Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [fst_fr_105] => [X]
HKLM-x32\...\Run: [fst_fr_170] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-2950831876-2088724787-3088863540-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uw4GigvFB13oDdKkPmeiaEounjkyvBmjdrDok9HgOibCTpvjDaljl7BA1AkJ9yBbepxixQN6rmyqJ0vLQEcnPIKyRvBwxYMBu3ayPSZYbIqbpUC8vqkBoq5ueDRvqlieE8WLJSfgdpQFvFgSXC6gmIH8sFfNgGoL1DoXPYPZuyTN7e0cL2bL3buJy95Q,,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-2950831876-2088724787-3088863540-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2950831876-2088724787-3088863540-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-2950831876-2088724787-3088863540-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-2950831876-2088724787-3088863540-1001 -> Pas de nom - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - Pas de fichier
FF DefaultSearchEngine: Yahoo! Powered
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_16_39_ssg08¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyC0C0F0D0Bzy0CyEyByCtC0FtCzy0DyBtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyByCyCyBtD0CtBzytGtDyC0BtAtGyCzyyBtDtGtB0CtBtDtG0A0CyC0FtCzytD0DtC0EtAtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtA0AtD0AtC0D0CtGtD0DtByBtGyEtAyDzytGzytByByCtGyEyBtAyD0Fzy0ByByCyB0Azz2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1928225444%26a%3Dwbf_popjar_16_39_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
FF Extension: (Nouvel onglet de Yahoo) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-11-24] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => non trouvé(e)
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2012-07-16] (BOONTY) [Fichier non signé]
U3 idsvc; pas de ImagePath
C:\Users\Public\AlexaNSISPlugin.1148.dll
C:\Users\Public\AlexaNSISPlugin.5596.dll
C:\Windows\Tasks\{261DB5F0-87D0-A675-D399-6B3B4475FE51}.job
Task: {26766878-4D3B-4DAD-9890-89F1A3B4A8AC} - System32\Tasks\{261DB5F0-87D0-A675-D399-6B3B4475FE51} => C:\Users\DOMINI~1\AppData\Roaming\{261DB~1\Sync.exe <==== ATTENTION
Task: {73DB3486-B6DE-4866-87FE-F031FD3C2233} - System32\Tasks\{D9173B73-5CD3-4C4D-B591-D5F5ADFEDA2A} => pcalua.exe -a "C:\Users\Dominique VEY\AppData\Roaming\qone8\UninstallManager.exe" -c -ptid=adks
Task: {C6D990DA-1E29-482D-81FA-ABA6AA5C3F16} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {EE9F6F48-85D5-4120-829B-05E9E8580360} - System32\Tasks\Dominique VEYBanquetsAcetifyingV2 => Rundll32.exe CrabsOveruses.dll,main 7 1 <==== ATTENTION
Task: C:\WINDOWS\Tasks\{261DB5F0-87D0-A675-D399-6B3B4475FE51}.job =>
AlternateDataStreams: C:\ProgramData\TEMP:03DF8432 [145]
AlternateDataStreams: C:\ProgramData\TEMP:041C0562 [256]
AlternateDataStreams: C:\ProgramData\TEMP:04BC9A2C [128]
AlternateDataStreams: C:\ProgramData\TEMP:09AEED56 [134]
AlternateDataStreams: C:\ProgramData\TEMP:0B79AB8D [138]
AlternateDataStreams: C:\ProgramData\TEMP:0C9E06A2 [235]
AlternateDataStreams: C:\ProgramData\TEMP:0D060666 [135]
