cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 20/05/2015 15:45:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1014,42 Mb Total Physical Memory | 280,69 Mb Available Physical Memory | 27,67% Memory free
2,38 Gb Paging File | 1,42 Gb Available in Paging File | 59,66% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78,13 Gb Total Space | 14,58 Gb Free Space | 18,66% Space Free | Partition Type: NTFS

Computer Name: HP-AE51A72CA730 | User Name: Administrateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/05/20 15:39:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
PRC - [2015/05/19 10:32:07 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/05/04 16:39:00 | 000,931,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\Install\{9E112126-E648-4135-BAF1-F31F22100964}\GoogleUpdateSetup.exe
PRC - [2015/05/04 16:39:00 | 000,931,408 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\Install\{7493AE3B-60D2-4E1A-92FF-CA2584E5D05B}\GoogleUpdateSetup.exe
PRC - [2014/12/10 13:34:46 | 001,627,920 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe
PRC - [2014/11/12 16:12:20 | 000,990,584 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2014/04/09 13:13:04 | 000,279,456 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
PRC - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
PRC - [2011/04/08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2011/02/24 10:15:37 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2009/10/15 10:39:12 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
PRC - [2009/05/07 21:05:44 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2009/04/27 20:41:58 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009/01/20 12:00:00 | 000,525,664 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/01/13 13:22:24 | 000,032,768 | ---- | M] (sunugraf) -- C:\Program Files\sunugraf\sunuradiotv\iconebarre.exe
PRC - [2008/11/27 09:39:29 | 000,184,577 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe
PRC - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/24 10:11:44 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/24 10:11:42 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/07/18 09:51:07 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/07/18 09:51:07 | 000,053,505 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe
PRC - [2008/04/14 02:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/04/16 15:54:41 | 016,863,920 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
MOD - [2014/06/25 15:16:46 | 001,711,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\aa86b1a0c9a5bd2a973bef106c0461f9\Microsoft.VisualBasic.ni.dll
MOD - [2014/06/25 15:12:21 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014/06/25 15:03:19 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014/06/25 15:02:51 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014/06/25 15:00:47 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014/06/25 15:00:28 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2010/03/21 18:19:50 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/04/14 02:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/01/22 19:28:02 | 000,339,968 | ---- | M] () -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll
MOD - [2002/01/11 14:59:06 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2001/10/28 17:43:08 | 000,116,736 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2001/10/28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2015/05/19 10:32:00 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/04/16 15:54:44 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/02/18 19:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/11/12 16:12:20 | 000,990,584 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/04/09 13:12:50 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/24 10:11:44 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/24 10:11:42 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/09/29 12:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009/05/29 09:38:47 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/29 09:38:37 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/29 09:38:35 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2009/05/07 21:05:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/08/24 11:21:43] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008/04/13 18:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007/03/01 10:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/01/30 18:57:50 | 004,474,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2001/09/28 12:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/09/28 12:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=ysp
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/?ilc=21
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 DD B8 FA 83 FE CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {E443DE21-BBC8-4D47-BBD0-E078C73F74F9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MIAWB1
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}
IE - HKCU\..\SearchScopes\{E443DE21-BBC8-4D47-BBD0-E078C73F74F9}: "URL" = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{EB197CA6-009D-4DA2-BB39-71A17329AAE2}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGLL_fr
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "SN"
FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.region: "SN"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "http://fr.yahoo.com"
FF - prefs.js..extensions.enabledAddons: pdfforge%40mybrowserbar.com:10.5
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.11.20150226051211
FF - prefs.js..extensions.enabledAddons: zotero%40chnm.gmu.edu:4.0.26.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:5.7
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:5.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\Administrateur\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Documents and Settings\Administrateur\Bureau\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Documents and Settings\Administrateur\Bureau\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015/05/19 10:31:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/05/19 10:31:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8}: C:\Documents and Settings\All Users\Application Data\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014/04/04 10:36:14 | 000,010,691 | ---- | M] ()

