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_sl.js [3381]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_sr.js [5689]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_sv.js [3376]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_th.js [6459]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_tr.js [3455]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_uk.js [5684]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_vi.js [3888]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_zh_cn.js [4089]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\i18n\symbols_zh_tw.js [3964]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\amex.png [2052]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\bank.png [234]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\check.png [235]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\checkmark.png [239]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\close_dialog.png [139]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\close_dialog_hover.png [214]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\close_dialog_pressed.png [213]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\cvc-amex.png [1344]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\cvc.png [1343]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\discover.png [1700]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\info_icon.png [1354]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\jcb.png [1179]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\lock.png [182]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\mastercard.png [1818]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\stored_value.png [1141]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\1x\visa.png [1710]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\amex.png [3446]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\bank.png [412]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\check.png [631]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\checkmark.png [358]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\close_dialog.png [170]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\close_dialog_hover.png [385]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\close_dialog_pressed.png [390]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\cvc-amex.png [1748]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\cvc.png [1744]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\discover.png [2928]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\info_icon.png [1817]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\jcb.png [2874]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\lock.png [298]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\mastercard.png [3585]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\stored_value.png [1985]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\2x\visa.png [2584]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\spinner.gif [8787]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\wallet-icon-sm.png [1528]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\images\wallet-icon-tiny.png [800]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\main.html [950]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\payments.js [255172]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\pbhelper.html [119]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\pbhelper.js [581]
O61 - LFC: 21/08/2013 - 08:12:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\styles\payments.css [13250]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ar\messages.json [46465]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\bg\messages.json [34993]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ca\messages.json [14612]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\cs\messages.json [18490]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\da\messages.json [13611]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\de\messages.json [13859]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\el\messages.json [37543]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\en\messages.json [16121]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\en_GB\messages.json [12962]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\es\messages.json [14620]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\es_419\messages.json [14059]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\fi\messages.json [13517]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\fil\messages.json [13771]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\fr\messages.json [17988]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\hi\messages.json [32326]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\hr\messages.json [20064]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\hu\messages.json [17663]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\id\messages.json [13306]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\it\messages.json [13826]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ja\messages.json [20279]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ko\messages.json [18557]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\lt\messages.json [18917]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\lv\messages.json [18699]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\nl\messages.json [13255]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\pl\messages.json [20929]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\pt_BR\messages.json [14452]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\pt_PT\messages.json [14656]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ro\messages.json [17916]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\ru\messages.json [52240]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\sk\messages.json [17993]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\sl\messages.json [19856]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\sr\messages.json [52015]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\sv\messages.json [13410]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\th\messages.json [36060]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\tr\messages.json [15997]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\uk\messages.json [52694]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\vi\messages.json [19369]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\zh_CN\messages.json [16912]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\_locales\zh_TW\messages.json [16694]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\icon_128.png [9460]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\icon_16.png [702]
O61 - LFC: 21/08/2013 - 08:12:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\manifest.json [1410]
O61 - LFC: 21/08/2013 - 13:39:25 ---A- C:\Users\Archimbaud\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-08-21 (14-34-24).txt [2188]
O61 - LFC: 22/08/2013 - 07:58:33 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [261329]
O61 - LFC: 22/08/2013 - 08:06:54 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\001534.sst [227]
O61 - LFC: 22/08/2013 - 08:06:55 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\action.html [1033]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\all.css [20107]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\bookmarks\bookmarks.css [4787]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\bookmarks\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\bookmarks\img\logo.png [2768]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\classification.css [2994]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\cloud.css [18881]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\buttonBg.png [558]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\categoryBg.png [198]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\cn_outSideLogo.png [1204]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\cn_uploadLogo.png [1692]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\icons.png [606]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\logo.png [3340]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\outSideLogo.png [1154]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\searchBg.png [136]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\searchButton.png [518]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\searchLeft.png [290]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\selected.png [1940]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\tabsBg.png [142]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\cloud\img\uploadLogo.png [1728]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\extensions\extensions.css [5280]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\extensions\img\extensionsbtn.png [1785]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\extensions\img\logo.png [3079]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\lastVisited\img\logo.png [3130]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\lastVisited\lastVisited.css [3028]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\baidu.png [2201]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\bing.png [2161]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\google.com.png [8624]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\google.png [2273]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\logo.png [2813]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\searchButton.png [1749]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\taobao.png [2206]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\yahoo.png [2205] =>Toolbar.Yahoo
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\quickSearch.css [6606]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\setup\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\setup\img\logo.png [3162]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\setup\img\skin_0\dialBoxStyle.png [1851]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\setup\img\skin_0\icons.png [2397]
