cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.1.78 by Nicolas Coolman (2015\07\01)
~ Run by bintou (Administrator) (2015/07/02 01:22:07)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\bintou\Desktop\ZHPDiag.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (2) - 1s
GCIE: Google Chrome v43.0.2357.130
MSIE: Internet Explorer v11.0.9600.17843

---\\ Informations sur les produits Windows (9) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Windows Activation Technologies : OK

---\\ Logiciels d'optimisation (1) - 0s
Uniblue RegistryBooster v5.0.12.1

---\\ Surveillance de Logiciels (2) - 0s
Adobe Flash Player 17 NPAPI
Adobe Reader X

---\\ Informations sur le système (6) - 0s
~ Operating System: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 4193572
~ System Restore: Activé (Enable)
~ System drive C: has 141 GB free of 292 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: GAIM
~ User Name: bintou
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 141 GB free of 292 GB (System)
~ Drive D: has 1 GB free of 12 GB

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2426880]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]

---\\ Processus lancés (11) - 0s
[MD5.35ED605E778509668C08ED15DB96E7CD] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.3.) -- C:\Windows\system32\nvvsvc.exe [151144] [PID.752]
[MD5.35ED605E778509668C08ED15DB96E7CD] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.3.) -- C:\Windows\system32\nvvsvc.exe [151144] [PID.1220]
[MD5.3D96F4745674E85E930F36FF2562429B] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2398512] [PID.1608]
[MD5.6699ECE24FE4B3F752A66C66A602EE86] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [192776] [PID.1648]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1724]
[MD5.F750FE2188A504459F271060946BF14C] - (.Irrational Number Applications - WebShield Service.) -- C:\ProgramData\hoyhWOs\jHrUfIfnbq.exe [2732024] [PID.1096] =>Adware.WebShield
[MD5.B483968E96DF9F00218DDA21727FB283] - (.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files (x86)\AVG\AVG2012\avgemca.exe [1593696] [PID.1540]
[MD5.4DA6EAC05C5013E54BA8DB12CF92A329] - (.Copyright © 2015 - aotaosal.) -- C:\ProgramData\Asohreeeoleia\1.0.1.0\aotaosal.exe [156160] [PID.2888]
[MD5.4DA6EAC05C5013E54BA8DB12CF92A329] - (.Copyright © 2015 - aotaosal.) -- C:\ProgramData\Asohreeeoleia\1.0.1.0\aotaosal.exe [156160] [PID.3472]
[MD5.F36C84F16B1089C0FFBFE8DFF754AB6B] - (.Copyright (C) 2009 - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184] [PID.3524]
[MD5.9F280F1F38FC6B73D35CB77917E6D89E] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2416480] [PID.3668]

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (9) - 0s
G2 - GCE: Extension [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [nlpkikcnenpfpchgiigicelehfknciec] FileConverter 1.5 B2
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Extension [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (4) - 1s
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\bintou\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS.) -- C:\Users\bintou\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\19\NP_wtapp.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R3 - URLSearchHook: (no name) - {5e1e5b07-85fa-4930-b100-66efa0562444} Orphean
R3 - URLSearchHook: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} Orphean

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (34)

---\\ Browser Helper Object de navigateur (BHO) (O2) (2) - 0s
O2 - BHO: (no name) [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} (Orphean)
O2 - BHO: ChromeFrame BHO [64Bits] - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} (Orphean)

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: 0x075B1E5EFA853049B10066EFA0562444 - [HKCU]{5E1E5B07-85FA-4930-B100-66EFA0562444} . (...) -- (.not file.)
O3 - Toolbar: 0x7396B49006553E48B92BCA0265BD9CA8 - [HKCU]{90B49673-5506-483E-B92B-CA0265BD9CA8} . (...) -- (.not file.)

---\\ Applications lancées au démarrage du sytème (O4) (21) - 1s
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Copyright (C) 2009 Hewlett-Packard Development Compan - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Copyright (C) 2009 - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\bintou\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [DriverTurbo] C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe (.not file.) =>PUP.DriverTurbo
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\bintou\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\Run: [HPAdvisorDock] . (.Copyright (C) 2009 - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\bintou\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\Run: [DriverTurbo] C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe (.not file.) =>PUP.DriverTurbo
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-3525068053-3814278625-1760926725-1000\..\RunOnce: [Application Restart #3] C:\Users\bintou\AppData\Local\Pokki\Engine\pokki.exe (.not file.)

---\\ Raccourcis Global Startup (O4G) (3) - 0s
O4 - GS\Quicklaunch [Administrateur]: Uniblue RegistryBooster.lnk . (...) C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe =>PUP.UniblueSystem
O4 - GS\Quicklaunch [bintou]: Uniblue RegistryBooster.lnk . (...) C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe =>PUP.UniblueSystem
O4 - GS\Quicklaunch [Invité]: Uniblue RegistryBooster.lnk . (...) C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe =>PUP.UniblueSystem

---\\ Modification Domaine/Adresses DNS (O17) (3) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

---\\ Protocole additionnel (O18) (1) - 0s
O18 - Handler: linkscanner [64Bits] - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} . (.AVG Technologies CZ, s.r.o. - Safe Search pluggable protocol.) -- C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23) (10) - 0s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Pare-feu AVG (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: jHrUfIfnbq (jHrUfIfnbq) . (.Irrational Number Applications - WebShield Service.) - C:\ProgramData\hoyhWOs\jHrUfIfnbq.exe =>PUP.Salus
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.3.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

---\\ Tâches planifiées en automatique (O39) (25) - 2s
[MD5.6259A5B669AE018A5E53247259A101C3] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.4DA6EAC05C5013E54BA8DB12CF92A329] [APT] [Asohreeeoleia] (.Copyright © 2015.) -- C:\ProgramData\Asohreeeoleia\1.0.1.0\aotaosal.exe [156160]
[MD5.00000000000000000000000000000000] [APT] [Chromium] (.Copyright © 2015.) -- C:\Users\bintou\AppData\Local\Chromium\APPLIC~1\440238~1.0\INSTAL~1\UNINST~1.EXE (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [CLMLSvc] (.Copyright © 2015.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe (.not file.) [0]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3525068053-3814278625-1760926725-1000Core] (.Facebook Inc..) -- C:\Users\bintou\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3525068053-3814278625-1760926725-1000UA] (.Facebook Inc..) -- C:\Users\bintou\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForbintou] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704]
[MD5.13C1807C9E4C5021EF47B6807A6122E5] [APT] [RecoveryCDWin7] (.Copyright © 2006.) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456]
[MD5.13C1807C9E4C5021EF47B6807A6122E5] [APT] [ServicePlan] (.Copyright © 2006.) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456]
[MD5.98FA788238E71D9563D4BF177A4FC22C] [APT] [{5D795C59-2F0F-4DF3-AB13-AC6CCE69E9C4}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [813896]
[MD5.98FA788238E71D9563D4BF177A4FC22C] [APT] [{9B3BDA4B-5A89-4B0A-AE75-1101A0A56781}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [813896]
O39 - APT: Chromium - (.Copyright © 2015.) -- C:\Windows\Tasks\Chromium.job [332]
O39 - APT: Asohreeeoleia - (.Copyright © 2015.) -- C:\Windows\System32\Tasks\Asohreeeoleia [3446]
O39 - APT: Chromium - (.Copyright © 2015.) -- C:\Windows\System32\Tasks\Chromium [3266]
O39 - APT: CLMLSvc - (.Copyright © 2015.) -- C:\Windows\System32\Tasks\CLMLSvc [3200]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CreateChoiceProcessTask [3530]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\DVDAgent [3164]
O39 - APT: RecoveryCDWin7 - (.Copyright © 2006.) -- C:\Windows\System32\Tasks\RecoveryCDWin7 [3700]
O39 - APT: ServicePlan - (.Copyright © 2006.) -- C:\Windows\System32\Tasks\ServicePlan [3400]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SidebarExecute [3230]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{80B6EC19-4A67-4800-B31E-3FBE85F8D3A3} [3924]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{2E227982-C8B1-4904-8361-B0CF356A8EC8} [3366]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{9B93E3DD-F8BF-44F6-95EE-2F8B2F256AC3} [3144]

---\\ Logiciels installés (O42) (79) - 5s
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {42B40185-E134-43FD-9381-69F92B317417}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM][64Bits] -- {5B08AF35-B699-4A44-BB89-3E51E70611E8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {B639AFD8-48E9-49BC-88DF-C5C55A471D94}
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- Uniblue RegistryBooster =>PUP.UniblueSystem
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall =>.WildTangent
O42 - Logiciel: Blasterball 3 - (.WildTangent.) [HKLM][64Bits] -- WT082124 =>.WildTangent
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT082141 =>.WildTangent
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT082168 =>.WildTangent
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT082172 =>.WildTangent
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT082192 =>.WildTangent
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT082200 =>.WildTangent
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT082222 =>.WildTangent
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM][64Bits] -- WT082241 =>.WildTangent
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT082246 =>.WildTangent
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT082396 =>.WildTangent
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WT082409 =>.WildTangent
O42 - Logiciel: Mystery P.I. - The Vegas Heist - (.WildTangent.) [HKLM][64Bits] -- WT082414 =>.WildTangent
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WT082422 =>.WildTangent
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT082427 =>.WildTangent
O42 - Logiciel: Bus Driver - (.WildTangent.) [HKLM][64Bits] -- WT082439 =>.WildTangent
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT083492 =>.WildTangent
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WT083510 =>.WildTangent
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WT083514 =>.WildTangent
O42 - Logiciel: Dream Chronicles - (.WildTangent.) [HKLM][64Bits] -- WT083521 =>.WildTangent
O42 - Logiciel: Gem Shop - (.WildTangent.) [HKLM][64Bits] -- WT083529 =>.WildTangent
O42 - Logiciel: Google Chrome Frame - (.Google, Inc..) [HKLM][64Bits] -- {02A5C383-FE94-3B52-9627-CE70B9301A0F}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} =>PUP.UniblueSystem
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}
O42 - Logiciel: AMD USB Filter Driver - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5BDA2F58-1F21-4D10-9910-92B01EBCC958}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM][64Bits] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.1.1 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: WildTangent Games App pour HP - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp =>.WildTangent
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM][64Bits] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Reader X (10.1.8) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM][64Bits] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM][64Bits] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EE202411-2C26-49E8-9784-1BC1DBF7DE96}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {F5C7FD70-2C0A-401E-95E9-916363567DDA}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {FA8BFB25-BF48-4F8B-8859-B30810745190}
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer

---\\ HKCU & HKLM Software Keys (83) - 5s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Avg
HKLM\SOFTWARE\Wow6432Node\Big Fish Games
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\EasyBits
HKLM\SOFTWARE\Wow6432Node\Enterbrain
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\LightScribe
HKLM\SOFTWARE\Wow6432Node\Linden Research, Inc.
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\MaxPower
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\PC-Doctor
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WildTangent
HKLM\SOFTWARE\Wow6432Node\Win32 Services
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\%C%
HKCU\SOFTWARE\77-Zip
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Auslogics
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\BrowserChoice
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Drivers
HKCU\SOFTWARE\EasyBits
HKCU\SOFTWARE\EMME
HKCU\SOFTWARE\Ester
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mirillis
HKCU\SOFTWARE\mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Norton
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OMUPH
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\SimpleNewTab =>PUP.SimpleNewTab
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Snoozer =>PUP.LuaRT
HKCU\SOFTWARE\System32
HKCU\SOFTWARE\TeleCharger_v2
HKCU\SOFTWARE\Tific
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Unlimited Possibilities
HKCU\SOFTWARE\UPH
HKCU\SOFTWARE\Win
HKCU\SOFTWARE\Windows Live Writer
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\LyricsContainer =>Adware.AddLyrics
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>Hijacker.SmartBar
HKCU\SOFTWARE\AppDataLow\Software\Unity

