cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 09/02/2016 12:06:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\administrateur\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,97 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 62,96% Memory free
3,93 Gb Paging File | 2,91 Gb Available in Paging File | 73,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,73 Gb Total Space | 181,15 Gb Free Space | 77,84% Space Free | Partition Type: NTFS
Drive E: | 465,63 Gb Total Space | 18,93 Gb Free Space | 4,07% Space Free | Partition Type: NTFS
Drive F: | 3,73 Gb Total Space | 3,50 Gb Free Space | 93,93% Space Free | Partition Type: FAT32

Computer Name: COMPTA-EPMI | User Name: Administrateur | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016/02/09 11:48:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\administrateur\Desktop\OTL.exe
PRC - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/09/11 16:34:16 | 018,484,496 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer.exe
PRC - [2015/09/11 16:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
PRC - [2015/09/11 16:22:54 | 000,230,672 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\tv_w32.exe
PRC - [2015/05/09 04:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015/02/10 15:08:00 | 000,340,336 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2015/02/10 15:08:00 | 000,337,776 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2015/02/10 15:08:00 | 000,129,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2015/02/10 15:08:00 | 000,090,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2014/12/17 16:21:56 | 000,174,968 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2014/12/17 16:21:55 | 000,204,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2014/12/08 13:08:50 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/10/10 16:03:38 | 000,738,856 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect 2\creator-ws.exe
PRC - [2014/01/15 20:08:00 | 000,243,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
PRC - [2014/01/15 20:08:00 | 000,208,416 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2014/01/15 20:08:00 | 000,037,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2013/03/07 23:27:06 | 004,407,808 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
PRC - [2013/03/07 23:27:02 | 001,131,008 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files\Cobian Backup 11\cbService.exe
PRC - [2013/03/07 23:07:36 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/14 02:14:24 | 001,401,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/12/12 18:29:01 | 012,438,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\dc5e9aaf3f627418b920205c75b926df\System.Windows.Forms.ni.dll
MOD - [2015/10/22 11:22:12 | 000,245,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\ddfb5c7dfdbeba5b887631093b9c30ee\TaskScheduler.ni.dll
MOD - [2015/10/22 11:21:27 | 001,545,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\3a25974bfb69a31ab09c33d0b1c4fb60\MMCEx.ni.dll
MOD - [2015/10/22 11:14:54 | 006,439,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\cadf961cb7abdf4de62431640b3b1603\MIGUIControls.ni.dll
MOD - [2015/10/22 11:14:51 | 000,561,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\90633dbbfb06aa53ac5c23fe97a032f7\Microsoft.ManagementConsole.ni.dll
MOD - [2015/10/22 11:14:51 | 000,287,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\be9edf9362b6628c83e060aa98511939\MMCFxCommon.ni.dll
MOD - [2015/10/22 11:14:50 | 000,553,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\EventViewer\6ab6920b1951b16527254795449cf09e\EventViewer.ni.dll
MOD - [2015/10/22 11:02:57 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c00840ee7b4eb45e78557fc3c8785733\System.ServiceProcess.ni.dll
MOD - [2015/10/22 11:02:44 | 011,923,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\38234ab6b7aa0762a54e27862d8bbdfe\System.Web.ni.dll
MOD - [2015/10/22 11:02:37 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\82ecf48db57ddf66f74fca17b0f99453\System.Drawing.ni.dll
MOD - [2015/07/09 11:31:25 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2e96557aad36da617ba78377009f7456\System.Configuration.ni.dll
MOD - [2014/12/08 16:04:55 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/12/08 16:04:46 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/12/08 16:04:35 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2013/07/08 13:42:01 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2013/07/08 13:41:52 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/20 13:17:50 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\EventViewer.resources\6.1.0.0_fr_31bf3856ad364e35\EventViewer.resources.dll
MOD - [2009/07/14 03:52:40 | 001,568,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MIGUIControls.resources\1.0.0.0_fr_31bf3856ad364e35\MIGUIControls.resources.dll
MOD - [2009/07/14 03:52:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCEx.resources\3.0.0.0_fr_31bf3856ad364e35\MMCEx.resources.dll
MOD - [2009/07/14 03:51:52 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\TaskScheduler.resources\6.1.0.0_fr_31bf3856ad364e35\TaskScheduler.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2016/01/20 12:40:04 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/12/13 23:48:02 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/12/12 18:27:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/09/11 16:34:16 | 005,702,416 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2015/07/22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015/02/10 15:08:00 | 000,129,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2014/12/17 16:21:56 | 000,174,968 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2014/12/17 16:21:55 | 000,204,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2014/11/26 17:40:36 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/10 16:03:38 | 001,771,560 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\ws.exe -- (PDF Architect 2)
SRV - [2014/10/10 16:03:38 | 000,861,736 | ---- | M] (pdfforge GmbH) [On_Demand | Stopped] -- C:\Program Files\PDF Architect 2\crash-handler-ws.exe -- (pdfforge CrashHandler)