AlternateDataStreams: C:\ProgramData\TEMP:0E22C5DB [454]
AlternateDataStreams: C:\ProgramData\TEMP:0EC7A545 [131]
AlternateDataStreams: C:\ProgramData\TEMP:109734F6 [402]
AlternateDataStreams: C:\ProgramData\TEMP:10CB85CA [153]
AlternateDataStreams: C:\ProgramData\TEMP:10EC2087 [140]
AlternateDataStreams: C:\ProgramData\TEMP:11590865 [126]
AlternateDataStreams: C:\ProgramData\TEMP:1181620C [119]
AlternateDataStreams: C:\ProgramData\TEMP:12383CAE [140]
AlternateDataStreams: C:\ProgramData\TEMP:124B94C0 [101]
AlternateDataStreams: C:\ProgramData\TEMP:12D21A9A [268]
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B [123]
AlternateDataStreams: C:\ProgramData\TEMP:1392F09D [135]
AlternateDataStreams: C:\ProgramData\TEMP:1416AAA6 [274]
AlternateDataStreams: C:\ProgramData\TEMP:14B00291 [127]
AlternateDataStreams: C:\ProgramData\TEMP:15381DB9 [266]
AlternateDataStreams: C:\ProgramData\TEMP:177313FB [244]
AlternateDataStreams: C:\ProgramData\TEMP:1A14B3AF [288]
AlternateDataStreams: C:\ProgramData\TEMP:1A8FDBA3 [118]
AlternateDataStreams: C:\ProgramData\TEMP:1DEE6B65 [195]
AlternateDataStreams: C:\ProgramData\TEMP:1EC13383 [137]
AlternateDataStreams: C:\ProgramData\TEMP:1ECED34B [217]
AlternateDataStreams: C:\ProgramData\TEMP:206470A5 [241]
AlternateDataStreams: C:\ProgramData\TEMP:2163E78C [145]
AlternateDataStreams: C:\ProgramData\TEMP:2187A2BB [492]
AlternateDataStreams: C:\ProgramData\TEMP:229564F1 [239]
AlternateDataStreams: C:\ProgramData\TEMP:236FF5C6 [141]
AlternateDataStreams: C:\ProgramData\TEMP:23834E1E [146]
AlternateDataStreams: C:\ProgramData\TEMP:26499772 [0]
AlternateDataStreams: C:\ProgramData\TEMP:268BA8AB [123]
AlternateDataStreams: C:\ProgramData\TEMP:2701CA70 [246]
AlternateDataStreams: C:\ProgramData\TEMP:275AA066 [97]
AlternateDataStreams: C:\ProgramData\TEMP:282A4C88 [133]
AlternateDataStreams: C:\ProgramData\TEMP:2AC146B9 [118]
AlternateDataStreams: C:\ProgramData\TEMP:2AD33723 [133]
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9 [488]
AlternateDataStreams: C:\ProgramData\TEMP:2B1EA607 [219]
AlternateDataStreams: C:\ProgramData\TEMP:2B40A7DB [137]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:2E33E4A6 [145]
AlternateDataStreams: C:\ProgramData\TEMP:2F1D743F [135]
AlternateDataStreams: C:\ProgramData\TEMP:2F474C84 [134]
AlternateDataStreams: C:\ProgramData\TEMP:30A9192A [140]
AlternateDataStreams: C:\ProgramData\TEMP:32289BE8 [486]
AlternateDataStreams: C:\ProgramData\TEMP:32A82570 [225]
AlternateDataStreams: C:\ProgramData\TEMP:35501BA4 [145]
AlternateDataStreams: C:\ProgramData\TEMP:36A39835 [112]
AlternateDataStreams: C:\ProgramData\TEMP:36AAD0E5 [122]
AlternateDataStreams: C:\ProgramData\TEMP:371060CE [236]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [238]
AlternateDataStreams: C:\ProgramData\TEMP:38534D53 [128]
AlternateDataStreams: C:\ProgramData\TEMP:39DC8D60 [130]
AlternateDataStreams: C:\ProgramData\TEMP:3ADE134E [136]
