~ Report of ZHPDiag v2013.10.12.33 - Nicolas Coolman (12/10/2013) ~ Launched by bertrand (14/10/2013 16:44:29) ~ Web site address : http://nicolascoolman.webs.com ~ Translated by ~ Version State : ~ White List : Deactivate by user ~ Elevation of privilege : OK ~ User Account Control : Deactivate by program ---\\ Internet browsers MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 24.0 (Defaut) GCIE: Google Chrome v30.0.1599.69 OBIE: Safari v5.34.57.2 ---\\ Windows product information ~ Langage: Anglais Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Security Client v4.3.0219.0 Windows Defender W7 ---\\ System optimization software ---\\ Sharing software PeerToPeer ---\\ Surveillance software Adobe Flash Player 11 Plugin Adobe Reader X Java 7 Update 25 ---\\ Information on the system ~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3690 MB (48% free) System Restore: Désactivé (Disabled) System drive C: has 46 GB (16%) free of 274 GB ---\\ Connection to the system mode ~ Computer Name: BERTRAND-HP ~ User Name: bertrand ~ All Users Names: HomeGroupUser$, Guest, bertrand, ASPNET, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Environment variables ~ System Unit : C:\ ~ %AppZHP% : C:\Users\bertrand\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\bertrand\AppData\Roaming\ ~ %Desktop% : C:\Users\bertrand\Desktop\ ~ %Favorites% : C:\Users\bertrand\Favorites\ ~ %LocalAppData% : C:\Users\bertrand\AppData\Local\ ~ %StartMenu% : C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeration of the disk units C: Hard drive, Flash drive, Thumb drive (Free 46 Go of 274 Go) D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 20 Go) E: Hard drive, Flash drive, Thumb drive (Free 3 Go of 4 Go) F: CD-ROM drive (Not Inserted) G: CD-ROM drive (Not Inserted) Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ State of the Windows Security Center [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 38 Scanned in 00mn 00s ---\\ Search Generic System Files [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.18/10/2011 - 01:42:28.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.3CD6F07E6416ED6E18A1965CD2B9144A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.22/09/2013 - 14:33:53.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) (.21/11/2010 - 03:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.21/11/2010 - 03:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:10:19.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 03:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.18/10/2011 - 01:47:51.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 03:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) (.12/04/2013 - 14:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 03:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 03:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.18/10/2011 - 01:37:48.) -- C:\Windows\system32\Drivers\volsnap.sys [296320] ~ Generic Processes: Scanned in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/86 ~ Mes musiques (My Musics) : 99/143 ~ Mes Videos (My Videos) : 7/55 ~ Mes Favoris (My Favorites) : 1/11 ~ Mes Documents (My Documents) : 2/1582 ~ Mon Bureau (My Desktop) : 1/9564 ~ Menu demarrer (Programs) : 1/47 ~ Hidden Files: Scanned in 00mn 03s ---\\ Process running [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2956] [MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.3876] [MD5.1542D48BEF0C07513453CDEF1577BB79] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656] [PID.3928] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.4016] [MD5.519A3A78F732B41236466FE9556D991A] - (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe [424728] [PID.3300] [MD5.A5257492F2657D454C33CCF093B92B73] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3665488] [PID.3572] [MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [268248] [PID.4924] [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.5084] [MD5.0D3745CA2F064F2D6B6388C6AA5D3BC7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752] [PID.2768] [MD5.C5F101D7E53AA530BB0496EB9556807C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8076288] [PID.4568] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1656] [MD5.46886B607192E6E0BBAD33D32FA32E85] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Frameworkx86\v4.0.30319\mscorsvw.exe [16990720] [PID.1888] [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1952] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1284] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1300] [MD5.440541D1D17A4B955A55E3DD09EF063E] - (...) -- C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld.exe [6287360] [PID.1428] [MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2304] [MD5.9F712B26EE3B0242DE997A42FD302E2C] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136] [PID.2328] [MD5.5E53CF8AD0FD33B35000C113656AB37B] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2754984] [PID.2448] [MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2688] [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.3848] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé) G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [jeaohhlajejodfjadcponpnjgkiikocn] IDM Integration Module v.6.17.7, (Désactivé) G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.13.0.13771, (Désactivé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé) G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ~ Google Browser: 14 Scanned in 00mn 30s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Users\bertrand\AppData\Roaming\Mozilla\Firefox\Profiles\opvyqkfm.default\prefs.js M0 - MFSP: prefs.js [bertrand - opvyqkfm.default] http://www.google.com P2 - FPN:Firefox Plugin Navigator . (.Macromedia, Inc. - Macromedia Shockwave for Director Netscape plug-in, version 10.1.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np32dsw.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win64 # 6.5.0.3.) -- C:\Program Files\ma-config.com\x64\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\bertrand\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll ~ Firefox Browser: 24 Scanned in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 23 ---\\ Browser Helper Objects (O2) O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ~ BHO: 12 Scanned in 00mn 00s ---\\ Other User Links (O4) O4 - GS\Desktop [Public]: ACID Pro 7.0.lnk . (.Sony Creative Software Inc. - ACID Pro 7.0.) -- C:\Program Files (x86)\Sony\ACID Pro 7.0\acid70.exe O4 - GS\Desktop [Public]: Adobe Download Assistant.lnk . (...) -- C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe O4 - GS\Desktop [Public]: Appnimi ZIP Password Unlocker.lnk . (...) -- C:\Program Files (x86)\Appnimi\Appnimi ZIP Password Unlocker\AppnimiZipPasswordUnlocker.exe O4 - GS\Desktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe O4 - GS\Desktop [Public]: AVGO Free Video Downloader.lnk . (.AVGO - No Comment.) -- C:\Program Files (x86)\AVGO\Free-Video-Downloader\AVGoVideoDownloader.exe O4 - GS\Desktop [Public]: Camtasia Studio 7.lnk . (.TechSmith Corporation - Camtasia Studio.) -- C:\Program Files (x86)\TechSmith\Camtasia Studio 7\CamtasiaStudio.exe O4 - GS\Desktop [Public]: DAEMON Tools Lite.lnk . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe =>.DT Soft Ltd O4 - GS\Desktop [Public]: FMW Ultimate SliKy i2.lnk . (...) -- C:\Program Files (x86)\Fly My World Corporate\Ultimate Reborn - Extension SliKy\Patcher-FMW.exe O4 - GS\Desktop [Public]: GIMP 2.lnk . (...) -- C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Desktop [Public]: PCSX2 0.9.8 (r4600).lnk . (...) -- C:\Program Files (x86)\PCSX2 0.9.8\pcsx2-r4600.exe O4 - GS\Desktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Desktop [Public]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\Desktop [Public]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O4 - GS\Desktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe O4 - GS\Desktop [Public]: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe O4 - GS\Desktop [Public]: Video Search.lnk . (.DsNET - aTube Catcher to download and convert video.) -- C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.0.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN O4 - GS\Program [Public]: Adobe Bridge CS6 (64bit).lnk . (.Adobe Systems, Inc. - Adobe Bridge CS6.) -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe =>.Adobe Systems Incorporated O4 - GS\Program [Public]: Adobe Download Assistant.lnk . (...) -- C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS6.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS6 and Debugger (32 b.) -- C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe =>.Adobe Systems Incorporated O4 - GS\Program [Public]: Adobe Help.lnk . (...) -- C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe O4 - GS\Program [Public]: Adobe Media Encoder CS6.lnk . (.Adobe Systems, Incorporated - No Comment.) -- C:\Program Files\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Microsoft Office 2010.lnk . (...) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (...) -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.) O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe O4 - GS\Program [Public]: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.) O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) -- C:\Windows\system32\xpsrchvw.exe O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) -- C:\Windows\system32\calc.exe O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) -- C:\Windows\system32\displayswitch.exe O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) -- C:\Windows\system32\mblctr.exe O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) -- C:\Windows\system32\mstsc.exe O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) -- C:\Windows\system32\SnippingTool.exe O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) -- C:\Windows\system32\SoundRecorder.exe O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) -- C:\Windows\system32\StikyNot.exe O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Getting Started.) -- C:\Windows\system32\OobeFldr.dll O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) -- C:\Windows\system32\charmap.exe O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) -- C:\Windows\system32\dfrgui.exe O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) -- C:\Windows\system32\cleanmgr.exe O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) -- C:\Windows\system32\perfmon.exe O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) -- C:\Windows\system32\msinfo32.exe O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) -- C:\Windows\system32\rstrui.exe O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) -- C:\Windows\system32\migwiz\postmig.exe O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) -- C:\Windows\system32\migwiz\migwiz.exe O4 - GS\QuickLaunch [bertrand]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\QuickLaunch [bertrand]: Dev-C++.lnk . (.Bloodshed Software - Dev-C++ IDE.) -- C:\Dev-Cpp\devcpp.exe O4 - GS\QuickLaunch [bertrand]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [bertrand]: MiPony.lnk . (.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe O4 - GS\QuickLaunch [bertrand]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\QuickLaunch [bertrand]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\QuickLaunch [bertrand]: Speakonia.lnk . (.CFS-Technologies - Speakonia - TTS Program.) -- C:\Program Files (x86)\CFS-Technologies\Speakonia\Speakonia.exe O4 - GS\QuickLaunch [bertrand]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\bertrand\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\TaskBar [bertrand]: Adobe Photoshop CS6.lnk . (...) -- C:\Program Files (x86)\Adobe\AutoPlay\Docs\PhotoshopCS6.exe (.not file.) =>.Adobe Systems Incorporated O4 - GS\TaskBar [bertrand]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) -- C:\Windows\system32\calc.exe O4 - GS\TaskBar [bertrand]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [bertrand]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [bertrand]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [bertrand]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\Windows\system32\notepad.exe O4 - GS\TaskBar [bertrand]: Patcher-de-secours.lnk . (...) -- C:\Program Files (x86)\Fly My World Corporate\Fly My World Corporate\Ultimate Reborn - Acte 5\Patcher-de-secours.exe O4 - GS\TaskBar [bertrand]: Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\TaskBar [bertrand]: Speakonia.lnk . (.CFS-Technologies - Speakonia - TTS Program.) -- C:\Program Files (x86)\CFS-Technologies\Speakonia\Speakonia.exe O4 - GS\TaskBar [bertrand]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\explorer.exe O4 - GS\Program [bertrand]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [bertrand]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [bertrand]: Torch.lnk . (...) -- C:\Users\bertrand\AppData\Local\Torch\Application\torch.exe (.not file.) O4 - GS\Accessories [bertrand]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\system32\cmd.exe O4 - GS\Accessories [bertrand]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\Windows\system32\notepad.exe O4 - GS\Accessories [bertrand]: Run.lnk - Orphan key O4 - GS\Accessories [bertrand]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\explorer.exe O4 - GS\SystemTools [bertrand]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [bertrand]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo [bertrand]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe O4 - GS\SendTo [bertrand]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - GS\Desktop [bertrand]: Adobe After Effects CS6.lnk . (.Adobe Systems Incorporated - Adobe After Effects CS6.) -- C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe O4 - GS\Desktop [bertrand]: Adobe Photoshop CS6.lnk . (...) -- C:\Program Files (x86)\Adobe\AutoPlay\Docs\PhotoshopCS6.exe (.not file.) =>.Adobe Systems Incorporated O4 - GS\Desktop [bertrand]: Dev-C++.lnk . (.Bloodshed Software - Dev-C++ IDE.) -- C:\Dev-Cpp\devcpp.exe O4 - GS\Desktop [bertrand]: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe O4 - GS\Desktop [bertrand]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [bertrand]: MiPony.lnk . (.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe O4 - GS\Desktop [bertrand]: Play Darksiders II nosTEAM.lnk . (...) -- C:\Darksiders II\Darksiders2.exe O4 - GS\Desktop [bertrand]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [bertrand]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [bertrand]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\bertrand\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 106 Scanned in 00mn 02s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKCU\..\Run: [AdobeBridge] Orphan key O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe =>.DT Soft Ltd O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [E09FXLRD_278321] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [AdobeBridge] Orphan key O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe =>.DT Soft Ltd O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [E09FXLRD_278321] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-948805745-1492054858-3638506696-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe ~ Application: Scanned in 00mn 00s ---\\ IE Options icon not visible in Control Panel (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.) O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.) O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico O9 - Extra button: Barre de recherche Encarta [64Bits] - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} -- Orphan key ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 8 Scanned in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0F6A11C8-63C7-41DE-848B-05D3DDC680CE}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0F6A11C8-63C7-41DE-848B-05D3DDC680CE}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{0F6A11C8-63C7-41DE-848B-05D3DDC680CE}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 ~ Domain: Scanned in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (.not file.) =>.Hewlett-Packard Co O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\Windows\system32\HPSIsvc.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MySQL (MySQL) . (...) - C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe ~ Services: 14 Scanned in 00mn 23s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Task Planned Automatically (039) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [830] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [898] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [902] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] [MD5.00000000000000000000000000000000] [APT] [HP Support Assistant Quick Start] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [PC Health Analysis] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [PC Tuneup] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (.not file.) [0] [MD5.3EA98EF084CB360121A6D7BA2B47E655] [APT] [Update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [850488] ~ Scheduled Task: 14 Scanned in 00mn 07s ---\\ ActiveSetup Installed Components (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 11 Scanned in 00mn 00s ---\\ Drivers launched at startup (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VBoxDrv) . (.Oracle Corporation - VirtualBox Support Driver.) - C:\Windows\System32\DRIVERS\VBoxDrv.sys O41 - Driver: (VBoxUSBMon) . (.Oracle Corporation - VirtualBox USB Monitor Driver.) - C:\Windows\System32\DRIVERS\VBoxUSBMon.