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/ (445) - 20s
O43 - CFD: 2011/11/08 - 08:57:19 - [] D -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 2012/03/28 - 20:44:45 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2011/11/08 - 08:53:58 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 2011/11/08 - 08:53:58 - [] D -- C:\Program Files (x86)\AVG
O43 - CFD: 2015/05/16 - 15:46:20 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/12/03 - 21:38:54 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2015/07/01 - 01:10:51 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2013/08/09 - 02:56:27 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 2011/11/08 - 08:54:08 - [] D -- C:\Program Files (x86)\Hp
O43 - CFD: 2011/11/08 - 08:54:08 - [] D -- C:\Program Files (x86)\HP Games
O43 - CFD: 2013/08/09 - 13:15:17 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/06/10 - 10:32:07 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2011/11/08 - 08:54:10 - [] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 2011/11/08 - 08:54:09 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2011/11/08 - 08:57:08 - [] D -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 2015/05/16 - 17:04:21 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2013/07/16 - 00:51:41 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive
O43 - CFD: 2011/11/08 - 08:54:10 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2013/07/16 - 03:22:29 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/07/16 - 00:51:41 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/06/30 - 21:49:55 - [0] D -- C:\Program Files (x86)\Mirillis
O43 - CFD: 2015/05/15 - 22:58:55 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2011/11/08 - 08:54:11 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2011/08/09 - 14:01:39 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 2011/11/08 - 08:54:11 - [] RD -- C:\Program Files (x86)\Online Services
O43 - CFD: 2014/03/24 - 22:43:10 - [] D -- C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 2011/11/08 - 08:54:11 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2011/11/08 - 08:54:11 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/05/16 - 15:16:22 - [] D -- C:\Program Files (x86)\RPG Maker VX Ace
O43 - CFD: 2015/05/16 - 15:46:20 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2010/07/25 - 11:36:30 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2013/05/28 - 17:50:04 - [] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/05/23 - 23:34:36 - [] D -- C:\Program Files (x86)\WildTangent Games
O43 - CFD: 2013/07/11 - 03:21:09 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/07/17 - 00:42:31 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2013/05/01 - 03:37:24 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/10 - 10:32:23 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2011/11/08 - 08:54:13 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/05/01 - 03:37:23 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2013/05/01 - 03:37:24 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/05/01 - 03:37:24 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/05/31 - 21:21:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/05/31 - 21:21:49 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
O43 - CFD: 2013/06/09 - 00:32:39 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emme
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essayez Microsoft Office 2007 pendant 60 jours
O43 - CFD: 2015/02/21 - 19:36:14 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/01 - 01:11:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les manuels de l'utilisateur
O43 - CFD: 2013/05/31 - 21:21:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
O43 - CFD: 2013/05/31 - 21:21:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2011/11/08 - 08:57:03 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/05/16 - 14:08:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2013/07/16 - 03:22:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 2013/05/31 - 21:21:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 2014/03/24 - 22:43:56 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 2013/07/16 - 20:03:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
O43 - CFD: 2013/05/31 - 21:21:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager
O43 - CFD: 2015/05/16 - 15:12:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RPG Maker VX Ace
O43 - CFD: 2015/05/28 - 18:26:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/05/15 - 23:18:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 - 09:44:38 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2013/07/17 - 00:41:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2012/05/07 - 20:22:53 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/01 - 01:12:29 - [] D -- C:\ProgramData\Asohreeeoleia
O43 - CFD: 2015/05/15 - 23:09:44 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/07/01 - 20:47:31 - [] D -- C:\ProgramData\AVG2012
O43 - CFD: 2014/03/09 - 20:59:50 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2011/10/01 - 22:38:13 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2012/02/21 - 13:44:11 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2013/07/26 - 07:30:01 - [] D -- C:\ProgramData\Hewlett-Packard
O43 - CFD: 2015/07/01 - 01:09:07 - [] D -- C:\ProgramData\hoyhWOs
O43 - CFD: 2011/11/06 - 22:31:56 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/07/01 - 00:42:27 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2015/05/16 - 17:06:47 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2011/11/08 - 08:57:03 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/07/16 - 00:51:02 - [] D -- C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 2015/05/16 - 00:33:14 - [] D -- C:\ProgramData\Mirillis
O43 - CFD: 2013/08/11 - 15:23:34 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2012/02/08 - 15:07:06 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2010/07/25 - 11:30:07 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2012/02/08 - 15:07:06 - [0] D -- C:\ProgramData\PCSettings
O43 - CFD: 2011/11/08 - 08:54:20 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 2015/01/04 - 00:37:31 - [] D -- C:\ProgramData\Recovery
O43 - CFD: 2015/05/28 - 18:26:33 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/05/31 - 21:21:48 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/01/03 - 17:54:18 - [] D -- C:\ProgramData\WildTangent
O43 - CFD: 2013/03/31 - 12:27:28 - [] D -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
O43 - CFD: 2011/11/08 - 09:18:13 - [] HDC -- C:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
O43 - CFD: 2012/03/28 - 20:44:48 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2013/07/16 - 20:15:33 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2011/11/08 - 08:53:59 - [] AD -- C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 2010/07/25 - 11:56:52 - [] AD -- C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 2013/11/14 - 01:25:47 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/14 - 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/05/16 - 15:46:20 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2011/11/08 - 08:54:01 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2013/08/11 - 15:18:52 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2013/05/01 - 03:37:23 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2011/11/08 - 08:54:01 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2012/03/28 - 20:45:15 - [] D -- C:\Users\bintou\AppData\Roaming\Adobe
O43 - CFD: 2012/02/08 - 15:37:19 - [] D -- C:\Users\bintou\AppData\Roaming\AVG2012
O43 - CFD: 2015/07/01 - 19:54:25 - [0] D -- C:\Users\bintou\AppData\Roaming\Common
O43 - CFD: 2013/05/28 - 10:15:05 - [] D -- C:\Users\bintou\AppData\Roaming\CyberLink
O43 - CFD: 2012/01/19 - 10:08:45 - [] D -- C:\Users\bintou\AppData\Roaming\Hewlett-Packard
O43 - CFD: 2015/02/21 - 11:45:25 - [] D -- C:\Users\bintou\AppData\Roaming\HP Support Assistant
O43 - CFD: 2013/03/31 - 12:28:28 - [] D -- C:\Users\bintou\AppData\Roaming\hpqLog
O43 - CFD: 2015/02/21 - 11:45:25 - [] D -- C:\Users\bintou\AppData\Roaming\HpUpdate
O43 - CFD: 2011/08/08 - 11:27:40 - [] D -- C:\Users\bintou\AppData\Roaming\Identities
O43 - CFD: 2011/11/08 - 08:54:25 - [] D -- C:\Users\bintou\AppData\Roaming\Macromedia
O43 - CFD: 2009/07/14 - 09:44:38 - [0] D -- C:\Users\bintou\AppData\Roaming\Media Center Programs
O43 - CFD: 2013/07/22 - 12:33:22 - [] SD -- C:\Users\bintou\AppData\Roaming\Microsoft
O43 - CFD: 2015/05/16 - 00:33:14 - [] D -- C:\Users\bintou\AppData\Roaming\Mirillis
O43 - CFD: 2011/11/08 - 08:54:25 - [] D -- C:\Users\bintou\AppData\Roaming\Mozilla
O43 - CFD: 2014/12/03 - 18:30:35 - [] D -- C:\Users\bintou\AppData\Roaming\OpenOffice
O43 - CFD: 2014/04/17 - 20:33:04 - [] D -- C:\Users\bintou\AppData\Roaming\SecondLife
O43 - CFD: 2015/07/01 - 20:00:16 - [] D -- C:\Users\bintou\AppData\Roaming\Skype
O43 - CFD: 2011/10/01 - 22:39:49 - [] D -- C:\Users\bintou\AppData\Roaming\Tific
O43 - CFD: 2012/10/24 - 20:17:27 - [] D -- C:\Users\bintou\AppData\Roaming\Unity
O43 - CFD: 2012/06/18 - 14:20:03 - [] D -- C:\Users\bintou\AppData\Roaming\WildTangent
O43 - CFD: 2012/01/19 - 09:43:57 - [] D -- C:\Users\bintou\AppData\Roaming\WinBatch
O43 - CFD: 2013/07/17 - 00:26:52 - [0] D -- C:\Users\bintou\AppData\Roaming\Windows Live Writer
O43 - CFD: 2015/07/02 - 01:22:10 - [] D -- C:\Users\bintou\AppData\Roaming\ZHP
O43 - CFD: 2013/01/19 - 23:27:37 - [] D -- C:\Users\bintou\AppData\Roaming\_MDLogs
O43 - CFD: 2013/12/29 - 15:18:26 - [] D -- C:\Users\bintou\AppData\Local\Adobe
O43 - CFD: 2011/08/08 - 11:10:48 - [0] SHD -- C:\Users\bintou\AppData\Local\Application Data
O43 - CFD: 2011/11/08 - 08:54:22 - [] D -- C:\Users\bintou\AppData\Local\Apps
O43 - CFD: 2013/09/16 - 21:20:21 - [] D -- C:\Users\bintou\AppData\Local\avgchrome
O43 - CFD: 2014/02/24 - 21:22:18 - [] D -- C:\Users\bintou\AppData\Local\Big Fish
O43 - CFD: 2015/05/14 - 21:47:58 - [] D -- C:\Users\bintou\AppData\Local\Chromium
O43 - CFD: 2015/07/01 - 00:10:03 - [] D -- C:\Users\bintou\AppData\Local\CrashDumps
O43 - CFD: 2014/02/18 - 13:27:01 - [] D -- C:\Users\bintou\AppData\Local\CRE
O43 - CFD: 2011/12/05 - 21:47:37 - [] D -- C:\Users\bintou\AppData\Local\CyberLink
O43 - CFD: 2011/09/13 - 17:55:23 - [0] D -- C:\Users\bintou\AppData\Local\Deployment
O43 - CFD: 2014/12/03 - 15:56:13 - [] D -- C:\Users\bintou\AppData\Local\Diagnostics
O43 - CFD: 2015/07/01 - 00:00:48 - [] D -- C:\Users\bintou\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/07/01 - 00:12:27 - [0] SHD -- C:\Users\bintou\AppData\Local\EmieSiteList
O43 - CFD: 2015/07/01 - 00:12:27 - [0] SHD -- C:\Users\bintou\AppData\Local\EmieUserList
O43 - CFD: 2015/02/21 - 11:32:27 - [] D -- C:\Users\bintou\AppData\Local\Facebook
O43 - CFD: 2015/07/01 - 19:41:54 - [] D -- C:\Users\bintou\AppData\Local\Google
O43 - CFD: 2012/02/21 - 13:46:28 - [] D -- C:\Users\bintou\AppData\Local\Hewlett-Packard
O43 - CFD: 2011/08/08 - 11:10:48 - [0] SHD -- C:\Users\bintou\AppData\Local\Historique
O43 - CFD: 2013/07/15 - 00:50:31 - [] D -- C:\Users\bintou\AppData\Local\Macromedia
O43 - CFD: 2015/02/15 - 19:57:58 - [] D -- C:\Users\bintou\AppData\Local\Microsoft
O43 - CFD: 2011/11/08 - 08:54:24 - [] D -- C:\Users\bintou\AppData\Local\Microsoft Games
O43 - CFD: 2011/11/06 - 22:55:48 - [0] D -- C:\Users\bintou\AppData\Local\Microsoft Help
O43 - CFD: 2015/05/16 - 00:33:14 - [] D -- C:\Users\bintou\AppData\Local\Mirillis
O43 - CFD: 2011/10/01 - 22:43:16 - [] D -- C:\Users\bintou\AppData\Local\Mozilla
O43 - CFD: 2011/12/05 - 21:47:36 - [] D -- C:\Users\bintou\AppData\Local\PowerCinema
O43 - CFD: 2013/08/11 - 14:58:01 - [] D -- C:\Users\bintou\AppData\Local\Programs
O43 - CFD: 2014/04/17 - 22:18:05 - [] D -- C:\Users\bintou\AppData\Local\SecondLife
O43 - CFD: 2015/06/30 - 18:18:52 - [] D -- C:\Users\bintou\AppData\Local\Skype
O43 - CFD: 2011/10/01 - 22:39:48 - [] D -- C:\Users\bintou\AppData\Local\Symantec
O43 - CFD: 2015/07/02 - 01:21:40 - [] D -- C:\Users\bintou\AppData\Local\Temp
O43 - CFD: 2011/08/08 - 11:10:48 - [0] SHD -- C:\Users\bintou\AppData\Local\Temporary Internet Files
O43 - CFD: 2012/09/29 - 13:51:01 - [] D -- C:\Users\bintou\AppData\Local\Unity
O43 - CFD: 2012/06/20 - 08:57:27 - [] D -- C:\Users\bintou\AppData\Local\VirtualStore
O43 - CFD: 2015/07/02 - 01:21:20 - [] D -- C:\Users\bintou\AppData\Local\WebShield =>Adware.WebShield
O43 - CFD: 2015/02/15 - 19:57:59 - [] D -- C:\Users\bintou\AppData\Local\Windows Live
O43 - CFD: 2013/07/17 - 13:29:25 - [] D -- C:\Users\bintou\AppData\Local\Windows Live Writer
O43 - CFD: 2013/12/25 - 07:32:09 - [0] D -- C:\Users\bintou\AppData\Local\{000B9EC2-EE2B-4A52-B889-478372E9EFF8}
O43 - CFD: 2014/01/18 - 10:02:13 - [0] D -- C:\Users\bintou\AppData\Local\{0130687B-203B-4668-9019-4704ADB8279A}
O43 - CFD: 2013/07/17 - 22:02:06 - [0] D -- C:\Users\bintou\AppData\Local\{0156DFFB-339F-434B-AE29-39AEEBAACD11}
O43 - CFD: 2013/10/20 - 16:19:00 - [0] D -- C:\Users\bintou\AppData\Local\{0241639D-865B-485C-A8D4-0D9562E717EF}
O43 - CFD: 2014/01/26 - 14:07:06 - [0] D -- C:\Users\bintou\AppData\Local\{06A2AA4F-B738-4EB0-90B0-71E718A6D161}
O43 - CFD: 2013/07/21 - 09:06:53 - [0] D -- C:\Users\bintou\AppData\Local\{06B1429C-7104-4C75-8E05-9E8E58E4DBFA}
O43 - CFD: 2014/01/29 - 18:46:06 - [0] D -- C:\Users\bintou\AppData\Local\{07745E46-BCD2-4B11-80A8-D6036B7F0C14}
O43 - CFD: 2014/02/26 - 13:13:52 - [0] D -- C:\Users\bintou\AppData\Local\{07B01BC4-3AB5-4F12-B992-E429D2826D38}
O43 - CFD: 2014/01/02 - 15:04:45 - [0] D -- C:\Users\bintou\AppData\Local\{08404BBA-9B78-4395-B3ED-45F9F851629B}
O43 - CFD: 2014/01/01 - 21:35:59 - [0] D -- C:\Users\bintou\AppData\Local\{09BBB2B6-3A74-4301-BEE5-5A2B8CD29946}
O43 - CFD: 2013/11/14 - 09:13:22 - [0] D -- C:\Users\bintou\AppData\Local\{0AA2B912-FA9A-4A6B-B52C-7C79273508B1}
O43 - CFD: 2013/11/22 - 07:45:03 - [0] D -- C:\Users\bintou\AppData\Local\{0B279836-FDC8-4E35-A966-60FE8F4323AC}
O43 - CFD: 2013/10/12 - 08:46:54 - [0] D -- C:\Users\bintou\AppData\Local\{0B27F064-60E4-4EAC-B698-CC0D7050E91F}
O43 - CFD: 2013/10/26 - 12:09:32 - [0] D -- C:\Users\bintou\AppData\Local\{0B6AB43F-16D8-4FD8-A343-DC4A45370B60}
O43 - CFD: 2014/01/09 - 13:56:07 - [0] D -- C:\Users\bintou\AppData\Local\{0B80BE45-71A4-4627-8DE6-59DD7A2A7980}
O43 - CFD: 2013/11/20 - 13:48:34 - [0] D -- C:\Users\bintou\AppData\Local\{0CBD6308-FCE6-4F20-BBA1-12220011E76C}
O43 - CFD: 2013/10/19 - 18:50:49 - [0] D -- C:\Users\bintou\AppData\Local\{0D174088-A09B-47D6-9A98-06B64E3DE492}
O43 - CFD: 2013/11/04 - 09:41:12 - [0] D -- C:\Users\bintou\AppData\Local\{0F9FE40D-D834-4A66-BA6F-4E2120B81F17}
