otl.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 12/02/2013 22:57:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,73% Memory free
6,19 Gb Paging File | 4,17 Gb Available in Paging File | 67,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172,79 Gb Total Space | 22,69 Gb Free Space | 13,13% Space Free | Partition Type: NTFS

Computer Name: PC-DE-USER | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\user\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SMSNotifier.exe ()
PRC - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\BusinessEverywhere.exe ()
PRC - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\BEWConfigSrv.exe ()
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SMSNotifier.exe ()
MOD - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\BusinessEverywhere.exe ()
MOD - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\ProxyDetection.dll ()
MOD - C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\GIS.dll ()
MOD - C:\Program Files\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll ()
MOD - C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files\Logitech\Vid HD\phonon4.dll ()
MOD - C:\PROGRA~1\IZArc\IZArcCM.dll ()

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BEWConfigSrv) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\BEWConfigSrv.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UMVPFSrv) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MpKsl17787c54) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A6EF901A-EA1B-47F1-AFE3-567DA06A7C9F}\MpKsl17787c54.sys (Microsoft Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (RapportCerberus_43926) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys ()
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (RapportIaso) -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (hpdskflt) -- C:\Windows\System32\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (NETwNv32) -- C:\Windows\System32\drivers\NETwNv32.sys (Intel Corporation)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 4D 7D BD E9 A6 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb185/?loc=IB_DS&a=6Oz1GdxmXP&&i=26&search="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\user\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/26 22:19:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/12 20:50:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/26 22:19:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/12 20:50:18 | 000,000,000 | ---D | M]

[2011/02/04 19:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2013/02/09 06:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\3dgv7qtg.default\extensions
[2012/10/26 22:17:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/11/17 20:57:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/02/05 12:02:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/26 22:19:38 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/06 02:54:26 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/09/06 02:54:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/06 02:54:27 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/09/06 02:54:26 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/09/06 02:54:26 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/09/06 02:54:27 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.google.com
CHR - default_search_provider: MyStart Search ()
CHR - default_search_provider: search_url = http://mystart.incredibar.com/mb185/?loc=IB_DS&search={searchTerms}&a=6Oz1GdxmXP&i=26
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Skype Click to Call = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/07/09 09:56:07 | 000,435,677 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14995 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Start_BusinessEverywhere_{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}] C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\BusinessEverywhere.exe ()
O4 - HKLM..\Run: [Start_SMSNotifier_{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}] C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SMSNotifier.exe ()
O4 - HKLM..\Run: [Start_Update_{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}] C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\UpdteApp.exe ()
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_0_5.cab ("Ma-Config.com control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B82F1EC8-3F30-4315-99BD-3AC63DE939D0}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{fee9c27b-a625-11e0-9579-001e688b7312}\Shell - "" = AutoRun
O33 - MountPoints2\{fee9c27b-a625-11e0-9579-001e688b7312}\Shell\AutoRun\command - "" = F:\AutoRunCardDetector.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/02/10 21:36:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/02/10 21:22:28 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013/02/10 21:22:25 | 000,029,984 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2013/02/10 21:20:32 | 000,032,032 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013/02/10 21:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013/02/10 21:20:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2013/02/10 21:19:49 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2013/02/10 21:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/02/10 21:17:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/02/10 21:17:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/02/10 16:09:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6F3193BC-2016-4AF4-A2B9-874AB904480D}
[2013/02/10 15:59:06 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/02/10 13:52:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7A589049-1C86-4668-BB48-506DCD7D4E80}
[2013/02/10 11:55:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3157FD9A-1900-45CA-A742-A64BE4787B7B}
[2013/02/09 13:59:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C6CC21F5-93DF-4168-AF61-C9D36B7D4BB2}
[2013/02/09 12:51:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9471237D-5F18-4355-8FD0-108DF0F7A58E}
[2013/02/09 12:09:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ACE2EA05-302E-48AE-9C0B-034FA3EB74BA}
[2013/02/08 22:25:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C2ADBE96-66B2-42B0-9A57-A4BE07FB7748}
[2013/02/08 20:50:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A4C83AD2-8D2F-41C9-BE92-472BBD5FDDA1}
[2013/01/30 16:12:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D6D5E528-A63C-4972-A724-A6121011495A}
[2013/01/29 19:43:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D06F9274-D999-4B31-B4C5-EBE839E575A4}
[2013/01/29 12:12:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C8654046-0515-4F03-9686-D3B99BE01F6D}
[2013/01/28 21:38:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013/01/28 21:38:35 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2013/01/28 21:38:35 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2013/01/28 21:38:33 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2013/01/28 21:38:33 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6FR.DLL
[2013/01/28 21:38:33 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL
[2013/01/28 21:38:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2013/01/28 21:29:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{233C39B7-B905-40E4-81FA-8AD84E8B3786}
[2013/01/28 21:13:44 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2013/01/28 21:13:44 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013/01/28 21:13:44 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013/01/28 21:13:44 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013/01/28 21:13:44 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2013/01/28 09:29:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BBAF2997-BEB1-4E1F-A35F-983C4EDD60D2}
[2013/01/27 18:10:35 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{22182EE0-15DF-4448-B66F-EB289FC4E9B8}
[2013/01/26 19:00:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{73B50CB6-FF72-4614-8A81-58DF25AF4D42}
[2013/01/21 19:05:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{88D681E9-BC55-47AB-9DB7-83A6452AFEC9}
[2013/01/21 11:48:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1AA4DF04-0AE1-4365-A0F8-545B32095EF4}
[2013/01/20 17:28:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5F09A409-8CD8-4B20-AFEE-A41FCA77B24E}
[2013/01/20 10:00:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{83E720F7-F01F-4FA3-A64D-1AD41A004862}
[2013/01/19 17:50:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{86192900-29F8-45D9-9860-DF44045B8757}
[2013/01/19 12:43:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{762AB4F6-539F-4BFA-BB26-3B9A05E693F3}
[2013/01/18 17:57:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{74ED3E77-1EBE-4DF0-BBF5-BDC2516EE040}
[2013/01/18 12:34:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D9C35E72-AED2-4B3F-857E-2D000747B74A}
[2013/01/17 18:36:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{731CB330-16B8-48DD-805C-0301B5075780}
[2013/01/16 19:25:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2D258B6B-7AD5-4881-804B-E569567167D4}
[2013/01/14 19:15:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{60097EBF-2214-4770-9013-39376E49537D}