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 66 Scanned in 00mn 01s ---\\ Software installed (O42) O42 - Logiciel: ACID Pro 7.0 - (.Sony.) [HKLM][64Bits] -- {BFA5441E-B7E6-46F5-A15D-1B74707AE93A} O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {72AC3A0C-C446-257C-0F44-B0280C18A72F} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {6D326316-AC23-00EC-D581-FD3373F1CE17} O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {03349482-71EF-0131-8840-A1FF64C03808} O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A6FD58FB-0ED3-8B5A-38B7-332D0693CE42} O42 - Logiciel: AVGO Free Video Downloader 1.7.9 - (.AVGO Inc..) [HKLM][64Bits] -- AVGO Free Video Downloader_is1 O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {14DC0059-00F1-4F62-BD1A-AB23CD51A95E} O42 - Logiciel: Adobe After Effects CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4817D846-700B-474E-A31B-80892B3E92E3} O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C8773FDB-D0DB-BE52-D536-F48F9886B57B} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1} O42 - Logiciel: Adobe Photoshop CS6 Extended 13.0 - (.UncworldStore.) [HKLM][64Bits] -- Adobe Photoshop CS6 Extended 13.0 =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Reader X (10.1.8) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Barre de recherche Encarta (64 bits) - (.Microsoft.) [HKLM][64Bits] -- {08184040-959A-4B0D-8825-2C533F0DDB19} O42 - Logiciel: Camtasia Studio 7 - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D577B95-4EC1-4C3D-B6F6-FF3D3C7FF9B4} O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5F7308C0-56FF-415A-B34C-44A90A892A95} O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks O42 - Logiciel: Compaq Setup Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {AE856388-AFAD-4753-81DF-D96B19D0A17C} O42 - Logiciel: Cracked Steam - (.Anti-Valve Software.) [HKLM][64Bits] -- 6F64DF2E-3B8E-41DB-89E4-75BD3F370CDE_is1 O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Dev-C++ 5 beta 9 release (4.9.9.2) - (...) [HKLM][64Bits] -- Dev-C++ O42 - Logiciel: Dragonica version TEST - (.Gala Networks Europe Ltd..) [HKLM][64Bits] -- {46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1 O42 - Logiciel: Dust: An Elysian Tail - (.Microsoft Studios.) [HKLM][64Bits] -- Dust: An Elysian Tail_is1 O42 - Logiciel: ESU for Microsoft Windows 7 SP1 - (.Hewlett-Packard.) [HKLM][64Bits] -- {E96CAA2A-0244-4A2A-8403-0C3C9534778B} O42 - Logiciel: Evernote v. 4.2.3 - (.Evernote Corp..) [HKLM][64Bits] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4} O42 - Logiciel: FMW - Ultimate SliKy i2 - (...) [HKLM][64Bits] -- FMW - Ultimate SliKy i2 O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM][64Bits] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3} O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM][64Bits] -- WinGimp-2.0_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1} O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {39FCC6B7-FFF5-4075-A5E8-B5CEBD54C331} O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM][64Bits] -- HP LaserJet Professional P1100-P1560-P1600 Series O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {DBCD5E64-7379-4648-9444-8A6558DCB614} O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: IconPackager - (.Stardock Corporation.) [HKLM][64Bits] -- IconPackager O42 - Logiciel: IconPackager - (.Stardock Corporation.) [HKLM][64Bits] -- {6BF04C63-EAC0-4F19-9E88-9A745493E7BF} O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: L&H TTS3000 Français - (...) [HKLM][64Bits] -- LHTTSFRF O42 - Logiciel: MP3 Voice Recorder 1.0 - (.prvsoft.com.) [HKLM][64Bits] -- MP3 Voice Recorder_is1 O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {7E708ADE-6575-11E2-8713-F04DA23A5C58} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {4B5CFDDC-070A-4A24-BB02-2448E0375F8E} O42 - Logiciel: Macromedia Shockwave Player - (...) [HKLM][64Bits] -- Macromedia Shockwave Player O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: MiPony 2.1.0 - (...) [HKLM][64Bits] -- MiPony O42 - Logiciel: Microsoft Encarta 2009 - Collection - (.Microsoft Corporation.) [HKLM][64Bits] -- {09180081-2C94-4A67-8E55-8483C019C7D2} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {8D26D58C-3464-4C03-BB61-5695F984EFEF} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Mplayer.com - (...) [HKLM][64Bits] -- Mplayer.com O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec O42 - Logiciel: MySQL Server 5.1 - (.MySQL AB.) [HKLM][64Bits] -- {87FC2EAB-B7E6-4D04-BE6A-46330F7361C7} O42 - Logiciel: NewBlue 3D Explosions for Windows - (...) [HKLM][64Bits] -- NewBlue 3D Explosions for Windows O42 - Logiciel: NewBlue 3D Transformations for Windows - (...) [HKLM][64Bits] -- NewBlue 3D Transformations for Windows O42 - Logiciel: NewBlue Art Blends for Windows - (...) [HKLM][64Bits] -- NewBlue Art Blends for Windows O42 - Logiciel: NewBlue Art Effects for Windows - (...) [HKLM][64Bits] -- NewBlue Art Effects for Windows O42 - Logiciel: NewBlue Film Effects for Windows - (...) [HKLM][64Bits] -- NewBlue Film Effects for Windows O42 - Logiciel: NewBlue Motion Blends for Windows - (...) [HKLM][64Bits] -- NewBlue Motion Blends for Windows O42 - Logiciel: NewBlue Motion Effects for Windows - (...) [HKLM][64Bits] -- NewBlue Motion Effects for Windows O42 - Logiciel: NewBlue Video Essentials for Windows - (...) [HKLM][64Bits] -- NewBlue Video Essentials for Windows O42 - Logiciel: Oracle VM VirtualBox 4.2.16 - (.Oracle Corporation.) [HKLM][64Bits] -- {4CC3444D-7279-4E83-984F-18E9A7B2E803} O42 - Logiciel: PCSX2 - Playstation 2 Emulator - (...) [HKLM][64Bits] -- pcsx2-r4600 O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3 O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} O42 - Logiciel: RAR Password Cracker 4.12 - (.dnSoft Research Group.) [HKLM][64Bits] -- RAR Password Cracker O42 - Logiciel: Ralink RT5390 802.11b/g/n WiFi Adapter - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C} O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM][64Bits] -- RocketDock_is1 O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 6.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: Speakonia - (.CFS-Technologies.) [HKLM][64Bits] -- Speakonia_is1 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: SuperCopier2 - (...) [HKLM][64Bits] -- SuperCopier2 O42 - Logiciel: Synaptics TouchPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 7 O42 - Logiciel: VLC media player 2.1.0 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Vegas Pro 12.0 (64-bit) - (.Sony.) [HKLM][64Bits] -- {7963F870-6575-11E2-A4D9-F04DA23A5C58} O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F} O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: World of Tanks - (.Wargaming.net.) [HKLM][64Bits] -- {1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 O42 - Logiciel: Wrzuta Media Downloader - (.Dragonshorn Studios.) [HKLM][64Bits] -- WrzutaMediaDownloader O42 - Logiciel: ZIP PASSWORD FINDER - (...) [HKLM][64Bits] -- ZIP PASSWORD FINDER O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM][64Bits] -- aTube Catcher O42 - Logiciel: opensource - (.Your Company Name.) [HKLM][64Bits] -- {3677D4D8-E5E0-49FC-B86E-06541CF00BBE} O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent ~ Logic: 207 Scanned in 00mn 02s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AMD] [HKCU\Software\ATI] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Arcai.com] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\Borland] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\CFS-Technologies] [HKCU\Software\ClassesB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CodeGear] [HKCU\Software\CyberLink] [HKCU\Software\DT Soft] [HKCU\Software\DirectShow] [HKCU\Software\DownloadManager] [HKCU\Software\Dragonshorn Studios] [HKCU\Software\EaseUS] [HKCU\Software\EasyBits] [HKCU\Software\Eidos] [HKCU\Software\FLT] [HKCU\Software\Facebook] [HKCU\Software\FreeTime] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GetPrivate] [HKCU\Software\GoforFiles] =>P2P.GoforFiles [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\INCAInternet] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\MacroMgr] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Consumer)] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Marvell] [HKCU\Software\MiniTool Solution Ltd.] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\MyFree Codec] [HKCU\Software\MySQL AB] [HKCU\Software\Netscape] [HKCU\Software\NewBlue] [HKCU\Software\Norton] [HKCU\Software\ODBC] [HKCU\Software\Oracle] [HKCU\Software\PCSX2] [HKCU\Software\Pando Networks] [HKCU\Software\Policies] [HKCU\Software\RAR Password Cracker] [HKCU\Software\Realtek] [HKCU\Software\RocketDock] [HKCU\Software\S.A.D] [HKCU\Software\SCATLAWS] [HKCU\Software\SFX TEAM] [HKCU\Software\Samsung] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Soft Lemon] [HKCU\Software\Sony Creative Software] [HKCU\Software\Stardock] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TVSSI] [HKCU\Software\TeamViewer] [HKCU\Software\TechSmith] [HKCU\Software\TeleCharger_v2] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\VirtualDub.org] [HKCU\Software\Wargaming.net] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\Windows Sidebar] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\cybelsoft] [HKCU\Software\eSellerate] [HKCU\Software\ej-technologies] [HKCU\Software\gPotato] [HKCU\Software\shockwave.com] [HKCU\Software\uTorrent Turbo Booster] =>P2P.µTorrent [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Adobe] [HKLM\Software\Anti-Valve Software] [HKLM\Software\CBSTEST] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cyberlink] [HKLM\Software\HPQ] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Marvell] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\Oracle] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S.A.D] [HKLM\Software\SAMSUNG] [HKLM\Software\SONIX] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Sony Creative Software] [HKLM\Software\Synaptics] [HKLM\Software\Valve] [HKLM\Software\Wow6432Node\AMD] [HKLM\Software\Wow6432Node\ATI Technologies] [HKLM\Software\Wow6432Node\ATI] [HKLM\Software\Wow6432Node\AVGO] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Arcai] [HKLM\Software\Wow6432Node\AviSynth] [HKLM\Software\Wow6432Node\Brothers] [HKLM\Software\Wow6432Node\C07ft5Y] [HKLM\Software\Wow6432Node\CDDB] [HKLM\Software\Wow6432Node\Caphyon] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\DT Soft] [HKLM\Software\Wow6432Node\DivXNetworks] [HKLM\Software\Wow6432Node\EasyBits] [HKLM\Software\Wow6432Node\Evernote] [HKLM\Software\Wow6432Node\FlyMyWorld Ultimate] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\GoforFiles] =>P2P.GoforFiles [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\Hewlett-Packard] [HKLM\Software\Wow6432Node\HewlettPackard] [HKLM\Software\Wow6432Node\HighCriteria] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\L&H] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Mpath] [HKLM\Software\Wow6432Node\MyFree Codec] [HKLM\Software\Wow6432Node\MySQL AB] [HKLM\Software\Wow6432Node\NewBlue] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OpenVPN-GUI] [HKLM\Software\Wow6432Node\Pando Networks] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Propellerhead Software] [HKLM\Software\Wow6432Node\Ralink] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Riot Games] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Sony Creative Software] [HKLM\Software\Wow6432Node\Sony Media Software] [HKLM\Software\Wow6432Node\Stardock] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\TechSmith] [HKLM\Software\Wow6432Node\Thoosje] [HKLM\Software\Wow6432Node\Valve] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Voice] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\Win32 Services] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Wow6432Node] [HKLM\Software\Wow6432Node\Xvid Team] [HKLM\Software\Wow6432Node\cybelsoft] [HKLM\Software\Wow6432Node\eSellerate] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\uTorrent Turbo Booster] =>P2P.µTorrent [HKLM\Software\Wow6432Node] [HKLM\Software\cybelsoft] ~ Key Software: 310 Scanned in 00mn 03s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 26/10/2012 - 17:01:01 - [477,782] ----D C:\Program Files (x86)\Adobe O43 - CFD: 25/10/2012 - 12:38:54 - [2,984] ----D C:\Program Files (x86)\Adobe Download Assistant O43 - CFD: 10/10/2012 - 09:42:17 - [2,145] ----D C:\Program Files (x86)\AMD APP O43 - CFD: 10/10/2012 - 09:42:20 - [0,389] ----D C:\Program Files (x86)\AMD AVT O43 - CFD: 09/10/2012 - 15:51:35 - [2,316] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 07/02/2013 - 07:41:55 - [0,560] ----D C:\Program Files (x86)\Appnimi O43 - CFD: 10/10/2012 - 09:40:53 - [54,556] ----D C:\Program Files (x86)\ATI Technologies O43 - CFD: 25/07/2013 - 00:26:29 - [3,321] ----D C:\Program Files (x86)\auto-clicker O43 - CFD: 05/09/2013 - 21:30:53 - [46,860] ----D C:\Program Files (x86)\AVGO O43 - CFD: 21/10/2012 - 11:59:32 - [2,904] ----D C:\Program Files (x86)\CFS-Technologies O43 - CFD: 16/05/2013 - 05:45:16 - [150,273] ----D C:\Program Files (x86)\CodeBlocks O43 - CFD: 14/10/2013 - 09:58:26 - [658,006] ----D C:\Program Files (x86)\Common Files O43 - CFD: 07/06/2012 - 13:04:00 - [210,159] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 08/10/2012 - 15:06:41 - [9,242] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 09/10/2012 - 13:15:20 - [1,734] ----D C:\Program Files (x86)\Dragonshorn Studios O43 - CFD: 01/09/2013 - 05:10:18 - [39,083] ----D C:\Program Files (x86)\DsNET Corp O43 - CFD: 06/10/2013 - 23:26:45 - [1,005] ----D C:\Program Files (x86)\dumps O43 - CFD: 27/07/2013 - 18:28:57 - [1529,879] ----D C:\Program Files (x86)\Dust An Elysian Tail O43 - CFD: 17/10/2011 - 16:32:00 - [278,025] ----D C:\Program Files (x86)\Evernote O43 - CFD: 04/07/2013 - 05:51:41 - [764,578] ----D C:\Program Files (x86)\Fly My World Corporate O43 - CFD: 20/12/2012 - 08:43:06 - [135,748] ----D C:\Program Files (x86)\FreeTime O43 - CFD: 04/02/2013 - 08:28:23 - [107,900] ----D C:\Program Files (x86)\GIMP-2.0 O43 - CFD: 19/10/2012 - 19:02:38 - [511,061] ----D C:\Program Files (x86)\Google O43 - CFD: 08/10/2012 - 05:56:12 - [642,433] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 07/10/2012 - 22:51:46 - [29,086] ----D C:\Program Files (x86)\HP Games O43 - CFD: 08/08/2013 - 23:31:19 - [33,667] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 07/09/2013 - 20:01:10 - [10,577] ----D C:\Program Files (x86)\Internet Download Manager O43 - CFD: 10/10/2013 - 07:15:39 - [6,218] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 31/08/2013 - 22:27:54 - [122,487] ----D C:\Program Files (x86)\Java O43 - CFD: 12/10/2013 - 16:53:35 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 07/10/2012 - 22:18:44 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 26/07/2013 - 16:40:14 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 10/10/2013 - 07:12:03 - [12,461] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client O43 - CFD: 10/11/2012 - 16:07:19 - [-1555,583] ----D C:\Program Files (x86)\Microsoft Encarta O43 - CFD: 26/07/2013 - 16:43:45 - [955,123] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 10/10/2013 - 04:54:03 - [1,500] ----D C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 10/10/2013 - 07:18:03 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 26/07/2013 - 16:43:44 - [3,467] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/07/2013 - 16:43:44 - [0,757] ----D C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 26/07/2013 - 16:44:13 - [0,312] ----D C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 26/07/2013 - 16:41:17 - [1,314] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 27/07/2013 - 18:35:45 - [5,795] ----D C:\Program Files (x86)\Microsoft XNA O43 - CFD: 26/07/2013 - 16:43:44 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 17/09/2013 - 05:13:25 - [10,773] ----D C:\Program Files (x86)\MiPony O43 - CFD: 01/10/2013 - 14:20:49 - [59,443] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 06/10/2013 - 23:14:19 - [0,216] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 26/03/2013 - 06:26:54 - [10,688] ----D C:\Program Files (x86)\MP3 Voice Recorder O43 - CFD: 26/07/2013 - 16:44:41 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 23/05/2013 - 13:57:23 - [730,340] ----D C:\Program Files (x86)\MySQL O43 - CFD: 30/03/2013 - 18:55:07 - [140,078] ----D C:\Program Files (x86)\NewBlue O43 - CFD: 06/10/2012 - 14:22:59 - [19,963] R---D C:\Program Files (x86)\Online Services O43 - CFD: 23/05/2013 - 11:54:21 - [0,008] ----D C:\Program Files (x86)\OpenVPN O43 - CFD: 26/06/2013 - 08:06:18 - [0] ----D C:\Program Files (x86)\Pando Networks O43 - CFD: 15/10/2012 - 00:21:14 - [11,173] ----D C:\Program Files (x86)\PCSX2 0.9.8 O43 - CFD: 25/12/2012 - 16:20:01 - [0,547] ----D C:\Program Files (x86)\QMacro O43 - CFD: 14/11/2012 - 06:28:43 - [0] ----D C:\Program Files (x86)\Quick Memory Editor O43 - CFD: 09/11/2012 - 22:39:00 - [72,490] ----D C:\Program Files (x86)\QuickTime O43 - CFD: 16/01/2013 - 11:17:15 - [0,194] ----D C:\Program Files (x86)\RAR Password Cracker O43 - CFD: 10/10/2012 - 09:46:37 - [20,370] ----D C:\Program Files (x86)\Realtek O43 - CFD: 27/03/2013 - 21:03:44 - [35,226] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 09/10/2012 - 13:02:02 - [11,587] ----D C:\Program Files (x86)\RocketDock O43 - CFD: 09/10/2012 - 15:52:17 - [102,605] ----D C:\Program Files (x86)\Safari O43 - CFD: 08/08/2013 - 23:33:02 - [193,347] ----D C:\Program Files (x86)\Samsung O43 - CFD: 14/10/2013 - 10:07:33 - [51,866] R---D C:\Program Files (x86)\Skype O43 - CFD: 07/02/2013 - 06:22:40 - [343,430] ----D C:\Program Files (x86)\Sony O43 - CFD: 25/01/2013 - 07:15:47 - [149,323] ----D C:\Program Files (x86)\Sony Setup O43 - CFD: 09/10/2012 - 13:32:53 - [8,254] ----D C:\Program Files (x86)\Stardock O43 - CFD: 10/10/2013 - 16:17:03 - [41,154] ----D C:\Program Files (x86)\Steam O43 - CFD: 05/11/2012 - 20:25:49 - [1,169] ----D C:\Program Files (x86)\SuperCopier2 O43 - CFD: 07/06/2012 - 13:11:26 - [0,727] ----D C:\Program Files (x86)\SymSilent O43 - CFD: 19/10/2012 - 19:00:43 - [50,106] ----D C:\Program Files (x86)\TeamSpeak 3 Client O43 - CFD: 08/09/2013 - 14:51:35 - [16,042] ----D C:\Program Files (x86)\TeamViewer O43 - CFD: 15/12/2012 - 23:16:40 - [104,551] ----D C:\Program Files (x86)\TechSmith O43 - CFD: 10/10/2012 - 10:00:00 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 09/10/2012 - 23:43:33 - [2,124] ----D C:\Program Files (x86)\Thoosje O43 - CFD: 14/07/2009 - 04:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 17/07/2013 - 07:14:18 - [0,924] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent O43 - CFD: 09/10/2012 - 12:42:15 - [98,913] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 10/10/2013 - 07:15:41 - [0,488] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 07/10/2012 - 22:30:55 - [170,260] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 09/10/2012 - 18:44:02 - [5,833] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 09/10/2012 - 18:44:02 - [5,077] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 05:32:38 - [11,504] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 09/10/2012 - 18:44:02 - [4,191] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 03:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 09/10/2012 - 18:44:03 - [5,713] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 27/06/2013 - 11:22:51 - [0,201] ----D C:\Program Files (x86)\WinPcap O43 - CFD: 08/10/2012 - 15:01:50 - [3,951] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 14/10/2013 - 16:44:20 - [23,515] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 18/08/2013 - 10:03:30 - [0,341] ----D C:\Program Files (x86)\ZIP PASSWORD FINDER O43 - CFD: 26/10/2012 - 17:01:02 - [346,535] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 25/10/2012 - 12:38:53 - [40,070] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 07/06/2012 - 12:54:30 - [2,723] ----D C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 28/05/2013 - 05:21:54 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 30/03/2013 - 18:46:56 - [0] ----D C:\Program Files (x86)\Common Files\eSellerate O43 - CFD: 10/10/2012 - 09:58:22 - [2,009] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 31/08/2013 - 22:28:28 - [1,189] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 27/07/2013 - 18:35:46 - [210,947] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 14/07/2009 - 03:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 19/04/2013 - 21:13:44 - [1,904] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - 03:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 10/10/2013 - 17:35:54 - [0,518] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 26/07/2013 - 16:40:33 - [10,311] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 15/12/2012 - 23:16:41 - [2,504] ----D C:\Program Files (x86)\Common Files\TechSmith Shared O43 - CFD: 17/10/2011 - 16:51:55 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 04/07/2013 - 08:02:06 - [0] ----D C:\ProgramData\4shared Desktop O43 - CFD: 26/10/2012 - 17:03:11 - [278,836] ----D C:\ProgramData\Adobe O43 - CFD: 10/10/2012 - 09:42:22 - [0,002] ----D C:\ProgramData\AMD O43 - CFD: 09/10/2012 - 15:51:34 - [21,586] ----D C:\ProgramData\Apple O43 - CFD: 09/10/2012 - 15:51:59 - [62,017] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Application Data O43 - CFD: 10/10/2012 - 10:01:22 - [0] ----D C:\ProgramData\ATI O43 - CFD: 06/10/2012 - 14:20:39 - [0] -SH-D C:\ProgramData\Bureaublad O43 - CFD: 02/02/2013 - 19:28:39 - [0] --H-D C:\ProgramData\Common Files O43 - CFD: 08/10/2012 - 15:06:50 - [0] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Desktop O43 - CFD: 06/10/2012 - 14:20:39 - [0] -SH-D C:\ProgramData\Documenten O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Documents O43 - CFD: 30/03/2013 - 18:46:56 - [0,266] ----D C:\ProgramData\eSellerate O43 - CFD: 06/10/2012 - 14:20:39 - [0] -SH-D C:\ProgramData\Favorieten