O43 - CFD: 2014/04/30 - 12:29:55 - [0] D -- C:\Users\bintou\AppData\Local\{10343BAA-AE48-4DB4-A848-181E1C2AA968}
O43 - CFD: 2014/12/31 - 19:24:41 - [0] D -- C:\Users\bintou\AppData\Local\{109B9C55-834B-416D-8F85-7B6239CB1E77}
O43 - CFD: 2013/11/06 - 13:11:59 - [0] D -- C:\Users\bintou\AppData\Local\{11BA23D7-6DEE-4453-8C50-861578525CF0}
O43 - CFD: 2013/12/04 - 13:33:19 - [0] D -- C:\Users\bintou\AppData\Local\{120CFFC6-B5CF-4AA0-AC6C-529DCDE8C89B}
O43 - CFD: 2013/10/18 - 12:18:40 - [0] D -- C:\Users\bintou\AppData\Local\{128F7F16-ABEE-44EC-BCAA-B6F2F1D6963E}
O43 - CFD: 2014/01/10 - 19:57:52 - [0] D -- C:\Users\bintou\AppData\Local\{1462EBD7-1393-46C8-94AD-4F20E4BBAF76}
O43 - CFD: 2015/02/15 - 19:58:32 - [0] D -- C:\Users\bintou\AppData\Local\{1484D5C3-C158-4173-9709-EECD3C0FA1D5}
O43 - CFD: 2013/12/26 - 23:25:40 - [0] D -- C:\Users\bintou\AppData\Local\{1525EE18-7B8B-4E19-9458-4BF0F54BA877}
O43 - CFD: 2015/05/16 - 13:51:59 - [0] D -- C:\Users\bintou\AppData\Local\{15E0449D-8F03-4B73-9108-13A03C60724B}
O43 - CFD: 2014/01/13 - 10:05:44 - [0] D -- C:\Users\bintou\AppData\Local\{16B6ABCB-81E3-4C12-B70C-302EAA67740E}
O43 - CFD: 2013/11/05 - 10:20:01 - [0] D -- C:\Users\bintou\AppData\Local\{17850785-3F25-4293-BDB2-42AC7733C28A}
O43 - CFD: 2013/08/23 - 08:11:08 - [0] D -- C:\Users\bintou\AppData\Local\{1C458F40-5406-462D-9BB8-A33D2B41B804}
O43 - CFD: 2013/12/30 - 09:11:10 - [0] D -- C:\Users\bintou\AppData\Local\{1C940EF4-0677-4EF2-B8F1-BA1D16945F07}
O43 - CFD: 2014/02/13 - 09:12:59 - [0] D -- C:\Users\bintou\AppData\Local\{1CACC1EA-5AED-48CC-9E7D-14B60CDEA771}
O43 - CFD: 2014/01/28 - 08:52:38 - [0] D -- C:\Users\bintou\AppData\Local\{1D33DDBB-9157-4A77-AB03-E30012AFB13C}
O43 - CFD: 2013/07/27 - 20:25:05 - [0] D -- C:\Users\bintou\AppData\Local\{1D3D37EC-97AA-4FA8-B972-8B0526307981}
O43 - CFD: 2013/09/16 - 17:21:20 - [0] D -- C:\Users\bintou\AppData\Local\{1EA08A9E-1379-49AB-AA55-A3F72C9561D7}
O43 - CFD: 2014/04/30 - 06:48:43 - [0] D -- C:\Users\bintou\AppData\Local\{1EC4FDF9-C2A1-49F7-9A5E-E5DAEB21ABAA}
O43 - CFD: 2013/08/11 - 11:36:48 - [0] D -- C:\Users\bintou\AppData\Local\{1F8743D1-4D7A-459B-BAEF-91AE45D845D3}
O43 - CFD: 2014/01/15 - 20:39:45 - [0] D -- C:\Users\bintou\AppData\Local\{20A79A27-2051-4FC0-982B-85E4FF2B3323}
O43 - CFD: 2013/12/08 - 06:27:53 - [0] D -- C:\Users\bintou\AppData\Local\{20ABA5F4-A32E-47CB-877E-88A9C82BA5CD}
O43 - CFD: 2014/12/28 - 00:09:44 - [0] D -- C:\Users\bintou\AppData\Local\{213A1603-B62E-4C96-B4C7-6FDDDA21C9AF}
O43 - CFD: 2013/08/08 - 23:02:10 - [0] D -- C:\Users\bintou\AppData\Local\{22183BC0-237D-4391-9D82-CF16D4C0EEA0}
O43 - CFD: 2014/01/17 - 20:57:21 - [0] D -- C:\Users\bintou\AppData\Local\{224A837C-69BC-4314-A81A-899C1D1701AD}
O43 - CFD: 2014/02/01 - 14:24:54 - [0] D -- C:\Users\bintou\AppData\Local\{228BE73F-1B57-4798-BE22-4F9BED208F61}
O43 - CFD: 2013/12/11 - 21:04:53 - [0] D -- C:\Users\bintou\AppData\Local\{261FE855-F969-43BC-BCEC-42DB1F9283DB}
O43 - CFD: 2014/02/24 - 10:06:46 - [0] D -- C:\Users\bintou\AppData\Local\{290B24AC-9244-48BA-A04A-F507E0955F72}
O43 - CFD: 2013/11/23 - 15:07:44 - [0] D -- C:\Users\bintou\AppData\Local\{2AE4F964-4961-43B0-B299-368253EF2E60}
O43 - CFD: 2013/10/13 - 11:17:06 - [0] D -- C:\Users\bintou\AppData\Local\{2B457C6A-0B71-485C-B3C7-6B3A389AB808}
O43 - CFD: 2013/10/15 - 09:55:47 - [0] D -- C:\Users\bintou\AppData\Local\{2B66269B-43B7-4D47-9951-DDD789135920}
O43 - CFD: 2013/11/06 - 12:21:44 - [0] D -- C:\Users\bintou\AppData\Local\{2B679627-518A-4CBD-885F-B6A0E740E140}
O43 - CFD: 2013/08/23 - 22:00:53 - [0] D -- C:\Users\bintou\AppData\Local\{2EA7EF7B-8FE1-4765-B11B-6E4C18ADBA4D}
O43 - CFD: 2014/01/16 - 20:40:16 - [0] D -- C:\Users\bintou\AppData\Local\{30227C53-954E-44B9-9CED-91C369890F71}
O43 - CFD: 2013/10/30 - 11:26:58 - [0] D -- C:\Users\bintou\AppData\Local\{30B3BA02-10B4-4F08-9ED7-5B9F8D8CEFA5}
O43 - CFD: 2014/01/21 - 16:12:23 - [0] D -- C:\Users\bintou\AppData\Local\{31CF0800-35DE-4DFA-8C7A-D6E2F7737E69}
O43 - CFD: 2013/12/18 - 11:00:08 - [0] D -- C:\Users\bintou\AppData\Local\{32F0055E-7BCF-4D42-B1D3-402D97FB5F51}
O43 - CFD: 2013/12/09 - 22:48:15 - [0] D -- C:\Users\bintou\AppData\Local\{33BB959C-C6B2-4C93-9BB0-AA332334F8B3}
O43 - CFD: 2013/10/15 - 21:56:02 - [0] D -- C:\Users\bintou\AppData\Local\{3405A1EC-7D8C-4FDB-9B5C-872A34BBDA92}
O43 - CFD: 2013/11/29 - 02:53:41 - [0] D -- C:\Users\bintou\AppData\Local\{368243A3-DA77-4F3F-ADD5-BF4440FED572}
O43 - CFD: 2013/08/29 - 23:13:02 - [0] D -- C:\Users\bintou\AppData\Local\{37279960-E109-4909-80BD-5B39CCFD9508}
O43 - CFD: 2014/01/20 - 11:04:06 - [0] D -- C:\Users\bintou\AppData\Local\{3AAFA56E-FAA9-424F-8E1B-F97ECD4C9D34}
O43 - CFD: 2013/12/06 - 08:56:36 - [0] D -- C:\Users\bintou\AppData\Local\{3AE0A5EB-C90A-48FA-BFA2-CFC7BD627317}
O43 - CFD: 2014/01/30 - 08:49:14 - [0] D -- C:\Users\bintou\AppData\Local\{3B21E3AA-9577-4C25-817B-1D6C4B59620B}
O43 - CFD: 2013/10/16 - 19:03:25 - [0] D -- C:\Users\bintou\AppData\Local\{3B6BD71E-4348-4B54-ABEF-FB524801C97F}
O43 - CFD: 2015/07/01 - 19:43:32 - [0] D -- C:\Users\bintou\AppData\Local\{3B955115-9EF2-42D5-B43D-CFEEFB5C622B}
O43 - CFD: 2014/02/11 - 21:10:19 - [0] D -- C:\Users\bintou\AppData\Local\{3C2E4909-FF05-47DB-9DDF-8CDF7FD77F36}
O43 - CFD: 2013/11/22 - 19:56:44 - [0] D -- C:\Users\bintou\AppData\Local\{3C4FBB6E-2B4F-446D-A537-42B0DBC75155}
O43 - CFD: 2014/04/10 - 17:56:31 - [0] D -- C:\Users\bintou\AppData\Local\{3E2C9223-66EF-4359-94E4-BBDDAB4B52E7}
O43 - CFD: 2013/12/24 - 14:40:42 - [0] D -- C:\Users\bintou\AppData\Local\{3EE6E469-2F6F-45DC-98E5-F9A9B4F93437}
O43 - CFD: 2013/12/30 - 21:12:15 - [0] D -- C:\Users\bintou\AppData\Local\{4067D942-B1EA-4B53-BABF-F4AA8E32F7D6}
O43 - CFD: 2013/08/23 - 20:11:22 - [0] D -- C:\Users\bintou\AppData\Local\{409D375F-B43A-4920-83E7-66B1CC879448}
O43 - CFD: 2014/03/14 - 22:56:28 - [0] D -- C:\Users\bintou\AppData\Local\{4111B64A-FFFB-4105-908A-3837BA8D0A7A}
O43 - CFD: 2013/09/10 - 19:50:57 - [0] D -- C:\Users\bintou\AppData\Local\{416BCA3A-EC72-44E0-B18A-7BDE9D62EAD3}
O43 - CFD: 2013/10/29 - 18:31:15 - [0] D -- C:\Users\bintou\AppData\Local\{41F20BE5-D43B-4B2B-BC3C-E0D37506AFF7}
O43 - CFD: 2014/01/10 - 07:08:23 - [0] D -- C:\Users\bintou\AppData\Local\{44AB2B5A-918A-40B5-B531-2AC14FC40ADD}
O43 - CFD: 2013/11/24 - 13:53:20 - [0] D -- C:\Users\bintou\AppData\Local\{46D1BAF8-6A19-4C5D-9440-2C580C4C2382}
O43 - CFD: 2013/08/16 - 13:50:10 - [0] D -- C:\Users\bintou\AppData\Local\{48717076-BEF6-4BE0-A7FF-891409ACFDD5}
O43 - CFD: 2013/12/29 - 12:58:58 - [0] D -- C:\Users\bintou\AppData\Local\{4891E07C-7ADD-411F-A01E-0423B7341B41}
O43 - CFD: 2013/07/22 - 10:55:27 - [0] D -- C:\Users\bintou\AppData\Local\{4A437576-B259-42C1-80E1-EA9A7E140E90}
O43 - CFD: 2014/02/18 - 09:54:18 - [0] D -- C:\Users\bintou\AppData\Local\{4B088460-FFF5-4194-861D-5902D927550A}
O43 - CFD: 2014/03/06 - 08:09:36 - [0] D -- C:\Users\bintou\AppData\Local\{4B413A5A-C2EF-498E-8985-20DA5C9CA820}
O43 - CFD: 2013/09/01 - 12:11:23 - [0] D -- C:\Users\bintou\AppData\Local\{4CC7DDEC-4FA2-4279-B04F-79C9E1D629D9}
O43 - CFD: 2013/11/18 - 11:20:20 - [0] D -- C:\Users\bintou\AppData\Local\{4D0DD8C2-EEF6-4761-A77C-5B19587CB4A2}
O43 - CFD: 2014/02/04 - 08:07:54 - [0] D -- C:\Users\bintou\AppData\Local\{4E28393E-FCF6-4FAC-B6E5-7C56A935592A}
O43 - CFD: 2013/11/21 - 14:56:56 - [0] D -- C:\Users\bintou\AppData\Local\{4E32CFF9-4DDD-45D6-8463-1F4058EC3322}
O43 - CFD: 2014/01/07 - 08:37:01 - [0] D -- C:\Users\bintou\AppData\Local\{504091D9-D56F-475C-86DE-B003303F6607}
O43 - CFD: 2013/10/16 - 13:00:27 - [0] D -- C:\Users\bintou\AppData\Local\{504DC8AC-5AAD-4AE1-A1A3-99D3A458B2C6}
O43 - CFD: 2013/10/01 - 12:10:50 - [0] D -- C:\Users\bintou\AppData\Local\{50AB66F6-1D6E-431A-9043-EA650C2D9A43}
O43 - CFD: 2013/09/02 - 12:10:06 - [0] D -- C:\Users\bintou\AppData\Local\{5165FBD4-8DE1-42B0-BE15-8983963BD012}
O43 - CFD: 2013/07/31 - 23:17:44 - [0] D -- C:\Users\bintou\AppData\Local\{521B0710-1518-44E2-9811-C83498406269}
O43 - CFD: 2013/12/09 - 08:07:53 - [0] D -- C:\Users\bintou\AppData\Local\{53DB8BAF-746B-4301-A1DD-075574505524}
O43 - CFD: 2014/03/09 - 10:58:47 - [0] D -- C:\Users\bintou\AppData\Local\{553AA314-3F89-426A-8CBF-A58C68382123}
O43 - CFD: 2013/12/07 - 10:04:34 - [0] D -- C:\Users\bintou\AppData\Local\{5563FFD1-14B7-407F-9C37-2931A1E15A8B}
O43 - CFD: 2013/10/06 - 13:41:42 - [0] D -- C:\Users\bintou\AppData\Local\{556BD6AE-2ED2-44E1-A71A-1ED832FFE1BB}
O43 - CFD: 2013/08/26 - 23:25:05 - [0] D -- C:\Users\bintou\AppData\Local\{559166B3-7E6F-4A5C-8A0D-DBE6D897C769}
O43 - CFD: 2013/09/12 - 08:31:10 - [0] D -- C:\Users\bintou\AppData\Local\{569D6CC1-A8E0-46FB-B117-0FF371BCB777}
O43 - CFD: 2014/12/27 - 09:00:41 - [0] D -- C:\Users\bintou\AppData\Local\{5739AB78-BCA5-4999-8D11-40082BCE1109}
O43 - CFD: 2013/12/06 - 20:56:52 - [0] D -- C:\Users\bintou\AppData\Local\{57C02FD6-778A-49F6-8508-8B1084B3B733}
O43 - CFD: 2013/09/25 - 13:33:33 - [0] D -- C:\Users\bintou\AppData\Local\{5833A5E7-D711-41E4-9F36-4AA01FFB1882}
O43 - CFD: 2014/01/27 - 20:19:39 - [0] D -- C:\Users\bintou\AppData\Local\{5919DDA3-C82A-41E2-9381-A313D022D345}
O43 - CFD: 2014/12/29 - 22:53:42 - [0] D -- C:\Users\bintou\AppData\Local\{592237CE-174D-4D55-B2C2-2F97117A0DBE}
O43 - CFD: 2013/07/26 - 16:17:22 - [0] D -- C:\Users\bintou\AppData\Local\{59933D41-67D7-4DA3-B763-6238323FA6B1}
O43 - CFD: 2013/10/23 - 20:26:52 - [0] D -- C:\Users\bintou\AppData\Local\{5B515C3A-4C48-4019-AD7B-DFA9C1CF89AA}
O43 - CFD: 2014/02/27 - 08:30:31 - [0] D -- C:\Users\bintou\AppData\Local\{5F1530A8-978E-488D-91C2-06762048AE54}
O43 - CFD: 2013/12/02 - 11:33:15 - [0] D -- C:\Users\bintou\AppData\Local\{60965264-C1C1-4783-8A6B-7F9F796B7DC6}
O43 - CFD: 2013/09/14 - 09:15:08 - [0] D -- C:\Users\bintou\AppData\Local\{60EE8B5E-28C8-423D-9174-E251AC20BFD4}
O43 - CFD: 2014/01/03 - 11:23:50 - [0] D -- C:\Users\bintou\AppData\Local\{61408137-B375-44FC-B2DE-A1E5C7F78374}
O43 - CFD: 2014/01/16 - 08:40:00 - [0] D -- C:\Users\bintou\AppData\Local\{63B20737-1E7F-443F-83D5-B2F80BA820C2}
O43 - CFD: 2014/02/27 - 22:54:55 - [0] D -- C:\Users\bintou\AppData\Local\{63E6F5CA-D683-4387-84DD-23CCBF9199F5}
O43 - CFD: 2013/07/28 - 10:33:42 - [0] D -- C:\Users\bintou\AppData\Local\{67016192-4DD3-4F86-A369-6766F21488FA}
O43 - CFD: 2013/09/03 - 12:10:36 - [0] D -- C:\Users\bintou\AppData\Local\{67F18196-E3F1-434D-B6F5-53A7AA1C91F4}
O43 - CFD: 2013/12/05 - 08:18:14 - [0] D -- C:\Users\bintou\AppData\Local\{683C1A92-C543-4515-B212-1ABCDF81C46E}
O43 - CFD: 2013/10/21 - 10:54:29 - [0] D -- C:\Users\bintou\AppData\Local\{68BFF594-6A93-4F29-9369-01219F2850F2}
O43 - CFD: 2013/11/02 - 11:02:19 - [0] D -- C:\Users\bintou\AppData\Local\{69271982-36A2-45C5-84BB-63A4D71A395D}
O43 - CFD: 2014/01/12 - 07:30:15 - [0] D -- C:\Users\bintou\AppData\Local\{697DB3E2-233E-4141-AA98-F1EEFAAE7918}
O43 - CFD: 2013/09/10 - 06:55:33 - [0] D -- C:\Users\bintou\AppData\Local\{6AF43074-8ABD-409C-8AD3-99CC50F19518}
O43 - CFD: 2013/10/06 - 00:00:04 - [0] D -- C:\Users\bintou\AppData\Local\{6B167767-948A-44CB-9CD8-3F0B97E96FBD}
O43 - CFD: 2013/12/11 - 08:23:51 - [0] D -- C:\Users\bintou\AppData\Local\{6C2FF62D-3948-44F1-81F3-17776D1DF3E9}
O43 - CFD: 2013/08/17 - 11:57:16 - [0] D -- C:\Users\bintou\AppData\Local\{6E63ED5A-19A5-4078-98AF-EEF9FBFBE294}
O43 - CFD: 2013/11/15 - 10:19:53 - [0] D -- C:\Users\bintou\AppData\Local\{70607202-6D85-441E-877B-E2B3B837D273}
O43 - CFD: 2013/11/09 - 08:52:27 - [0] D -- C:\Users\bintou\AppData\Local\{70805E84-B384-4334-9728-2FFAD2D5F48B}
O43 - CFD: 2013/11/11 - 23:30:56 - [0] D -- C:\Users\bintou\AppData\Local\{70C972DB-4CF7-4B2F-9FE9-70D9FBF3C75F}
O43 - CFD: 2013/10/05 - 11:20:49 - [0] D -- C:\Users\bintou\AppData\Local\{716C5DE8-5286-4E94-959D-232E5C1001E2}
O43 - CFD: 2013/11/12 - 11:31:11 - [0] D -- C:\Users\bintou\AppData\Local\{719FDD6B-76E9-48A3-96DA-023CC6973F1A}
O43 - CFD: 2014/12/04 - 17:58:39 - [0] D -- C:\Users\bintou\AppData\Local\{72F60573-35BB-4C01-9C98-426A3D34E22D}
O43 - CFD: 2013/08/30 - 11:13:16 - [0] D -- C:\Users\bintou\AppData\Local\{731756A2-1225-4C99-9199-004B9E8FAC92}
O43 - CFD: 2013/12/13 - 08:37:11 - [0] D -- C:\Users\bintou\AppData\Local\{734F5002-01FA-433E-A0CD-2E91C4553739}
O43 - CFD: 2013/11/05 - 22:20:16 - [0] D -- C:\Users\bintou\AppData\Local\{73590992-4345-4326-961C-E0D1FEC2D7DC}
O43 - CFD: 2013/10/28 - 11:56:22 - [0] D -- C:\Users\bintou\AppData\Local\{73A6CFCA-75B8-4FE2-AB05-875DD588FF97}
O43 - CFD: 2013/07/19 - 14:36:39 - [0] D -- C:\Users\bintou\AppData\Local\{74054FAA-5EE8-4D1D-ACAD-DB99F36369B7}
O43 - CFD: 2014/02/16 - 08:16:54 - [0] D -- C:\Users\bintou\AppData\Local\{75B05E60-F11D-4E0E-A5E8-856D92B5A3DF}
O43 - CFD: 2013/09/18 - 16:53:30 - [0] D -- C:\Users\bintou\AppData\Local\{75EA14D8-3BCE-4915-B469-124B48A81EF0}
O43 - CFD: 2013/09/27 - 12:01:37 - [0] D -- C:\Users\bintou\AppData\Local\{77357903-9282-485C-B02A-BC8299CFB2FB}
O43 - CFD: 2014/04/26 - 17:14:12 - [0] D -- C:\Users\bintou\AppData\Local\{77DE7A32-464F-4DFA-BD69-ACA34BD93A5C}
O43 - CFD: 2014/03/01 - 07:25:23 - [0] D -- C:\Users\bintou\AppData\Local\{7A6C319B-C478-4079-8B4F-5998719D200A}
O43 - CFD: 2014/03/03 - 07:28:11 - [0] D -- C:\Users\bintou\AppData\Local\{7B48BC2A-EAA5-4B4A-BA8D-FF8012293B0C}
O43 - CFD: 2013/09/08 - 18:14:21 - [0] D -- C:\Users\bintou\AppData\Local\{7C7F6B05-2D5C-4A0D-8C6C-3A1CD1A27DA4}
O43 - CFD: 2013/12/28 - 07:22:34 - [0] D -- C:\Users\bintou\AppData\Local\{7D60E234-90A0-41A7-B565-8150F462E5E0}
O43 - CFD: 2013/11/08 - 09:02:32 - [0] D -- C:\Users\bintou\AppData\Local\{7DA21EC2-635B-41E8-9B04-729A16869A83}
O43 - CFD: 2014/02/14 - 14:49:06 - [0] D -- C:\Users\bintou\AppData\Local\{7E331045-C0ED-4D7D-8664-B6CBA0D4C1FF}
O43 - CFD: 2013/12/16 - 08:29:43 - [0] D -- C:\Users\bintou\AppData\Local\{7F62788C-4CD0-46C8-9081-F38750D0D8C4}
O43 - CFD: 2014/12/27 - 12:55:59 - [0] D -- C:\Users\bintou\AppData\Local\{807FB690-44DD-4491-BB21-91BEFBCD2E4D}
O43 - CFD: 2014/04/25 - 16:04:49 - [0] D -- C:\Users\bintou\AppData\Local\{8277C293-B799-4806-B6AE-A127A17992E6}
O43 - CFD: 2013/12/29 - 00:58:44 - [0] D -- C:\Users\bintou\AppData\Local\{834E691C-85A0-48DF-8A9C-F57D2AC77522}
O43 - CFD: 2013/11/11 - 10:31:52 - [0] D -- C:\Users\bintou\AppData\Local\{83A4D7B6-B97C-4875-8335-A699A79CC36B}
O43 - CFD: 2013/07/18 - 22:23:40 - [0] D -- C:\Users\bintou\AppData\Local\{85948CAF-ECB0-4B59-9857-7C5CC4DD1BC0}
O43 - CFD: 2013/09/13 - 03:50:35 - [0] D -- C:\Users\bintou\AppData\Local\{86039811-B664-4940-9474-E8063AC14E90}
O43 - CFD: 2013/09/08 - 01:03:07 - [0] D -- C:\Users\bintou\AppData\Local\{86122AA2-7A37-418C-A020-D73F90417014}
O43 - CFD: 2013/08/25 - 10:45:25 - [0] D -- C:\Users\bintou\AppData\Local\{861253B7-E21D-41D8-B3AB-1C95CA7E6FC9}
