cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 08/03/2015 22:34:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UTILISATEUR\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 75,53% Memory free
5,99 Gb Paging File | 4,74 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,54 Gb Total Space | 589,85 Gb Free Space | 84,44% Space Free | Partition Type: NTFS

Computer Name: STATION-PC | User Name: UTILISATEUR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/03/08 22:32:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\UTILISATEUR\Downloads\OTL.exe
PRC - [2015/01/27 10:48:21 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/12/12 18:21:24 | 005,489,944 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/11/20 18:58:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/20 18:58:01 | 003,192,344 | ---- | M] (Avast Software) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
PRC - [2014/10/15 16:26:12 | 002,117,448 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
PRC - [2014/07/09 22:10:35 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
PRC - [2014/07/09 22:10:35 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
PRC - [2014/05/23 18:14:58 | 000,899,400 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
PRC - [2014/03/19 15:20:14 | 001,696,976 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2014/03/19 15:20:14 | 001,106,128 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2013/01/18 15:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2013/01/18 15:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/05/12 13:23:38 | 000,512,000 | ---- | M] () -- C:\Program Files\Froyo_Android_Driver\Bin\MonServiceUDisk.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/05/20 15:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/07/14 02:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationHost.exe
PRC - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014/12/12 23:25:02 | 000,061,440 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1036.dll
MOD - [2014/11/20 18:58:08 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/07/09 22:10:36 | 000,268,712 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImLookExU.dll
MOD - [2014/07/09 22:10:36 | 000,108,888 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\PMC.dll
MOD - [2014/07/09 22:10:36 | 000,072,104 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\wlessfp1.dll
MOD - [2014/07/09 22:10:36 | 000,033,128 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
MOD - [2014/07/09 22:10:35 | 000,133,544 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll
MOD - [2014/07/09 22:10:35 | 000,080,296 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImAppRU.dll
MOD - [2014/05/23 18:15:18 | 000,178,504 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\USBDetector.dll
MOD - [2014/05/23 18:15:16 | 000,034,632 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\ticket.dll
MOD - [2014/05/23 18:15:14 | 000,149,832 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
MOD - [2014/05/23 18:15:12 | 000,015,176 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
MOD - [2014/05/23 18:15:10 | 000,024,904 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
MOD - [2014/05/23 18:15:10 | 000,016,200 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskPower.dll
MOD - [2014/05/23 18:15:08 | 000,040,264 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
MOD - [2014/05/23 18:15:08 | 000,017,224 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
MOD - [2014/05/23 18:15:06 | 000,239,944 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\Fskin.dll
MOD - [2014/05/23 18:15:06 | 000,026,952 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
MOD - [2014/05/23 18:15:04 | 000,125,256 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
MOD - [2014/05/23 18:15:02 | 000,092,488 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\ebookUsb.dll
MOD - [2014/05/23 18:15:00 | 000,018,760 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
MOD - [2014/05/23 18:13:56 | 000,880,640 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\fsk.dll
MOD - [2014/04/25 21:27:44 | 000,798,720 | ---- | M] () -- C:\Program Files\Sony\ReaderDesktop\appHelper\FskSecurity.dll
MOD - [2014/04/23 15:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015/03/06 11:03:34 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/02/05 20:36:03 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/01/12 02:55:46 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/12/03 07:31:16 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/11/20 18:58:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/11/20 18:58:01 | 003,192,344 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014/10/15 16:26:12 | 002,117,448 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV - [2014/04/25 21:28:36 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2013/10/23 08:15:08 | 000,172,192 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/25 23:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/05 16:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/05/12 13:23:38 | 000,512,000 | ---- | M] () [Auto | Running] -- C:\Program Files\Froyo_Android_Driver\Bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2010/11/25 10:43:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\CDriver.sys -- (MSICDSetup)