O61 - LFC: 22/08/2013 - 08:06:56 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\setup\setup.css [10997]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\download.png [1651]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\img\logo.png [2894]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\img\skin_0\categoryBg.png [111]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\img\skin_0\icons.png [1522]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\skins\skins.css [7218]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\weather.css [6249]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\blank.gif [49]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\default-wallpaper.png [1857]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\game.png [2772]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\google.com.png [31930]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\headerBg.png [157]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\ie_logo.png [9572]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\load.gif [1900]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\main.png [2808]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\photosload.gif [522]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\quickSearch\linktype.png [3985]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\quickSearch\logo.png [2813]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\shoping.png [2572]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\defaultBg.svg [14239]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\defaultBgIco.png [13884]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\idialog_s.png [2182]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\ios5_button.png [1482]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\left.png [1424]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\loading.gif [3882]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\loading2.gif [2993]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\q_bg.png [287]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\q_left.png [1768]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\q_right.png [1759]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\right.png [1432]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\titleBg.png [471]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\skin_0\wedo.png [3837]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\submit_buttion.png [1713]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\uploadpaper.png [3476]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\wallpaper_buttion.png [4662]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\weatherlogo.png [2799]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\webstore.png [2866]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\wedo.png [3837]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\index.html [18178]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\action.js [369]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\bookmarks.js [7034]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\easing.js [4757]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\file.js [6577]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\ga.js [39664]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\jquery-base.js [110785]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\jquery.autocomplete.js [17021]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\jquery.sortable.js [2950]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\wrap.js [135715]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\xa.js [2077]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\js\xagainit.js [2058]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\s_google_cn.html [1739]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\s_google_cn\google.com.png [12115]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\s_google_cn\quickSearch.js [1700]
O61 - LFC: 22/08/2013 - 08:06:57 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\s_google_cn\skin_0.css [2806]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\en\messages.json [16356]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\es\messages.json [18603]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\es_419\messages.json [18603]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\pl\messages.json [18523]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\pt_BR\messages.json [18615]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\tr\messages.json [19248]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\zh_CN\messages.json [20559]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\_locales\zh_TW\messages.json [20552]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\icon128.png [5577]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\icon16.png [628]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\img\icon48.png [1877]
O61 - LFC: 22/08/2013 - 08:06:58 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\manifest.json [1211]
O61 - LFC: 22/08/2013 - 08:07:49 ---A- C:\Users\Archimbaud\AppData\Roaming\Microsoft\Outlook\Outlook.xml [5862]
O61 - LFC: 22/08/2013 - 08:07:49 ---A- C:\Users\Archimbaud\Documents\Fichiers Outlook\Mon fichier de données Outlook(1).pst [271360]
O61 - LFC: 22/08/2013 - 08:07:50 ---A- C:\Users\Archimbaud\Documents\Fichiers Outlook\alainarchimbaud@wanadoo.fr.pst [271360]
O61 - LFC: 22/08/2013 - 08:14:10 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage [402432]
O61 - LFC: 22/08/2013 - 08:17:00 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [24576]
O61 - LFC: 22/08/2013 - 08:21:51 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [57344]
O61 - LFC: 22/08/2013 - 08:21:52 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Profile 1\Favicons [28672]
O61 - LFC: 22/08/2013 - 08:21:52 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences [20387]
O61 - LFC: 22/08/2013 - 08:21:54 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168]
O61 - LFC: 22/08/2013 - 08:21:55 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Profile 1\Cookies [15360]
O61 - LFC: 22/08/2013 - 08:22:28 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003880.sst [147]
O61 - LFC: 22/08/2013 - 08:23:21 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003882.sst [256]
O61 - LFC: 22/08/2013 - 08:23:42 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151]
O61 - LFC: 22/08/2013 - 08:23:44 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [272]
O61 - LFC: 22/08/2013 - 08:23:59 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003885.sst [256]
O61 - LFC: 22/08/2013 - 08:24:06 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [274]
O61 - LFC: 22/08/2013 - 08:26:03 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Profile 1\History [98304]
O61 - LFC: 22/08/2013 - 08:26:10 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Archived History [57344]
O61 - LFC: 22/08/2013 - 08:26:10 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [512]
O61 - LFC: 22/08/2013 - 08:26:10 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 22/08/2013 - 08:26:10 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-001551 [712]
O61 - LFC: 22/08/2013 - 08:26:11 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [10841]
O61 - LFC: 22/08/2013 - 08:26:11 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [16384]
O61 - LFC: 22/08/2013 - 08:26:11 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [3608]
O61 - LFC: 22/08/2013 - 08:26:12 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [0]
O61 - LFC: 22/08/2013 - 08:26:12 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 22/08/2013 - 08:26:12 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-005182 [875]
O61 - LFC: 22/08/2013 - 08:26:13 ---A- C:\Users\Archimbaud\AppData\Local\ATI\ACE\Profiles.xml [13539]
O61 - LFC: 22/08/2013 - 08:26:16 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0]
O61 - LFC: 22/08/2013 - 08:26:19 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\003888.sst [303]
O61 - LFC: 22/08/2013 - 08:26:19 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 22/08/2013 - 08:26:19 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-003887 [511]
O61 - LFC: 22/08/2013 - 08:26:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 22/08/2013 - 08:26:24 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Login Data [26624]
O61 - LFC: 22/08/2013 - 08:26:24 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [4624]
O61 - LFC: 22/08/2013 - 08:26:27 ---A- C:\Users\Archimbaud\AppData\Roaming\Microsoft\Office\Recent\Erreur.LNK [1029]
O61 - LFC: 22/08/2013 - 08:26:27 --H-- C:\Users\Archimbaud\AppData\Roaming\Microsoft\Office\Recent\index.dat [47]
O61 - LFC: 22/08/2013 - 08:26:30 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [0]
O61 - LFC: 22/08/2013 - 08:26:32 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [1920]
O61 - LFC: 22/08/2013 - 08:26:41 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Top Sites [118784]
O61 - LFC: 22/08/2013 - 08:26:41 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [12824]
O61 - LFC: 22/08/2013 - 08:26:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs [23552]
O61 - LFC: 22/08/2013 - 08:26:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640]
O61 - LFC: 22/08/2013 - 08:26:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Web Data [454656]
O61 - LFC: 22/08/2013 - 08:26:49 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [8736]
O61 - LFC: 22/08/2013 - 08:27:02 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage [1661952]
O61 - LFC: 22/08/2013 - 08:27:02 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage-journal [16384]
O61 - LFC: 22/08/2013 - 08:27:08 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Visited Links [0]
O61 - LFC: 22/08/2013 - 08:27:19 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Cookies [1472512]
O61 - LFC: 22/08/2013 - 08:27:19 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [10832]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Favicons [3495936]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\History [5316608]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-08 [139264]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-08-journal [16384]
O61 - LFC: 22/08/2013 - 08:27:20 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 22/08/2013 - 08:27:21 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [735140]
O61 - LFC: 22/08/2013 - 08:27:22 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [7919400]
O61 - LFC: 22/08/2013 - 08:27:22 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1913462]
O61 - LFC: 22/08/2013 - 08:27:22 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135184]
O61 - LFC: 22/08/2013 - 08:27:22 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19016]
O61 - LFC: 22/08/2013 - 08:27:22 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6036]
O61 - LFC: 22/08/2013 - 08:27:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 22/08/2013 - 08:27:50 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 22/08/2013 - 08:28:04 ---A- C:\Users\Archimbaud\AppData\Roaming\ASUS WebStorage\Logs\AWS-CCleaner64.txt [0] =>Piriform Ltd
O61 - LFC: 22/08/2013 - 08:33:38 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Preferences [125094]
O61 - LFC: 22/08/2013 - 08:34:41 ---A- C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Local State [50896]
~ Files: 622 Scanned in 01mn 02s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s