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/02/12 23:02:10 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/12 23:00:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/02/12 22:53:05 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/12 22:53:05 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/12 22:53:02 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-992442381-4062335603-902632848-1000UA.job
[2013/02/12 22:50:15 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/12 22:37:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/12 18:59:23 | 000,679,292 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/02/12 18:59:23 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/12 18:59:23 | 000,126,876 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/02/12 18:59:23 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/12 18:53:22 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/10 21:20:29 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2013/02/10 21:20:29 | 000,001,865 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013/02/10 21:20:27 | 000,001,889 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2013.lnk
[2013/02/10 16:46:13 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/02/10 12:53:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-992442381-4062335603-902632848-1000Core.job
[2013/02/09 22:57:14 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/02/09 22:57:13 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/09 12:06:00 | 000,250,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/31 10:52:14 | 000,032,032 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2013/01/31 10:52:10 | 000,029,984 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2013/01/31 10:52:10 | 000,021,792 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2013/01/30 11:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/02/12 23:00:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/02/10 21:20:29 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2013/02/10 21:20:29 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013/02/10 21:20:27 | 000,001,889 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\TuneUp Utilities 2013.lnk
[2013/02/10 21:20:27 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013/02/09 12:05:38 | 000,250,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/28 21:38:35 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012/11/28 21:23:27 | 010,668,037 | ---- | C] () -- C:\Users\user\AppData\Local\SelfExtractible.zip
[2012/07/29 21:29:10 | 000,006,401 | ---- | C] () -- C:\Users\user\.recently-used.xbel
[2012/05/05 14:55:36 | 000,000,061 | -H-- | C] () -- C:\Windows\winshell.dat
[2012/03/05 21:46:31 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2012/01/18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/11/17 02:40:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/08/12 11:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/28 08:18:00 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{F0976F91-F0FF-4752-96B5-5618A48D5467}
[2011/07/09 08:46:47 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0D2A40FC-B386-4B87-A1BE-4109F1145218}
[2011/07/09 08:27:13 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{EF38AA0C-BD13-47E5-B75B-43963EF29606}
[2011/06/25 07:33:31 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/04/02 22:24:28 | 000,000,012 | ---- | C] () -- C:\Users\user\intlname.ols
[2011/02/05 11:27:07 | 000,034,304 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/03 14:47:54 | 000,001,356 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2011/07/09 14:55:32 | 000,118,784 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\iepeers.dll