DRV - [2014/11/22 11:22:50 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/11/20 18:58:25 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/11/20 18:58:09 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/11/20 18:58:09 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/11/20 18:58:09 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/11/20 18:58:09 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/11/20 18:58:09 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/11/20 18:58:09 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/11/20 18:58:01 | 000,218,192 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2014/04/04 12:07:08 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2014/04/04 12:07:08 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2014/03/19 15:27:42 | 000,065,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2014/02/24 17:33:46 | 000,016,160 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\ma-config_x86.sys -- (ma-config_x86)
DRV - [2013/03/07 00:33:22 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/02/25 23:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/08/24 08:02:22 | 000,106,496 | ---- | M] (Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT_U_USBSER.sys -- (Generalusbserialser20675)
DRV - [2011/05/13 02:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 02:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 02:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/05/13 02:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 02:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/03/07 14:18:42 | 000,010,828 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbkey.sys -- (USBKey)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/24 18:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 18:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/05/20 15:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2009/09/19 04:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009/09/19 04:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009/09/19 04:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009/09/19 04:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009/04/29 15:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com?fr=hp-avast&type=avastbcl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 22 86 B4 33 8A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = https://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{BD27C7EB-D947-4219-8C77-95AD1D67971E}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7GGHP_fr
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search/?trackid=sp-006"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.fr,DuckDuckGo,eBay France,explorary,Portail Lexical - CNRTL"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: "Google (avast)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.sfr.fr/sfr-et-moi.html"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.1
FF - prefs.js..keyword.URL: "https://www.google.com/search/?trackid=sp-006"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=11: C:\Program Files\Google\Google Updater\2.1.850.19570\npCIDetect11.dll (Google)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/28 13:49:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/04/17 19:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UTILISATEUR\AppData\Roaming\mozilla\Extensions
[2015/03/05 11:06:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UTILISATEUR\AppData\Roaming\mozilla\Firefox\Profiles\egkwyvi4.default-1403450859523\extensions
[2014/08/03 15:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UTILISATEUR\AppData\Roaming\mozilla\Firefox\Profilesegkwyvi4.default-1403450859523\extensions
[2014/08/03 15:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UTILISATEUR\AppData\Roaming\mozilla\Firefox\Profilesegkwyvi4.default-1403450859523\extensions\staged
[2015/01/18 12:06:16 | 000,002,428 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\mozilla\firefox\profiles\egkwyvi4.default-1403450859523\searchplugins\google-avast.xml
[2015/03/06 11:03:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/03/06 11:03:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39ECA7FA-0485-4803-B73E-9EA498C4D381}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d41f0a63-d8e8-11e3-b1b2-6c626d6ee1ee}\Shell - "" = AutoRun
O33 - MountPoints2\{d41f0a63-d8e8-11e3-b1b2-6c626d6ee1ee}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe - (McAfee, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe - (Google)
MsConfig - StartUpFolder: C:^Users^UTILISATEUR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Enregistrement du produit.lnk - C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech)
MsConfig - StartUpFolder: C:^Users^UTILISATEUR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk - - File not found
MsConfig - StartUpFolder: C:^Users^UTILISATEUR^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - - File not found
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: [b]CanonMyPrinter[/b] - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: [b]CanonSolutionMenu[/b] - hkey= - key= - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: [b]CCleaner Monitoring[/b] - hkey= - key= - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
MsConfig - StartUpReg: [b]Corel File Shell Monitor[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Corel Photo Downloader[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: [b]IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: [b]LifeCam[/b] - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]NBKeyScan[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]Reader Application Helper[/b] - hkey= - key= - C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation)