[2010/02/19 09:12:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Extensions
[2015/04/29 10:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions
[2010/12/02 12:57:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014/10/28 09:26:36 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\{4D6A6C8E-1EB2-46e1-8CAA-40DAFDE3ED93}
[2015/02/28 17:51:59 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2015/04/29 10:13:18 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\abs@avira.com
[2015/04/15 10:19:05 | 000,000,000 | ---D | M] (Diccionario de Español/España) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\es-es@dictionaries.addons.mozilla.org
[2015/04/13 09:52:42 | 005,767,921 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\extensions\zotero@chnm.gmu.edu.xpi
[2011/02/24 10:15:37 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\searchplugins\bing.xml
[2014/12/15 14:30:19 | 000,008,130 | ---- | M] () -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\xhb79tzy.default\searchplugins\yahoo_ff.xml
[2015/05/19 10:31:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2015/05/19 10:31:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2015/05/19 10:31:26 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2015/05/19 10:31:24 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Program Files\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
[2015/05/19 10:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/05/19 10:32:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/12/15 09:58:52 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2001/09/28 12:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\10.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Fichiers communs\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] "C:\DOCUME~1\ADMINI~1\Bureau\Messenger\YahooMessenger.exe" -quiet File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - HKCU..\Run: [sunuradiotv] C:\Program Files\sunugraf\sunuradiotv\iconebarre.exe (sunugraf)
O4 - HKCU..\Run: [Viber] C:\Documents and Settings\Administrateur\Local Settings\Application Data\Viber\Viber.exe ()
O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\Administrateur\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl (Copernic Technologies Inc.)
O9 - Extra 'Tools' menuitem : Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221646632828 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7124CCF-6FD5-4E16-AB37-6842167E94C3}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/26 15:07:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0e39dc20-01a8-11de-827f-0019dba12bdf}\Shell - "" = AutoRun
O33 - MountPoints2\{0e39dc20-01a8-11de-827f-0019dba12bdf}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{25ae5c68-c9eb-11de-83df-0019dba12bdf}\Shell\AutoRun\command - "" = DOBRERIBE/ziza.exe
O33 - MountPoints2\{25ae5c68-c9eb-11de-83df-0019dba12bdf}\Shell\explore\command - "" = DOBRERIBE/ziza.exe
O33 - MountPoints2\{25ae5c68-c9eb-11de-83df-0019dba12bdf}\Shell\open\command - "" = DOBRERIBE/ziza.exe
O33 - MountPoints2\{281d2af7-aa8d-11dd-8203-0019dba12bdf}\Shell\aUToPlAY\COmMand - "" = F:\wiyp.pif
O33 - MountPoints2\{281d2af7-aa8d-11dd-8203-0019dba12bdf}\Shell\AutoRun\command - "" = F:\wiyp.pif
O33 - MountPoints2\{281d2af7-aa8d-11dd-8203-0019dba12bdf}\Shell\eXplORe\COmmAnD - "" = F:\wiyp.pif
O33 - MountPoints2\{281d2af7-aa8d-11dd-8203-0019dba12bdf}\Shell\OpEN\cOmmaNd - "" = F:\wiyp.pif
O33 - MountPoints2\{367210db-2be2-11dd-815b-0019dba12bdf}\Shell\Auto\command - "" = wscript "Sex City.jpg.wsf"
O33 - MountPoints2\{367210db-2be2-11dd-815b-0019dba12bdf}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"
O33 - MountPoints2\{6c9e8b2e-2cd5-11dd-815d-0019dba12bdf}\Shell\Auto\command - "" = wscript "Sex City.jpg.wsf"
O33 - MountPoints2\{6c9e8b2e-2cd5-11dd-815d-0019dba12bdf}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "Sex City.jpg.wsf"
O33 - MountPoints2\{92c6836e-d4f7-11de-83ea-0019dba12bdf}\Shell\AutoRun\command - "" = F:\DU6ECDLXYOFSFCYWM9W8UAS6A\DU6ECDLXYOFSFCYWM9W8UAS6A.exe
O33 - MountPoints2\{92c6836e-d4f7-11de-83ea-0019dba12bdf}\Shell\eXpLorE\CoMmAnD - "" = F:\DU6ECDLXYOFSFCYWM9W8UAS6A\DU6ECDLXYOFSFCYWM9W8UAS6A.exe
O33 - MountPoints2\{92c6836e-d4f7-11de-83ea-0019dba12bdf}\Shell\oPeN\cOmMaNd - "" = F:\DU6ECDLXYOFSFCYWM9W8UAS6A\DU6ECDLXYOFSFCYWM9W8UAS6A.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/05/20 15:37:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2015/05/20 14:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\CyberLink PowerDVD 9
[2015/05/20 10:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\BIDC
[2015/05/20 10:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\Doctorado 2014-2015
[2015/05/20 10:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\BOAD
[2015/05/20 09:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\CRECS 2015
[2015/05/20 09:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\Formation de formateurs simulation médicales
[2015/05/20 09:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\NAFY AFFAIRES
[2015/05/20 09:21:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau\IMTA
[2015/05/19 10:31:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[8 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Administrateur\Mes documents\*.tmp files -> C:\Documents and Settings\Administrateur\Mes documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/05/20 15:47:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/05/20 15:43:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/05/20 15:39:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe
[2015/05/20 15:20:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[2015/05/20 15:12:58 | 000,001,184 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-220523388-2147089337-500UA.job
[2015/05/20 14:29:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/05/20 14:28:06 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/05/20 14:28:05 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
[2015/05/20 14:27:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/05/20 10:12:04 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1801674531-220523388-2147089337-500Core.job