AlternateDataStreams: C:\ProgramData\TEMP:3B454A5C [454]
AlternateDataStreams: C:\ProgramData\TEMP:3B622E21 [125]
AlternateDataStreams: C:\ProgramData\TEMP:3C4BD225 [139]
AlternateDataStreams: C:\ProgramData\TEMP:3D36932D [206]
AlternateDataStreams: C:\ProgramData\TEMP:3D922890 [129]
AlternateDataStreams: C:\ProgramData\TEMP:3E06C78F [119]
AlternateDataStreams: C:\ProgramData\TEMP:3E8A3E87 [124]
AlternateDataStreams: C:\ProgramData\TEMP:40EE25BB [239]
AlternateDataStreams: C:\ProgramData\TEMP:415E77AB [141]
AlternateDataStreams: C:\ProgramData\TEMP:42A3BDD7 [137]
AlternateDataStreams: C:\ProgramData\TEMP:44712999 [127]
AlternateDataStreams: C:\ProgramData\TEMP:45351004 [254]
AlternateDataStreams: C:\ProgramData\TEMP:45912F61 [213]
AlternateDataStreams: C:\ProgramData\TEMP:469B47D8 [135]
AlternateDataStreams: C:\ProgramData\TEMP:46EF121E [126]
AlternateDataStreams: C:\ProgramData\TEMP:48862C37 [141]
AlternateDataStreams: C:\ProgramData\TEMP:48977386 [130]
AlternateDataStreams: C:\ProgramData\TEMP:490B67EC [148]
AlternateDataStreams: C:\ProgramData\TEMP:49EA4410 [294]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [131]
AlternateDataStreams: C:\ProgramData\TEMP:4DDE401B [132]
AlternateDataStreams: C:\ProgramData\TEMP:506698B2 [121]
AlternateDataStreams: C:\ProgramData\TEMP:50B79A31 [135]
AlternateDataStreams: C:\ProgramData\TEMP:512E1728 [126]
AlternateDataStreams: C:\ProgramData\TEMP:5167543E [135]
AlternateDataStreams: C:\ProgramData\TEMP:52CA4081 [237]
AlternateDataStreams: C:\ProgramData\TEMP:53BA2DF6 [276]
AlternateDataStreams: C:\ProgramData\TEMP:5430D891 [140]
AlternateDataStreams: C:\ProgramData\TEMP:54403233 [149]
AlternateDataStreams: C:\ProgramData\TEMP:5539129F [127]
AlternateDataStreams: C:\ProgramData\TEMP:55E82CAF [127]
AlternateDataStreams: C:\ProgramData\TEMP:55F44B88 [143]
AlternateDataStreams: C:\ProgramData\TEMP:56699AAF [130]
AlternateDataStreams: C:\ProgramData\TEMP:569CEE83 [123]
AlternateDataStreams: C:\ProgramData\TEMP:570ED58C [240]
AlternateDataStreams: C:\ProgramData\TEMP:58515F92 [143]
AlternateDataStreams: C:\ProgramData\TEMP:59540531 [133]
AlternateDataStreams: C:\ProgramData\TEMP:59A6876B [131]
AlternateDataStreams: C:\ProgramData\TEMP:59CBF899 [242]
AlternateDataStreams: C:\ProgramData\TEMP:5AF17798 [125]
AlternateDataStreams: C:\ProgramData\TEMP:5E73E1C2 [118]
AlternateDataStreams: C:\ProgramData\TEMP:5E9B629B [228]
AlternateDataStreams: C:\ProgramData\TEMP:5FEBCE9C [136]
AlternateDataStreams: C:\ProgramData\TEMP:61AF2B29 [137]
AlternateDataStreams: C:\ProgramData\TEMP:6212DF7A [136]
AlternateDataStreams: C:\ProgramData\TEMP:629F8518 [296]
AlternateDataStreams: C:\ProgramData\TEMP:63C48B80 [126]
AlternateDataStreams: C:\ProgramData\TEMP:641A21EA [248]
AlternateDataStreams: C:\ProgramData\TEMP:65877B83 [136]
AlternateDataStreams: C:\ProgramData\TEMP:660BDAE1 [251]
AlternateDataStreams: C:\ProgramData\TEMP:697DDE2B [122]
AlternateDataStreams: C:\ProgramData\TEMP:699EFEED [144]