O43 - CFD: 2013/11/19 - 11:24:05 - [0] D -- C:\Users\bintou\AppData\Local\{872C4603-A4C5-4E1F-8B1E-65F9B8553EF7}
O43 - CFD: 2013/11/17 - 10:10:08 - [0] D -- C:\Users\bintou\AppData\Local\{8881E1E3-6129-4090-88E5-BD3888063AD6}
O43 - CFD: 2013/11/19 - 23:24:26 - [0] D -- C:\Users\bintou\AppData\Local\{8890C117-83D6-4903-9D4E-9CF2EBF21458}
O43 - CFD: 2014/01/05 - 10:30:37 - [0] D -- C:\Users\bintou\AppData\Local\{8905FAA7-D6F3-4A5C-A803-30313C92508F}
O43 - CFD: 2013/09/28 - 11:28:48 - [0] D -- C:\Users\bintou\AppData\Local\{89181583-6B7E-4D61-A59B-91692C60272B}
O43 - CFD: 2015/01/02 - 22:33:12 - [0] D -- C:\Users\bintou\AppData\Local\{8ADAF215-A7E5-4B05-98A0-02EE44514A55}
O43 - CFD: 2013/12/10 - 11:19:07 - [0] D -- C:\Users\bintou\AppData\Local\{8AF5F6B7-3BEB-4803-BFD1-A0C92F0284F4}
O43 - CFD: 2013/10/24 - 08:27:07 - [0] D -- C:\Users\bintou\AppData\Local\{8BBEBDD3-AD82-4C3C-8171-54D9DA16A7B9}
O43 - CFD: 2013/10/27 - 15:52:42 - [0] D -- C:\Users\bintou\AppData\Local\{8BF117B5-56A1-4116-AF8C-D164983E7801}
O43 - CFD: 2014/12/03 - 18:20:48 - [0] D -- C:\Users\bintou\AppData\Local\{8DA85A5B-E05A-453D-BD9C-FB874394B7C7}
O43 - CFD: 2014/12/27 - 21:42:35 - [0] D -- C:\Users\bintou\AppData\Local\{8EFADD83-79F0-426A-945C-A0DD03C6F473}
O43 - CFD: 2014/02/12 - 21:12:44 - [0] D -- C:\Users\bintou\AppData\Local\{8F03093E-8B70-4F32-A2E0-A5C3D58027FD}
O43 - CFD: 2014/02/17 - 12:02:31 - [0] D -- C:\Users\bintou\AppData\Local\{8F150F47-A5A6-4E3C-9F93-3752CCBF87CB}
O43 - CFD: 2013/10/14 - 13:34:12 - [0] D -- C:\Users\bintou\AppData\Local\{8F668B43-80F5-4EA9-9676-36B8174C44FB}
O43 - CFD: 2014/02/23 - 07:16:17 - [0] D -- C:\Users\bintou\AppData\Local\{8F77B874-80C7-4B6A-A526-E3C653B81696}
O43 - CFD: 2014/01/20 - 23:04:22 - [0] D -- C:\Users\bintou\AppData\Local\{90F4BEE8-2A41-4A56-8E0C-A66097F10480}
O43 - CFD: 2014/03/04 - 10:45:55 - [0] D -- C:\Users\bintou\AppData\Local\{912CEBAD-04F5-4121-B3DA-25EB67F0A201}
O43 - CFD: 2013/12/17 - 22:01:25 - [0] D -- C:\Users\bintou\AppData\Local\{92480651-EAFB-4C7B-97C3-5324E58F0E28}
O43 - CFD: 2013/11/26 - 13:33:16 - [0] D -- C:\Users\bintou\AppData\Local\{93D6082A-5E60-43F0-8352-875511C0FCC0}
O43 - CFD: 2013/08/29 - 11:12:47 - [0] D -- C:\Users\bintou\AppData\Local\{961A0EE0-A9BD-4D58-B9BE-B92AD4B3FB2E}
O43 - CFD: 2014/02/18 - 22:10:49 - [0] D -- C:\Users\bintou\AppData\Local\{96642157-80AB-45B6-960F-099320682B0A}
O43 - CFD: 2013/10/19 - 06:50:34 - [0] D -- C:\Users\bintou\AppData\Local\{99271B1B-C710-4EF9-A0CF-B8DD33251FEF}
O43 - CFD: 2014/02/07 - 22:39:18 - [0] D -- C:\Users\bintou\AppData\Local\{9A845D4F-C400-46BB-96F3-7F43D877E602}
O43 - CFD: 2013/09/29 - 11:24:04 - [0] D -- C:\Users\bintou\AppData\Local\{9B6D1874-8220-4A8F-AB32-38611880348D}
O43 - CFD: 2015/02/21 - 11:27:24 - [0] D -- C:\Users\bintou\AppData\Local\{9C4AB971-ED03-4EE7-B4AF-864CAA88EC52}
O43 - CFD: 2014/01/14 - 11:44:27 - [0] D -- C:\Users\bintou\AppData\Local\{9C84EE45-E618-48AB-85D0-3071B2FA7600}
O43 - CFD: 2015/02/15 - 19:14:50 - [0] D -- C:\Users\bintou\AppData\Local\{9CDD1DE0-59D3-4A17-A1F3-42E83586A05D}
O43 - CFD: 2013/12/20 - 07:58:54 - [0] D -- C:\Users\bintou\AppData\Local\{9D03A18C-FEBE-4989-A04A-2A0FEB361273}
O43 - CFD: 2013/10/22 - 13:04:18 - [0] D -- C:\Users\bintou\AppData\Local\{9DE1ADEC-D36F-4481-A54F-5119B89523CC}
O43 - CFD: 2014/03/04 - 23:30:15 - [0] D -- C:\Users\bintou\AppData\Local\{9DECD8C5-7C1E-4486-B0EC-A36AEBABB867}
O43 - CFD: 2013/08/15 - 09:59:00 - [0] D -- C:\Users\bintou\AppData\Local\{9E464E46-C293-4202-AE05-587C9F35996F}
O43 - CFD: 2014/03/07 - 22:04:24 - [0] D -- C:\Users\bintou\AppData\Local\{9F6C3920-9AC0-45A0-8FB1-B77D0AA7762B}
O43 - CFD: 2013/09/04 - 00:10:51 - [0] D -- C:\Users\bintou\AppData\Local\{A1868CD5-BAD5-4D31-AB1C-A9CD262BBD7A}
O43 - CFD: 2013/11/09 - 21:23:27 - [0] D -- C:\Users\bintou\AppData\Local\{A2043AB0-8DAD-470A-82AB-C38CCCD0C63C}
O43 - CFD: 2013/10/23 - 08:25:39 - [0] D -- C:\Users\bintou\AppData\Local\{A2612F4C-6FC6-4C97-BF3A-432175A19F17}
O43 - CFD: 2014/01/07 - 21:29:13 - [0] D -- C:\Users\bintou\AppData\Local\{A37ADD65-253C-4F7B-ADB5-0CE2331B0C2A}
O43 - CFD: 2013/12/15 - 02:55:57 - [0] D -- C:\Users\bintou\AppData\Local\{A4348163-A30D-4E18-89F1-A1552979AE99}
O43 - CFD: 2013/08/27 - 14:54:20 - [0] D -- C:\Users\bintou\AppData\Local\{A4A54A79-BB3D-4592-8AB4-A971C5DACE4F}
O43 - CFD: 2013/08/05 - 15:54:08 - [0] D -- C:\Users\bintou\AppData\Local\{A61F866E-7B74-47D5-8A08-ACD39157875F}
O43 - CFD: 2013/09/05 - 21:43:41 - [0] D -- C:\Users\bintou\AppData\Local\{A669ECE5-DE93-4DD7-8513-8D2D1E08B87D}
O43 - CFD: 2013/11/03 - 11:46:36 - [0] D -- C:\Users\bintou\AppData\Local\{A6775858-DC5B-45ED-A13A-5E0DBF592893}
O43 - CFD: 2013/11/01 - 07:16:29 - [0] D -- C:\Users\bintou\AppData\Local\{A6841D6B-62AE-4F4D-97A7-8D2E4535BF68}
O43 - CFD: 2013/10/10 - 07:03:26 - [0] D -- C:\Users\bintou\AppData\Local\{A6A3239C-3CB2-4481-8675-5AE783729577}
O43 - CFD: 2013/10/02 - 09:13:44 - [0] D -- C:\Users\bintou\AppData\Local\{A746A573-22CA-4BB1-8B64-55D1DE79ABFF}
O43 - CFD: 2013/09/15 - 15:18:55 - [0] D -- C:\Users\bintou\AppData\Local\{A77B2077-2D95-4DE8-B903-481D2F393644}
O43 - CFD: 2014/01/17 - 08:57:04 - [0] D -- C:\Users\bintou\AppData\Local\{A934306B-2A1A-4FAC-877F-19888B27E627}
O43 - CFD: 2013/07/25 - 20:34:03 - [0] D -- C:\Users\bintou\AppData\Local\{AA2EB3B9-6C8B-41BA-AB99-95E2D43996D0}
O43 - CFD: 2014/02/02 - 02:25:07 - [0] D -- C:\Users\bintou\AppData\Local\{ABA4C939-FA02-4C66-BA3D-638564AA5CF6}
O43 - CFD: 2013/11/16 - 12:57:04 - [0] D -- C:\Users\bintou\AppData\Local\{AD9C9787-D992-479A-9A11-62A936902A61}
O43 - CFD: 2015/02/22 - 12:39:06 - [0] D -- C:\Users\bintou\AppData\Local\{ADE8EE4D-B7E5-47F0-A6D4-25C261A97202}
O43 - CFD: 2013/08/24 - 22:45:10 - [0] D -- C:\Users\bintou\AppData\Local\{AE310CE7-CA23-4094-88AE-599DD352816C}
O43 - CFD: 2014/01/31 - 12:31:41 - [0] D -- C:\Users\bintou\AppData\Local\{AF1301FD-DE3B-486F-9F46-AA175DC6B17C}
O43 - CFD: 2014/12/31 - 15:00:10 - [0] D -- C:\Users\bintou\AppData\Local\{AF5FBFEF-FD87-404B-95FD-432A259D455A}
O43 - CFD: 2013/08/22 - 06:09:07 - [0] D -- C:\Users\bintou\AppData\Local\{B1CA7909-57A2-42AD-A3AB-CCC1CD8194BB}
O43 - CFD: 2013/11/30 - 07:42:31 - [0] D -- C:\Users\bintou\AppData\Local\{B1D8FC8C-9EFB-4AE2-AD3C-2DBE773E81F4}
O43 - CFD: 2013/07/17 - 08:57:46 - [0] D -- C:\Users\bintou\AppData\Local\{B23EFCFB-EE88-4A20-9792-8842599599F2}
O43 - CFD: 2014/12/04 - 17:39:49 - [0] D -- C:\Users\bintou\AppData\Local\{B24E1B1D-2CC9-4AEC-B07D-95DF54CF29DD}
O43 - CFD: 2013/11/28 - 08:40:31 - [0] D -- C:\Users\bintou\AppData\Local\{B2B27EB3-7FBE-4B79-928F-2E58E4AB07F2}
O43 - CFD: 2013/12/26 - 11:25:25 - [0] D -- C:\Users\bintou\AppData\Local\{B3931058-42B4-4441-8E5D-B746706EC422}
O43 - CFD: 2014/04/16 - 23:20:21 - [0] D -- C:\Users\bintou\AppData\Local\{B4B663FC-7B35-4A5B-AA1E-3F5A52AC1003}
O43 - CFD: 2013/09/06 - 18:34:14 - [0] D -- C:\Users\bintou\AppData\Local\{B87B4C20-5BA7-483D-8679-9F7A181EFEFB}
O43 - CFD: 2013/09/30 - 12:26:33 - [0] D -- C:\Users\bintou\AppData\Local\{B97F8D21-B7FE-478C-A86F-90F1A7E14291}
O43 - CFD: 2013/07/20 - 14:26:39 - [0] D -- C:\Users\bintou\AppData\Local\{B9991731-DB98-475C-8896-4D652DEC437D}
O43 - CFD: 2013/12/24 - 00:05:41 - [0] D -- C:\Users\bintou\AppData\Local\{B9F8D19F-908C-4D60-8D9E-9C52C6676659}
O43 - CFD: 2013/10/03 - 19:06:07 - [0] D -- C:\Users\bintou\AppData\Local\{BCC4B854-E235-42AB-A1FE-A9C178046525}
O43 - CFD: 2013/08/12 - 13:17:29 - [0] D -- C:\Users\bintou\AppData\Local\{BD735C43-F3F7-4A0D-8E11-99849B5B1CB9}
O43 - CFD: 2013/10/11 - 07:12:28 - [0] D -- C:\Users\bintou\AppData\Local\{BF6C1C79-792B-45F3-8709-3382D0A48C13}
O43 - CFD: 2015/06/30 - 18:18:54 - [0] D -- C:\Users\bintou\AppData\Local\{BFF6E50F-32F8-40C0-B119-476D613DA087}
O43 - CFD: 2014/04/27 - 20:30:41 - [0] D -- C:\Users\bintou\AppData\Local\{C05E79A3-DD24-4981-A7AA-8CE5178D9366}
O43 - CFD: 2013/11/01 - 23:02:03 - [0] D -- C:\Users\bintou\AppData\Local\{C0879525-1D8A-4775-80FC-16D8DC5C1335}
O43 - CFD: 2013/12/31 - 13:28:31 - [0] D -- C:\Users\bintou\AppData\Local\{C0DDA327-4D67-41DB-91F1-449D82CC514E}
O43 - CFD: 2013/07/23 - 22:56:17 - [0] D -- C:\Users\bintou\AppData\Local\{C234F754-F287-4610-B2F0-FF0F1C557C87}
O43 - CFD: 2013/10/17 - 19:32:58 - [0] D -- C:\Users\bintou\AppData\Local\{C269E716-C51A-45C1-8BCD-7C6648CE52DE}
O43 - CFD: 2013/08/20 - 00:31:27 - [0] D -- C:\Users\bintou\AppData\Local\{C2E1A71E-9EA9-471A-A047-E85516FF52DF}
O43 - CFD: 2013/12/15 - 14:56:13 - [0] D -- C:\Users\bintou\AppData\Local\{C312983B-DF35-44B9-BFAE-A21207B73A6A}
O43 - CFD: 2013/12/21 - 06:48:14 - [0] D -- C:\Users\bintou\AppData\Local\{C45C5777-CBDC-4799-95F7-9426426C2B59}
O43 - CFD: 2013/10/25 - 05:50:22 - [0] D -- C:\Users\bintou\AppData\Local\{C47FC031-F7E2-4070-B2C7-D995F5FA5774}
O43 - CFD: 2014/01/04 - 11:24:07 - [0] D -- C:\Users\bintou\AppData\Local\{C5AC71F3-89A2-45DC-8577-19C9C7CC6E89}
O43 - CFD: 2013/09/19 - 20:46:44 - [0] D -- C:\Users\bintou\AppData\Local\{C752A89D-14BB-4D3B-8F9E-629A8D0DC66C}
O43 - CFD: 2013/08/09 - 23:19:32 - [0] D -- C:\Users\bintou\AppData\Local\{C76829E5-CA47-42B2-9D1C-3000E0756AAF}
O43 - CFD: 2013/08/11 - 23:37:43 - [0] D -- C:\Users\bintou\AppData\Local\{C7EDC931-062D-404F-BEDE-55CDBF951254}
O43 - CFD: 2013/12/19 - 17:42:42 - [0] D -- C:\Users\bintou\AppData\Local\{C836FD96-E70F-4D5A-AE49-F2B4AB9E1EEB}
O43 - CFD: 2014/04/29 - 16:26:16 - [0] D -- C:\Users\bintou\AppData\Local\{C9F6EA2E-A701-4A0A-BF5A-6696984DF311}
O43 - CFD: 2013/08/20 - 20:59:52 - [0] D -- C:\Users\bintou\AppData\Local\{D19AF28C-627F-4397-B89A-5077E4C460C4}
O43 - CFD: 2013/08/03 - 07:02:07 - [0] D -- C:\Users\bintou\AppData\Local\{D1B6E618-64C2-49CF-B153-243553498E43}
O43 - CFD: 2014/03/24 - 22:26:12 - [0] D -- C:\Users\bintou\AppData\Local\{D1C0AEF7-9C64-4B25-9AF6-048F61C87214}
O43 - CFD: 2013/12/01 - 07:50:09 - [0] D -- C:\Users\bintou\AppData\Local\{D1D56654-8CD5-4A3B-8DBF-BD9260BC606B}
O43 - CFD: 2014/01/08 - 20:44:33 - [0] D -- C:\Users\bintou\AppData\Local\{D5372AA9-04A8-432A-8F64-47C2240C7F31}
O43 - CFD: 2013/08/14 - 01:17:50 - [0] D -- C:\Users\bintou\AppData\Local\{D5AF92D3-C297-44E6-8823-E678EC628B19}
O43 - CFD: 2013/11/30 - 19:42:47 - [0] D -- C:\Users\bintou\AppData\Local\{D77957E8-6AAA-4133-8283-C2457EABA6A6}
O43 - CFD: 2013/10/25 - 20:30:16 - [0] D -- C:\Users\bintou\AppData\Local\{D8512769-46F0-4032-824E-0D22A320403B}
O43 - CFD: 2013/09/16 - 09:25:51 - [0] D -- C:\Users\bintou\AppData\Local\{DB0ABE94-520C-493A-8DC3-C5C1C46A87FF}
O43 - CFD: 2013/08/15 - 21:59:17 - [0] D -- C:\Users\bintou\AppData\Local\{DC4C7A41-81C1-48B8-97EC-FED4D28F9037}
O43 - CFD: 2014/02/10 - 17:01:54 - [0] D -- C:\Users\bintou\AppData\Local\{DD1A5DBE-F169-4676-BAE9-9CCB06B4E20B}
O43 - CFD: 2013/09/26 - 11:27:03 - [0] D -- C:\Users\bintou\AppData\Local\{DE0A5F3E-C989-4155-9466-0DCFA6F4D5B2}
O43 - CFD: 2013/12/23 - 12:05:25 - [0] D -- C:\Users\bintou\AppData\Local\{DE0DC050-9899-4AFA-93C2-22EDB3625734}
O43 - CFD: 2013/07/27 - 07:09:33 - [0] D -- C:\Users\bintou\AppData\Local\{DE370868-6185-4FB2-A43E-68D7DB189AAC}
O43 - CFD: 2013/11/18 - 23:20:35 - [0] D -- C:\Users\bintou\AppData\Local\{DEF015BF-997E-4CA6-8AD3-36F69AB63BA1}
O43 - CFD: 2014/03/13 - 21:17:55 - [0] D -- C:\Users\bintou\AppData\Local\{E010A7F1-F695-4061-8EC4-60F23CB5BECC}
O43 - CFD: 2013/09/03 - 00:10:21 - [0] D -- C:\Users\bintou\AppData\Local\{E06D8E59-48D9-43DB-AD97-1AABD4FF3BF6}
O43 - CFD: 2014/01/08 - 09:29:29 - [0] D -- C:\Users\bintou\AppData\Local\{E096CDE1-6476-4702-A665-DEF73303D477}
O43 - CFD: 2013/12/12 - 09:11:54 - [0] D -- C:\Users\bintou\AppData\Local\{E3B5DAFB-72E3-464A-9D92-7A4655650AF4}
O43 - CFD: 2013/12/21 - 19:28:37 - [0] D -- C:\Users\bintou\AppData\Local\{E62D2229-9CCB-4258-9113-50678782E4C9}
O43 - CFD: 2013/07/24 - 21:02:00 - [0] D -- C:\Users\bintou\AppData\Local\{E77D0775-A836-4FA2-9565-9235D4EBE689}
O43 - CFD: 2013/10/07 - 18:45:31 - [0] D -- C:\Users\bintou\AppData\Local\{E81ACF19-965C-4F0F-9636-5ACDE963C419}
O43 - CFD: 2013/10/31 - 12:03:23 - [0] D -- C:\Users\bintou\AppData\Local\{E8E2E40C-3AC3-4FBD-8463-FF43DBC6B721}
O43 - CFD: 2013/12/03 - 11:45:03 - [0] D -- C:\Users\bintou\AppData\Local\{EB807B2E-F055-4A96-A036-786E54CADEAB}
O43 - CFD: 2013/10/03 - 06:48:49 - [0] D -- C:\Users\bintou\AppData\Local\{EB82C82B-8CC0-4311-87A2-E42659FB01A6}
O43 - CFD: 2013/08/18 - 06:24:54 - [0] D -- C:\Users\bintou\AppData\Local\{EC238209-7D34-4BF4-9A88-BD33381F5927}
O43 - CFD: 2014/01/23 - 11:46:35 - [0] D -- C:\Users\bintou\AppData\Local\{EC53A91F-9E64-4C64-8A7F-BD4FF85B95C7}
O43 - CFD: 2013/11/13 - 10:08:34 - [0] D -- C:\Users\bintou\AppData\Local\{ED964C46-7166-4FDC-8F14-9070C4E66EA3}
O43 - CFD: 2014/02/24 - 22:07:17 - [0] D -- C:\Users\bintou\AppData\Local\{EF004AC2-F375-4FB3-B31F-55C64643E819}
O43 - CFD: 2014/01/22 - 18:32:59 - [0] D -- C:\Users\bintou\AppData\Local\{F1CDDEF5-547A-4467-9B97-EFDD3138CD2F}
O43 - CFD: 2014/01/06 - 09:00:08 - [0] D -- C:\Users\bintou\AppData\Local\{F2A56261-64EF-4516-A9C7-5DF9F3693FB6}
O43 - CFD: 2013/12/22 - 12:29:32 - [0] D -- C:\Users\bintou\AppData\Local\{F4732592-C059-4A24-B737-0242326F5C21}
O43 - CFD: 2014/12/03 - 15:44:27 - [0] D -- C:\Users\bintou\AppData\Local\{F528537D-34EF-417A-BDD7-9E75BBEE10B6}
O43 - CFD: 2013/07/23 - 19:07:45 - [0] D -- C:\Users\bintou\AppData\Local\{F59252FA-E70E-4815-B990-B936A557B997}
O43 - CFD: 2013/09/17 - 12:17:34 - [0] D -- C:\Users\bintou\AppData\Local\{F60FB2FD-6642-4BE1-A700-7FF30A203563}
O43 - CFD: 2013/10/30 - 23:27:13 - [0] D -- C:\Users\bintou\AppData\Local\{F9581D09-26B0-4F0C-953C-2A44E5ADC569}
O43 - CFD: 2013/11/07 - 10:12:41 - [0] D -- C:\Users\bintou\AppData\Local\{F9B655BD-76A2-4EFF-AD59-B0388D478861}
O43 - CFD: 2013/11/29 - 18:06:09 - [0] D -- C:\Users\bintou\AppData\Local\{FA84016E-BE2D-4D71-90DC-1FE316C42D01}
O43 - CFD: 2013/11/10 - 12:24:32 - [0] D -- C:\Users\bintou\AppData\Local\{FC1A61EE-A6EE-46CF-B48A-C48958608C95}
O43 - CFD: 2014/03/10 - 19:54:04 - [0] D -- C:\Users\bintou\AppData\Local\{FE94777F-A594-4E14-B576-CE49B1403607}
O43 - CFD: 2013/09/23 - 07:18:27 - [0] D -- C:\Users\bintou\AppData\Local\{FE9EEF38-7BEA-4E31-8FB4-EF02201A3F6D}
O43 - CFD: 2013/10/04 - 17:00:48 - [0] D -- C:\Users\bintou\AppData\Local\{FED75972-3B5E-4955-A536-246BFC6085B7}
O43 - CFD: 2013/08/21 - 12:09:19 - [0] D -- C:\Users\bintou\AppData\Local\{FF667806-514F-40BB-8552-6BEF4E71DA3A}
O43 - CFD: 2011/11/08 - 08:54:25 - [] RD -- C:\Users\bintou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/30 - 18:15:21 - [] RD -- C:\Users\bintou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2009/07/14 - 06:49:38 - [] RD -- C:\Users\bintou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/01 - 19:55:00 - [] RD -- C:\Users\bintou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