[2015/05/20 08:00:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2015/05/19 15:36:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2015/05/19 15:36:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2015/05/18 17:23:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2015/05/18 17:23:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2015/05/18 10:55:38 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
[2015/05/18 10:55:14 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\Internet.lnk
[2015/05/13 18:04:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2015/05/13 18:04:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2015/05/12 17:52:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2015/05/12 17:52:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2015/05/11 17:30:21 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2015/05/11 17:30:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2015/05/08 17:23:41 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2015/05/08 17:23:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2015/05/08 15:00:00 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
[2015/05/07 17:40:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2015/05/07 17:40:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2015/05/06 17:38:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2015/05/06 17:38:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2015/05/05 17:33:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2015/05/05 17:33:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2015/05/04 17:29:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2015/05/04 17:29:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2015/04/30 16:09:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2015/04/30 16:09:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2015/04/29 17:49:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2015/04/29 17:49:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2015/04/28 17:31:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2015/04/28 17:31:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2015/04/28 12:03:39 | 000,002,161 | ---- | M] () -- C:\Documents and Settings\Administrateur\.recently-used.xbel
[2015/04/27 17:40:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2015/04/27 17:40:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2015/04/25 16:06:16 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2015/04/25 16:06:16 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2015/04/25 15:35:01 | 000,164,326 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\3-2014-01-21-CompromisoDocumental14-01-2014.pdf
[2015/04/25 09:31:11 | 000,553,409 | ---- | M] () -- C:\Documents and Settings\Administrateur\Mes documents\Nafy.jpg
[2015/04/22 12:59:07 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2015/04/22 12:59:07 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2015/04/21 16:17:58 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2015/04/21 16:17:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2015/04/20 16:10:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2015/04/20 16:10:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[8 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Administrateur\Mes documents\*.tmp files -> C:\Documents and Settings\Administrateur\Mes documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/05/18 10:55:14 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Internet.lnk
[2015/04/28 12:03:39 | 000,002,161 | ---- | C] () -- C:\Documents and Settings\Administrateur\.recently-used.xbel
[2015/04/25 15:35:01 | 000,164,326 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\3-2014-01-21-CompromisoDocumental14-01-2014.pdf
[2015/04/25 09:31:05 | 000,553,409 | ---- | C] () -- C:\Documents and Settings\Administrateur\Mes documents\Nafy.jpg
[2014/09/12 19:53:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/07/11 13:19:32 | 000,314,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/01/13 16:12:44 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\init.dll
[2010/01/13 16:12:44 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\SYSTEM32.dll
[2010/01/13 16:12:33 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\Administrateur\Application Data\sound.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/12/14 11:42:37 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/12/20 22:15:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 10:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 02:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2008/05/30 16:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\123 Free Solitaire
[2015/02/28 17:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Audacity
[2009/06/10 10:21:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Copernic
[2011/01/28 16:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\FileZilla
[2015/04/28 12:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\gtk-2.0
[2015/02/17 09:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Image Zone Express
[2010/10/05 13:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\KompoZer
[2010/10/26 09:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\pdfforge
[2015/02/17 09:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Printer Info Cache
[2014/12/15 10:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Search Settings
[2015/05/20 14:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\ViberPC
[2014/12/01 12:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\Zotero
[2010/09/30 09:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
[2008/07/17 10:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2015/04/27 09:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2009/08/24 11:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2009/10/16 15:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011/04/27 14:57:06 | 002,752,301 | ---- | M] ()(C:\Documents and Settings\Administrateur\Mes documents\Vidéos publiées par Rémy Baff - Oui _mon Amour ? (1).mp4) -- C:\Documents and Settings\Administrateur\Mes documents\Vidéos publiées par Rémy Baff - Oui _mon Amour e& (1).mp4
[2011/04/27 14:57:05 | 002,752,301 | ---- | C] ()(C:\Documents and Settings\Administrateur\Mes documents\Vidéos publiées par Rémy Baff - Oui _mon Amour ? (1).mp4) -- C:\Documents and Settings\Administrateur\Mes documents\Vidéos publiées par Rémy Baff - Oui _mon Amour e& (1).mp4

< End of report >

Publicité


Signaler le contenu de ce document

Publicité