---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 05/10/2010 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 03/07/2009 - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASMMAP64) .(.ASUS - Memory mapping Driver.) - LEGACY_ASMMAP64
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 09/05/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 09/05/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 09/05/2013 - Pas de propriétaire (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 28/06/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 28/06/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 09/05/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 28/06/2013 - Pas de propriétaire (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pciide.sys (pciide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\wimmount.sys (WIMMount) .(.Microsoft Corporation - Wim file system Driver.) - LEGACY_WIMMOUNT
O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
~ Legacy: 86 Scanned in 00mn 01s

---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 18 Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.qvo6.com =>Hijacker.Qvo6
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com =>Hijacker.Qvo6
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Safari\Safari.exe" http://www.qvo6.com =>Hijacker.Qvo6
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Archimbaud - ucwgcla2.default] user_pref("extensions.crossrider.bic", "1399cddc8d17f40f8512ac51f641f4c7"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (qvo6) - http://search.qvo6.com =>Hijacker.Qvo6
O69 - SBI: SearchScopes [HKCU] {65F9DFEF-1D2A-4ED0-960E-78CF3BC8996E} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
~ Keys: Scanned in 00mn 00s

---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.EF368BE096244D8A3DB78437D7D9CAFA] [SPRF][28/08/2011] (...) -- C:\ProgramData\bdinstall.bin [77879]
[MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.0A3D84898BECD4C6DA1C233B30B0B0D6] [SPRF][03/05/2013] (...) -- C:\Users\Archimbaud\AppData\Roaming\mdbu.bin [392296]
[MD5.4C47469F47FD9F8437B62A86F6E0874F] [SPRF][15/08/2013] (...) -- C:\Users\Archimbaud\Desktop\AdwCleaner-2.306.exe [666633]
[MD5.C748C104BA13A9456496D264C4161E7C] [SPRF][22/08/2013] (.Piriform Ltd - CCleaner Installer.) -- C:\Users\Archimbaud\Desktop\ccsetup404.exe [4429440] =>Piriform Ltd
[MD5.8D3EC1B0A281B6FA904F5EA69D1257E4] [SPRF][22/08/2013] (...) -- C:\Users\Archimbaud\Desktop\cc_20130822_092802.reg [36330]
[MD5.AC0CD2526731A26A9CD0CEC85F5D9E93] [SPRF][22/08/2013] (...) -- C:\Users\Archimbaud\Desktop\cc_20130822_092858.reg [284]
[MD5.0FD43B63CF989204B1D8D92B88E1E5EE] [SPRF][22/08/2013] (...) -- C:\Users\Archimbaud\Desktop\cc_20130822_092931.reg [942]
[MD5.683FDD3D773C58B262DC07CD0C6CE938] [SPRF][21/08/2013] (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Users\Archimbaud\Desktop\mbam-setup-1.75.0.1300.exe [10285040]
[MD5.2AB4AC1E12D6F66B4DF113BBCBB1767D] [SPRF][22/03/2005] (.Pas de propriétaire - asusTek_sys_ctrl Module.) -- C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll [77824]
~ Files: Scanned in 00mn 00s