---\\ Liste des pilotes du système (SDL) (O58) (50) - 1s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2009/10/08 02:13:34 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [70200]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2009/10/08 02:13:34 A . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [28728]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2010/03/10 18:33:52 A . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\System32\drivers\AtiPcie64.sys [16440]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2012/05/29 15:53:30 A . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\drivers\cpqdfw.sys [27456]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2010/11/20 15:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2009/12/19 05:33:34 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys [852256]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2010/01/28 19:25:04 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda64v.sys [86120]
O58 - SDL:2010/03/25 08:09:32 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [13728232]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2010/03/04 16:43:00 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [346144]
O58 - SDL:2010/02/25 11:14:46 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [2276128]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 02:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2009/10/19 23:45:54 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\drivers\usbfilter.sys [39480]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (10) - 12s
O61 - LFC: 2015/07/01 20:49:16 A . (.Avast Software s.r.o..) -- C:\Users\bintou\Downloads\avast_free_antivirus_setup_online_01net.exe [5481336]
O61 - LFC: 2015/07/01 00:12:55 A . (..) -- C:\Users\bintou\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 2015/07/02 01:09:48 A . (..) -- C:\Users\bintou\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/01 20:09:06 A . (.ClientConnect Ltd..) -- C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\plugins\ChromeApiPlugin.dll [541504] =>PUP.ClientConnect
O61 - LFC: 2015/07/01 20:09:06 A . (.ClientConnect Ltd..) -- C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe [1087296] =>PUP.ClientConnect
O61 - LFC: 2015/07/01 20:09:06 A . (.ClientConnect Ltd..) -- C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\APISupport\APISupport.dll [991040] =>PUP.ClientConnect
O61 - LFC: 2015/06/30 18:18:31 A . (.Conduit.) -- C:\Users\bintou\AppData\Local\Chromium\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.15.2.24_0\plugins\ChromeApproveTBPlugin.dll [117024]
O61 - LFC: 2015/06/30 18:18:31 A . (.Conduit.) -- C:\Users\bintou\AppData\Local\Chromium\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.15.2.24_0\plugins\ChromeAutoApproveTB.dll [155936]
O61 - LFC: 2015/06/30 18:18:31 A . (.Conduit.) -- C:\Users\bintou\AppData\Local\Chromium\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.15.2.24_0\plugins\ConduitChromeApiPlugin.dll [838944]
O61 - LFC: 2015/06/30 18:18:32 A . (.Conduit.) -- C:\Users\bintou\AppData\Local\Chromium\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.15.2.24_0\plugins\np-cwmp.dll [68896]