O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Favorites O43 - CFD: 07/06/2012 - 13:20:47 - [51,859] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 03/07/2013 - 17:49:33 - [0] ----D C:\ProgramData\IDM O43 - CFD: 12/01/2013 - 10:17:55 - [1,251] ----D C:\ProgramData\ma-config.com O43 - CFD: 12/10/2013 - 16:53:27 - [6,337] ----D C:\ProgramData\Malwarebytes O43 - CFD: 06/10/2012 - 14:20:39 - [0] -SH-D C:\ProgramData\Menu Start O43 - CFD: 02/02/2013 - 22:03:10 - [301,602] ----D C:\ProgramData\MFAData O43 - CFD: 08/10/2013 - 06:24:10 - [-839,938] -S--D C:\ProgramData\Microsoft O43 - CFD: 11/10/2013 - 03:03:24 - [0,062] ----D C:\ProgramData\Microsoft Help O43 - CFD: 08/10/2012 - 18:04:27 - [0] ----D C:\ProgramData\Mozilla O43 - CFD: 23/05/2013 - 14:12:05 - [628,845] ----D C:\ProgramData\MySQL O43 - CFD: 30/01/2013 - 09:42:43 - [5,041] ----D C:\ProgramData\Nexon O43 - CFD: 18/01/2013 - 14:20:51 - [0,039] ----D C:\ProgramData\Norton O43 - CFD: 07/06/2012 - 13:04:23 - [31,354] ----D C:\ProgramData\NortonInstaller O43 - CFD: 07/06/2012 - 12:49:33 - [4,337] ----D C:\ProgramData\Ralink Driver O43 - CFD: 26/10/2012 - 17:03:11 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 08/08/2013 - 23:32:14 - [11,289] ----D C:\ProgramData\Samsung O43 - CFD: 06/10/2012 - 14:20:39 - [0] -SH-D C:\ProgramData\Sjablonen O43 - CFD: 06/09/2013 - 18:28:29 - [70,908] ----D C:\ProgramData\Skype O43 - CFD: 02/07/2013 - 22:18:56 - [2,967] ----D C:\ProgramData\Sony O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Start Menu O43 - CFD: 08/01/2013 - 16:40:54 - [0] ----D C:\ProgramData\Sun O43 - CFD: 07/06/2012 - 13:18:57 - [0,002] ----D C:\ProgramData\Synaptics O43 - CFD: 15/12/2012 - 23:16:49 - [212,661] ----D C:\ProgramData\TechSmith O43 - CFD: 07/06/2012 - 13:10:21 - [0,086] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 05:08:56 - [0] -SH-D C:\ProgramData\Templates O43 - CFD: 14/10/2012 - 10:51:02 - [0] ----D C:\ProgramData\Ubisoft O43 - CFD: 08/06/2013 - 03:27:03 - [252,434] ----D C:\ProgramData\VirtualizedApplications O43 - CFD: 07/10/2012 - 22:48:15 - [0,967] ----D C:\ProgramData\WildTangent O43 - CFD: 26/03/2013 - 06:25:52 - [0] ----D C:\ProgramData\YoGen O43 - CFD: 09/10/2012 - 13:33:04 - [4,870] --H-D C:\ProgramData\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643} O43 - CFD: 17/10/2011 - 17:06:33 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} O43 - CFD: 05/08/2013 - 20:26:22 - [530,094] ----D C:\Users\bertrand\AppData\Roaming\Adobe O43 - CFD: 02/11/2012 - 23:17:28 - [0,601] ----D C:\Users\bertrand\AppData\Roaming\Apple Computer O43 - CFD: 06/10/2012 - 14:29:09 - [0] ----D C:\Users\bertrand\AppData\Roaming\ATI O43 - CFD: 09/09/2013 - 19:06:50 - [0,031] ----D C:\Users\bertrand\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 18/09/2013 - 15:39:17 - [0,024] ----D C:\Users\bertrand\AppData\Roaming\codeblocks O43 - CFD: 25/10/2012 - 12:39:00 - [0,029] ----D C:\Users\bertrand\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 20/12/2012 - 07:57:57 - [0,001] ----D C:\Users\bertrand\AppData\Roaming\CrystalIdea Software O43 - CFD: 21/01/2013 - 16:17:41 - [0] ----D C:\Users\bertrand\AppData\Roaming\CyberLink O43 - CFD: 27/07/2013 - 18:24:57 - [0] ----D C:\Users\bertrand\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 06/07/2013 - 14:26:58 - [0] ----D C:\Users\bertrand\AppData\Roaming\DAEMON Tools Pro O43 - CFD: 16/10/2012 - 23:52:55 - [11,538] ----D C:\Users\bertrand\AppData\Roaming\Dev-Cpp O43 - CFD: 14/10/2013 - 16:31:59 - [0] ----D C:\Users\bertrand\AppData\Roaming\DMCache O43 - CFD: 30/01/2013 - 06:49:08 - [0] ----D C:\Users\bertrand\AppData\Roaming\DragonicaECB O43 - CFD: 28/06/2013 - 20:17:00 - [0] ----D C:\Users\bertrand\AppData\Roaming\dvdcss O43 - CFD: 06/02/2013 - 17:14:26 - [0] ----D C:\Users\bertrand\AppData\Roaming\gtk-2.0 O43 - CFD: 08/10/2012 - 19:13:08 - [0,002] ----D C:\Users\bertrand\AppData\Roaming\Hewlett-Packard O43 - CFD: 08/10/2012 - 05:56:01 - [0,080] ----D C:\Users\bertrand\AppData\Roaming\hpqlog O43 - CFD: 06/10/2012 - 14:27:18 - [0] ----D C:\Users\bertrand\AppData\Roaming\Identities O43 - CFD: 14/10/2013 - 12:12:32 - [41,430] ----D C:\Users\bertrand\AppData\Roaming\IDM O43 - CFD: 14/10/2012 - 10:39:46 - [0,064] ----D C:\Users\bertrand\AppData\Roaming\Macromedia O43 - CFD: 12/10/2013 - 16:59:16 - [104,042] ----D C:\Users\bertrand\AppData\Roaming\Malwarebytes O43 - CFD: 07/06/2012 - 22:37:42 - [0] ----D C:\Users\bertrand\AppData\Roaming\Media Center Programs O43 - CFD: 08/10/2013 - 06:23:23 - [13,555] -S--D C:\Users\bertrand\AppData\Roaming\Microsoft O43 - CFD: 13/10/2013 - 11:32:40 - [0,578] ----D C:\Users\bertrand\AppData\Roaming\Mipony O43 - CFD: 26/06/2013 - 08:02:51 - [24,131] ----D C:\Users\bertrand\AppData\Roaming\Mozilla O43 - CFD: 23/05/2013 - 11:40:06 - [0,002] ----D C:\Users\bertrand\AppData\Roaming\MySQL O43 - CFD: 07/02/2013 - 06:32:17 - [0] ----D C:\Users\bertrand\AppData\Roaming\NetMedia Providers O43 - CFD: 23/10/2012 - 19:41:53 - [0] ----D C:\Users\bertrand\AppData\Roaming\Publish Providers O43 - CFD: 06/09/2013 - 00:23:16 - [0,001] ----D C:\Users\bertrand\AppData\Roaming\Python-Eggs O43 - CFD: 08/08/2013 - 23:33:33 - [0,348] ----D C:\Users\bertrand\AppData\Roaming\Samsung O43 - CFD: 09/10/2013 - 07:10:54 - [0] ----D C:\Users\bertrand\AppData\Roaming\Skype O43 - CFD: 26/07/2013 - 16:57:02 - [1,221] ----D C:\Users\bertrand\AppData\Roaming\SoftGrid Client O43 - CFD: 02/07/2013 - 22:18:08 - [1,652] ----D C:\Users\bertrand\AppData\Roaming\Sony O43 - CFD: 31/01/2013 - 14:54:31 - [0] ----D C:\Users\bertrand\AppData\Roaming\Sony Creative Software Inc O43 - CFD: 06/10/2012 - 14:28:12 - [0] ----D C:\Users\bertrand\AppData\Roaming\Synaptics O43 - CFD: 20/05/2013 - 11:57:08 - [1,175] ----D C:\Users\bertrand\AppData\Roaming\TeamViewer O43 - CFD: 28/05/2013 - 05:22:53 - [0] ----D C:\Users\bertrand\AppData\Roaming\TP O43 - CFD: 06/02/2013 - 19:54:00 - [0,376] ----D C:\Users\bertrand\AppData\Roaming\TS3Client O43 - CFD: 06/10/2013 - 23:28:01 - [13,621] ----D C:\Users\bertrand\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 21/07/2013 - 22:16:12 - [3,403] ----D C:\Users\bertrand\AppData\Roaming\uTorrent Turbo Booster =>P2P.µTorrent O43 - CFD: 14/10/2013 - 13:22:59 - [0,149] ----D C:\Users\bertrand\AppData\Roaming\vlc O43 - CFD: 27/12/2012 - 06:59:52 - [77,106] ----D C:\Users\bertrand\AppData\Roaming\Wargaming.net O43 - CFD: 07/10/2012 - 22:48:15 - [0] ----D C:\Users\bertrand\AppData\Roaming\WildTangent O43 - CFD: 30/12/2012 - 06:10:07 - [0] ----D C:\Users\bertrand\AppData\Roaming\Windows Live Writer O43 - CFD: 08/10/2012 - 17:44:43 - [0] ----D C:\Users\bertrand\AppData\Roaming\WinRAR O43 - CFD: 14/10/2013 - 16:45:51 - [146,978] ----D C:\Users\bertrand\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 07/10/2012 - 20:05:05 - [0,003] ----D C:\Users\bertrand\AppData\Roaming\_MDLogs O43 - CFD: 09/10/2013 - 16:26:31 - [17,162] ----D C:\Users\bertrand\AppData\Local\Adobe O43 - CFD: 06/10/2012 - 14:29:27 - [0] ----D C:\Users\bertrand\AppData\Local\AMD O43 - CFD: 09/10/2012 - 15:51:39 - [0] ----D C:\Users\bertrand\AppData\Local\Apple O43 - CFD: 26/10/2012 - 17:58:46 - [120,131] ----D C:\Users\bertrand\AppData\Local\Apple Computer O43 - CFD: 06/10/2012 - 14:20:55 - [0] -SH-D C:\Users\bertrand\AppData\Local\Application Data O43 - CFD: 08/10/2012 - 17:46:26 - [1,487] ----D C:\Users\bertrand\AppData\Local\Apps O43 - CFD: 06/10/2012 - 14:29:09 - [0,059] ----D C:\Users\bertrand\AppData\Local\ATI O43 - CFD: 02/02/2013 - 19:28:39 - [0,001] ----D C:\Users\bertrand\AppData\Local\Avg2013 O43 - CFD: 13/10/2013 - 21:51:46 - [36,946] ----D C:\Users\bertrand\AppData\Local\CrashDumps O43 - CFD: 21/01/2013 - 16:17:39 - [0,005] ----D C:\Users\bertrand\AppData\Local\CyberLink O43 - CFD: 21/09/2013 - 17:32:59 - [0,001] ----D C:\Users\bertrand\AppData\Local\Darksiders2 O43 - CFD: 08/10/2012 - 17:47:44 - [0] ----D C:\Users\bertrand\AppData\Local\Deployment O43 - CFD: 08/08/2013 - 23:15:53 - [66,525] ----D C:\Users\bertrand\AppData\Local\Downloaded Installations O43 - CFD: 10/10/2012 - 20:54:21 - [0,001] ----D C:\Users\bertrand\AppData\Local\Dragonshorn_Studios O43 - CFD: 09/07/2013 - 15:14:15 - [0] ----D C:\Users\bertrand\AppData\Local\ElevatedDiagnostics O43 - CFD: 09/12/2012 - 02:44:16 - [7,284] ----D C:\Users\bertrand\AppData\Local\Facebook O43 - CFD: 26/06/2013 - 08:54:44 - [180,945] ----D C:\Users\bertrand\AppData\Local\Google O43 - CFD: 06/10/2012 - 14:23:47 - [0,384] ----D C:\Users\bertrand\AppData\Local\Hewlett-Packard O43 - CFD: 08/10/2012 - 19:13:07 - [0,003] ----D C:\Users\bertrand\AppData\Local\Hewlett-Packard_Company O43 - CFD: 06/10/2012 - 14:20:55 - [0] -SH-D C:\Users\bertrand\AppData\Local\History O43 - CFD: 26/10/2012 - 21:12:16 - [0] ----D C:\Users\bertrand\AppData\Local\Macromedia O43 - CFD: 02/02/2013 - 19:28:39 - [9,843] ----D C:\Users\bertrand\AppData\Local\MFAData O43 - CFD: 07/08/2013 - 19:45:41 - [204,231] ----D C:\Users\bertrand\AppData\Local\Microsoft O43 - CFD: 25/06/2013 - 05:04:56 - [0,660] ----D C:\Users\bertrand\AppData\Local\Microsoft Games O43 - CFD: 26/07/2013 - 16:39:49 - [0] ----D C:\Users\bertrand\AppData\Local\Microsoft Help O43 - CFD: 01/10/2013 - 14:20:49 - [210,750] ----D C:\Users\bertrand\AppData\Local\Mozilla O43 - CFD: 01/07/2013 - 18:13:27 - [0] ----D C:\Users\bertrand\AppData\Local\Programs O43 - CFD: 06/10/2012 - 14:22:36 - [0] ----D C:\Users\bertrand\AppData\Local\RemEngine O43 - CFD: 08/08/2013 - 23:33:34 - [0,011] ----D C:\Users\bertrand\AppData\Local\Samsung O43 - CFD: 14/10/2013 - 16:34:10 - [0] ----D C:\Users\bertrand\AppData\Local\Sidebar7 O43 - CFD: 21/09/2013 - 15:03:37 - [0,141] ----D C:\Users\bertrand\AppData\Local\SKIDROW O43 - CFD: 28/05/2013 - 05:22:45 - [0,348] ----D C:\Users\bertrand\AppData\Local\SoftGrid Client O43 - CFD: 07/02/2013 - 06:32:30 - [51,125] ----D C:\Users\bertrand\AppData\Local\Sony O43 - CFD: 09/10/2012 - 23:42:16 - [0,001] ----D C:\Users\bertrand\AppData\Local\Stardock O43 - CFD: 15/12/2012 - 23:21:00 - [0,005] ----D C:\Users\bertrand\AppData\Local\TechSmith O43 - CFD: 14/10/2013 - 16:45:37 - [19,531] ----D C:\Users\bertrand\AppData\Local\Temp O43 - CFD: 06/10/2012 - 14:20:55 - [0] -SH-D C:\Users\bertrand\AppData\Local\Temporary Internet Files O43 - CFD: 10/10/2013 - 18:37:12 - [0] ----D C:\Users\bertrand\AppData\Local\VirtualStore O43 - CFD: 30/12/2012 - 06:06:36 - [0,618] ----D C:\Users\bertrand\AppData\Local\Windows Live Writer O43 - CFD: 03/02/2013 - 18:23:33 - [0,072] ----D C:\Users\bertrand\AppData\Local\Your Freedom O43 - CFD: 14/07/2009 - 04:54:32 - [0,014] R---D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 10/10/2013 - 07:21:01 - [0] R---D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/10/2012 - 22:06:46 - [0] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++ O43 - CFD: 21/10/2012 - 16:08:45 - [0] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks O43 - CFD: 09/10/2012 - 14:04:11 - [0,002] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dragonshorn Studios O43 - CFD: 09/10/2012 - 15:31:44 - [0,001] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FMW - Ultimate Reborn O43 - CFD: 20/12/2012 - 08:43:35 - [0,004] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 06/07/2013 - 14:30:06 - [0] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 03/09/2013 - 15:28:24 - [0,006] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 14/07/2009 - 04:49:38 - [0,001] R---D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 17/09/2013 - 05:13:24 - [0] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony O43 - CFD: 28/08/2013 - 23:01:41 - [0,001] R---D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures - Shortcut O43 - CFD: 16/01/2013 - 11:17:15 - [0] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker O43 - CFD: 12/10/2013 - 14:31:59 - [0] R---D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 05/11/2012 - 20:25:50 - [0,007] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2 O43 - CFD: 08/10/2012 - 15:01:50 - [0,003] ----D C:\Users\bertrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 255 Scanned in 00mn 06s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.059F00DEF82BF41E433B7ED465847726] - 09/10/2013 - 16:40:15 ---A- . (.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\Drivers\ataport.sys [155584] O44 - LFC:[MD5.B3CA3253009D26666F5BCB16E77D2618] - 09/10/2013 - 16:41:39 ---A- . (.Microsoft Corporation - Time Zones resource DLL.) -- C:\Windows\SysNative\tzres.dll [2048] O44 - LFC:[MD5.B3CA3253009D26666F5BCB16E77D2618] - 09/10/2013 - 16:41:39 ---A- . (.Microsoft Corporation - Time Zones resource DLL.) -- C:\Windows\System32\tzres.dll [2048] O44 - LFC:[MD5.67CF11E00D026A5C0C88EA5F84D501E5] - 09/10/2013 - 17:08:13 ---A- . (.Microsoft Corporation - Client Side Rendering Print Provider.) -- C:\Windows\SysNative\win32spl.dll [751104] O44 - LFC:[MD5.67CF11E00D026A5C0C88EA5F84D501E5] - 09/10/2013 - 17:08:13 ---A- . (.Microsoft Corporation - Client Side Rendering Print Provider.) -- C:\Windows\System32\win32spl.dll [751104] O44 - LFC:[MD5.23B001185B7C3CB1F4BDEB143E6B45B7] - 09/10/2013 - 17:09:06 ---A- . (.Microsoft Corporation - Shell Doc Object and Control Library.) -- C:\Windows\SysNative\shdocvw.dll [197120] O44 - LFC:[MD5.23B001185B7C3CB1F4BDEB143E6B45B7] - 09/10/2013 - 17:09:06 ---A- . (.Microsoft Corporation - Shell Doc Object and Control Library.) -- C:\Windows\System32\shdocvw.dll [197120] O44 - LFC:[MD5.AD662B34B161198B9D66A564EDDA7D43] - 09/10/2013 - 17:09:08 ---A- . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\SysNative\shell32.dll [14172672] O44 - LFC:[MD5.AD662B34B161198B9D66A564EDDA7D43] - 09/10/2013 - 17:09:08 ---A- . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll [14172672] O44 - LFC:[MD5.4CE278FC9671BA81A138D70823FCAA09] - 09/10/2013 - 17:17:52 ---A- . (.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Drivers\tssecsrv.sys [39936] O44 - LFC:[MD5.A3EC566925BEC505E2418C1AC14E541E] - 09/10/2013 - 17:19:48 ---A- . (.Microsoft Corporation - DirectShow Editing..) -- C:\Windows\SysNative\qedit.dll [624128] O44 - LFC:[MD5.A3EC566925BEC505E2418C1AC14E541E] - 09/10/2013 - 17:19:48 ---A- . (.Microsoft Corporation - DirectShow Editing..) -- C:\Windows\System32\qedit.dll [624128] O44 - LFC:[MD5.26036E228D2467DE6975AD819C22C043] - 09/10/2013 - 17:19:50 ---A- . (.Microsoft Corporation - Remote Procedure Call Runtime.) -- C:\Windows\SysNative\rpcrt4.dll [1217024] O44 - LFC:[MD5.26036E228D2467DE6975AD819C22C043] - 09/10/2013 - 17:19:50 ---A- . (.Microsoft Corporation - Remote Procedure Call Runtime.) -- C:\Windows\System32\rpcrt4.dll [1217024] O44 - LFC:[MD5.D29200AB0B37B7293C6942EAF755295E] - 09/10/2013 - 17:20:09 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\SysNative\WMVDECOD.DLL [1888768] O44 - LFC:[MD5.D29200AB0B37B7293C6942EAF755295E] - 09/10/2013 - 17:20:09 ---A- . (.Microsoft Corporation - Windows Media Video Decoder.) -- C:\Windows\System32\WMVDECOD.DLL [1888768] O44 - LFC:[MD5.70A1D465390C393AA118D9764E065B06] - 09/10/2013 - 17:23:05 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\SysNative\apisetschema.dll [6656] O44 - LFC:[MD5.70A1D465390C393AA118D9764E065B06] - 09/10/2013 - 17:23:05 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656] O44 - LFC:[MD5.086253AE3B22C36250DC2B6F3DA12A66] - 09/10/2013 - 17:23:06 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [3072] O44 - LFC:[MD5.658C0350AE17BE353C9702B7066552DA] - 09/10/2013 - 17:23:06 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [4096] O44 - LFC:[MD5.086253AE3B22C36250DC2B6F3DA12A66] - 09/10/2013 - 17:23:06 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [3072] O44 - LFC:[MD5.658C0350AE17BE353C9702B7066552DA] - 09/10/2013 - 17:23:06 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [4096] O44 - LFC:[MD5.42CEC47D5DD2408FD697FDD3E9345EE8] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [3072] O44 - LFC:[MD5.3BF0E121994E56354A60F5FD34FA21A9] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [3072] O44 - LFC:[MD5.85CF163107174055502CB9C3F3F932C1] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [3072] O44 - LFC:[MD5.5A111E749D8FEB5D81344BF3E5151FF8] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [3072] O44 - LFC:[MD5.080F67191188D7FDA18128E20F02BFB6] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [3072] O44 - LFC:[MD5.7352AFE4F84DF676DB5C073A6C0F2079] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [3072] O44 - LFC:[MD5.1932D68DFAC61B8D948C72BBAA2298F7] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [3584] O44 - LFC:[MD5.DEFA7B8DE72E32975BFE510A9A070DB9] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [3072] O44 - LFC:[MD5.42CEC47D5DD2408FD697FDD3E9345EE8] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [3072] O44 - LFC:[MD5.3BF0E121994E56354A60F5FD34FA21A9] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [3072] O44 - LFC:[MD5.85CF163107174055502CB9C3F3F932C1] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [3072] O44 - LFC:[MD5.5A111E749D8FEB5D81344BF3E5151FF8] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072] O44 - LFC:[MD5.080F67191188D7FDA18128E20F02BFB6] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [3072] O44 - LFC:[MD5.7352AFE4F84DF676DB5C073A6C0F2079] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [3072] O44 - LFC:[MD5.1932D68DFAC61B8D948C72BBAA2298F7] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [3584] O44 - LFC:[MD5.DEFA7B8DE72E32975BFE510A9A070DB9] - 09/10/2013 - 17:23:07 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072] O44 - LFC:[MD5.05E53F5007735F6A05ED7399FA83E018] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [3072] O44 - LFC:[MD5.458D127BFD9C1D4E222DC9C0CFA63F51] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [3584] O44 - LFC:[MD5.1DE1EF3E5544BE43A47475E28D37CC61] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [4096] O44 - LFC:[MD5.79792754A32FD8E78750ECD914DFF1A0] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [3584] O44 - LFC:[MD5.B6FD55B98E39E3525545EB32BF3BE4F9] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [3584] O44 - LFC:[MD5.9358716F7CFE70AFB4077B7606E271A4] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [4608] O44 - LFC:[MD5.28844333D0BDA164517CFC6AD854FD45] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [3072] O44 - LFC:[MD5.05E53F5007735F6A05ED7399FA83E018] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [3072] O44 - LFC:[MD5.458D127BFD9C1D4E222DC9C0CFA63F51] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584] O44 - LFC:[MD5.1DE1EF3E5544BE43A47475E28D37CC61] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096] O44 - LFC:[MD5.79792754A32FD8E78750ECD914DFF1A0] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584] O44 - LFC:[MD5.B6FD55B98E39E3525545EB32BF3BE4F9] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584] O44 - LFC:[MD5.9358716F7CFE70AFB4077B7606E271A4] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608] O44 - LFC:[MD5.28844333D0BDA164517CFC6AD854FD45] - 09/10/2013 - 17:23:08 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [3072] O44 - LFC:[MD5.76FF67FECC25907F10B61344DCAFACA6] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [5120] O44 - LFC:[MD5.2E48870DCB38A45066BD8793A9EBB382] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [3584] O44 - LFC:[MD5.76AF1CFB8F2F34D610620748C973C1D0] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [3584] O44 - LFC:[MD5.0385D7C4F529AEF0AB66C155B04A4371] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [3584] O44 - LFC:[MD5.46EBE45B5F513830637747CA89997D4E] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [3072] O44 - LFC:[MD5.3F0271A3680F01DE82CB851DA5847AE6] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [4096] O44 - LFC:[MD5.C2393533781A21725857929A016D54D8] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [4096] O44 - LFC:[MD5.9F4F7CA2CF6E958EFFE108F652AC1776] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [4608] O44 - LFC:[MD5.94AF4F91BAF0C5F0961E2DE2AA913287] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [3072] O44 - LFC:[MD5.4D0D2E999D9F2200C9E352CFA39B9312] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [3072] O44 - LFC:[MD5.73F813661E48CC37EF789C1AE8E71114] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [6144] O44 - LFC:[MD5.76FF67FECC25907F10B61344DCAFACA6] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [5120] O44 - LFC:[MD5.2E48870DCB38A45066BD8793A9EBB382] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [3584] O44 - LFC:[MD5.76AF1CFB8F2F34D610620748C973C1D0] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [3584] O44 - LFC:[MD5.0385D7C4F529AEF0AB66C155B04A4371] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584] O44 - LFC:[MD5.46EBE45B5F513830637747CA89997D4E] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [3072] O44 - LFC:[MD5.3F0271A3680F01DE82CB851DA5847AE6] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [4096] O44 - LFC:[MD5.C2393533781A21725857929A016D54D8] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096] O44 - LFC:[MD5.9F4F7CA2CF6E958EFFE108F652AC1776] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608] O44 - LFC:[MD5.94AF4F91BAF0C5F0961E2DE2AA913287] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [3072] O44 - LFC:[MD5.4D0D2E999D9F2200C9E352CFA39B9312] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [3072] O44 - LFC:[MD5.73F813661E48CC37EF789C1AE8E71114] - 09/10/2013 - 17:23:09 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [6144] O44 - LFC:[MD5.216BABD555BC550952320EEA89C25DDF] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Client Server Runtime Process.) -- C:\Windows\SysNative\csrsrv.dll [43520] O44 - LFC:[MD5.216BABD555BC550952320EEA89C25DDF] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Client Server Runtime Process.) -- C:\Windows\System32\csrsrv.dll [43520] O44 - LFC:[MD5.BF95EA5809E3BBF55370F7CB309FEBD0] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Console Window Host.) -- C:\Windows\SysNative\conhost.exe [338432] O44 - LFC:[MD5.BF95EA5809E3BBF55370F7CB309FEBD0] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Console Window Host.) -- C:\Windows\System32\conhost.exe [338432] O44 - LFC:[MD5.88EDD0B34EED542745931E581AD21A32] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Multi-User Windows Server DLL.) -- C:\Windows\SysNative\winsrv.dll [215040] O44 - LFC:[MD5.88EDD0B34EED542745931E581AD21A32] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Multi-User Windows Server DLL.) -- C:\Windows\System32\winsrv.dll [215040] O44 - LFC:[MD5.F0970A4BC8395659C22BF53D0FADF16F] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Windows Session Manager.) -- C:\Windows\SysNative\smss.exe [112640] O44 - LFC:[MD5.F0970A4BC8395659C22BF53D0FADF16F] - 09/10/2013 - 17:23:10 ---A- . (.Microsoft Corporation - Windows Session Manager.) -- C:\Windows\System32\smss.exe [112640] O44 - LFC:[MD5.D8973E71F1B35CD3F3DEA7C12D49D0F0] - 09/10/2013 - 17:23:11 ---A- . (.Microsoft Corporation - Windows NT BASE API Client DLL.) -- C:\Windows\SysNative\kernel32.dll [1161216] O44 - LFC:[MD5.D8973E71F1B35CD3F3DEA7C12D49D0F0] - 09/10/2013 - 17:23:11 ---A- . (.Microsoft Corporation - Windows NT BASE API Client DLL.) -- C:\Windows\System32\kernel32.dll [1161216] O44 - LFC:[MD5.B22C00ED0491FD7B8803D7DDE2849F4C] - 09/10/2013 - 17:23:12 ---A- . (.Microsoft Corporation - Windows NT BASE API Client DLL.) -- C:\Windows\SysNative\KernelBase.dll [424448] O44 - LFC:[MD5.B22C00ED0491FD7B8803D7DDE2849F4C] - 09/10/2013 - 17:23:12 ---A- . (.Microsoft Corporation - Windows NT BASE API Client DLL.) -- C:\Windows\System32\KernelBase.dll [424448] O44 - LFC:[MD5.A6B726DCA228F7878E38368A1BDC68BE] - 09/10/2013 - 17:24:42 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\SysNative\cryptnet.dll [139776] O44 - LFC:[MD5.A6B726DCA228F7878E38368A1BDC68BE] - 09/10/2013 - 17:24:42 ---A- . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll [139776] O44 - LFC:[MD5.6B400F211BEE880A37A1ED0368776BF4] - 09/10/2013 - 17:24:42 ---A- . (.Microsoft Corporation - Cryptographic Services.) -- C:\Windows\SysNative\cryptsvc.dll [184320] O44 - LFC:[MD5.6B400F211BEE880A37A1ED0368776BF4] - 09/10/2013 - 17:24:42 ---A- . (.Microsoft Corporation - Cryptographic Services.) -- C:\Windows\System32\cryptsvc.dll [184320] O44 - LFC:[MD5.287998A9BA0140ABB59792CDEB2F8483] - 09/10/2013 - 17:24:43 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\SysNative\crypt32.dll [1472512] O44 - LFC:[MD5.287998A9BA0140ABB59792CDEB2F8483] - 09/10/2013 - 17:24:43 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1472512] O44 - LFC:[MD5.959041D7014C97133D859B45BCA0FC58] - 09/10/2013 - 17:24:43 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\SysNative\wintrust.dll [224256] O44 - LFC:[MD5.959041D7014C97133D859B45BCA0FC58] - 09/10/2013 - 17:24:43 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll [224256] O44 - LFC:[MD5.280E90CBF4B2DDD169F0728CB44D726F] - 09/10/2013 - 17:24:50 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [343040] O44 - LFC:[MD5.9406D801042FAF859CF81B2C886413DC] - 09/10/2013 - 17:24:50 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [25600] O44 - LFC:[MD5.A83D0EC9AE4C31704442099D40BA2471] - 09/10/2013 - 17:24:50 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [30720] O44 - LFC:[MD5.311C1DD1088E55BEAE15954D17F50646] - 09/10/2013 - 17:24:51 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [52736] O44 - LFC:[MD5.E73A7A04FDAC9DD46EE2A4257F09E91C] - 09/10/2013 - 17:24:51 ---A- . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\Windows\System32\Drivers\usbport.sys [325120] O44 - LFC:[MD5.ACCEA6BC68D0C9A78EB97EE159028B4E] - 09/10/2013 - 17:24:51 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [99840] O44 - LFC:[MD5.861C197502A5057E68F0AC75D9EFCDD7] - 09/10/2013 - 17:24:51 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [7808] O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 17:24:58 ---A- . (.Microsoft Corporation - Update Package Cleanup.) -- C:\Windows\SysNative\scavengeui.dll [461312] O44 - LFC:[MD5.56661BB55AE4633677F846FFCD080ECA] - 09/10/2013 - 17:24:58 ---A- . (.Microsoft Corporation - Update Package Cleanup.) -- C:\Windows\System32\scavengeui.dll [461312] O44 - LFC:[MD5.53BD875C7C0808235BFB803C1A8BE009] - 09/10/2013 - 17:24:59 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [984512] O44 - LFC:[MD5.E6DE47E2B2E36018E071D4E44AEBBFAC] - 09/10/2013 - 17:24:59 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys [265152] O44 - LFC:[MD5.79BEC88D21DB3611C2A0B453D4846A8E] - 09/10/2013 - 17:25:05 ---A- . (.Microsoft Corporation - Microsoft DirectX Typography Services.) -- C:\Windows\SysNative\DWrite.dll [1545728] O44 - LFC:[MD5.79BEC88D21DB3611C2A0B453D4846A8E] - 09/10/2013 - 17:25:05 ---A- . (.Microsoft Corporation - Microsoft DirectX Typography Services.) -- C:\Windows\System32\DWrite.dll [1545728] O44 - LFC:[MD5.76C196B109E4BFA50132EF50AF6A1C1B] - 09/10/2013 - 17:25:05 ---A- . (.Microsoft Corporation - Windows Font Cache Service.) -- C:\Windows\SysNative\FntCache.dll [1143296] O44 - LFC:[MD5.76C196B109E4BFA50132EF50AF6A1C1B] - 09/10/2013 - 17:25:05 ---A- . (.Microsoft Corporation - Windows Font Cache Service.) -- C:\Windows\System32\FntCache.dll [1143296] O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 17:25:06 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [124112] O44 - LFC:[MD5.764DF431D13537A575752009E7740F18] - 09/10/2013 - 17:25:06 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [124112] O44 - LFC:[MD5.C06FAAF13E37CE482F612AFF2D2331F3] - 09/10/2013 - 17:25:36 ---A- . (.Microsoft Corporation - Microsoft Common Certificate Dialogs.) -- C:\Windows\SysNative\cryptdlg.dll [30720] O44 - LFC:[MD5.C06FAAF13E37CE482F612AFF2D2331F3] - 09/10/2013 - 17:25:36 ---A- . (.Microsoft Corporation - Microsoft Common Certificate Dialogs.) -- C:\Windows\System32\cryptdlg.dll [30720] O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 17:37:56 ---A- . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\Windows\SysNative\win32k.sys [3155968] O44 - LFC:[MD5.19320B121BFE7462EADD50A42C81AFD0] - 09/10/2013 - 17:37:56 ---A- . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys [3155968] O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 17:38:21 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\SysNative\davclnt.dll [102400] O44 - LFC:[MD5.B32AB94A432289AC2DF77A3DCAD32EED] - 09/10/2013 - 17:38:21 ---A- . (.Microsoft Corporation - Web DAV Client DLL.) -- C:\Windows\System32\davclnt.dll [102400] O44 - LFC:[MD5.1A4F75E63C9FB84B85DFFC6B63FD5404] - 09/10/2013 - 17:38:21 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Drivers\mrxdav.sys [140800] O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 17:38:22 ---A- . (.Microsoft Corporation - Web DAV Service DLL.) -- C:\Windows\SysNative\WebClnt.dll [259584] O44 - LFC:[MD5.0EB0E5D22B1760F2DBCE632F2DD7A54D] - 09/10/2013 - 17:38:22 ---A- . (.Microsoft Corporation - Web DAV Service DLL.) -- C:\Windows\System32\WebClnt.dll [259584] O44 - LFC:[MD5.80B0F7D5CCF86CEB5D402EAAF61FEC31] - 09/10/2013 - 17:42:47 ---A- . (.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\usbcir.sys [100864] O44 - LFC:[MD5.1F775DA4CF1A3A1834207E975A72E9D7] - 09/10/2013 - 17:42:47 ---A- . (.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drivers\usbvideo.sys [185344] O44 - LFC:[MD5.E2C933EDBC389386EBE6D2BA953F43D8] - 09/10/2013 - 17:43:23 ---A- . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\Windows\System32\Drivers\Wdf01000.sys [785624] O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 17:48:51 ---A- . (.Microsoft Corporation - User Experience Controls Library.) -- C:\Windows\SysNative\comctl32.dll [633856] O44 - LFC:[MD5.9028D1621C43DF8DFBD1C76860412A11] - 09/10/2013 - 17:48:51 ---A- . (.Microsoft Corporation - User Experience Controls Library.) -- C:\Windows\System32\comctl32.dll [633856] O44 - LFC:[MD5.2A66E81AE941E54A237490FC35D387C8] - 10/10/2013 - 04:54:30 ---A- . (...) -- C:\Windows\epplauncher.mif [1945] O44 - LFC:[MD5.F210546A7E54361B4E26B07A1959DBD1] - 10/10/2013 - 06:19:06 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\SysNative\ieframe.dll [10926080] O44 - LFC:[MD5.F210546A7E54361B4E26B07A1959DBD1] - 10/10/2013 - 06:19:06 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll [10926080] O44 - LFC:[MD5.88664D38A94CDBD372ABB617E2928C37] - 10/10/2013 - 06:19:15 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysNative\mshtml.dll [17833984] O44 - LFC:[MD5.88664D38A94CDBD372ABB617E2928C37] - 10/10/2013 - 06:19:15 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [17833984] O44 - LFC:[MD5.BA4EAF171692FEC3F22DC8ED588C125E] - 10/10/2013 - 06:19:25 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript.dll [816640] O44 - LFC:[MD5.BA4EAF171692FEC3F22DC8ED588C125E] - 10/10/2013 - 06:19:25 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [816640] O44 - LFC:[MD5.FB20289B5331AE4D36EB39F3762C6527] - 10/10/2013 - 06:19:25 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\SysNative\vbscript.dll [599040] O44 - LFC:[MD5.FB20289B5331AE4D36EB39F3762C6527] - 10/10/2013 - 06:19:25 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [599040] O44 - LFC:[MD5.224FF6EA2D15F6D808AE25D869DED005] - 10/10/2013 - 06:19:27 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\SysNative\iertutil.dll [2147840] O44 - LFC:[MD5.224FF6EA2D15F6D808AE25D869DED005] - 10/10/2013 - 06:19:27 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2147840] O44 - LFC:[MD5.26FCE63F15EADEFCB0E1D37A6CD6939B] - 10/10/2013 - 06:19:28 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\SysNative\inetcpl.cpl [1494528] O44 - LFC:[MD5.26FCE63F15EADEFCB0E1D37A6CD6939B] - 10/10/2013 - 06:19:28 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl [1494528] O44 - LFC:[MD5.F45A1C24BC50B41659F6318C4F7C4533] - 10/10/2013 - 06:19:28 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\SysNative\jscript9.dll [2312704] O44 - LFC:[MD5.F45A1C24BC50B41659F6318C4F7C4533] - 10/10/2013 - 06:19:28 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [2312704] O44 - LFC:[MD5.83A99C79BA5980FB187CCE825C5AECDE] - 10/10/2013 - 06:19:30 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysNative\urlmon.dll [1346560] O44 - LFC:[MD5.83A99C79BA5980FB187CCE825C5AECDE] - 10/10/2013 - 06:19:30 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [1346560] O44 - LFC:[MD5.7C9B58CEF5954116B8C79E845F866C2B] - 10/10/2013 - 06:19:31 ---A- . (...) -- C:\AdwCleaner[R6].txt [1880] O44 - LFC:[MD5.A9B0F7A6C9839F931829CD0FF34D82F8] - 10/10/2013 - 06:19:32 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\SysNative\jsproxy.dll [85504] O44 - LFC:[MD5.A9B0F7A6C9839F931829CD0FF34D82F8] - 10/10/2013 - 06:19:32 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [85504] O44 - LFC:[MD5.61DB16986A5561DE7929C1BEE64BFF11] - 10/10/2013 - 06:19:33 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\SysNative\msfeeds.dll [729088] O44 - LFC:[MD5.61DB16986A5561DE7929C1BEE64BFF11] - 10/10/2013 - 06:19:33 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [729088] O44 - LFC:[MD5.6431F1042CEE8BD0197200EDCDF10B4F] - 10/10/2013 - 06:19:34 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\SysNative\url.dll [237056] O44 - LFC:[MD5.6431F1042CEE8BD0197200EDCDF10B4F] - 10/10/2013 - 06:19:34 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [237056] O44 - LFC:[MD5.3CD6F07E6416ED6E18A1965CD2B9144A] - 10/10/2013 - 06:19:35 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\SysNative\wininet.dll [1392128] O44 - LFC:[MD5.3CD6F07E6416ED6E18A1965CD2B9144A] - 10/10/2013 - 06:19:35 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1392128] O44 - LFC:[MD5.B73439C148710919E18321C487E4C885] - 10/10/2013 - 06:19:38 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\SysNative\ieUnatt.exe [173056] O44 - LFC:[MD5.B73439C148710919E18321C487E4C885] - 10/10/2013 - 06:19:38 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe [173056] O44 - LFC:[MD5.67926CE246B1C4080AD8DE7626965059] - 10/10/2013 - 06:19:38 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\SysNative\ieui.dll [248320] O44 - LFC:[MD5.67926CE246B1C4080AD8DE7626965059] - 10/10/2013 - 06:19:38 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll [248320] O44 - LFC:[MD5.4CC24784CB8D1BD9DBB35E4C055BD052] - 10/10/2013 - 06:19:44 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\SysNative\mshtmled.dll [96768] O44 - LFC:[MD5.4CC24784CB8D1BD9DBB35E4C055BD052] - 10/10/2013 - 06:19:44 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [96768] O44 - LFC:[MD5.D4372C2CFEF849676ECE9747EEE92A32] - 10/10/2013 - 06:19:45 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\SysNative\mshtml.tlb [2382848] O44 - LFC:[MD5.D4372C2CFEF849676ECE9747EEE92A32] - 10/10/2013 - 06:19:45 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848] O44 - LFC:[MD5.CF9171B6B1D07A63FA7CABCB26ABF408] - 10/10/2013 - 06:19:52 ---A- . (...) -- C:\AdwCleaner[S5].txt [1376] O44 - LFC:[MD5.18B86AAB354CB0C4EFE9533898707CB5] - 10/10/2013 - 06:30:09 ---A- . (...) -- C:\AdwCleaner[R7].txt [1829] O44 - LFC:[MD5.79687FB0CD25FAAA15E97101A2903421] - 10/10/2013 - 06:31:03 ---A- . (...) -- C:\AdwCleaner[S6].txt [2064] O44 - LFC:[MD5.E3A8B7CD746D5C5A9B2E7F9B98278942] - 10/10/2013 - 06:55:50 ---A- . (...) -- C:\Windows\win.ini [532] O44 - LFC:[MD5.597C3699384E53CC59587ED50CCE5CA2] - 10/10/2013 - 09:10:38 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hidclass.sys [76800] O44 - LFC:[MD5.856E76B3641746ABBC2946BED1372098] - 10/10/2013 - 09:10:38 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\hidparse.sys [32896] O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 10/10/2013 - 17:33:57 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\SysNative\wow64.dll [243712] O44 - LFC:[MD5.70833F5A59F65908698093889C34BCA2] - 10/10/2013 - 17:33:57 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712] O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 10/10/2013 - 17:33:58 ---A- . (.Microsoft Corporation - Event Trace Helper Library.) -- C:\Windows\SysNative\tdh.dll [859648] O44 - LFC:[MD5.A3FCC4F97551087D65F8FEE879FEF736] - 10/10/2013 - 17:33:58 ---A- . (.Microsoft Corporation - Event Trace Helper Library.) -- C:\Windows\System32\tdh.dll [859648] O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 10/10/2013 - 17:33:58 ---A- . (.Microsoft Corporation - NT Layer DLL.) -- C:\Windows\SysNative\ntdll.dll [1732032] O44 - LFC:[MD5.CAAAC014C5C56A69F710B5F1B836DE22] - 10/10/2013 - 17:33:58 ---A- . (.Microsoft Corporation - NT Layer DLL.) -- C:\Windows\System32\ntdll.dll [1732032] O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 10/10/2013 - 17:33:59 ---A- . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\Windows\SysNative\advapi32.dll [878080] O44 - LFC:[MD5.63A580C88CFAF72A92550940054569EF] - 10/10/2013 - 17:33:59 ---A- . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\Windows\System32\advapi32.dll [878080] O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 10/10/2013 - 17:34:01 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\SysNative\ntoskrnl.exe [5549504] O44 - LFC:[MD5.5B9A6A310326D9C438F2C19FBBE97C97] - 10/10/2013 - 17:34:01 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5549504] O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 10/10/2013 - 18:50:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080] O44 - LFC:[MD5.142671F462619CB64BA74F5B70136CB4] - 10/10/2013 - 18:50:30 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [46080] O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 10/10/2013 - 18:50:30 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\SysNative\fontsub.dll [100864] O44 - LFC:[MD5.D6BAE9B4B210D71CDDADC224CEFCDB5F] - 10/10/2013 - 18:50:30 ---A- . (.Microsoft Corporation - Font Subsetting DLL.) -- C:\Windows\System32\fontsub.dll [100864] O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 10/10/2013 - 18:50:31 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [368128] O44 - LFC:[MD5.E1BB958681BE311E7CFF06CFEC5F1F2B] - 10/10/2013 - 18:50:31 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [368128] O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 10/10/2013 - 18:50:31 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\SysNative\dciman32.dll [14336] O44 - LFC:[MD5.A5ED9421B8D09ED4F57CDA386307713E] - 10/10/2013 - 18:50:31 ---A- . (.Microsoft Corporation - DCI Manager.) -- C:\Windows\System32\dciman32.dll [14336] O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 10/10/2013 - 18:50:31 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\SysNative\lpk.dll [41472] O44 - LFC:[MD5.796B47A4B82EF1C39F13435B88834C48] - 10/10/2013 - 18:50:31 ---A- . (.Microsoft Corporation - Language Pack.) -- C:\Windows\System32\lpk.dll [41472] O44 - LFC:[MD5.189B0BAE1B0EDD51CEF1CD3F4CDEE02E] - 10/10/2013 - 21:45:04 ---A- . (.Microsoft Corporation - Active Directory Certificate Services Encod.) -- C:\Windows\SysNative\certenc.dll [52224] O44 - LFC:[MD5.189B0BAE1B0EDD51CEF1CD3F4CDEE02E] - 10/10/2013 - 21:45:04 ---A- . (.Microsoft Corporation - Active Directory Certificate Services Encod.) -- C:\Windows\System32\certenc.dll [52224] O44 - LFC:[MD5.4586B77B18FA9A8518AF76CA8FD247D9] - 10/10/2013 - 21:45:07 ---A- . (.Microsoft Corporation - CertUtil.exe.) -- C:\Windows\SysNative\certutil.exe [1192448] O44 - LFC:[MD5.4586B77B18FA9A8518AF76CA8FD247D9] - 10/10/2013 - 21:45:07 ---A- . (.Microsoft Corporation - CertUtil.exe.) -- C:\Windows\System32\certutil.exe [1192448] O44 - LFC:[MD5.314C17917AC8523EC77A710215012A65] - 11/10/2013 - 01:30:16 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys [497152] O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 11/10/2013 - 01:30:17 ---A- . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\Windows\SysNative\mswsock.dll [327168] O44 - LFC:[MD5.9A9F9F1A77D6A80EE28B57664F00013E] - 11/10/2013 - 01:30:17 ---A- . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\Windows\System32\mswsock.dll [327168] O44 - LFC:[MD5.40AF23633D197905F03AB5628C558C51] - 11/10/2013 - 01:30:17 ---A- . (.Microsoft Corporation - TCP/IP Driver.) -- C:\Windows\System32\Drivers\tcpip.sys [1903552] O44 - LFC:[MD5.99583D720C7476652265DE5CF3CB18A7] - 11/10/2013 - 05:58:41 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5061576] O44 - LFC:[MD5.99583D720C7476652265DE5CF3CB18A7] - 11/10/2013 - 05:58:41 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [5061576] O44 - LFC:[MD5.A15914DEC2B38E225D08A945E4955594] - 12/10/2013 - 09:10:40 RSH-- . (...) -- C:\usbdriver.vbe [32981] O44 - LFC:[MD5.1DF62B3308800ED79B8570AD9FD6B7FC] - 12/10/2013 - 09:10:42 R---- . (...) -- C:\Nouveau dossier.lnk [538] O44 - LFC:[MD5.12D6E2E2B7FCAC3628F868F809F15D06] - 12/10/2013 - 09:10:42 RSH-- . (...) -- C:\autorun.inf [47] O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 12/10/2013 - 16:53:23 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928] O44 - LFC:[MD5.3152A964A6A3978D531125C91C1DFE5B] - 12/10/2013 - 19:55:57 ---A- . (...) -- C:\Windows\PFRO.log [1049976] O44 - LFC:[MD5.9C2A859221541E2B8D093CFD0DD481FD] - 13/10/2013 - 15:24:59 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.59020A24F06DBD0115F25E9C3EF4EF4D] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [872418] O44 - LFC:[MD5.42B52C2DC252344580DD65042615BDB0] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [149192] O44 - LFC:[MD5.4B2DFA442F64C56B7C1A823C1A49C96D] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [731924] O44 - LFC:[MD5.59020A24F06DBD0115F25E9C3EF4EF4D] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [872418] O44 - LFC:[MD5.42B52C2DC252344580DD65042615BDB0] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\System32\perfc009.dat [149192] O44 - LFC:[MD5.4B2DFA442F64C56B7C1A823C1A49C96D] - 14/10/2013 - 10:13:31 ---A- . (...) -- C:\Windows\System32\perfh009.dat [731924] O44 - LFC:[MD5.455FE991E412FA8CA42E1EC44B4FE7B0] - 14/10/2013 - 16:33:04 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E8FFE78DE056460F52723740D9C518ED] - 14/10/2013 - 16:33:08 ---A- . (...) -- C:\Windows\setupact.log [99504] O44 - LFC:[MD5.1E994AA5A53BA5E6ED2D872B9CCDB661] - 14/10/2013 - 16:45:42 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1221211] ~ Files: 210 Scanned in 00mn 20s ---\\ Last files created in Windows Prefetcher (O45) O45 - LFCP:[MD5.3C8538B5643BAD0DA76F33770AAEC2AA] - 14/10/2013 - 15:05:51 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf O45 - LFCP:[MD5.2A2F6791BB439DA186A040FC6CB177D7] - 14/10/2013 - 15:06:50 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf O45 - LFCP:[MD5.926AF616120C2C4E96CDF0590C413F44] - 14/10/2013 - 15:13:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf O45 - LFCP:[MD5.B4515704A16FB171021298E361FA9FF5] - 14/10/2013 - 16:25:40 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.7DBED72397C3EBC1DA462E2084AE3196] - 14/10/2013 - 16:25:44 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf O45 - LFCP:[MD5.2BDFFF1B8E006BFA7353B48E75F66927] - 14/10/2013 - 16:26:41 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.AA06B8FD76E4BAF3C26C1262E1BE391A] - 14/10/2013 - 16:30:06 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-948805745-1492054858-3638506696-1001.db O45 - LFCP:[MD5.8F925E83E3C56C20A819B0A7FA9BCD10] - 14/10/2013 - 16:30:06 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-948805745-1492054858-3638506696-1001.db O45 - LFCP:[MD5.A1B29288A5ABBABC136864BB7C01EBFD] - 14/10/2013 - 16:31:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.69162BE1782FD907DCE87C3AEED0936A] - 14/10/2013 - 16:32:07 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.A9DD320556A795D5A4547D8E034864A7] - 14/10/2013 - 16:32:07 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.51DEBCC99050EE87EA96F996E3C8E4CB] - 14/10/2013 - 16:32:08 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.BE220AB44FE9AC2124DED6126BCE919F] - 14/10/2013 - 16:32:08 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.CEB3DAA30E52E5373AE5E74717712186] - 14/10/2013 - 16:32:08 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.9951DFCD014567B8132E30AAA1671037] - 14/10/2013 - 16:32:09 ---A- - C:\Windows\Prefetch\AgAppLaunch.db O45 - LFCP:[MD5.73770B4460AE2F35FDBC1A7EE1777471] - 14/10/2013 - 16:34:10 ---A- - C:\Windows\Prefetch\IEMONITOR.EXE-9DA5E783.pf O45 - LFCP:[MD5.1DDEC7BA06BE054E9FE7D18AAF30E1E5] - 14/10/2013 - 16:34:10 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.AF2C70D51A117707A816755ABE377AB8] - 14/10/2013 - 16:34:12 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.562006AA4F60959A285F5DD8C71E2149] - 14/10/2013 - 16:34:18 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf O45 - LFCP:[MD5.CC1099C828F9EAD206DEE11744D79856] - 14/10/2013 - 16:34:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf O45 - LFCP:[MD5.7132B5E848A376581A15CB4D45B14D50] - 14/10/2013 - 16:34:26 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf O45 - LFCP:[MD5.2CE97E34272C84FF4B73CCDA09A3DF11] - 14/10/2013 - 16:34:42 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf O45 - LFCP:[MD5.537B2C0FB19115F1CBC08C9C9F3D010B] - 14/10/2013 - 16:35:41 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf O45 - LFCP:[MD5.64A32F2798E0E342C8B9BD880AE8946F] - 14/10/2013 - 16:35:41 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.C87EAADB9612B7A63FE927D239705738] - 14/10/2013 - 16:35:43 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf O45 - LFCP:[MD5.D74225CEBF5DDBD053EEA6C7D4CF5D9E] - 14/10/2013 - 16:35:53 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-9FED550E.pf O45 - LFCP:[MD5.CFF504FB56DF6234779094313841E012] - 14/10/2013 - 16:36:44 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.AE0B3D97B312AF7667BF233FC41DCBF1] - 14/10/2013 - 16:37:22 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.E179A385CB9D346EE03C36DE5D3A10FB] - 14/10/2013 - 16:37:47 ---A- - C:\Windows\Prefetch\IELOWUTIL.EXE-903B8AC1.pf O45 - LFCP:[MD5.3D4DD0405CD05CEB89915F74F5A8BDC6] - 14/10/2013 - 16:38:27 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.A873301EA91EF8A2F50EE6FAB2FCC148] - 14/10/2013 - 16:38:27 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.7D662A0D2D0D785E61ABEA72AEFD954B] - 14/10/2013 - 16:38:28 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.FC1C1A9F813F2B6A71074152750EF2EC] - 14/10/2013 - 16:38:35 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf O45 - LFCP:[MD5.B7640F845BB2E4EF3E4B3F666AC9F3F0] - 14/10/2013 - 16:40:30 ---A- - C:\Windows\Prefetch\CHROME.EXE-D999B1BA.pf O45 - LFCP:[MD5.E951FD503F2ECD9EF368E8D1711D94DC] - 14/10/2013 - 16:44:00 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf O45 - LFCP:[MD5.43681518BA80FDFE374DA794D27AE295] - 14/10/2013 - 16:44:12 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-6AA90EA5.pf O45 - LFCP:[MD5.4D7871225A611240C2B851EC9BA4D93A] - 14/10/2013 - 16:44:12 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf O45 - LFCP:[MD5.7A06FC1260C17620B94381FF777B3C6F] - 14/10/2013 - 16:44:13 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-37549B7E.pf O45 - LFCP:[MD5.416908B432E279D1424213372534FC03] - 14/10/2013 - 16:44:15 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.CA245D830AF6EBEDD8E977B556723AAA] - 14/10/2013 - 16:44:17 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf O45 - LFCP:[MD5.B10372E07DE5F1975B5827DF3E42BCF4] - 14/10/2013 - 16:44:21 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.39D4B614EC9C865BED2E0A61CF22E91E] - 14/10/2013 - 16:44:24 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.CB006EB65292BB3DD65FFA3AAD8A1376] - 14/10/2013 - 16:44:27 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf O45 - LFCP:[MD5.552D7A85035F939A23058BEA536ECA92] - 14/10/2013 - 16:44:32 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf O45 - LFCP:[MD5.374904A0CA8DF22FFFB76C43CEFDC980] - 14/10/2013 - 16:44:39 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf O45 - LFCP:[MD5.B31C5758AAF34C20B66F27E6BFFEBADE] - 14/10/2013 - 16:44:40 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf O45 - LFCP:[MD5.83A4858D62A90D498ED524A44FC5BF07] - 14/10/2013 - 16:44:41 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf O45 - LFCP:[MD5.B63F86C7C0CADB6BFCDC3B41202BCAEE] - 14/10/2013 - 16:44:41 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf O45 - LFCP:[MD5.E528A9C5BAEFACC094508EB79D685AB1] - 14/10/2013 - 16:44:49 ---A- - C:\Windows\Prefetch\PV.EXE-34B75B82.pf O45 - LFCP:[MD5.D83C2C9F0CC4438AC95205163045D18E] - 14/10/2013 - 16:45:27 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AB0CE9D9.pf O45 - LFCP:[MD5.5B2AFA295FB8AAE31571D6819BF3FFBE] - 14/10/2013 - 16:45:58 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf O45 - LFCP:[MD5.F6DC1051D79DD0893FC5A67C5D981165] - 14/10/2013 - 16:46:23 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/09/2159 - 05:43:24 ----D - C:\Windows\Prefetch\ReadyBoot ~ Prefetcher: 53 Scanned in 00mn 01s ---\\ Operations and functions at Windows Explorer startup (O46) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Local Security Authority-LSA Deny (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\command . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (...) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\E06FXLRD_84508502 [Key] . (...) -- C:\Program Files (x86)\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\E09FXLRD_147686 [Key] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe O53 - SMSR:HKLM\...\startupreg\E09FXLRD_419711002 [Key] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Encarta\Microsoft Encarta 2009 - Collection DVD\EDICT.exe O53 - SMSR:HKLM\...\startupreg\Easybits Recovery [Key] . (...) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\bertrand\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (...) -- C:\Users\bertrand\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O53 - SMSR:HKLM\...\startupreg\KiesAirMessage [Key] . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\KiesPreload [Key] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\Pando Media Booster [Key] . (...) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RTHDVCPL [Key] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (...) -- C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\bertrand\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O53 - SMSR:HKLM\...\startupreg\Xvid [Key] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe (.not file.) ~ SMSR Keys: 29 Scanned in 00mn 00s ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0 ~ MWPS: 19 Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1 ~ MWPE Keys: 5 Scanned in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.DEFD557D9B8C0FA3CEA6CC576400114E] - 20/08/2012 - 14:48:50 ----- . (...) -- C:\Windows\System32\pwdrvio.sys [19032] O58 - SDL:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 04/01/2005 - 00:43:08 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\SysWOW64\npptNT2.sys [4682] ~ Drivers: 19 Scanned in 00mn 00s ---\\ Last modified or created user files (O61) O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\Q3JKZ4TT\4BAE91DBAEF0CEEC0FCE5505D96DDEA865EDBFC1.heu [152] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\Q3JKZ4TT\8F903698240FE799F61EEDA8595181137B996156.heu [152] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\Q3JKZ4TT\98EECA3E014A0FA3C4C613006BDCEA12DA3BEACE.heu [152] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\Q3JKZ4TT\ABD49354324081CEBB8F60184CF5FEE81F0F9298.heu [152] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SVUJ693U\players.nrjaudio.fm\##4CA406C130CC2410\00000001.sol [154] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_pnacl_json [439] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_crtbeginS_o [2520] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_for_eh_o [2144] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_crtbegin_o [2288] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_crtendS_o [1350] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_crtend_o [1349] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_ld_nexe [2191960] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_libcrt_platform_a [5674] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_a [47406] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_libgcc_eh_a [234936] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_a [180862] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_libpnacl_irt_shim_dummy_a [1774] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\_platform_specific\x86_64\pnacl_public_x86_64_pnacl_llc_nexe [9167128] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\manifest.fingerprint [66] O61 - LFC: 11/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\pnacl\0.1.0.12181\manifest.json [572] O61 - LFC: 11/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\sts_list.dat [34] O61 - LFC: 11/10/2013 - 16:49:10 ---A- . (...) -- C:\Users\bertrand\Documents\FLiNGTrainer\TrainerBGM.mid [32445] O61 - LFC: 12/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [45056] O61 - LFC: 12/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336] O61 - LFC: 12/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [19456] O61 - LFC: 12/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal [8768] O61 - LFC: 12/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Sony\Vegas Pro\12.0\DeviceExplorer.PerUser.xml [2480] O61 - LFC: 12/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Sony\Vegas Pro\12.0\FileExplorer.settings [545] O61 - LFC: 12/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Sony\Vegas Pro\12.0\RenderAs.settings [1102] O61 - LFC: 12/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Sony\Vegas Pro\12.0\XDCAMExplorer.PerUser.xml [3057] O61 - LFC: 12/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\foldresHistory.txt [362] O61 - LFC: 12/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-10-12 (17-07-46).txt [13922] O61 - LFC: 12/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Sony\Render Templates\Favorites.settings [40] O61 - LFC: 12/10/2013 - 16:49:14 ---A- . (...) -- C:\Users\bertrand\Documents\SlowD.wav [2921412] O61 - LFC: 12/10/2013 - 16:52:57 ---A- . (...) -- C:\Users\bertrand\Downloads\Programs\adwcleaner.exe [1048960] O61 - LFC: 12/10/2013 - 16:52:58 ---A- . (.Malwarebytes Corporation.) -- C:\Users\bertrand\Downloads\Programs\mbam-setup-1.75.0.1300.exe [10285040] O61 - LFC: 12/10/2013 - 16:54:44 ---A- . (...) -- C:\Users\bertrand\Securities\update.exe [1233] O61 - LFC: 13/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\AppData\Local\CrashDumps\firefox.exe.5824.dmp [3262476] O61 - LFC: 13/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Darksiders2\controls.dcon [944] O61 - LFC: 13/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Darksiders2\gamepad.gcon [275] O61 - LFC: 13/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Darksiders2\options.dopt [49] O61 - LFC: 13/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn\LOG.old [148] O61 - LFC: 13/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [58368] O61 - LFC: 13/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [16384] O61 - LFC: 13/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SVUJ693U\broadcast.piximedia.fr\footerJS\v4\lib\so.swf\PmUI.sol [33] O61 - LFC: 13/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SVUJ693U\macromedia.com\support\flashplayer\sys\#www.ultimedia.com\settings.sol [87] O61 - LFC: 13/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SVUJ693U\macromedia.com\support\flashplayer\sys\settings.sol [1582] O61 - LFC: 13/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\SVUJ693U\www.ultimedia.com\analytics.sol [487] O61 - LFC: 13/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\SKIDROW\50650\Storage\dssave2.dsav [19705] O61 - LFC: 13/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\SKIDROW\50650\Storage\options.dopt [49] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Mipony\History.xml [908] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Mipony\categories.xml [94] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Mipony\linkList.xml [79] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Mipony\mipony.xml [12628] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\Mipony\stats.xml [845] O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman O61 - LFC: 13/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\ZHPDiag.txt [299506] =>.Nicolas Coolman O61 - LFC: 13/10/2013 - 16:49:10 ---A- . (...) -- C:\Users\bertrand\Documents\Mipony\Fast and furious 3.avi [734361680] O61 - LFC: 13/10/2013 - 16:49:10 ---A- . (...) -- C:\Users\bertrand\Documents\Mipony\Fast_and_Furious 4.avi [733698048] O61 - LFC: 13/10/2013 - 16:49:10 ---A- . (...) -- C:\Users\bertrand\Documents\My Games\Darksiders2\English\dssave2.dsav [19705] O61 - LFC: 13/10/2013 - 16:52:58 ---A- . (...) -- C:\Users\bertrand\Downloads\Programs\RogueKillerX64.exe [3985920] O61 - LFC: 13/10/2013 - 16:53:03 ---A- . (...) -- C:\Users\bertrand\Downloads\Programs\vlc-media-player_2-1-0_fr_10829.exe [24278649] O61 - LFC: 14/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\.VirtualBox\VirtualBox.xml [2328] O61 - LFC: 14/10/2013 - 16:46:43 ---A- . (...) -- C:\Users\bertrand\.VirtualBox\VirtualBox.xml-prev [2154] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [262585] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Archived History [1847296] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [16384] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Cookies [866304] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [60897] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG [148] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old [148] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000707 [335] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [272] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [151] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-001384 [486] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ar\messages.json [374] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\bg\messages.json [428] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ca\messages.json [207] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\cs\messages.json [230] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\da\messages.json [216] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\de\messages.json [217] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\el\messages.json [416] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_GB\messages.json [208] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_US\messages.json [209] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es\messages.json [206] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es_419\messages.json [206] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\et\messages.json [216] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fi\messages.json [216] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fil\messages.json [219] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fr\messages.json [224] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\he\messages.json [293] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hi\messages.json [375] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hu\messages.json [251] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\id\messages.json [209] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\it\messages.json [213] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ja\messages.json [263] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ko\messages.json [254] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lt\messages.json [234] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lv\messages.json [232] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ms\messages.json [207] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\nl\messages.json [217] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\no\messages.json [195] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pl\messages.json [217] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_BR\messages.json [206] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_PT\messages.json [208] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ro\messages.json [225] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ru\messages.json [434] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sk\messages.json [225] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sl\messages.json [218] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sr\messages.json [380] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sv\messages.json [214] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\th\messages.json [329] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\tr\messages.json [243] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\uk\messages.json [428] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\vi\messages.json [252] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_CN\messages.json [233] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_TW\messages.json [233] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\icon_128.png [3009] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\icon_16.png [143] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\main.html [92] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\main.js [98] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\manifest.json [724] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\128.png [7654] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar\messages.json [422] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg\messages.json [559] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca\messages.json [265] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs\messages.json [283] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da\messages.json [251] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de\messages.json [256] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el\messages.json [565] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB\messages.json [249] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US\messages.json [249] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es\messages.json [259] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419\messages.json [259] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et\messages.json [259] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu\messages.json [243] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi\messages.json [277] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil\messages.json [260] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr\messages.json [260] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he\messages.json [438] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi\messages.json [492] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr\messages.json [263] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu\messages.json [276] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id\messages.json [261] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it\messages.json [258] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja\messages.json [395] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko\messages.json [365] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt\messages.json [309] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv\messages.json [262] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms\messages.json [254] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl\messages.json [250] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no\messages.json [218] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl\messages.json [261] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR\messages.json [250] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT\messages.json [272] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro\messages.json [309] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru\messages.json [614] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk\messages.json [293] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl\messages.json [268] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr\messages.json [467] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv\messages.json [261] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th\messages.json [521] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr\messages.json [302] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk\messages.json [657] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi\messages.json [321] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN\messages.json [360] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW\messages.json [348] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\manifest.json [996] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\128.png [3524] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ar\messages.json [401] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\bg\messages.json [427] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ca\messages.json [250] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\cs\messages.json [255] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\da\messages.json [242] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\de\messages.json [226] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\el\messages.json [475] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\en\messages.json [227] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\es\messages.json [240] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\fi\messages.json [222] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\fil\messages.json [236] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\fr\messages.json [249] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\he\messages.json [419] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\hi\messages.json [408] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\hr\messages.json [220] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\hu\messages.json [253] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\id\messages.json [231] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\it\messages.json [224] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ja\messages.json [349] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ko\messages.json [323] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\lt\messages.json [266] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\lv\messages.json [245] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\nl\messages.json [225] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\no\messages.json [216] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\pl\messages.json [274] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\pt_BR\messages.json [237] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\pt_PT\messages.json [236] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ro\messages.json [248] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\ru\messages.json [394] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\sk\messages.json [241] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\sl\messages.json [245] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\sr\messages.json [437] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\sv\messages.json [238] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\th\messages.json [365] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\tr\messages.json [255] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\uk\messages.json [442] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\vi\messages.json [310] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\zh_CN\messages.json [257] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\_locales\zh_TW\messages.json [269] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\manifest.json [785] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\128.png [5367] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\16.png [499] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\32.png [1154] O61 - LFC: 14/10/2013 - 16:46:44 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\48.png [1872] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar\messages.json [423] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg\messages.json [515] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca\messages.json [330] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs\messages.json [355] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da\messages.json [328] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de\messages.json [307] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el\messages.json [569] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en\messages.json [314] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB\messages.json [314] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US\messages.json [314] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es\messages.json [340] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419\messages.json [341] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et\messages.json [314] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi\messages.json [305] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil\messages.json [337] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr\messages.json [329] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he\messages.json [471] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi\messages.json [326] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr\messages.json [340] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu\messages.json [336] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id\messages.json [319] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it\messages.json [324] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja\messages.json [388] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko\messages.json [380] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt\messages.json [359] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv\messages.json [360] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl\messages.json [323] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no\messages.json [300] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl\messages.json [336] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR\messages.json [332] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT\messages.json [331] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro\messages.json [332] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru\messages.json [471] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk\messages.json [338] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl\messages.json [329] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr\messages.json [483] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv\messages.json [333] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th\messages.json [472] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr\messages.json [330] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk\messages.json [501] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi\messages.json [363] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN\messages.json [346] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW\messages.json [346] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\manifest.json [817] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\_locales\en\messages.json [763] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\background.html [153] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\background.js [792] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\captured.html [1047] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\contentscript.js [1308] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\images\dwnlAll.png [929] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\images\dwnlLink.png [854] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\images\logoBig.png [20003] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\images\logoSmall.png [4616] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\manifest.json [1305] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\welcome.html [2848] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\welcome.js [654] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\background.html [241] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\background.js [3903] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\background_body.js [1335] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\call_icon.png [1271] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\change_sink.js [7484] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\contentscript.js [13447] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\document_iterator.js [14080] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\dropdown_menu_icon_set.png [5122] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\find_proxy.js [11304] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\get_html_text.js [5123] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\global_constants.js [3130] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\manifest.json [1431] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\menu_injection_builder.js [8890] O61 - LFC: 14/10/2013 - 16:46:45 ---A- . (.Tonec Inc..) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_1\IDMGCExt.dll [98200] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\MSIExecWatcher.exe [106368] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\menu_injection_handler.js [17364] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\name_injection_builder.js [2033] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\number_injection_builder.js [9162] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\numbers_button_skype_logo.png [705] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\skype.png [680] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\string_finder.js [10070] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\background.js [1368] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\load_symbols.js [2447] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name.js [13935] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ar.js [54117] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_bg.js [51067] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ca.js [15513] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_cs.js [19494] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_da.js [14038] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_de.js [15552] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_el.js [55324] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_en_gb.js [13942] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_es.js [15179] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_es_419.js [15179] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_fi.js [14370] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_fil.js [13992] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_fr.js [15435] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_hi.js [47597] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_hr.js [14656] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_hu.js [16140] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_id.js [13888] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_it.js [13943] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_iw.js [35117] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ja.js [34352] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ko.js [29930] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_lt.js [17128] O61 - LFC: 14/10/2013 - 16:46:46 ---A- . (.Skype Technologies S.A..) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\npSkypeChromePlugin.dll [4712320] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_lv.js [17105] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_nl.js [14243] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_no.js [14395] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_pl.js [15282] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_pt_br.js [15497] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_pt_pt.js [15486] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ro.js [16064] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_ru.js [54888] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_sk.js [19282] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_sl.js [19834] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_sr.js [50705] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_sv.js [14839] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_th.js [50049] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_tr.js [15702] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_uk.js [55785] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_vi.js [22382] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_zh_cn.js [26826] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\locale_name_zh_tw.js [26509] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols.js [3135] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ar.js [6384] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_bg.js [5653] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ca.js [3447] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_cs.js [3639] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_da.js [3294] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_de.js [3287] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_el.js [5843] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_en_gb.js [3245] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_es.js [3342] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_es_419.js [3336] O61 - LFC: 14/10/2013 - 16:46:47 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_fi.js [3591] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_fil.js [3259] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_fr.js [3422] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_hi.js [6181] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_hr.js [3414] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_hu.js [3644] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_id.js [3203] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_it.js [3307] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_iw.js [5722] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ja.js [3798] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ko.js [4048] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_lt.js [3562] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_lv.js [3569] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_nl.js [3286] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_no.js [3307] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_pl.js [3430] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_pt_br.js [3405] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_pt_pt.js [3425] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ro.js [3418] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_ru.js [5819] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_sk.js [3430] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_sl.js [3381] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_sr.js [5689] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_sv.js [3376] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_th.js [6459] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_tr.js [3455] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_uk.js [5684] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_vi.js [3888] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_zh_cn.js [4089] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\i18n\symbols_zh_tw.js [3964] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\icon_128.png [9460] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\icon_16.png [702] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\amex.png [2052] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\bank.png [234] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\check.png [235] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\checkmark.png [239] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\close_dialog.png [139] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\close_dialog_hover.png [214] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\close_dialog_pressed.png [213] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\cvc-amex.png [1344] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\cvc.png [1343] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\discover.png [1700] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\info_icon.png [1354] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\jcb.png [1179] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\lock.png [182] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\mastercard.png [1818] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\stored_value.png [1141] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\1x\visa.png [1710] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\amex.png [3446] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\bank.png [412] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\check.png [631] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\checkmark.png [358] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\close_dialog.png [170] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\close_dialog_hover.png [385] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\close_dialog_pressed.png [390] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\cvc-amex.png [1748] O61 - LFC: 14/10/2013 - 16:46:48 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\cvc.png [1744] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ar\messages.json [52790] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\bg\messages.json [41117] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ca\messages.json [16920] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\cs\messages.json [21633] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\da\messages.json [15723] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\de\messages.json [16303] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\el\messages.json [45461] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\en\messages.json [16620] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\en_GB\messages.json [15076] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\es\messages.json [17148] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\es_419\messages.json [16477] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\fi\messages.json [15881] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\fil\messages.json [16003] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\fr\messages.json [20254] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\hi\messages.json [38236] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\hr\messages.json [22320] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\hu\messages.json [20750] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\id\messages.json [15356] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\it\messages.json [16030] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\iw\messages.json [19337] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ja\messages.json [24124] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ko\messages.json [21891] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\lt\messages.json [21284] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\lv\messages.json [21167] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\nl\messages.json [15358] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\no\messages.json [12707] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\pl\messages.json [23217] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\pt_BR\messages.json [16741] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\pt_PT\messages.json [17074] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ro\messages.json [20402] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\ru\messages.json [57898] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\sk\messages.json [20607] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\discover.png [2928] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\info_icon.png [1817] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\jcb.png [2874] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\lock.png [298] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\mastercard.png [3585] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\stored_value.png [1985] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\2x\visa.png [2584] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\wallet-icon-sm.png [1528] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\images\wallet-icon-tiny.png [800] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\main.html [950] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\manifest.json [1426] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\payments.js [257480] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\pbhelper.html [119] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\pbhelper.js [581] O61 - LFC: 14/10/2013 - 16:46:49 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\styles\payments.css [13283] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\sl\messages.json [22304] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\sr\messages.json [58404] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\sv\messages.json [15748] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\th\messages.json [41806] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\tr\messages.json [18435] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\uk\messages.json [59279] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\vi\messages.json [23117] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\zh_CN\messages.json [20233] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1\_locales\zh_TW\messages.json [20013] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\128.png [5920] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ar\messages.json [556] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\bg\messages.json [492] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ca\messages.json [262] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\cs\messages.json [289] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\da\messages.json [240] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\de\messages.json [239] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\el\messages.json [624] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\en\messages.json [215] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\es\messages.json [281] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\fi\messages.json [284] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\fil\messages.json [234] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\fr\messages.json [272] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\hi\messages.json [391] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\hr\messages.json [246] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\hu\messages.json [234] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\id\messages.json [242] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\it\messages.json [260] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ja\messages.json [364] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ko\messages.json [328] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\lt\messages.json [269] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\lv\messages.json [262] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\nl\messages.json [232] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\no\messages.json [210] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\pl\messages.json [292] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\pt_BR\messages.json [230] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\pt_PT\messages.json [231] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ro\messages.json [281] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\ru\messages.json [482] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\se\messages.json [210] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\sk\messages.json [238] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\sl\messages.json [249] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\sr\messages.json [511] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\th\messages.json [471] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\tr\messages.json [250] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\uk\messages.json [536] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\vi\messages.json [257] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\zh_CN\messages.json [339] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\_locales\zh_TW\messages.json [321] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\manifest.json [755] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Favicons [1009664] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico [181623] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\History [1589248] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [175590] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Last Session [144948] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [239768] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn\CURRENT [16] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn\LOG [145] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn\MANIFEST-000155 [88] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_phlpjnmkcepflfoglccifhajagahaglm_0.localstorage [3072] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_phlpjnmkcepflfoglccifhajagahaglm_0.localstorage-journal [3608] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.apple.com_0.localstorage [3072] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.apple.com_0.localstorage-journal [512] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage [23552] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal [16384] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage [3072] O61 - LFC: 14/10/2013 - 16:46:50 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.com_0.localstorage-journal [3608] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [111616] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [16384] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Preferences [89474] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [276] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [277] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-002051 [254] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [81920] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [16384] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Top Sites [425984] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal [16384] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [2552] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Web Data [77824] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [8736] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Local State [43321] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [8723752] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1575716] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [4640] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135184] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [714168] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19556] O61 - LFC: 14/10/2013 - 16:46:51 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6592] O61 - LFC: 14/10/2013 - 16:46:51 --HA- . (...) -- C:\Users\bertrand\AppData\Local\Google\Chrome\User Data\Local State~RF4c2109c.TMP [0] O61 - LFC: 14/10/2013 - 16:46:51 --HA- . (...) -- C:\Users\bertrand\AppData\Local\IconCache.db [2016874] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Sidebar7\Sidebar7Config.txt [362] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_1.xml [1601] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_2.xsl [45673] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_3.xsl [2425] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_4.xsl [65781] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_5.xsl [6293] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_6.xsl [1598] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_7.xsl [32443] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\EncartaTempDir\DTA_ce4_8.js [51403] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Local\Temp\WER38E1.tmp.resp.erc.xml [0] O61 - LFC: 14/10/2013 - 16:46:53 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\DMCache\settings.bak [0] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe [11243089] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe2 [8693385] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe4 [7331883] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe5 [0] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe6 [0] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\DwnlData\bertrand\itunes_11-1-1_fr_11140_32_122\itunes_11-1-1_fr_11140_32.exe7 [0] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\Scheduler\q_1.dt [6] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\defextmap.dat [2198] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\IDM\urlexclist.dat [2198] O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\Log.txt [101617] =>.Nicolas Coolman O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\TestsZHPDiag.txt [2936] =>.Nicolas Coolman O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\ZHPExportRegistry-14-10-2013-09-58-59.txt [3461534] =>.Nicolas Coolman O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\ZHPFixQuarantine.txt [2270] =>.Nicolas Coolman O61 - LFC: 14/10/2013 - 16:46:54 ---A- . (...) -- C:\Users\bertrand\AppData\Roaming\ZHP\ZHPFix[R1].txt [15643] =>.Nicolas Coolman O61 - LFC: 14/10/2013 - 16:53:03 ---A- . (...) -- C:\Users\bertrand\Downloads\Programs\SFTGC.exe [1064060] O61 - LFC: 14/10/2013 - 16:54:46 ---A- . (...) -- C:\Users\bertrand\VirtualBox VMs\TestFMW\TestFMW.vbox [7019] O61 - LFC: 14/10/2013 - 16:54:46 ---A- . (...) -- C:\Users\bertrand\VirtualBox VMs\TestFMW\TestFMW.vbox-prev [6719] O61 - LFC: 14/10/2013 - 16:54:46 ---A- . (...) -- C:\Users\bertrand\VirtualBox VMs\TestFMW\TestFMW.vdi [5395030016] ~ 9 Fichiers temporaires (Temporary files) ~ Files: 576 Scanned in 08mn 06s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - 14/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 15/08/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - Computer Browser Service DLL.) - LEGACY_BOWSER O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 27/06/2013 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - LUA File Virtualization Filter Driver.) - LEGACY_LUAFV O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 18/06/2013 - C:\Windows\System32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - Windows Firewall API.) - LEGACY_MPSDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\mqac.sys (MQAC) .(.Microsoft Corporation - Message Queuing Device Driver.) - LEGACY_MQAC O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - Workstation Service DLL.) - LEGACY_MRXSMB O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - Workstation Service DLL.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - Workstation Service DLL.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - NDIS 6.20 driver.) - LEGACY_NDIS O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 18/06/2013 - C:\Windows\System32\DRIVERS\NisDrvWFP.sys (NisDrv) .(.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) - LEGACY_NISDRV O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\drivers\NPF.sys (NPF) .(...) - LEGACY_NPF O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - QoS Packet Scheduler.) - LEGACY_PSCHED O64 - Services: CurCS - 20/08/2012 - C:\Windows\system32\pwdrvio.sys (pwdrvio) .(...) - LEGACY_PWDRVIO O64 - Services: CurCS - 20/08/2012 - C:\Windows\system32\pwdspio.sys (pwdspio) .(...) - LEGACY_PWDSPIO O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - Workstation Service DLL.) - LEGACY_RDBSS O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 28/04/2012 - C:\Windows\System32\Drivers\RDPWD.sys (RDPWD) .(.Microsoft Corporation - RDP Terminal Stack Driver.) - LEGACY_RDPWD O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftfslh.sys (Sftfs) .(.Microsoft Corporation - Microsoft Application Virtualization File S.) - LEGACY_SFTFS O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftplaylh.sys (Sftplay) .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTPLAY O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftredirlh.sys (Sftredir) .(.Microsoft Corporation - Microsoft Application Virtualization System.) - LEGACY_SFTREDIR O64 - Services: CurCS - 26/06/2013 - C:\Windows\System32\DRIVERS\Sftvollh.sys (Sftvol) .(.Microsoft Corporation - Microsoft Application Virtualization Volume.) - LEGACY_SFTVOL O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 01/01/1601 - C:\Windows\System32\Drivers\sptd.sys (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - Server Service DLL.) - LEGACY_SRV O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - Server Service DLL.) - LEGACY_SRV2 O64 - Services: CurCS - 18/10/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Network Configuration Objects.) - LEGACY_TCPIP O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 17/02/2012 - C:\Windows\System32\drivers\tdtcp.sys (TDTCP) .(.Microsoft Corporation - TCP Transport Driver.) - LEGACY_TDTCP O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Network Configuration Objects.) - LEGACY_TDX O64 - Services: CurCS - 15/06/2013 - C:\Windows\System32\DRIVERS\tssecsrv.sys (tssecsrv) .(.Microsoft Corporation - TS Security Filter Driver.) - LEGACY_TSSECSRV O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\DRIVERS\udfs.sys (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\DRIVERS\VBoxDrv.sys (VBoxDrv) .(.Oracle Corporation - VirtualBox Support Driver.) - LEGACY_VBOXDRV O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\DRIVERS\VBoxUSBMon.sys (VBoxUSBMon) .(.Oracle Corporation - VirtualBox USB Monitor Driver.) - LEGACY_VBOXUSBMON O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX O64 - Services: CurCS - 18/10/2011 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Volume Shadow Copy Driver.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - RAS Configuration Objects.) - LEGACY_WANARPV6 O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 26/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 97 Scanned in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ~ FASS Keys: 19 Scanned in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\bertrand\AppData\Local\Torch\Application\torch.