SRV - [2014/10/10 16:03:38 | 000,738,856 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect 2\creator-ws.exe -- (PDF Architect 2 Creator)
SRV - [2014/01/15 20:08:00 | 000,208,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2013/12/19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/03/07 23:27:02 | 001,131,008 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Program Files\Cobian Backup 11\cbService.exe -- (CobianBackup11)
SRV - [2013/03/07 23:07:36 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2009/08/18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2006/05/12 15:04:08 | 000,439,248 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - [2014/12/17 16:21:56 | 000,573,136 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2014/12/17 16:21:56 | 000,213,872 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2014/12/17 16:21:56 | 000,093,144 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2014/12/17 16:21:55 | 000,236,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2014/12/17 16:21:55 | 000,134,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2014/12/17 16:21:55 | 000,066,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013/10/02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2011/09/22 17:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0105.sys -- (RsFx0105)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/08/18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/13 23:02:52 | 000,164,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6032.sys -- (e1kexpress)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D CB C4 78 C0 13 D0 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\pdf_architect_2_conv@pdfarchitect.org: C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension\ [2014/12/08 12:18:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2016/02/09 11:13:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/12/10 10:26:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\administrateur\AppData\Roaming\mozilla\Extensions
[2014/12/10 10:36:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\administrateur\AppData\Roaming\mozilla\Firefox\Profiles\5wl0lz26.default\extensions
[2014/12/08 12:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2014/12/08 12:30:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20141217162258.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Cobian Backup 11 interface] C:\Program Files\Cobian Backup 11\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = admin.intra
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FE47D7C-FF72-49F5-BE62-6903A1755BA5}: DhcpNameServer = 192.168.11.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016/02/09 12:05:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\administrateur\Desktop\OTL.exe
[2016/02/08 15:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016/02/08 15:12:30 | 000,000,000 | ---D | C] -- C:\Users\administrateur\AppData\Local\Programs
[2016/01/19 18:09:08 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/01/19 18:09:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/01/19 18:09:07 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/01/19 18:09:07 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/01/19 18:09:06 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/01/19 18:09:05 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/01/19 18:09:05 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/01/19 18:09:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/01/19 18:09:04 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/01/19 18:09:04 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/01/19 18:09:04 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/01/19 18:09:03 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/01/19 18:09:03 | 000,341,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/01/19 18:09:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/01/19 18:09:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/01/19 18:09:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/01/19 18:09:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/01/19 18:09:00 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/01/19 18:09:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/01/19 18:09:00 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/01/19 18:08:59 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/01/19 18:08:58 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/01/19 18:08:55 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/01/19 18:08:53 | 004,610,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/01/19 18:08:34 | 001,230,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/01/19 18:08:34 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016/01/19 18:08:34 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016/01/19 18:08:34 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016/01/19 18:08:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016/01/19 18:08:34 | 000,022,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/01/19 18:07:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/01/19 18:07:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/01/19 18:07:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/01/19 18:07:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/01/19 18:07:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/01/19 18:07:35 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/01/19 18:07:35 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/01/19 18:07:35 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/01/19 18:07:35 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/01/19 18:07:35 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/01/19 18:07:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/01/19 18:07:34 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/01/19 18:07:28 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/01/19 18:07:28 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2016/01/19 18:01:50 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2016/01/19 18:01:44 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016/01/19 18:01:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2016/01/19 18:01:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2016/01/19 18:01:37 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2016/01/19 18:00:51 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2016/01/19 18:00:51 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2016/01/19 18:00:51 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2016/01/19 18:00:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2016/01/19 18:00:50 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2adec.dll