---\\ Associations Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (SMI) (O68) (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI (356) - 8s
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a129684723478947121000000paramsGK3.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzk4NjIzOTc3ODE0LCJ1cGRhdGVSZXNwVGlt[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000paramsGK0.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzk4NjIzOTc3OTgwLCJ1cGRhdGVSZXNwVGlt[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_config_currentTab.enc", "aG9tZQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_home.enc", "MHgwMDMzLDB4MDAzNCwweDAwMzAsMHgwMDM4LDB4MD[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.enableSearchFromAddressBar", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_following_count.enc", "MzE="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_mamEnabled", "66616C7365"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_followers.enc", "MHgwMDMxLDB4MDAzMCwweDAwMzYsMHgwMDMwL[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.firstTimeDialogOpened", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_CacheTime_2612669a129684723478947121000000.enc", "MTM2OTc3MTE1OTIwMw=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_following.enc", "MHgwMDMyLDB4MDAzNCwweDAwMzgsMHgwMDMzL[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.PG_ENABLE.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.SF_USER_ID.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.isFirstTimeToolbarLoading", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.addressBarTakeOverEnabledInHidden", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_userBornDate.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669._key_cl_passive.enc", "NWEzNDdlOGItNWM2Ni00NDYxLWI0NWUtZTA5MTc1YzY3ZjRj"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_welcomeDialogMode.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.SF_JUST_INSTALLED", "46414C5345"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3GFA7EF.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_followers_count.enc", "MzE="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"E[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.2612669a130003407608460983000000twitterTemplate_notify_home_count.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.addressUrlXPETakeover", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var6", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Wall_2612669a129684723478947121000000.enc", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIyJT[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.fullUserID", "UN27132587361650625.UP.20130702175929"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B5BA==9CJAG.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.FF19Solved", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.url_history0001", "%EE%FA%FA%F6%C0%B5%B5%FD%FD%FD%B4%EE%F5%F8%E7%EF%F8%EB%F9%B3%E8%FB%F9%B4%E9%F5%F3%B5%E8%FB[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_calledSetupService.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.FacebookTemplate_2612669a129684723478947121000000_lang.enc", "RlI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var3", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.installSp", "FALSE"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.installSessionId", "{0FE6D58D-FD22-4B81-B0EE-27DAC8B5EA2E}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Mode.enc", "Mg=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.RestartDialogShouldDisplay", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_Configuration_lastUpdate", "1424024201197"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Events_2612669a129684723478947121000000.enc", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIy[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Info_2612669a129684723478947121000000.enc", "JTdCJTIyaWQlMjIlM0ElMjI3MjcyNzgxMTg1JTIyJTJDJT[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Likes_2612669a129684723478947121000000.enc", "bnVsbA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.installId", "stub.exe"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.twitterTemplate_2612669a130003407608460983000000_DailyActivity.enc", "MTM3NTU1NzY1ODc4OA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.UserID", "UN27132587361650625"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Photos_2612669a129684723478947121000000.enc", "JTVCJTVE"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.smplGrp", "none"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_Template_Video_2612669a129684723478947121000000.enc", "bnVsbA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.Facebook_User_Locale.enc", "ZnI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_translation_lastUpdate", "1424024201172"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.FirstTime", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.FirstTimeFF3", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.PG_ENABLE", "dHJ1ZQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_settings1.10.4.0.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.fixPageNotFoundError", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.PG_ENABLE.enc", "dHJ1ZQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.cb_firstuse0100.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Clarity_Active", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.RestartDialogFirstTime", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appStateReportTime", "%B7%B9%BE%BB%B9%BC%BB%BF%B8%B8%B6%BE%BD"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.SF_JUST_INSTALLED.enc", "RkFMU0U="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.SF_STATUS.enc", "RU5BQkxFRA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.fixUrls", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9BA@0<0BI6A7GN:6@L?.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.SF_USER_ID.enc", "Y2lkXzI4NTIwMTMxNzUyNDcxNTIxMTU0"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_userId", "37333639313336612D383139662D343934622D623239332D316237356635343764666566"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.SearchAppState.enc", "Mg=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appsDefaultEnabled", "6E756C6C"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.cachedprofile2612669a129684723478947121000000.enc", "aW12dQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.SpecialSavings@SpecialSavings.com.uuid", "\"4a6db706-c7ae-11e2-b960-0025901ef77c\""); =>PUP.SpecialSavings
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.cb_experience_000.enc", "Nw=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B<:222H64<", "393F352F3E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.enableFix404ByUser", "FALSE"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.enableAlerts", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.cb_user_id_000.enc", "Q0I3NDY2MDQ5NzE5Nl8xMzczODQyMTE1ODkwX0ZpcmVmb3g="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_existingUsersRecoveryDone", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.cbfirsttime.enc", "VHVlIE1heSAyOCAyMDEzIDE3OjUyOjQ3IEdNVCswMjAw"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.isCheckedStartAsHidden", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.countryCode", "FR"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.defaultSearch", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.fixPageNotFoundErrorByUser", "TRUE"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.fixPageNotFoundErrorInHidden", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E1x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.guid", "%7B612332DE-4E8D-DE02-8D7D-A30B294886EA%7D"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.keyword", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.lastVersion", "10.29.0.520"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appStateReportTime.enc", "MTM4NTM2NTkyMjA4Nw=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E.x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appState_CouponBuddy.enc", "b24="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appState_Easytobook.enc", "b24="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appState_Easytobook_targeted.enc", "b24="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_userId", "%BD%B9%BC%BF%B7%B9%BC%E7%B3%BE%B7%BF%EC%B3%BA%BF%BA%E8%B3%E8%B8%BF%B9%B3%B7%E8%BD%BB%EC%BB%B[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appState_PriceGong.enc", "b24="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.6.0.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjY2XzA[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_migrated_from_ls", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchSuggestEnabledByUser", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E5x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appState_WindowShopper.enc", "b24="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJEaXNjb3ZlciIsInVybCI6Imh0dHA6Ly9mYXN0Y29udGVu[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_appsDefaultEnabled", "%F4%FB%F2%F2"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_calledSetupService.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EBx305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.prtnrId", "delta"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_currentBadgeValue", "%B7"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_currentBadgeValue.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.22.5.510_lastUpdate", "1387821630856"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_currentVersion", "%B7%B4%B7%B7%B4%BA%B4%B8"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_currentVersion.enc", "MS4xMS40LjI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_eventsCache", "%u0101%A8%EB%B7%B6%EA%EA%BB%B6%B8%B3%E9%EB%BB%B8%B3%BA%BE%BE%B7%B3%E7%E8%EA%BE%B3%BF%BE[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_eventsCache.enc", "eyJlMTBkZDUwMi1jZTUyLTQ4ODEtYWJkOC05ODhhMDg3ZDFlNDAiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_existingUsersRecoveryDone.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_first_time", "%B7"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_first_time.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_gadgetOpen.enc", "MA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_globalKeysMigratedToLocalStorage", "%B7"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_globalKeysMigratedToLocalStorage.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appsConfig.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_installer_preapproved.enc", "ZmFsc2U="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.toolbarLoginClientTime", "Tue May 28 2013 17:52:42 GMT+0200"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_lastLoginTime", "%B7%B9%BE%BB%B9%BC%BB%BF%B8%B8%B9%BB%BA"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_lastLoginTime.enc", "MTM4NTM2NTkyMjM1NA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_WindowShopper.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJQcm9tb1xuZHUgam91ciJ9LC[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_mamEnabled.enc", "ZmFsc2U="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_newApps", "%E1%u0101%A8%EF%EA%A8%C0%A8%CA%EF%F9%E9%F5%FC%EB%F8%A8%B2%A8%F4%E7%F3%EB%A8%C0%A8%CA%EF%F9%[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.vrsni", "1.8.21.5"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_newApps.enc", "W3siaWQiOiJEaXNjb3ZlciIsIm5hbWUiOiJEaXNjb3ZlciIsImRlc2NyaXB0aW9uIjoiVGhpcyBhcHAgaW50ZWx[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E/x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMC[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEwMzEiLCJpbn[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.11.4.2", "%u0101%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.11.4.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzExMjUiLCJpbn[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNDZfMCI[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1424024201189"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_stamp", "%B7%B6%B6%BF%E5%B6"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_stamp.enc", "MTAwOV8w"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_userId.enc", "NzM2OTEzNmEtODE5Zi00OTRiLWIyOTMtMWI3NWY1NDdkZmVm"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_user_approval_interacted", "%B7"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_user_approval_interacted.enc", "MQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.mam_gk_welcomeDialogMode", "%B7"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzcwNzA0MTg3NTkwLDE0NDAwMDAwXX0="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var7", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.vrsn", "1.8.21.5"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E,x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.migrateAppsAndComponents", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.openThankYouPage", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.openUninstallPage", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.originalSearchAddressUrl", ""); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var1", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.performedDomainChangesMigration", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B;45>:BI9I7IE.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.price-gong.isManagedApp", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.aflt", "babsst"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.revertSettingsEnabled", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchInNewTabEnabledInHidden", "true"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-experiments-hover_effect.enc", "eyJuYW1lIjoiaGFsZiIsInZlcnNpb24iOjF9"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_mamEnabled.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-country-code.enc", "IkZSIg=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-experiments-aaTest.enc", "eyJuYW1lIjoiYTEiLCJ2ZXJzaW9uIjoxfQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-experiments-placement.enc", "eyJuYW1lIjoiYnJhbmRlZC1iYXIiLCJ2ZXJzaW9uIjoxM30="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzcwNzA0MTg3NjUzLDE0NDAwMDAwXX0="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_welcomeDialogMode", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-user-id.enc", "ImYwZDY4NzhmLWEzYmUtNGRjYi1iMmQ5LTk2YTMwNjQ2MDhlMyI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.sac-yt-first-ping.enc", "MTM3MDcwNDE4NzY0NA=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1424024201127"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.search.searchAppId", "129170380618247104"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.cbfirsttime.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.search.searchCount", "2"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchInNewTabEnabledByUser", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta_i.babTrack", "affID=119357&tt=150713_new&tsp=4944"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B<:222H64<.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B3=>@44I48?.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.instlRef", "sst"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669._key_cl_active.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchRevert", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B/>01=9A6K6PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_existingUsersRecoveryDone.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-3=3ECCJA=F>.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.searchUserMode", "1"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E8x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.autoRvrt", "false"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta_i.srcExt", "ss"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2612669\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://IMVUInc.[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"IMVU Inc \"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_appsMetadata_lastUpdate", "1424024201193"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1424024201129"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_location_lastUpdate", "1372689237197"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.firstlaunch", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372689238312"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_first_time.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372864160302"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.16.7.524_lastUpdate", "1374404216438"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EPUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.16.70.505_lastUpdate", "1376039934285"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.20.0.513_lastUpdate", "1379432373024"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.21.1.507_lastUpdate", "1385365911605"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E70737878737578242F4B49474F42357D5D5C3D"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_login_10.23.0.822_lastUpdate", "1392721598885"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var5", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_searchAPI_lastUpdate", "1424024201125"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_migrated_from_ls.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B<:222H64PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_serviceMap_lastUpdate", "1424024201126"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_toolbarContextMenu_lastUpdate", "1424024201186"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.serviceLayer_services_toolbarSettings_lastUpdate", "1424024201191"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.settingsINI", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.shouldFirstTimeDialog", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3GFA7EF", "2B2E2C3D"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.showToolbarPermission", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B=+03EH8H8J?:", "4443"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.startPage", "false"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B5BA==9CJAG", "3A69703D6F7170447A45447376494975494B78797E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E@x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.toolbarBornServerTime", "28-5-2013"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.toolbarCurrentServerTime", "18-2-2014"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EDx305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_newApps", "5B5D"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.twitterTemplate_2612669a130003407608460983000000_lang.enc", "RlI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.url_history0001.enc", "aHR0cDovL3d3dy5ob3JhaXJlcy1idXMuY29tL2J1cy5odG1sOjo6Y2xpY2toYW5kbGVyOjo6MTM4MzE5MzQ0Nj[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-country-code.enc", "IkZSIg=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-experiments-design.enc", "eyJuYW1lIjoibGlnaHQiLCJ2ZXJzaW9uIjo0fQ=="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-experiments-feed.enc", "eyJuYW1lIjoid3JlY2tBbmRUYWJvb2xhIiwidmVyc2lvbiI6M30="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-experiments-trigger.enc", "eyJuYW1lIjoieDAuNSIsInZlcnNpb24iOjF9"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669.wreck-user-id.enc", "IjM0M2UxYzMzLWRhOTUtNGFkNi04ZTliLWI4ZDkyYmZiMzc4NyI="); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("CT2612669_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1424024196618,\"isWithState\"[...] =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_newApps.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_settings1.13.0.17.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_PriceGong", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E.:2z527", "2423"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var9", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B9643G3/9E", "6A"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appStateReportTime", "31333938363233393833393730"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.cntry", "FR"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.SpecialSavings@SpecialSavings.com.id", "\"8cf80a3e-fc31-5d8d-0f75-84afd7953c54\""); =>PUP.SpecialSavings
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.id", "1c6887e500000000000070f1a1d1927f"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.SpecialSavings@SpecialSavings.com.mzID", "65"); =>PUP.SpecialSavings
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B/>01=9A6K6PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.cache.tbs_include_xml_006938", "49/0/16/6/113"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.admin", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.bbDpng", "31"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.dfltLng", "fr"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B?B0D:8AJ62PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.excTlbr", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.ffxUnstlRst", true); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.hdrMd5", "014D5AB3D3B170A64CFC5EDD6DB21BD9"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.instlDay", "15901"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.lastVrsnTs", "1.8.21.50:28:13"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.newTab", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.prdct", "delta"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.rvrt", "false"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.sg", "azb"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.tlbrId", "base"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.tlbrSrchUrl", ""); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta.vrsnTs", "1.8.21.50:28:13"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("extensions.delta_i.babExt", ""); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_stamp", "313033345F30"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E:x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E3x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B?+E2A52D8.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E-x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B?B0D:8AJ62PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var4", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3G@6:5;.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6_installed_version", "1.0.1018.0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B<:222H64PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9BA@0<0BI6A7GN:6@L?", "6C"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3G>D.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var10", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var2", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.Var8", "0"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("id_imbooster4web_v6.userId", "%12"); =>PUP.Boost
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E;x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E+x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E.:2z527.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E06CG5EL8:", "6E6D686A6D72726D6F72"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E06CG5EL8:.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E06CG5EL;8I:K.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E0x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E2x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E4x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E6x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E7x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E9x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E=x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E>x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7E?x305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EAx305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7EBE3G=;D9N9=D.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7ECx305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B+7Etx305.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3G>D", "6E6C40713F7344737A764572762048497A4C254D2322502A55562A54265B28272E313260"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B-0?3G@6:5;", ""); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B6B11G4C56B>F;P;ANR@P", "6E6D686A6D72726D6F72767876"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B9643G3/9E.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B;45>:BI9I7IE", "2B2E2C3D"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669./9B=+03EH8H8J?:.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.PG_ENABLE", "74727565"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.SF_USER_ID", "6369645F3131323230313331343234343337393233363631"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.SF_JUST_INSTALLED.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669._key_cl_active", "63643862613532352D643830612D343362662D623362322D623230633430343039643938"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.cbfirsttime", "53756E2044656320303120323031332031343A32343A343320474D542B30313030"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appStateReportTime.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Clarity_Active.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_CouponBuddy", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_CouponBuddy.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Easytobook", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Easytobook.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Easytobook_targeted", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_Easytobook_targeted.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_PriceGong.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appState_WindowShopper", "6F6E"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_appsDefaultEnabled.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_calledSetupService", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_currentVersion", "312E31332E302E3137"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_currentVersion.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_first_time", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_showWelcomeGadget", "66616C7365"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_installer_preapproved", "66616C7365"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_showWelcomeGadget.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_installer_preapproved.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_lastLoginTime", "31333938363233393834323633"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_lastLoginTime.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_localization.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_settings1.12.0.5.storedInFile", true); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_stamp.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_userBornDate", "4E2F41"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_userId.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_user_approval_interacted", "31"); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_user_approval_interacted.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.mam_gk_welcomeDialogMode.storedInFile", false); =>PUP.Conduit
O69 - SBI: prefs.js [bintou - c0nffc6k.default] user_pref("valueApps.CT2612669.url_history0001.storedInFile", true); =>PUP.Conduit
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Enumère les service demarrés par Svchost (SSS) (O83) (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2553856]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (2) - 1s
O87 - FAEL: "{DB773E47-641E-47B9-A2D1-ABBAFF94EACE}" [In-None-P6-TRUE] .(...) -- C:\Users\bintou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2H5BAZLD\SweetImSetup[1].exe =>PUP.SweetIM
O87 - FAEL: "{E585CD97-C8B3-4778-86D9-413A66F42AD0}" [In-None-P17-TRUE] .(...) -- C:\Users\bintou\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2H5BAZLD\SweetImSetup[1].exe =>PUP.SweetIM