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2011/04/16 07:28:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Adobe
[2011/02/07 11:20:54 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Apple Computer
[2011/02/05 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CyberLink
[2012/07/05 21:52:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\gtk-2.0
[2013/02/10 21:27:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\hpqLog
[2011/02/03 14:47:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Identities
[2011/02/03 14:54:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InstallShield
[2011/02/03 15:58:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Intel
[2012/09/03 18:42:28 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2011/02/03 15:22:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Macromedia
[2011/06/24 22:32:51 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Center Programs
[2012/09/03 18:42:27 | 000,000,000 | --SD | M] -- C:\Users\user\AppData\Roaming\Microsoft
[2013/02/08 21:54:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Mozilla
[2011/04/14 12:07:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OfferBox
[2011/11/22 19:41:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Orange
[2012/10/14 18:55:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Real
[2012/10/14 11:29:04 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\RealNetworks
[2013/02/12 22:53:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Skype
[2011/07/04 11:26:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\skypePM
[2012/10/22 11:06:37 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TeamViewer
[2013/02/10 21:20:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2012/08/18 13:13:37 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\vlc
[2011/12/08 20:49:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinRAR

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2012/09/03 18:42:28 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2011/02/03 14:48:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011/02/13 00:23:27 | 000,000,000 | ---D | M] -- C:\0e01d83d715d4e9e65c596059755f6
[2011/02/18 12:53:48 | 000,000,000 | -HSD | M] -- C:\Boot
[2013/02/10 21:44:22 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011/02/04 19:34:11 | 000,000,000 | ---D | M] -- C:\logiciels telechargés Lucile
[2011/02/13 19:42:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011/02/11 11:43:21 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013/02/10 21:36:52 | 000,000,000 | R--D | M] -- C:\Program Files
[2013/02/10 21:19:19 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012/06/28 19:30:07 | 000,000,000 | ---D | M] -- C:\swsetup
[2013/02/12 23:00:19 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/02/07 09:07:07 | 000,000,000 | R--D | M] -- C:\Users
[2013/02/10 21:22:59 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %systemdrive%\*.exe >[/color]

[color=#A23BEC]< %programfiles%\*. >[/color]
[2012/09/12 20:28:30 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2013/01/13 10:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/07/10 00:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2011/06/17 12:58:38 | 000,000,000 | ---D | M] -- C:\Program Files\AVIcodec
[2011/02/05 22:24:16 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/02/04 11:45:33 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2012/05/01 18:01:55 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/02/03 15:57:10 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco
[2012/10/14 18:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2012/03/05 21:42:16 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2012/08/30 17:14:22 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2012/05/05 15:02:59 | 000,000,000 | ---D | M] -- C:\Program Files\Dachshund Software
[2011/02/03 14:46:14 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2011/02/12 22:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2011/02/05 18:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/02/04 13:47:57 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2011/02/11 13:52:51 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2012/08/30 17:19:07 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/02/10 17:18:10 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/12/14 12:44:34 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/02/07 14:35:41 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/02/07 14:36:13 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/02/20 09:23:24 | 000,000,000 | ---D | M] -- C:\Program Files\IZArc
[2011/02/03 16:52:03 | 000,000,000 | ---D | M] -- C:\Program Files\JMicron
[2012/09/03 18:43:54 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011/02/03 14:59:43 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com
[2012/10/21 08:41:04 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/04 13:53:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/06/30 07:47:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/10/02 22:30:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2012/05/17 13:53:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2011/02/13 19:44:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/02/17 23:21:12 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2013/02/10 21:33:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/10/27 19:00:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/02/03 16:05:29 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2012/11/28 21:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\Orange
[2013/01/28 21:38:48 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2011/02/05 22:41:11 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2012/10/14 18:52:02 | 000,000,000 | ---D | M] -- C:\Program Files\Radio Fr Solo
[2012/10/14 18:54:49 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2011/02/03 16:50:56 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/07/25 11:35:17 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011/02/09 20:11:29 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2011/02/05 14:34:59 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2012/07/25 12:46:42 | 000,000,000 | ---D | M] -- C:\Program Files\Trusteer
[2013/02/10 21:22:11 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2013
[2006/11/02 14:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/04/10 08:44:20 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/02/17 23:21:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2011/02/17 23:21:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011/02/17 23:21:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/05/12 18:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2012/04/11 23:47:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/02/17 23:21:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/02/03 14:46:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/02/17 23:21:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011/02/18 19:22:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/07/10 00:10:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/02/12 22:39:04 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/05 12:03:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2011/02/05 12:03:19 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2011/02/05 09:33:31 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2011/02/05 10:17:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2011/02/05 10:17:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2011/02/05 12:03:19 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/09/29 18:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

Signaler le contenu de ce document