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]SFR Mediacenter[/b] - hkey= - key= - C:\Program Files\SFR\Mediacenter Evolution\MediaCenter.exe (SFR)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]Sony PC Companion[/b] - hkey= - key= - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
MsConfig - StartUpReg: [b]Standby[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]VX1000[/b] - hkey= - key= - C:\Windows\vVX1000.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/03/06 11:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/03/04 20:54:09 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/03/04 10:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015/03/03 20:45:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll
[2015/03/03 20:45:03 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll
[2015/03/03 19:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2015/03/03 19:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2015/03/03 19:21:25 | 000,000,000 | ---D | C] -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP
[2015/03/03 19:10:27 | 006,876,249 | ---- | C] (Nicolas Coolman ) -- C:\Users\UTILISATEUR\Desktop\ZHPDiag2.exe
[2015/03/01 15:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\0780f478-67ce-4ec3-98db-39a65f4618ce
[2015/02/19 19:07:16 | 000,000,000 | ---D | C] -- C:\Users\UTILISATEUR\Desktop\photos gaec
[2015/02/12 13:46:16 | 004,300,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/02/12 13:46:16 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015/02/11 10:57:43 | 002,380,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/02/11 10:57:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/02/11 10:57:36 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/02/11 10:57:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/02/11 10:57:36 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/02/11 10:57:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/02/11 10:57:07 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/02/11 10:57:07 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/02/11 10:56:57 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2015/02/11 10:56:55 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015/02/11 10:56:55 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015/02/11 10:56:55 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015/02/11 10:56:54 | 001,167,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2015/02/11 10:56:54 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015/02/11 10:56:54 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015/02/11 10:56:54 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015/02/11 10:56:53 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015/02/11 10:56:51 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/02/11 10:56:45 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015/02/11 10:56:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015/02/11 10:56:45 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015/02/11 10:56:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015/02/11 10:56:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015/02/11 10:56:44 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2015/02/11 10:56:44 | 000,342,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015/02/11 10:56:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/02/11 10:56:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/02/11 10:56:43 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/02/11 10:56:43 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015/02/11 10:56:43 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/02/11 10:56:43 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/02/11 10:56:42 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/02/11 10:56:42 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015/02/11 10:56:42 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015/02/11 10:56:41 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/02/11 10:56:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2015/02/11 10:56:40 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/02/11 10:56:38 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2015/02/11 10:56:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[11 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/03/08 22:38:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/03/08 22:36:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/03/08 22:19:19 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/08 22:18:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/08 16:17:35 | 000,747,660 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/03/08 16:17:35 | 000,654,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/03/08 16:17:35 | 000,150,184 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/03/08 16:17:35 | 000,122,142 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/03/08 16:14:14 | 007,573,504 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\money.mny
[2015/03/08 14:56:43 | 000,430,080 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal de fin.pub
[2015/03/08 14:21:07 | 068,498,432 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\photos annexe 2.pub
[2015/03/08 14:15:42 | 138,101,760 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\photos annexe3.pub