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NT (1) - 2s
[MD5.] [WIS][2011/11/08 09:18:14] (.Uniblue Systems Ltd - InstallAware.) -- C:\Windows\Installer\1dca9b0.msi [313856] =>PUP.UniblueSystem

---\\ Scan Additionnel (O88) (14) - 0s
C:\ProgramData\hoyhWOs\jHrUfIfnbq.exe =>Adware.WebShield
HKLM\SYSTEM\CurrentControlSet\Services\jHrUfIfnbq =>PUP.Salus
C:\ProgramData\hoyhWOs\jHrUfIfnbq.exe =>PUP.Salus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster =>PUP.UniblueSystem
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} =>PUP.UniblueSystem
HKCU\SOFTWARE\SimpleNewTab =>PUP.SimpleNewTab
HKCU\SOFTWARE\Snoozer =>PUP.LuaRT
HKCU\SOFTWARE\AppDataLow\Software\LyricsContainer =>Adware.AddLyrics =>Adware.AddLyrics
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>Hijacker.SmartBar =>Hijacker.SmartBar
C:\Users\bintou\AppData\Local\WebShield =>Adware.WebShield
C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\plugins\ChromeApiPlugin.dll =>PUP.ClientConnect
C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe =>PUP.ClientConnect
C:\Users\bintou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpkikcnenpfpchgiigicelehfknciec\10.31.4.510_0\APISupport\APISupport.dll =>PUP.ClientConnect
C:\Windows\Installer\1dca9b0.msi =>PUP.UniblueSystem