---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{50D76052-134E-46DB-AF8E-63827F883C0F}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{25BDD843-A815-48A8-A216-66D065687049}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{706E060C-20DD-4E5A-8CF0-C1FB08C6B9B1}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{F6010C55-5904-4AF6-9865-CBF08DBAF253}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{3E482395-9BB3-4B8E-9937-53166E3EA204}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{0DFC50DA-B19C-4F60-9473-9B8E005D824C}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{43C29F11-0A83-4E46-9562-17877F46F855}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{DCDA8866-C8CB-473D-B468-E6CD38408E32}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{28FDA2DE-D72F-4608-A3D6-DD50D736A75D}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{71A60A48-48B8-4899-B60F-68CBD44189B0}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{598DE1DF-9672-4964-8DCE-DC4881B13E68}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{23B08836-0A87-4A2E-835A-7FD729AD23CE}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{28EE7B34-C0CA-446D-8B7E-849EB4B15706}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O87 - FAEL: "{DB969DD1-A9F9-486E-9275-6A5759DDC92C}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{2C8AFFDA-1533-4A31-89C4-0874F8D8AD4D}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{DC0F6ADA-DEBD-4351-BA08-D37CBD92EC83}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{59E39BE8-78D9-438B-BE4A-04D5028424C8}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4D96CC21-9969-4F19-B289-794A11AB8DD1}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{39AEC12D-65B9-42C4-95AA-6BFF2FE6672A}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{99B2C4C2-4A7C-4DEE-A32E-7C38CA81CC91}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{81E2AE7A-269E-497D-A4BE-A433AC275351}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{4A0D2232-C4DC-4A1C-BAD8-4BEAFE86EC44}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{2BE40BE5-3F32-4D14-B8AA-2D7ECD00A20F}" |In - Private - P6 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)
O87 - FAEL: "{F9D8019C-47F1-47A9-A556-184508D2C878}" |In - Private - P17 - TRUE | .(...) -- E:\fscommand\CKSocketServer.exe (.not file.)
O87 - FAEL: "{FC39FC1B-989C-4036-AC42-1B11B5A276F8}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
O87 - FAEL: "{96CEF696-2B53-4878-B3B7-AC4144D6D887}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
O87 - FAEL: "{DDE14AF2-7F1B-4568-A41E-AC6CA309F445}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{F1DD40C2-CA43-4253-92C6-4800E8975A03}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{AB405C87-6ECC-406E-A8FA-086954DA6A52}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{FF5F71A7-3F55-4A2D-8AA8-F43F66F14982}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files\Microsoft Office\Office14\GROOVE.exe
O87 - FAEL: "{1953DAA8-A415-4B5F-898B-0D2549A276FA}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe
O87 - FAEL: "{C65D0490-143D-4E36-9E76-E8AEE3EC2AC2}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files\Microsoft Office\Office14\ONENOTE.exe
O87 - FAEL: "{2EA6A326-C1C5-4EED-936F-EBDE9CB62648}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\outlook.exe
O87 - FAEL: "TCP Query User{0EFCBB73-60B2-4CEE-84EA-232B6D89C9C6}C:\windows\kmsemulator.exe" | In - Private - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe
O87 - FAEL: "UDP Query User{0BA03322-1F8F-4370-80B4-33275FC25063}C:\windows\kmsemulator.exe" | In - Private - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe
O87 - FAEL: "{F22CAC47-A866-424C-B4A6-E60BE2F49684}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{B6FB8731-3452-4D24-9104-80627F52AF77}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe" | In - Public - P6 - TRUE | .(.Hewlett-Packard Co..) -- C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
O87 - FAEL: "UDP Query User{24450284-10EB-4ED5-8E2A-7EA1AC4083CA}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe" | In - Public - P17 - TRUE | .(.Hewlett-Packard Co..) -- C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
O87 - FAEL: "TCP Query User{B50CFFEF-E901-4170-9A69-6F8F8C22535F}C:\program files (x86)\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co..) -- C:\program files (x86)\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe
O87 - FAEL: "UDP Query User{7B9AA11A-6FE8-49E1-909F-FA30F46457D9}C:\program files (x86)\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co..) -- C:\program files (x86)\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe
O87 - FAEL: "{E23EC818-7413-45F2-90F1-0372A56F736D}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{F4AB4E4E-0994-4C73-9A6C-62CF0CDF3BF7}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{02A0CDEF-7C8B-4DBE-9E01-F2EC9D29569F}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{A86F0B7A-1A57-4FE1-9EAF-975F7A2E4087}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{A39AC77D-8485-485F-B6C5-81762412CBCB}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{504F760A-08EB-4B2F-B79C-CA9E3FB95789}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "{A0F31922-EDFE-4943-82A1-ADA082B1EC85}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\SysWOW64\msiexec.exe
O87 - FAEL: "TCP Query User{DF3120DC-F4BF-470C-924C-7E518D60AE29}C:\program files\microsoft office\office14\groove.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files\microsoft office\office14\groove.exe
O87 - FAEL: "UDP Query User{3DF43703-3234-471F-AB77-2C6D1AF4EFE4}C:\program files\microsoft office\office14\groove.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files\microsoft office\office14\groove.exe
O87 - FAEL: "TCP Query User{8DAE9BCC-6561-4ABD-9E3C-C86D024C3CE6}C:\windows\splwow64.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Print driver host for 32bit applications.) -- C:\windows\splwow64.exe
O87 - FAEL: "UDP Query User{DF1A8D8C-FD3A-4595-A1F8-4153C979AD5C}C:\windows\splwow64.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Print driver host for 32bit applications.) -- C:\windows\splwow64.exe
O87 - FAEL: "TCP Query User{1476EE5C-9F33-403B-8DD9-C908137D0AC9}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{5D073CE4-2641-45B8-AE4C-974074A2374A}C:\program files (x86)\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{27D62278-B3BC-4903-9838-B699216C7259}C:\Program Files (x86)\Java\jre7\bin\java.exe" | In - Public - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{726B6D7B-7846-4F5A-A456-4926AA0F4E5C}C:\Program Files (x86)\Java\jre7\bin\java.exe" | In - Public - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\java.exe