[2016/01/19 18:00:50 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2016/01/19 18:00:49 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2016/01/19 18:00:49 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2016/01/19 18:00:49 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2016/01/19 18:00:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2016/01/19 18:00:48 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2016/01/19 18:00:48 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2016/01/19 18:00:48 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2016/01/19 18:00:48 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2016/01/19 18:00:48 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2016/01/19 18:00:48 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2016/01/19 18:00:48 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2016/01/19 18:00:48 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2016/01/19 18:00:48 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2016/01/19 18:00:48 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2016/01/19 18:00:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2016/01/19 18:00:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2016/01/19 18:00:47 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2016/01/19 18:00:47 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2016/01/19 18:00:47 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2016/01/19 18:00:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
[2016/01/19 18:00:46 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2016/01/19 18:00:46 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2016/01/19 18:00:46 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2016/01/19 18:00:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2016/01/19 18:00:46 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2016/01/19 18:00:46 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2016/01/19 18:00:45 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2016/01/19 18:00:45 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2016/01/19 18:00:45 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2016/01/19 18:00:45 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2016/01/19 18:00:45 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2016/01/19 18:00:45 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016/02/09 12:09:18 | 000,816,252 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2016/02/09 12:09:18 | 000,723,010 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/02/09 12:09:18 | 000,175,748 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2016/02/09 12:09:18 | 000,147,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/02/09 11:48:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\administrateur\Desktop\OTL.exe
[2016/02/09 11:40:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/02/09 11:29:46 | 000,025,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/02/09 11:29:46 | 000,025,808 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/02/09 11:18:01 | 021,041,152 | ---- | M] () -- C:\Users\administrateur\Desktop\journal Systeme.evtx
[2016/02/09 11:17:41 | 001,118,208 | ---- | M] () -- C:\Users\administrateur\Desktop\Journal Installation.evtx
[2016/02/09 11:16:43 | 021,041,152 | ---- | M] () -- C:\Users\administrateur\Desktop\Journal securite.evtx
[2016/02/09 11:15:43 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/02/09 11:12:55 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/02/09 11:12:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/02/09 11:12:07 | 1583,566,848 | -HS- | M] () -- C:\hiberfil.sys
[2016/02/09 09:38:58 | 000,411,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/02/08 14:59:33 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 10.lnk
[2016/02/08 14:49:14 | 000,002,240 | RHS- | M] () -- C:\Users\administrateur\ntuser.pol
[2016/02/04 22:18:27 | 000,002,127 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016/02/09 11:17:58 | 021,041,152 | ---- | C] () -- C:\Users\administrateur\Desktop\journal Systeme.evtx
[2016/02/09 11:17:39 | 001,118,208 | ---- | C] () -- C:\Users\administrateur\Desktop\Journal Installation.evtx
[2016/02/09 11:16:37 | 021,041,152 | ---- | C] () -- C:\Users\administrateur\Desktop\Journal securite.evtx
[2016/02/08 14:59:34 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
[2016/02/08 14:59:33 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 10.lnk
[2015/12/16 16:41:02 | 000,004,524 | ---- | C] () -- C:\ProgramData\Digital.PRO
[2015/12/16 16:41:02 | 000,001,030 | ---- | C] () -- C:\ProgramData\Digital.PCO
[2015/12/16 16:41:02 | 000,001,025 | ---- | C] () -- C:\ProgramData\Digital.EXP
[2015/12/16 16:41:02 | 000,000,926 | ---- | C] () -- C:\ProgramData\Digital.PGM
[2015/12/16 16:41:02 | 000,000,591 | ---- | C] () -- C:\ProgramData\Digital.SOC
[2015/12/16 11:14:09 | 000,007,598 | ---- | C] () -- C:\Users\administrateur\AppData\Local\Resmon.ResmonCfg
[2015/04/17 16:51:00 | 001,050,112 | ---- | C] () -- C:\Windows\System32\sage.common.dll
[2014/12/12 14:56:17 | 000,000,049 | ---- | C] () -- C:\Windows\SageApplSQLClient.ini
[2014/12/08 20:49:15 | 000,816,252 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2014/12/08 20:49:15 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2014/12/08 20:49:15 | 000,175,748 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2014/12/08 20:49:15 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2014/12/08 16:04:43 | 000,002,240 | RHS- | C] () -- C:\Users\administrateur\ntuser.pol
[2014/12/08 15:06:03 | 000,018,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/12/08 11:52:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Publicité


Signaler le contenu de ce document

Publicité