[2015/03/08 13:19:43 | 062,824,448 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\annexe photo 1.pub
[2015/03/08 12:12:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/03/08 09:52:48 | 000,023,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/08 09:52:48 | 000,023,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/08 09:48:08 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2015/03/08 09:44:53 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/07 19:21:42 | 022,848,512 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 6.pub
[2015/03/07 19:14:22 | 034,264,064 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\Journal 5.pub
[2015/03/07 19:04:29 | 045,675,008 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 4.pub
[2015/03/07 18:52:01 | 057,088,512 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 3.pub
[2015/03/07 18:39:12 | 034,259,968 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 2.pub
[2015/03/07 18:27:21 | 022,850,560 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 1.pub
[2015/03/07 17:48:04 | 004,418,685 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\fiche activité empotage de géranium.odt
[2015/03/07 17:28:55 | 011,922,432 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\paillage.pub
[2015/03/07 17:28:35 | 011,437,056 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\Fiche activités 3.pub
[2015/03/07 16:27:12 | 063,354,880 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 7.pub
[2015/03/07 16:12:38 | 011,520,512 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\PAGE ACCUEIL.pub
[2015/03/07 14:28:39 | 068,496,384 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\paillage3.pub
[2015/03/05 19:09:56 | 081,036,800 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\journal 8.pub
[2015/03/05 11:05:24 | 000,000,838 | ---- | M] () -- C:\Users\UTILISATEUR\Desktop\ZHPCleaner.lnk
[2015/03/03 19:25:29 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/03/03 19:23:42 | 000,001,893 | ---- | M] () -- C:\Users\UTILISATEUR\Desktop\ZHPFix.lnk
[2015/03/03 19:23:42 | 000,001,766 | ---- | M] () -- C:\Users\UTILISATEUR\Desktop\ZHPDiag.lnk
[2015/03/03 19:11:24 | 006,876,249 | ---- | M] (Nicolas Coolman ) -- C:\Users\UTILISATEUR\Desktop\ZHPDiag2.exe
[2015/03/02 18:07:57 | 000,026,112 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\stage urou2.pub
[2015/03/02 16:40:43 | 000,000,182 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\default.rss
[2015/03/02 15:26:51 | 000,021,504 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\index présentation.pub
[2015/03/01 16:42:03 | 000,000,046 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\WB.CFG
[2015/03/01 12:24:03 | 000,049,664 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/02/26 17:19:23 | 002,521,600 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\stage fiche urou.pub
[2015/02/24 03:23:36 | 000,246,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2015/02/24 00:00:28 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-STATION-PC_UTILISATEUR.job
[2015/02/22 11:10:46 | 000,019,023 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\Fiche structure rapport de stage.odt
[2015/02/22 11:10:38 | 000,014,612 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\fiche structure 2.odt
[2015/02/15 10:34:33 | 000,012,876 | ---- | M] () -- C:\Users\UTILISATEUR\Documents\questions stage.odt
[2015/02/12 13:39:25 | 000,416,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[11 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/03/08 22:36:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/03/08 14:51:34 | 000,430,080 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal de fin.pub
[2015/03/07 19:49:46 | 138,101,760 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\photos annexe3.pub
[2015/03/07 19:40:57 | 068,498,432 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\photos annexe 2.pub
[2015/03/07 11:47:41 | 068,496,384 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\paillage3.pub
[2015/03/07 10:05:46 | 011,437,056 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\Fiche activités 3.pub
[2015/03/05 11:05:24 | 000,000,838 | ---- | C] () -- C:\Users\UTILISATEUR\Desktop\ZHPCleaner.lnk
[2015/03/04 10:52:49 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/03/03 19:25:29 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2015/03/03 19:23:42 | 000,001,893 | ---- | C] () -- C:\Users\UTILISATEUR\Desktop\ZHPFix.lnk
[2015/03/03 19:21:27 | 000,001,766 | ---- | C] () -- C:\Users\UTILISATEUR\Desktop\ZHPDiag.lnk
[2015/03/03 14:18:00 | 011,922,432 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\paillage.pub
[2015/03/02 18:30:35 | 081,036,800 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 8.pub
[2015/03/02 18:30:10 | 063,354,880 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 7.pub
[2015/03/02 18:28:54 | 022,848,512 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 6.pub
[2015/03/02 18:13:42 | 062,824,448 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\annexe photo 1.pub
[2015/03/01 21:49:37 | 000,021,504 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\index présentation.pub
[2015/03/01 21:17:44 | 011,520,512 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\PAGE ACCUEIL.pub
[2015/03/01 16:42:03 | 000,000,046 | ---- | C] () -- C:\Users\UTILISATEUR\AppData\Roaming\WB.CFG
[2015/03/01 15:46:09 | 004,418,685 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\fiche activité empotage de géranium.odt