AlternateDataStreams: C:\ProgramData\TEMP:69BEF06A [139]
AlternateDataStreams: C:\ProgramData\TEMP:69F562A6 [304]
AlternateDataStreams: C:\ProgramData\TEMP:6AF6BB0E [259]
AlternateDataStreams: C:\ProgramData\TEMP:6BEADDC0 [127]
AlternateDataStreams: C:\ProgramData\TEMP:6DD124E2 [122]
AlternateDataStreams: C:\ProgramData\TEMP:6E65510A [263]
AlternateDataStreams: C:\ProgramData\TEMP:6EFFF8B9 [152]
AlternateDataStreams: C:\ProgramData\TEMP:709E81D4 [125]
AlternateDataStreams: C:\ProgramData\TEMP:71612023 [494]
AlternateDataStreams: C:\ProgramData\TEMP:754E278B [244]
AlternateDataStreams: C:\ProgramData\TEMP:759B7D6F [134]
AlternateDataStreams: C:\ProgramData\TEMP:75CF6AF0 [152]
AlternateDataStreams: C:\ProgramData\TEMP:7881FECE [116]
AlternateDataStreams: C:\ProgramData\TEMP:78E0DF72 [234]
AlternateDataStreams: C:\ProgramData\TEMP:7A0EFE63 [126]
AlternateDataStreams: C:\ProgramData\TEMP:7AE124EF [144]
AlternateDataStreams: C:\ProgramData\TEMP:7E47A57F [125]
AlternateDataStreams: C:\ProgramData\TEMP:7FD60FAD [145]
AlternateDataStreams: C:\ProgramData\TEMP:80F63EC3 [123]
AlternateDataStreams: C:\ProgramData\TEMP:80FA23CA [284]
AlternateDataStreams: C:\ProgramData\TEMP:82CF625D [133]
AlternateDataStreams: C:\ProgramData\TEMP:830725A7 [124]
AlternateDataStreams: C:\ProgramData\TEMP:848CC150 [113]
AlternateDataStreams: C:\ProgramData\TEMP:84C34762 [132]
AlternateDataStreams: C:\ProgramData\TEMP:864881BF [444]
AlternateDataStreams: C:\ProgramData\TEMP:865F21BF [129]
AlternateDataStreams: C:\ProgramData\TEMP:869C6B4A [130]
AlternateDataStreams: C:\ProgramData\TEMP:8751B175 [258]
AlternateDataStreams: C:\ProgramData\TEMP:89B7A4D9 [129]
AlternateDataStreams: C:\ProgramData\TEMP:89CF6F9C [120]
AlternateDataStreams: C:\ProgramData\TEMP:8AE92FD3 [148]
AlternateDataStreams: C:\ProgramData\TEMP:8B480195 [121]
AlternateDataStreams: C:\ProgramData\TEMP:8C84E358 [118]
AlternateDataStreams: C:\ProgramData\TEMP:8E7F155B [129]
AlternateDataStreams: C:\ProgramData\TEMP:900EBAFA [239]
AlternateDataStreams: C:\ProgramData\TEMP:9195103F [145]
AlternateDataStreams: C:\ProgramData\TEMP:919D5A07 [122]
AlternateDataStreams: C:\ProgramData\TEMP:91DEEE71 [252]
AlternateDataStreams: C:\ProgramData\TEMP:9338F136 [143]
AlternateDataStreams: C:\ProgramData\TEMP:95079543 [234]
AlternateDataStreams: C:\ProgramData\TEMP:95198126 [111]
AlternateDataStreams: C:\ProgramData\TEMP:96AFAB10 [117]
AlternateDataStreams: C:\ProgramData\TEMP:98982C88 [130]
AlternateDataStreams: C:\ProgramData\TEMP:98CD9221 [143]
AlternateDataStreams: C:\ProgramData\TEMP:9A4D81ED [147]
AlternateDataStreams: C:\ProgramData\TEMP:9A7BF72D [256]
AlternateDataStreams: C:\ProgramData\TEMP:9BCE3C0A [130]
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57 [124]
AlternateDataStreams: C:\ProgramData\TEMP:9C732DB0 [149]
AlternateDataStreams: C:\ProgramData\TEMP:9C7A32BB [121]
AlternateDataStreams: C:\ProgramData\TEMP:9CABFF2E [125]
AlternateDataStreams: C:\ProgramData\TEMP:9E5EA7A3 [150]