O87 - FAEL: "TCP Query User{CAC2FC55-7641-4258-A643-2D4CCC4E86BB}C:\windows\kmsemulator.exe" | In - Public - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe
O87 - FAEL: "UDP Query User{38612D9D-A3B9-45D7-B5AE-3204CFF21AC6}C:\windows\kmsemulator.exe" | In - Public - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe
O87 - FAEL: "{544AD917-26CC-4B21-9346-18687A3FC974}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{71EA2188-EA86-4CFB-827A-E7D31012814E}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "{33EEAF2C-7681-44C2-BCFC-C5AAAABD261E}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "{AF9CFEB5-D002-47FC-BE45-389E125A5D8C}" | In - None - P6 - TRUE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
~ Firewall: 223 Scanned in 00mn 01s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "045F27F206F16624596059B2126D46D0" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{2F72F540-1F60-4266-9506-952B21D6640D}\Installer.ico
O90 - PUC: "047163973EAE2E1199118BCAF689CC3E" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "16525446F96163A42AFF5B1E81CE565F" . (.ASUS SmartLogon.) -- C:\Windows\Installer\{64452561-169F-4A36-A2FF-B5E118EC65F5}\_4ae13d6c.exe
O90 - PUC: "1AEDF5F7CA0D08D4D9599577F5CCAF04" . (.HP Photosmart Plus B210 series Aide.) -- C:\Windows\Installer\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}\ARP_Icon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "21F1DBD139DE0C947ACC65BCED841885" . (.ASUS LifeFrame3.) -- C:\Windows\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "277C90D53BCEB244C96C4B43C187DF2C" . (.Apple Application Support.) -- C:\Windows\Installer\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}\WinInstall.ico
O90 - PUC: "2A0160E7633E3B046B584C09E579CEA9" . (.OpenOffice.org 3.3.) -- C:\Windows\Installer\{7E0610A2-E336-40B3-B685-C4905E97EC9A}\soffice.ico
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "3030C407C02DFA54DBB255E6FA13EB90" . (.iCloud.) -- C:\Windows\Installer\{704C0303-D20C-45AF-BD2B-556EAF31BE09}\ARP.ico
O90 - PUC: "30CD7EEB013E4DA84FD55B5A61F396F7" . (.ATI AVIVO64 Codecs.) -- C:\Windows\Installer\{BEE7DC03-E310-8AD4-F45D-B5A5163F697F}\ARPPRODUCTICON.exe
O90 - PUC: "30F0FF67707B23345B1D5AC6383015E4" . (.iTunes.) -- C:\Windows\Installer\{76FF0F03-B707-4332-B5D1-A56C8303514E}\Installer.ico
O90 - PUC: "346EE38538FC2F1A9AF0DA7BF5B735D2" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{583EE643-CF83-A1F2-A90F-ADB75F7B532D}\ARPPRODUCTICON.exe
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- C:\Windows\Installer\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "3F7A4F31CBAE1624FAB6317177F77055" . (.Fast Boot.) -- C:\Windows\Installer\{13F4A7F3-EABC-4261-AF6B-1317777F0755}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "448196332FD06A9458E68695869EBBC9" . (.Logiciel de base du périphérique HP Photosmart Plus B210 series.) -- C:\Windows\Installer\{33691844-0DF2-49A6-856E-685968E9BB9C}\ARP_Icon
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "46FE56B5AFD1A414C849B77B6251E812" . (.ControlDeck.) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "4CB96667745505B5350C0C161C890F77" . (.ccc-core-static.) -- C:\Windows\Installer\{76669BC4-5547-5B50-53C0-C061C198F077}\ARPPRODUCTICON.exe
O90 - PUC: "588B2FCABDBB9CD6489617EAAA8F4069" . (.ccc-utility64.) -- C:\Windows\Installer\{ACF2B885-BBDB-6DC9-8469-71AEAAF80496}\ARPPRODUCTICON.exe
O90 - PUC: "5F2AEB18B9F45FA49A2B23017F91133D" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{81BEA2F5-4F9B-4AF5-A9B2-3210F71931D3}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.7) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "6D861387DF0ADF595166ED17F356B713" . (.Catalyst Control Center Graphics Previews Vista.) -- C:\Windows\Installer\{783168D6-A0FD-95FD-1566-DE713F657B31}\ARPPRODUCTICON.exe
O90 - PUC: "707B49F6E20EA62962A56CEFA93214FD" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{6F94B707-E02E-926A-265A-C6FE9A2341DF}\ARPPRODUCTICON.exe
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "84684D16B4CA5B345B44257193C16825" . (.HP Photosmart Plus B210 series - Enquête sur l'amélioration du produit.) -- C:\Windows\Installer\{61D48648-AC4B-43B5-B544-5217391C8652}\ARP_Icon
O90 - PUC: "849FDF02DE8C34545A937F4FEA5FFA2A" . (.Wireless Console 3.) -- C:\Windows\Installer\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "884FD4BEFEAAF6043A14BCA2AA13B509" . (.Windows Live Messenger.) -- C:\Windows\Installer\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}\MsblIco.Exe
O90 - PUC: "8D7961433299E5444BA225E9A599BCA7" . (.syncables desktop SE.) -- C:\Windows\Installer\{341697D8-9923-445E-B42A-529E5A99CB7A}\ARPPRODUCTICON.exe
O90 - PUC: "92535283D79D1094EA35C59C37D6A3E2" . (.ASUS AI Recovery.) -- C:\Windows\Installer\{38253529-D97D-4901-AE53-5CC9736D3A2E}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "9EBF5A643BDA39441ACC4BFCDF422DA6" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}\fssicon.ico
O90 - PUC: "A929A4608ED4FC049A10DB041CE4D452" . (.PDF Architect.) -- C:\Windows\Installer\{064A929A-4DE8-40CF-A901-BD40C14E4D25}\main_icon
O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico
O90 - PUC: "B1C4F5CE838F7BC45816F808296924B8" . (.TomTom HOME.) -- C:\Windows\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\ARPPRODUCTICON.exe
O90 - PUC: "B27818B2450AAD84EBB3AFC561C403A3" . (.ASUS FancyStart.) -- C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "B6F5FB4F596F2674EA2B0D594A3CD498" . (.Alcor Micro USB Card Reader.) -- C:\Windows\Installer\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}\ARPPRODUCTICON.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D7B2964A6B6081EC2336C6A6D6A05332" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{A4692B7D-06B6-CE18-3263-6C6A6D0A3523}\ARPPRODUCTICON.exe
O90 - PUC: "E1918992E53A2E74EB8377207C137D22" . (.SRS Premium Sound Control Panel.) -- C:\Windows\Installer\{2998191E-A35E-47E2-BE38-7702C731D722}\ARPPRODUCTICON.exe
O90 - PUC: "E19212F84440D1B49B9F34077AE343D6" . (.WinFlash.) -- C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon
O90 - PUC: "E339C5BAD7C503D43B41C9384AB949EB" . (.ATK Package.) -- C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_294823.exe
O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.3.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O90 - PUC: "EEEFF490373AEA43B6DDED3AB2847C62" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{094FFEEE-A373-34AE-6BDD-DEA32B48C726}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico
O90 - PUC: "FB9326B958E40954D827153ED01B9AAA" . (.ASUS Power4Gear Hybrid.) -- C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "FF9B7AA74B4F46B4C815C7B3D4F0A582" . (.4-Day Forecast.) -- C:\Windows\Installer\{7AA7B9FF-F4B4-4B64-8C51-7C3B4D0F5A28}\_6FEFF9B68218417F98F549.exe
~ Update Products: 308 Scanned in 00mn 00s