---\\ Récapitulatif des détections trouvées sur votre station (14) - 0s
http://www.nicolascoolman.fr/blog =>Adware.WebShield
http://www.nicolascoolman.fr/blog =>PUP.DriverTurbo
http://www.nicolascoolman.fr/blog =>PUP.UniblueSystem
http://www.nicolascoolman.fr/blog =>PUP.Salus
http://www.nicolascoolman.fr/pup-simplenewtab/ =>PUP.SimpleNewTab
http://www.nicolascoolman.fr/pup-luart/ =>PUP.LuaRT
http://www.nicolascoolman.fr/adware-addlyrics/ =>Adware.AddLyrics
http://www.nicolascoolman.fr/hijacker-smartbar/ =>Hijacker.SmartBar
http://www.nicolascoolman.fr/blog =>PUP.ClientConnect
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog =>PUP.Boost
http://www.nicolascoolman.fr/toolbar-deltasearch/ =>Toolbar.DeltaSearch
http://www.nicolascoolman.fr/pup-specialsavings/ =>PUP.SpecialSavings
http://www.nicolascoolman.fr/pup-sweetim/ =>PUP.SweetIM

~ End of the scan, 47904 items in 58 seconds (1307)(0)()

Publicité


Signaler le contenu de ce document

Publicité