AlternateDataStreams: C:\ProgramData\TEMP:9E76E7F3 [120]
AlternateDataStreams: C:\ProgramData\TEMP:9EBE8380 [138]
AlternateDataStreams: C:\ProgramData\TEMP:9F38BF31 [124]
AlternateDataStreams: C:\ProgramData\TEMP:9FC58CBB [252]
AlternateDataStreams: C:\ProgramData\TEMP:A02025CE [130]
AlternateDataStreams: C:\ProgramData\TEMP:A103830F [131]
AlternateDataStreams: C:\ProgramData\TEMP:A2D9DC83 [119]
AlternateDataStreams: C:\ProgramData\TEMP:A2FF94DF [126]
AlternateDataStreams: C:\ProgramData\TEMP:A3B8F70C [240]
AlternateDataStreams: C:\ProgramData\TEMP:A3F7C8F8 [149]
AlternateDataStreams: C:\ProgramData\TEMP:A4241298 [264]
AlternateDataStreams: C:\ProgramData\TEMP:A4CDE823 [113]
AlternateDataStreams: C:\ProgramData\TEMP:A4E7D25F [141]
AlternateDataStreams: C:\ProgramData\TEMP:A5584049 [228]
AlternateDataStreams: C:\ProgramData\TEMP:A58B27C9 [143]
AlternateDataStreams: C:\ProgramData\TEMP:A6345BDA [132]
AlternateDataStreams: C:\ProgramData\TEMP:A774141A [470]
AlternateDataStreams: C:\ProgramData\TEMP:A88BE334 [118]
AlternateDataStreams: C:\ProgramData\TEMP:A9562832 [146]
AlternateDataStreams: C:\ProgramData\TEMP:A9F13D2D [119]
AlternateDataStreams: C:\ProgramData\TEMP:AA0BC725 [123]
AlternateDataStreams: C:\ProgramData\TEMP:AEC59117 [124]
AlternateDataStreams: C:\ProgramData\TEMP:AECF4772 [288]
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C [114]
AlternateDataStreams: C:\ProgramData\TEMP:B1381B34 [121]
AlternateDataStreams: C:\ProgramData\TEMP:B1786630 [134]
AlternateDataStreams: C:\ProgramData\TEMP:B21F2857 [125]
AlternateDataStreams: C:\ProgramData\TEMP:B3A5945E [138]
AlternateDataStreams: C:\ProgramData\TEMP:B504E4C2 [244]
AlternateDataStreams: C:\ProgramData\TEMP:B53339FE [280]
AlternateDataStreams: C:\ProgramData\TEMP:B61767F5 [134]
AlternateDataStreams: C:\ProgramData\TEMP:B9A99598 [251]
AlternateDataStreams: C:\ProgramData\TEMP:BACC4A79 [136]
AlternateDataStreams: C:\ProgramData\TEMP:BBC9C1EB [132]
AlternateDataStreams: C:\ProgramData\TEMP:BCF55336 [147]
AlternateDataStreams: C:\ProgramData\TEMP:BE40C8A2 [125]
AlternateDataStreams: C:\ProgramData\TEMP:BEE39E9B [114]
AlternateDataStreams: C:\ProgramData\TEMP:BF6C4AAC [131]
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2 [286]
AlternateDataStreams: C:\ProgramData\TEMP:C0A9D0E7 [105]
AlternateDataStreams: C:\ProgramData\TEMP:C55217E2 [131]
AlternateDataStreams: C:\ProgramData\TEMP:C6275D37 [282]
AlternateDataStreams: C:\ProgramData\TEMP:C64957DF [144]
AlternateDataStreams: C:\ProgramData\TEMP:C82CA1C0 [147]
AlternateDataStreams: C:\ProgramData\TEMP:C9CDDE5E [286]
AlternateDataStreams: C:\ProgramData\TEMP:CF61CE5A [226]
AlternateDataStreams: C:\ProgramData\TEMP:CF82DADF [137]
AlternateDataStreams: C:\ProgramData\TEMP:D03C606E [127]
AlternateDataStreams: C:\ProgramData\TEMP:D1FE35E7 [146]
AlternateDataStreams: C:\ProgramData\TEMP:D2C9E7E6 [154]
AlternateDataStreams: C:\ProgramData\TEMP:D48500F8 [206]