---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
O92 - MNS: Flux de photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 2 Scanned in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.5DE888E9D265586DE818D263542C5632] [WIS][23/05/2013] (.pdfforge GmbH - PDF Architect Installer.) -- C:\Windows\Installer\106b3692.msi [51445760]
[MD5.455C0E27358AC9242544F413B3284828] [WIS][10/07/2011] (.SRS Labs, Inc. - SRS Premium Sound Control Panel.) -- C:\Windows\Installer\1266a.msi [8534016]
[MD5.82B91E7CCDFDFBEAF58F381D1FA3EFDF] [WIS][08/09/2009] (.Alcor Micro Corp. - AmIcoSinglun.) -- C:\Windows\Installer\1266f.msi [1452032]
[MD5.A1CCA82D2681525B6A408E846800B64B] [WIS][21/04/2012] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\14843342.msi [6561792]
[MD5.7BBC45CBDE3D58376B9AE821DE6DE959] [WIS][23/04/2013] (.The J2SE Runtime Environment with European - Additional Font and Media Support.) -- C:\Windows\Installer\281f88fa.msi [184320]
[MD5.C93102D26CC671373241FD363AC7B924] [WIS][07/06/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\2eff4.msi [20627456]
[MD5.7A66FD7DD6B32F60223485CFAD4A19B8] [WIS][12/07/2013] (.Google - Google Earth.) -- C:\Windows\Installer\349285b.msi [921600]
[MD5.4460DFB1DC5E4B050469A17EE7C0D4DD] [WIS][14/06/2010] (.Hewlett Packard - HP Photosmart Plus B210 series Get product specific help to eas.) -- C:\Windows\Installer\4cb04a.msi [135680]
[MD5.9D1FC3737A86F6B516152DFF025F2FC7] [WIS][13/07/2013] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\53c454b.msi [26112]
[MD5.C5B805944B17C0C256F7B67CA3C73F84] [WIS][08/07/2010] (.4-Day Forecast - .) -- C:\Windows\Installer\6f155f3.msi [1669120]
[MD5.A5576363B925A469C7A85649ED0446F6] [WIS][22/04/2011] (.Oliver Carr - .) -- C:\Windows\Installer\7b4d1d.msi [1948160]
[MD5.09F0F2D51B2BE16C1675C59460D34825] [WIS][25/02/2010] (.SAH - .) -- C:\Windows\Installer\b74c7.msi [1982976]
[MD5.7C7D02806046FE56308ADB8B0E228495] [WIS][13/04/2011] (.syncables - syncables desktop.) -- C:\Windows\Installer\b8738.msi [114234368]
[MD5.C1406AE58D076EC007EF8B8C48CB0234] [WIS][26/08/2010] (.ATI - Branding.) -- C:\Windows\Installer\dba7.msi [440320]
[MD5.6E0C4B8686EFF7B0BBE2F97609D1AD67] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbad.msi [1889792]
[MD5.D07486F6B3E5E1E711A1834D69BF4BBE] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbb3.msi [5749248]
[MD5.8A59C39FA81926D74FBE1EDC537E33D4] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbba.msi [1262592]
[MD5.D6D76D27185C910581543859F0F270EF] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbc0.msi [1247744]
[MD5.00EAA14338CBB0D304CA431E808883E6] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbc6.msi [1230848]
[MD5.E9028408446589C478E28E051FC4E920] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbcc.msi [1301504]
[MD5.EF67034C84A70528AFB274159820EABD] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbd2.msi [757248]
[MD5.917C5581CBDD203F3B60574CD813F490] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbd8.msi [1249280]
[MD5.05C540104EEC76DF53F1088D52C0618E] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbde.msi [1252352]
[MD5.7B03BD56400985ABCFC97AC3CD4448D5] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbe4.msi [1257472]
[MD5.CF42CE40FD0C6207FF7FFB19E6988A77] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbea.msi [1268224]
[MD5.485A803056AD72F28C1B19B236C262C0] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbf0.msi [1248256]
[MD5.714957074A9A81567158FB68388439F0] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbf6.msi [1275904]
[MD5.CA46D94CFF38C44AAB78C20C9D07C2AB] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dbfc.msi [1260032]
[MD5.96671DF2BC1926847FF843DB96F798D0] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc02.msi [1254400]
[MD5.B074FAA9B63DC2AB17A166E27FE9B3BF] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc08.msi [1241088]
[MD5.B69E9E90A6A29669D3915AAAE2DDFD8B] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc0e.msi [1256448]
[MD5.1AC054CD91A7DABBE07C9F1ACA5BAD6A] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc14.msi [1253888]
[MD5.BA617A0B74EE08C0F3B9150A4E50B229] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc1a.msi [1287168]
[MD5.9BA3021097B80DB87F9AB12DE167A739] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc20.msi [1243648]
[MD5.EBE34F20783F4521F9E8795FCABE7263] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc26.msi [1274368]
[MD5.B679E2AEF8DC6BD150C553384F6CB58B] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc2c.msi [1252864]
[MD5.D0FEB55D31B9111E1A10E02CB3172FAC] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc32.msi [939520]
[MD5.4EFB4135B761BC406A860CCE7EF22F77] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc38.msi [1242112]
[MD5.3167C124F5881F8E984E80BCD50DD110] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc3e.msi [1974784]
[MD5.00CD07B6DFD0324AE864C0481DEFB041] [WIS][21/10/2010] (.ATI - Catalyst Control Center Utility 64.) -- C:\Windows\Installer\dc44.msi [279552]
[MD5.766A7D2E52ECA03ACF19D48CCED133ED] [WIS][21/10/2010] (.ATI - Catalyst Control Center.) -- C:\Windows\Installer\dc4b.msi [14462464]
~ WIS: 312 Scanned in 00mn 28s