[2015/02/27 18:58:04 | 034,264,064 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\Journal 5.pub
[2015/02/27 10:24:41 | 000,026,112 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\stage urou2.pub
[2015/02/26 17:50:06 | 045,675,008 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 4.pub
[2015/02/25 18:18:27 | 002,521,600 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\stage fiche urou.pub
[2015/02/22 13:22:15 | 057,088,512 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 3.pub
[2015/02/22 13:21:40 | 034,259,968 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 2.pub
[2015/02/22 11:10:36 | 000,014,612 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\fiche structure 2.odt
[2015/02/21 11:21:22 | 000,019,023 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\Fiche structure rapport de stage.odt
[2015/02/15 10:34:31 | 000,012,876 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\questions stage.odt
[2015/02/14 11:44:28 | 022,850,560 | ---- | C] () -- C:\Users\UTILISATEUR\Documents\journal 1.pub
[2015/01/17 13:34:56 | 000,004,937 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2015/01/17 11:30:16 | 000,032,832 | ---- | C] () -- C:\Windows\System32\rnd_chunk.bin
[2014/05/16 09:08:43 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2013/11/17 10:26:45 | 000,000,066 | ---- | C] () -- C:\Windows\Cascade.ini
[2013/11/17 10:26:00 | 000,682,266 | ---- | C] () -- C:\Windows\unins000.exe
[2013/11/17 10:26:00 | 000,003,079 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/13 15:20:36 | 000,000,339 | ---- | C] () -- C:\Windows\Flash.ini
[2012/03/15 09:39:59 | 000,000,000 | ---- | C] () -- C:\Users\UTILISATEUR\AppData\Roaming\bibstats
[2012/03/05 10:19:41 | 000,000,182 | ---- | C] () -- C:\Users\UTILISATEUR\AppData\Roaming\default.rss
[2010/12/02 15:14:30 | 000,000,088 | RHS- | C] () -- C:\ProgramData\16E006BA61.sys
[2010/12/02 15:14:29 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/11/26 13:15:00 | 000,049,664 | ---- | C] () -- C:\Users\UTILISATEUR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/22 11:41:48 | 000,001,024 | ---- | C] () -- C:\Users\UTILISATEUR\.rnd

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012/04/18 12:50:50 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Adobe
[2012/12/15 11:55:44 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Alzaku
[2012/03/05 10:38:23 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\AnvSoft
[2011/10/15 17:17:10 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Apple Computer
[2012/03/10 19:21:25 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Artweaver Free
[2013/04/01 14:45:29 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Artweaver Plus
[2013/11/19 19:08:50 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\AVAST Software
[2014/06/08 10:10:25 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\AVS4YOU
[2010/12/24 17:41:04 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Canon
[2015/01/17 13:33:44 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Carambis
[2011/11/06 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/12/02 15:39:18 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Corel
[2012/03/05 11:04:09 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\DivX
[2012/06/25 21:58:52 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Etliba
[2010/12/01 23:31:27 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Google
[2010/11/22 11:05:42 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Identities
[2012/08/27 20:04:46 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\KoffeeWare
[2010/12/01 12:10:43 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Leadertech
[2010/12/01 12:09:32 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Logishrd
[2010/12/01 12:10:51 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Logitech
[2010/11/26 13:38:13 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Macromedia
[2014/01/12 22:41:42 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Malwarebytes
[2009/07/14 10:00:22 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Media Center Programs
[2015/01/09 17:12:46 | 000,000,000 | --SD | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft
[2011/02/09 16:03:39 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft Web Folders
[2014/04/17 19:48:31 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Mozilla
[2010/12/13 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Nero
[2013/02/16 15:07:40 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\NVIDIA
[2014/11/16 12:10:55 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\OpenOffice
[2010/11/26 23:01:04 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\OpenOffice.org
[2012/08/05 22:20:30 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\SFR
[2013/06/21 17:17:51 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Skype
[2012/02/24 13:58:17 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\skypePM
[2013/12/25 17:03:24 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Sony Corporation
[2014/08/22 09:57:56 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\TeamViewer
[2011/04/13 22:08:07 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Todae
[2014/06/08 10:20:19 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\vlc
[2010/11/26 14:45:17 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Windows Live Writer
[2010/11/26 14:51:40 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\WinRAR
[2011/04/30 21:33:30 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\Yahoo!