AlternateDataStreams: C:\ProgramData\TEMP:D5E3E8C4 [243]
AlternateDataStreams: C:\ProgramData\TEMP:D6D084A5 [446]
AlternateDataStreams: C:\ProgramData\TEMP:D8A1AC56 [138]
AlternateDataStreams: C:\ProgramData\TEMP:D987CB43 [308]
AlternateDataStreams: C:\ProgramData\TEMP:DB77E2C4 [139]
AlternateDataStreams: C:\ProgramData\TEMP:DC7EDF41 [241]
AlternateDataStreams: C:\ProgramData\TEMP:DC9915D2 [265]
AlternateDataStreams: C:\ProgramData\TEMP:DE47A3DA [119]
AlternateDataStreams: C:\ProgramData\TEMP:DF7A2D3E [242]
AlternateDataStreams: C:\ProgramData\TEMP:E03F9932 [138]
AlternateDataStreams: C:\ProgramData\TEMP:E265ED33 [130]
AlternateDataStreams: C:\ProgramData\TEMP:E271A26A [132]
AlternateDataStreams: C:\ProgramData\TEMP:E32966C0 [105]
AlternateDataStreams: C:\ProgramData\TEMP:E402E439 [510]
AlternateDataStreams: C:\ProgramData\TEMP:E40AB54F [132]
AlternateDataStreams: C:\ProgramData\TEMP:E411AA0D [146]
AlternateDataStreams: C:\ProgramData\TEMP:E446CB48 [126]
AlternateDataStreams: C:\ProgramData\TEMP:E6B95E40 [288]
AlternateDataStreams: C:\ProgramData\TEMP:E6E684D5 [120]
AlternateDataStreams: C:\ProgramData\TEMP:E71BB809 [228]
AlternateDataStreams: C:\ProgramData\TEMP:E87AB4E3 [138]
AlternateDataStreams: C:\ProgramData\TEMP:E9013C62 [123]
AlternateDataStreams: C:\ProgramData\TEMP:E91ADC66 [127]
AlternateDataStreams: C:\ProgramData\TEMP:EA10407C [148]
AlternateDataStreams: C:\ProgramData\TEMP:EA2D3047 [150]
AlternateDataStreams: C:\ProgramData\TEMP:EAF954B6 [262]
AlternateDataStreams: C:\ProgramData\TEMP:EBCF5924 [120]
AlternateDataStreams: C:\ProgramData\TEMP:EC6FC3F6 [132]
AlternateDataStreams: C:\ProgramData\TEMP:ED4272E5 [148]
AlternateDataStreams: C:\ProgramData\TEMP:EF0C5444 [286]
AlternateDataStreams: C:\ProgramData\TEMP:EF123AF6 [129]
AlternateDataStreams: C:\ProgramData\TEMP:EF2442B1 [113]
AlternateDataStreams: C:\ProgramData\TEMP:EF53A5CA [125]
AlternateDataStreams: C:\ProgramData\TEMP:F039D9FE [133]
AlternateDataStreams: C:\ProgramData\TEMP:F08ADFA2 [245]
AlternateDataStreams: C:\ProgramData\TEMP:F135A76C [255]
AlternateDataStreams: C:\ProgramData\TEMP:F68CB1A4 [498]
AlternateDataStreams: C:\ProgramData\TEMP:F83E8359 [308]
AlternateDataStreams: C:\ProgramData\TEMP:F84B8DB5 [232]
AlternateDataStreams: C:\ProgramData\TEMP:F8F070C2 [245]
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80 [140]
AlternateDataStreams: C:\ProgramData\TEMP:FBD274CF [146]
AlternateDataStreams: C:\ProgramData\TEMP:FC70A22A [131]
AlternateDataStreams: C:\ProgramData\TEMP:FCBEDCFD [128]
AlternateDataStreams: C:\ProgramData\TEMP:FE61B3F6 [286]
AlternateDataStreams: C:\ProgramData\TEMP:FFC3922F [253]
AlternateDataStreams: C:\Users\Dominique VEY\Downloads\cacaoweb.exe:BDU [0]
FirewallRules: [{CF829956-C708-4A22-883D-2DCC84612615}] => (Allow) C:\Users\Dominique VEY\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{1DCC4DEB-6E44-403B-8718-D72A807D9C6A}] => (Allow) C:\Users\Dominique VEY\AppData\Local\Akamai\netsession_win.exe
EmptyTemp:
end