---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 09/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 22/06/2010 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 05/10/2010 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 31/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 31/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/04/2011 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 31/05/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 01/10/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 27/11/2012 479840 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SS - | Auto 19/04/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 22/08/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SS - | Demand 22/08/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 01/10/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 31s

---\\ Recherche dinfection sur le Master Boot Record (MBR)(O80)
Run by Archimbaud at 22/08/2013 09:37:01
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s

---\\ Recherche dinfection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Archimbaud at 22/08/2013 09:37:03

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : v2.12859 - (19/08/2013)
Clés trouvées (Keys found) : 34
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 6

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}] =>Toolbar.Avast^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update] =>Adware.Boxore^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\Classes\MF] =>PUP.MediaFinder
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
[HKLM\Software\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^
C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\Users\Archimbaud\AppData\Roaming\DriverCure =>PUP.DriverCure^
C:\Users\Archimbaud\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\Common Files\337 =>Hijacker.22find
C:\Users\Archimbaud\AppData\Local\Software =>Adware.Boxore
C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>Toolbar.Avast^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
C:\Users\Archimbaud\AppData\Roaming\DriverCure\LogFile.txt [115] =>PUP.DriverCure^
C:\Users\Archimbaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\0.0.4.1_0\css\quickSearch\img\yahoo.png [2205] =>Toolbar.Yahoo^
C:\Windows\KMSEmulator.exe =>Hijacker.Windows
~ Additionnel Scan: 335249 Items scanned in 00mn 26s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... acker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blo ... lbar-avast =>Toolbar.Avast
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blo ... ker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blo ... r-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blo ... aretologic =>PUP.Paretologic
~ http://nicolascoolman.webs.com/apps/blo ... up-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blo ... drivercure =>PUP.DriverCure
~ http://nicolascoolman.webs.com/apps/blo ... lbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blo ... crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blo ... lbar-wajam =>Toolbar.Wajam
~ http://nicolascoolman.webs.com/apps/blo ... olbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blo ... p-offerbox =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blo ... ediafinder =>PUP.MediaFinder
~ http://nicolascoolman.webs.com/apps/blo ... -imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blo ... fesecurity =>PUP.eSafeSecurity
~ MSI: 18 link(s) detected in 00mn 26s

End of the scan (2558 lines in 04mn 01s)(0)
=================================

de **VIRUS/C/C** » 22 Aoû 2013 10:28

Salut

Faudrai quand même que tu heberges les rapports comme demandé !! pas pratique pour moi et trop long

Rien de compliqué !!!!!!!!!

Pour les Héberger

* Héberge le rapport sur ce site,
* >> cjoint.com.