[2015/03/05 11:12:51 | 000,000,000 | ---D | M] -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2014/04/02 09:22:28 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\UTILISATEUR\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011/01/10 17:31:59 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2014/02/08 13:24:47 | 000,071,894 | R--- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2013/12/25 17:02:26 | 000,071,894 | R--- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Installer\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}\GPUploader.exe
[2013/12/26 14:03:52 | 000,071,894 | R--- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2010/11/26 22:58:32 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2010/11/26 22:58:32 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2015/03/05 11:05:05 | 001,733,120 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\ZHPCleaner.exe
[2013/12/25 11:18:25 | 005,341,472 | ---- | M] (Dll-Files.com ) -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\dffsetup-d3dx9_43.exe
[2015/01/17 13:59:40 | 008,028,864 | ---- | M] (Driver-Soft Inc. ) -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\Driver_Genius_Professional_FR.exe
[2013/12/25 11:10:37 | 005,248,216 | ---- | M] (ParetoLogic Inc.) -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\ParetoLogic PC Health Advisor_fr.exe
[2015/03/01 07:34:18 | 000,581,368 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\plugincontainer.exe
[2014/07/03 16:38:56 | 000,360,832 | ---- | M] (Softonic) -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\SoftonicDownloader_pour_gta-iv-san-andreas.exe
[2014/08/03 15:28:59 | 000,366,960 | ---- | M] (Softonic) -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\SoftonicDownloader_pour_undercoverxp.exe
[2015/03/01 04:34:20 | 000,468,728 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\plugins\3\Plugin.exe
[2015/03/01 05:34:14 | 000,520,440 | ---- | M] () -- C:\Users\UTILISATEUR\AppData\Roaming\ZHP\Quarantine\plugins\5\Plugin.exe

[color=#A23BEC]< %temp%\*.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[11 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\consrv.dll >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %windir%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2014/07/16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >[/color]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet \Services\lanmanserver\parameters /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\AppCertDlls /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >[/color]
"ProfilesDirectory" = %SystemDrive%\Users -- [2013/12/15 14:06:14 | 000,000,000 | R--D | M]
"Default" = %SystemDrive%\Users\Default -- [2010/11/22 11:05:26 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2009/07/14 10:00:22 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2015/03/05 11:07:43 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2014/05/17 19:34:44 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2015/01/09 18:48:51 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2015/01/09 18:48:51 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2291773608-22218391-2407742491-1000]
"ProfileImagePath" = C:\Users\UTILISATEUR -- [2014/05/21 13:32:20 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 256
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 A8 B0 99 88 97 06 53 01 1B 3C 83 8F E8 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 1
"RunLogonScriptSync" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2291773608-22218391-2407742491-1001]
"ProfileImagePath" = C:\Users\quentin -- [2011/06/13 08:49:32 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 A8 B0 99 88 97 06 53 01 1B 3C 83 8F E9 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 0
"RunLogonScriptSync" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2291773608-22218391-2407742491-1002]
"ProfileImagePath" = C:\Users\UpdatusUser -- [2013/05/14 08:25:39 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 A8 B0 99 88 97 06 53 01 1B 3C 83 8F EA 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 1

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >[/color]
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

[color=#A23BEC]< nslookup http://www.google.fr /c >[/color]
Serveur : box
Address: 192.168.1.1

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/01/14 06:09:46 | 000,815,288 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/03/06 11:03:33 | 000,924,136 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/03/06 11:03:35 | 000,376,944 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2015/01/12 02:23:27 | 000,684,544 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015/01/14 06:09:46 | 000,815,288 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 143 bytes -> C:\Users\UTILISATEUR\AppData\Roaming\default.rss:OECustomProperty
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:661DFA1C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

Publicité


Signaler le contenu de ce document

Publicité