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {2E5116F8-395B-4D67-9039-F1FF13E609C4} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (CKF) (O82) C:\Program Files (x86)\RAR Password Cracker\example1.rar C:\Program Files (x86)\RAR Password Cracker\example2.rar C:\Program Files (x86)\RAR Password Cracker\rpc.exe C:\Program Files (x86)\RAR Password Cracker\uninstall.exe C:\Users\bertrand\AppData\Roaming\ZHP\Quarantine\keygen acid pro 7.0.rar.VIR =>.Nicolas Coolman C:\Users\bertrand\AppData\Roaming\ZHP\Quarantine\sony acid pro 7.0.641.keygen.rar.VIR =>.Nicolas Coolman C:\Program Files (x86)\RAR Password Cracker\example1.rar C:\Program Files (x86)\RAR Password Cracker\example2.rar C:\Program Files (x86)\RAR Password Cracker\rpc.exe C:\Program Files (x86)\RAR Password Cracker\uninstall.exe C:\Users\bertrand\AppData\Roaming\ZHP\Quarantine\keygen acid pro 7.0.rar.VIR =>.Nicolas Coolman C:\Users\bertrand\AppData\Roaming\ZHP\Quarantine\sony acid pro 7.0.641.keygen.rar.VIR =>.Nicolas Coolman ~ Files: Scanned in 01mn 16s ---\\ Search Svchost Services (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote Connections Manager.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over an IPv4 network..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.DC88D1CAE23F2150C1B479A2BF3A12A6] [SPRF][16/08/2012] (.3DMGAME - FLiNG@3DMGAME Presents - Darksiders II Up 1 Plus 22 Trainer.) -- C:\Users\bertrand\Desktop\Darksiders II Up 1 Plus 22 Trainer.exe [1179648] [MD5.FD61B634CBD82AFB7BEED0E16DA5CDB5] [SPRF][20/12/2012] (.SpeedyFox - SpeedyFox program.) -- C:\Users\bertrand\Desktop\speedyfox.exe [586744] ~ Files: 2 Scanned in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinator Service.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinator Service.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinator Service.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinator Service.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Services and Controller app.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Services and Controller app.) -- C:\Windows\system32\services.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - People Near Me.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - People Near Me.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - People Near Me.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - People Near Me.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service.) -- C:\Windows\system32\vds.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - SNMP Trap.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - SNMP Trap.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{067728B7-8207-4444-9C5C-16924B16B017}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O87 - FAEL: "{07462E69-35AE-46C5-BB86-CE3D2F70015E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe O87 - FAEL: "{64450F0E-B8D9-4562-B997-D23BB7523CB3}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{89CBF968-489D-4C0B-9D5D-EC37EF01E027}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe O87 - FAEL: "{8933F1A2-75CE-4360-9041-D995E1A941BE}" |In - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\ezSharedSvcHost.exe (.not file.) O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{858D43EF-8E7C-418E-B32F-17EF8279D156}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{31FFC9A5-0147-448C-BD0C-843A4A3E1B4A}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{A75FB0CE-4F8D-4231-98FE-8FF1766700ED}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{0F39B5FF-6E45-4100-A01F-57FA53EBEDD0}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{B78429A9-275D-424E-A350-08DC4676460A}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3F4A6B68-3ACD-4858-82E6-65225CB0B98A}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{2FEFCFA3-2CE1-4A91-9377-C56561BA4D66}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0F530A8E-C433-4D32-BED5-5D5BFE399506}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{DB2486EA-CE6A-4C39-B9DA-9172D38C92D1}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{1B59970D-D973-46BC-B4CA-DFDB37C3DA1F}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{714D009A-04C5-42C0-95CF-93E853D10DFB}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{1326DFE2-B4D8-4E07-85DE-287BDB5A915E}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "{84FB7C0F-0AA8-4F0D-BEF1-BAAE51D705C5}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{E1B157EE-1F7A-4952-B4FE-886588BA38F2}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{759F3A6B-14D8-44A5-9632-878AEE0C39B9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{458E0643-A1AF-421F-B336-C12F0A090629}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation O87 - FAEL: "{1912167F-4F58-4677-AE88-F2BF092E4497}" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{0EFED22C-386C-4B93-BC09-68748972C142}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{3344ADFF-FE2A-45D9-921C-967B19571786}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D10F8589-9690-4586-8FBA-EAF35D9EBA4B}" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{32697A53-C88D-4306-A174-33BD21C85E39}" | In - Public - P6 - TRUE | .(...) -- C:\Users\bertrand\Downloads\LeagueofLegends.exe O87 - FAEL: "{21A74C52-DD21-45C7-9973-F91F129A7F2A}" | In - Public - P17 - TRUE | .(...) -- C:\Users\bertrand\Downloads\LeagueofLegends.exe O87 - FAEL: "{5345E2A7-7404-4F67-B3C2-F7334341E843}" | In - Domain - P6 - FALSE | .(...) -- C:\Users\bertrand\Downloads\LeagueofLegends.exe O87 - FAEL: "{B0127541-69DF-47FE-8824-E70D428A7194}" | In - Domain - P17 - FALSE | .(...) -- C:\Users\bertrand\Downloads\LeagueofLegends.exe O87 - FAEL: "{512E2BF1-3C97-4982-B588-C83C80288B25}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{C497BDA9-A305-49EF-9BCA-267C29EF0F80}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{83361A03-5E4C-4440-A5E2-05FE1E1BDA4A}" | In - None - P17 - TRUE | .(.Skype Limited - Facebook Video Calling.) -- C:\Users\bertrand\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe O87 - FAEL: "{076E0E56-7E8C-484D-8A82-03A6E5051492}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "{0EB71837-9BF5-41E2-8D37-33FC11DA69EE}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "TCP Query User{445B8B2D-824C-484A-B306-D7314DF101DE}C:\games\world_of_tanks\worldoftanks.exe" | In - Public - P6 - TRUE | .(.Wargaming.net - World of Tanks.) -- C:\games\world_of_tanks\worldoftanks.exe O87 - FAEL: "UDP Query User{FAD69256-FD7B-4932-A698-1C1D0D07AA16}C:\games\world_of_tanks\worldoftanks.exe" | In - Public - P17 - TRUE | .(.Wargaming.net - World of Tanks.) -- C:\games\world_of_tanks\worldoftanks.exe O87 - FAEL: "TCP Query User{F8462850-37D0-4675-8A69-470FA503E6C4}C:\games\world_of_tanks\wotlauncher.exe" | In - Public - P6 - TRUE | .(.Wargaming.net - World of Tanks Launcher.) -- C:\games\world_of_tanks\wotlauncher.exe O87 - FAEL: "UDP Query User{D4B495C2-D0AA-4446-A406-67B0D715B4E9}C:\games\world_of_tanks\wotlauncher.exe" | In - Public - P17 - TRUE | .(.Wargaming.net - World of Tanks Launcher.) -- C:\games\world_of_tanks\wotlauncher.exe O87 - FAEL: "MSMQ-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe O87 - FAEL: "MSMQ-Out-TCP" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe O87 - FAEL: "MSMQ-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe O87 - FAEL: "MSMQ-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Message Queuing Service.) -- C:\Windows\system32\mqsvc.exe O87 - FAEL: "{A96B168C-600E-4B80-9942-0E50A6E64910}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{01A26EFF-039B-4B72-BB4F-DD532679C082}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{64DCA033-6899-49FC-91DB-D7CEC66F4AF1}" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{F0553EFB-205B-4CE7-8489-EA7331D68AEE}" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{508C15C6-CE49-4793-A96E-5B158159092B}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{9E54D77C-C181-42C1-90E9-8D3964260A5A}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{FC7FB00A-5090-4B1A-AACC-66CDA515AF45}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam Client Service (buildbot_winslave01_steam_rel_client_win32@winslave.) -- C:\Program Files (x86)\Steam\bin\SteamService.exe O87 - FAEL: "{74AB7139-AB54-47C4-A087-D8B422E4306D}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam Client Service (buildbot_winslave01_steam_rel_client_win32@winslave.) -- C:\Program Files (x86)\Steam\bin\SteamService.exe O87 - FAEL: "{C2986BD1-9A1B-4096-A6D6-B36492D208FD}" | In - Domain - P6 - FALSE | .(.Valve Corporation - Steam Client Service (buildbot_winslave01_steam_rel_client_win32@winslave.) -- C:\Program Files (x86)\Steam\bin\SteamService.exe O87 - FAEL: "{516132F9-33F9-496F-B691-32E092ECD1E6}" | In - Domain - P17 - FALSE | .(.Valve Corporation - Steam Client Service (buildbot_winslave01_steam_rel_client_win32@winslave.) -- C:\Program Files (x86)\Steam\bin\SteamService.exe O87 - FAEL: "{2120E63A-36C6-4E40-87DC-16B25E290050}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\bertrand\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{AA08531D-621C-48B3-A6B9-2FF9EFC360D4}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\bertrand\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{BAFDF15D-1F02-4E6D-B2C7-F3386ADE2DEE}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe O87 - FAEL: "{F23559DF-BA30-4D50-8056-4A056484507A}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft SharePoint Workspace.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.exe O87 - FAEL: "{14AE847A-4555-40A8-A368-5CEF189291E3}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation O87 - FAEL: "{DE8F809E-8EEF-4139-BC0C-5938CF65206C}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft OneNote.) -- C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.exe =>.Microsoft Corporation O87 - FAEL: "{FD9AD765-90B3-433E-9C08-F66D4A13C3AD}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe O87 - FAEL: "{FCFD7A4B-B3B1-455A-B4EF-F618A4AB76F9}" | In - None - P6 - FALSE | .(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe O87 - FAEL: "{DDD74951-1E81-411E-A453-54BB38D5AB33}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe O87 - FAEL: "{E2E7BE39-0EF9-45DF-9223-8F86EBC7E6D6}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe O87 - FAEL: "{A8D33C01-7AE2-4936-86C9-A49E81C70DEF}" | In - Public - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O87 - FAEL: "{5B6AEFBD-8DC0-4F7F-B966-506B26B740E0}" | In - Public - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O87 - FAEL: "{49D98F65-1999-4962-A02D-82899452201D}" | In - Private - P6 - TRUE | .(.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O87 - FAEL: "{61470796-53B5-4174-A132-6EC539F19AB3}" | In - Private - P17 - TRUE | .(.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O87 - FAEL: "{3E9E4BFA-30BD-4F31-A40E-5DED0243AB90}" | In - Domain - P6 - FALSE | .(.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O87 - FAEL: "{C41609F5-9E5C-46D7-A622-CD6174A2DA20}" | In - Domain - P17 - FALSE | .(.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O87 - FAEL: "{27F43881-5D3F-4F60-82B9-97331228B187}" | In - Private - P6 - TRUE | .(.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe O87 - FAEL: "{EC27CE94-81EC-4DC6-A76C-5B83011FB151}" | In - Private - P17 - TRUE | .(.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe O87 - FAEL: "{4FB30F82-624D-4D98-9B2C-134E72C55230}" | In - Domain - P6 - FALSE | .(.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe O87 - FAEL: "{13911FC7-FD44-4603-BA68-92EE257E0E3F}" | In - Domain - P17 - FALSE | .(.www.mipony.net - Mipony.) -- C:\Program Files (x86)\MiPony\MiPony.exe ~ Firewall: 233 Scanned in 00mn 04s ---\\ Product Upgrade Codes (PUC) (O90) O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office 2010.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "078F369757562E114A9D0FD42AA3C585" . (.Vegas Pro 12.0 (64-bit).) -- C:\Windows\Installer\{7963F870-6575-11E2-A4D9-F04DA23A5C58}\vegas.ico O90 - PUC: "0C7EC0FA4E3A37D489B82B1978CEE6A9" . (.QuickTime.) -- C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\Installer.ico O90 - PUC: "0C8037F5FF65A5143BC4449AA098A259" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{5F7308C0-56FF-415A-B34C-44A90A892A95}\ARPPRODUCTICON.exe O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe O90 - PUC: "1800819049C276A4E85548380C917C2D" . (.Microsoft Encarta 2009 - Collection.) -- C:\Windows\Installer\{09180081-2C94-4A67-8E55-8483C019C7D2}\ENC.ICO O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "28494330FE17131088041AFF460C8380" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{03349482-71EF-0131-8840-A1FF64C03808}\ARPPRODUCTICON.exe O90 - PUC: "2C1A65825C073CE4FA7F5E5BE155032A" . (.HP Client Services.) -- C:\Windows\Installer\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}\ARPPRODUCTICON.exe O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.Apple Inc O90 - PUC: "46E5DCBD973784644944A85685CD6B41" . (.HP Recovery Manager.) -- C:\Windows\Installer\{DBCD5E64-7379-4648-9444-8A6558DCB614}\_6FEFF9B68218417F98F549.exe O90 - PUC: "590539404FED744FC2313A9C781C04A7" . (.AMD VISION Engine Control Center.) -- C:\Windows\Installer\{04935095-DEF4-F447-2C13-A3C987C1407A}\ARPPRODUCTICON.exe O90 - PUC: "613623D632CACE005D18DF33371FEC71" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{6D326316-AC23-00EC-D581-FD3373F1CE17}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA7FFFFB744AA0000000010" . (.Adobe Reader X (10.1.8) MUI.) -- C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.1.2.0.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco O90 - PUC: "7B65D4CC81F6B0747843BADC57CB4F1F" . (.HP Auto.) -- C:\Windows\Installer\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}\ARPPRODUCTICON.exe O90 - PUC: "7B6CCF935FFF57045A8E5BECDB453C13" . (.HP Documentation.) -- C:\Windows\Installer\{39FCC6B7-FFF5-4075-A5E8-B5CEBD54C331}\NotebookDocs.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "883658EADAFA357418FD9DB6910D1AC7" . (.Compaq Setup Manager.) -- C:\Windows\Installer\{AE856388-AFAD-4753-81DF-D96B19D0A17C}\ARPPRODUCTICON.exe O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.YouCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe O90 - PUC: "8D4D77630E5ECF948BE66045C10FB0EB" . (.opensource.) -- C:\Windows\Installer\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}\ARPPRODUCTICON.exe O90 - PUC: "8EC9BCAF4555FD6945E7D3CECB07CCD0" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{FACB9CE8-5554-96DF-547E-3DECBC70CC0D}\ARPPRODUCTICON.exe O90 - PUC: "A8A7A93D9854373E59A9B22E5BDF9C50" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{D39A7A8A-4589-E373-959A-2BE2B5FDC905}\ARPPRODUCTICON.exe O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico O90 - PUC: "BAE2CF786E7B40D4EBA66433F037167C" . (.MySQL Server 5.1.) -- C:\Windows\Installer\{87FC2EAB-B7E6-4D04-BE6A-46330F7361C7}\MySQLServer.exe O90 - PUC: "BF85DF6A3DE0A5B8837B33D26039EC24" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{A6FD58FB-0ED3-8B5A-38B7-332D0693CE42}\ARPPRODUCTICON.exe O90 - PUC: "C0A3CA27644CC752F0440B82C0817AF2" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{72AC3A0C-C446-257C-0F44-B0280C18A72F}\ARPPRODUCTICON.exe O90 - PUC: "C953167FDEC9EA54A915D96650DC554C" . (.Evernote v. 4.2.3.) -- C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico O90 - PUC: "CDDFC5B4A07042A4BB2042840E73F5E8" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{4B5CFDDC-070A-4A24-BB02-2448E0375F8E}\maconfico O90 - PUC: "CE328C561080748CE025479EAD0CEE1D" . (.ccc-utility64.) -- C:\Windows\Installer\{65C823EC-0801-C847-0E52-74E9DAC0EED1}\ARPPRODUCTICON.exe O90 - PUC: "D276F30548C6A844F8F8B43CA58C4314" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe O90 - PUC: "D4443CC4972738E489F4819E7A2B8E30" . (.Oracle VM VirtualBox 4.2.16.) -- C:\Windows\Installer\{4CC3444D-7279-4E83-984F-18E9A7B2E803}\IconVirtualBox O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "E1445AFB6E7B5F641AD5B14707A79EA3" . (.ACID Pro 7.0.) -- C:\Windows\Installer\{BFA5441E-B7E6-46F5-A15D-1B74707AE93A}\acid70.ico O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.6.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O90 - PUC: "EDE8C96D5CBBB634E8E05C6A3D11FCF4" . (.Microsoft XNA Framework Redistributable 4.0 Refresh.) -- C:\Windows\Installer\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}\ProductIcon O90 - PUC: "F9DD3C2868CD92F166D7F2F4DA5A1BEF" . (.AMD Fuel.) -- C:\Windows\Installer\{82C3DD9F-DC86-1F29-667D-2F4FADA5B1FE}\ARPPRODUCTICON.exe O90 - PUC: "FA9D7E5F6F0603A4783EE49AD423C21E" . (.HP Setup.) -- C:\Windows\Installer\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}\ARPPRODUCTICON.exe ~ Update Products: 162 Scanned in 00mn 00s ---\\ Windows Installer Scan (WIS) (O93) (NTFS) [MD5.669054842BD4BC0694D0369429905BE6] [WIS][13/03/2009] (.Pictures Digital Inc. - ACID Pro 7.0.) -- C:\Windows\Installer\16540f06.msi [14712320] [MD5.D2F34AF196CCAF29A124324392FC3DFF] [WIS][29/06/2013] (.Valve Corporation - Steam.) -- C:\Windows\Installer\1720ed4e.msi [8532992] [MD5.45FB01B69A347EF163D28724B8778A66] [WIS][23/05/2013] (.MySQL AB - MySQL Database Server.) -- C:\Windows\Installer\17ec3.msi [87075328] [MD5.4C6C24FF4BB842D35B1A14C909D9D091] [WIS][09/10/2013] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\47486.msi [10588160] [MD5.195E41C289B96DF9075FA2A181313542] [WIS][15/12/2012] (.TechSmith Corporation - Camtasia Studio.) -- C:\Windows\Installer\690f8f4.msi [200297472] [MD5.691A2530C8F485E0BB4D92A40B0E2EA4] [WIS][09/10/2012] (.Stardock Corporation - IconPackager Setup.) -- C:\Windows\Installer\cf1443.msi [366592] [MD5.73122534D527893BDEFD1F707FFB34F6] [WIS][06/09/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\f2cc8aa.msi [21803008] ~ WIS: 163 Scanned in 00mn 44s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SS - | Disabled 10/07/1658 0 | (AIPS) . (...) - C:\Program Files (x86)\netcut\services\AIPS.exe SR - | Auto 15/08/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 15/08/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SR - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS SS - | Auto 08/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 08/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 10/07/1658 0 | (HP Support Assistant Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SR - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe SS - | Demand 10/07/1658 0 | (hpqwmiex) . (...) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 07/04/2010 127800 | (HPSIService) . (.HP.) - C:\Windows\system32\HPSIsvc.exe SR - | Auto 29/05/2012 2445968 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SS - | Demand 28/10/2012 427976 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 30/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 23/05/2013 9260 | (MySQL) . (...) - C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des SR - | Auto 09/10/2013 3275136 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 25/02/2013 543144 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 31/08/2012 2754984 | (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 47s ---\\ Search Master Boot Record Infection (MBR)(O80) Run by bertrand at 14/10/2013 16:58:37 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by bertrand at 14/10/2013 16:58:39 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12946 - (12/10/2013) Clés trouvées (Keys found) : 6 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype ~ Additionnel Scan: 354446 Items scanned in 00mn 56s ---\\ Summary of the detections found on your workstation ~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype ~ MSI: 1 link(s) detected in 00mn 57s End of the scan (2674 lines in 15mn 16s)(12)