* clic sur Parcourir
* trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* et valide en cliquant sur >> Créer le lien Cjoint
* Un lien de ce genre [http://cjoint.com/?3DjqjgQmGB8R] te sera généré,
* Il te suffit de le poster

ou

ICI >> pjjoint.malekal

* Cliques sur >> Parcourir
* Trouve >> le rapport que tu viens d'enregistrer qui doit par exemple être sur ton bureau
* Au cas ou tu le poste en plusieurs parties ,Ok , mais >> en entier bien sur !!
* Cliques sur >> envoyer le fichier
* Un lien de ce genre te sera généré,
* il te suffit de le poster ici

1) /!\ ZHPFix /!\

Ce script va cibler certains éléments à supprimer :
>> ATTENTION << : Script personnalisé pour cette Machine et uniquement pour cette Machine , Ne pas reproduire !!!!!!!!!!!!!!!!!!!!!!!

* Copies tout le texte présent ci-dessous
*( tu le selectionnes avec ta souris >> Clique droit dessus et choisis "copier" ou fait Ctrl+C )

* Tu commences bien à partir de SysRestore jusqu' a Emptytemp

SysRestore
G1 - GCS: Preference [User Data\Default] http://search.qvo6.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.qvo6.com
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com
OPT:O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
OPT:O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
OPT:O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
OPT:O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
OPT:O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
OPT:O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\chrome.exe http://www.qvo6.com
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com
O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.)
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
C:\Program Files (x86)\Desk 365
C:\Program Files (x86)\ParetoLogic
C:\Program Files (x86)\Software
C:\Program Files (x86)\Common Files\337
C:\Users\Archimbaud\AppData\Roaming\DriverCure
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Archimbaud\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.qvo6.com
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Safari\Safari.exe" http://www.qvo6.com
O69 - SBI: prefs.js [Archimbaud - ucwgcla2.default] user_pref("extensions.crossrider.bic", "1399cddc8d17f40f8512ac51f641f4c7");
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (qvo6) - http://search.qvo6.com
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update (Software_update]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[HKLM\Software\Wow6432Node\Boxore]
[HKCU\Software\SweetIM]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS]
[HKCU\Software\Classes\MF]
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc]
[HKLM\Software\Wow6432Node\qvo6Software]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494]
[HKCU\Software\ParetoLogic]
[HKLM\Software\Wow6432Node\ParetoLogic]
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc]
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]
C:\Users\Archimbaud\AppData\Roaming\DriverCure
C:\Users\Archimbaud\AppData\Roaming\ParetoLogic
C:\Users\Archimbaud\AppData\Local\Software
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
[HKCU\Software\AppDataLow\Software\Smartbar]
SS - | Auto 22/08/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
SS - | Demand 22/08/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe
ServiceDemand:AdobeARMservice
ServiceDemand:WinDefend
ServiceDemand:Apple Mobile Device
ServiceDemand:Bonjour Service
EmptyCLSID
EmptyFlash
Emptytemp

* Fais un clic-droit sur le raccourci de >> ZHPFix qui se trouve sur ton bureau et choisis "Exécuter en temps qu'administrateur" pour le lancer.

* La fenêtre de Contrôle de Compte Utilisateur s' ouvre >> "Voulez-vous autoriser le programme...." ,

* Clique sur OUI

* Une fois l'outil ZHPFix ouvert ,

* Clique sur l'icone représentant le presse-papier ("coller le presse-papier") => 1

* Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le (Ctrl+v)

* les lignes ci-dessus sont celles qui doivent apparaître dans la fenêtre de ZHPFix.
* Si ce n'est pas le cas, ne surtout pas cliquer sur le bouton GO. Il faut veiller à bien copier les lignes.

* Clique sur le bouton GO=> 2 pour lancer le nettoyage

* Il arrive que l'outil que tu vas utiliser ferme le processus "explorer.exe". Il est possible qu'après son exécution, ton bureau reste sans icône et sans barre des tâches.

* il suffit de relancer explorer.exe

* Pour cela, tu presseras simultanément ctrl+alt+suppr pour ouvrir le gestionnaire de tâches
* Une fois dans le gestionnaire, tu cliqueras sur "fichier" et sur "nouvelle tâche"
* Dans le champ de saisie, tu taperas explorer.exe et tu cliqueras sur OK
* Tout redeviendra normal
* Héberge le rapport ZHPFix.txt

* Poste le lien du rapport hébergé

@+ VIRUS/C/C

de **ManoAl63** » 22 Aoû 2013 12:47

Rebonjour

Merci encore pour ton aide

Enfin j'ai compris comment te transmettre le lien que tu trouveras ci-dessous
http://cjoint.com/?3HwnSUniPSL

de **VIRUS/C/C** » 22 Aoû 2013 14:21

Re

ManoAl63 a écrit:Rebonjour

Merci encore pour ton aide

Enfin j'ai compris comment te transmettre le lien que tu trouveras ci-dessous
http://cjoint.com/?3HwnSUniPSL

Certes tu es arrivé à transmettre un rapport sous forme de lien :felicitations:

Malheuresement c 'est pas ce rapport que j' attendais !!

tu trouveras également ce rapport ici => C:\ZHP\ZHPFix[R2]

ou même
Clique sur Démarrer
Dans la barre de recherche Copie/colle ceci > C:\ZHP\ZHPFix[R2]

il devrait apparaître

@+ VIRUS/C/C

[Résolu par VIRUS/C/C - 24/08/13] Erreur NTRedirect.dll

[Résolu par VIRUS/C/C - 24/08/13] Erreur NTRedirect.dll