OTL logfile created on: 27/08/2015 09:09:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Rémy\Bureau Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 60,91% Memory free 8,83 Gb Paging File | 7,58 Gb Available in Paging File | 85,81% Paging File free Paging file location(s): E:\pagefile.sys 3070 3070C:\pagef [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 40,26 Gb Free Space | 51,54% Space Free | Partition Type: NTFS Drive D: | 154,75 Gb Total Space | 60,08 Gb Free Space | 38,82% Space Free | Partition Type: NTFS Drive E: | 39,06 Gb Total Space | 32,09 Gb Free Space | 82,15% Space Free | Partition Type: NTFS Drive F: | 103,84 Gb Total Space | 79,79 Gb Free Space | 76,84% Space Free | Partition Type: NTFS Drive G: | 9,77 Gb Total Space | 7,94 Gb Free Space | 81,28% Space Free | Partition Type: NTFS Computer Name: UTILISAT-B87285 | User Name: Rémy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Rémy\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\Rémy\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Google\Update\1.3.28.1\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files\Uniblue\Powersuite\powersuite_monitor.exe (Uniblue Systems Ltd) PRC - C:\Program Files\Uniblue\Powersuite\powersuite.exe (Uniblue Systems Limited) PRC - C:\Program Files\Uniblue\Powersuite\powersuite_service.exe () PRC - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) PRC - C:\Program Files\Avanquest\Avanquest message\AQNotif.exe (Avanquest Software) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO) PRC - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.) PRC - C:\Program Files\Online Games Manager\ogmservice.exe (RealNetworks, Inc.) PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Kaspersky Lab ZAO) PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe () PRC - C:\Program Files\Rainlendar2\Rainlendar2.exe () PRC - C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG) PRC - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG) PRC - C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) PRC - C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) PRC - C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\Video\FxSvr2.exe (Logitech Inc.) PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - c:\Documents and Settings\Rémy\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkyhrnu.dll () MOD - C:\Program Files\Uniblue\Powersuite\locale\fr\resources.dll () MOD - C:\Program Files\Uniblue\Powersuite\libcef.dll () MOD - C:\Program Files\Uniblue\Powersuite\ui_dll.dll () MOD - C:\Program Files\Uniblue\Powersuite\libGLESv2.dll () MOD - C:\Program Files\Uniblue\Powersuite\libEGL.dll () MOD - C:\Program Files\Uniblue\Powersuite\avcodec-53.dll () MOD - C:\Program Files\Uniblue\Powersuite\avformat-53.dll () MOD - C:\Program Files\Uniblue\Powersuite\avutil-51.dll () MOD - C:\Program Files\Uniblue\Powersuite\powersuite_service.exe () MOD - C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\1f236d1b65b6f9d77c3d2c63bb347130\System.ServiceModel.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1ab71206b530480fee0800c9fa3976cd\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b103aec14e7cfb4b6eab9579a95bf1c\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\9bf311f8fa0c15e25b3ffb86007663fe\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9de255a0aa42b52f01848ced6d315972\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\360603d8efa82557e7fce70287cb242e\WindowsFormsIntegration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Practices#\373e63f1856d05d5e083f4da67e5f251\Microsoft.Practices.ServiceLocation.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d116eda30a35c490e59221b0ebac6fcd\System.Xaml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9ec8060dd7bfb448f298dcd12d547062\System.Runtime.Remoting.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\67939f4c3d18712bacf74bfc8c75ab40\PresentationFramework.Luna.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll () MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll () MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll () MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.36-8876480L\Program\clntutil.dll () MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll () MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe () MOD - C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.36-8876480L\Program\bwfiles.dll () MOD - C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll () MOD - C:\Program Files\Rainlendar2\Rainlendar2.exe () MOD - C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll () MOD - C:\Program Files\Rainlendar2\lfs.dll () MOD - C:\Program Files\Rainlendar2\lua51.dll () MOD - C:\WINDOWS\system32\msdmo.dll () [color=#E56717]========== Services (SafeList) ==========[/color] SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (Uniblue.PowersuiteSvc) -- C:\Program Files\Uniblue\Powersuite\powersuite_service.exe () SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NvNetworkService) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (ss_conn_service) -- C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.) SRV - (ogmservice) -- C:\Program Files\Online Games Manager\ogmservice.exe (RealNetworks, Inc.) SRV - (avp) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Kaspersky Lab ZAO) SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (Fabs) -- C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG) SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (SWDUMon) -- C:\WINDOWS\system32\drivers\SWDUMon.sys () DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab ZAO) DRV - (klkbdflt) -- C:\WINDOWS\system32\drivers\klkbdflt.sys (Kaspersky Lab ZAO) DRV - (kneps) -- C:\WINDOWS\system32\drivers\kneps.sys (Kaspersky Lab ZAO) DRV - (KL1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab ZAO) DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab ZAO) DRV - (kltdi) -- C:\WINDOWS\system32\drivers\kltdi.sys (Kaspersky Lab ZAO) DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab ZAO) DRV - (klpd) -- C:\WINDOWS\system32\drivers\klpd.sys (Kaspersky Lab ZAO) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV - (MarvinBus) -- C:\WINDOWS\system32\drivers\MarvinBus.sys (Pinnacle Systems GmbH) DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (CamDrL) -- C:\WINDOWS\system32\drivers\Camdrl.sys (Logitech Inc.) DRV - (PhilCam8116) -- C:\WINDOWS\system32\drivers\CamDrL21.sys (Logitech Inc.) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes] IE - HKLM\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}: "URL" = [String data over 1000 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A CF 24 A2 02 57 CF 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [String data over 1000 bytes] IE - HKCU\..\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{8CAEE6EA-016D-4711-894D-BF941AC30182}: "URL" = IE - HKCU\..\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}: "URL" = [String data over 1000 bytes] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.useDBForOrder: true FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014/12/17 15:25:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014/12/17 15:25:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014/12/17 15:25:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014/12/17 15:25:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014/12/17 15:25:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@MediaPlayerV1alpha8989.net: C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha8989\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@MediaViewerV1alpha306.net: C:\Program Files\MediaViewerV1\MediaViewerV1alpha306\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@MediaViewV1alpha2798.net: C:\Program Files\MediaViewV1\MediaViewV1alpha2798\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@MediaViewV1alpha9312.net: C:\Program Files\MediaViewV1\MediaViewV1alpha9312\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ext@MediaWatchV1home651.net: C:\Program Files\MediaWatchV1\MediaWatchV1home651\ff FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/01 19:44:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/08/18 13:36:51 | 000,000,000 | ---D | M] [2013/03/05 18:07:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Extensions [2013/03/05 19:34:32 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Extensions\statuswinks@StatusWinks [2014/12/12 09:41:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\mqf1rbk4.default\extensions [2014/08/30 09:31:42 | 000,000,000 | ---D | M] (Browse Safe) -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\mqf1rbk4.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962} [2013/08/06 17:05:47 | 000,000,000 | ---D | M] ("Pricora 1.1") -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\mqf1rbk4.default\extensions\b06fdef7-671b-4f24-babf-0377d4c40832@3dc509f2-5b3a-49d6-8b54-6cad06855fa6.com [2013/08/06 16:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\mqf1rbk4.default\extensions\b06fdef7-671b-4f24-babf-0377d4c40832@3dc509f2-5b3a-49d6-8b54-6cad06855fa6.com\chrome\content\extensionCode [2012/06/22 20:56:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/11/01 10:04:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011/12/08 16:34:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011/12/08 16:58:53 | 000,000,000 | ---D | M] (Analyse des liens (URL Advisor)) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\RÉMY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MQF1RBK4.DEFAULT\EXTENSIONS\509508EF-0B14-4616-A557-0D58601BE33D@C4A581E9-0EA6-46DB-A185-58E021EE138C.COM File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\RÉMY\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MQF1RBK4.DEFAULT\EXTENSIONS\A0046B9B-FDB9-497F-A4B1-2A108AD6007A@5CDF80B7-0420-4BB7-B3C0-E188E6F4FB8A.COM File not found (No name found) -- C:\PROGRAM FILES\MEDIAVIEWERV1\MEDIAVIEWERV1ALPHA306\FF [2011/08/12 08:19:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/08/12 06:52:47 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/08/12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/08/12 06:52:48 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/08/12 06:52:48 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/08/12 06:52:48 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/08/12 06:52:48 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_1\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.4.0.9058_1\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Documents and Settings\Rémy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0\ O1 HOSTS File: ([2014/02/04 16:23:35 | 000,000,838 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 54.225.95.126 ajakpekbmnkgnjbpajgkdhimcbeoocam O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKCU..\Run: [Avanquest message] C:\Program Files\Avanquest\Avanquest message\AQNotif.exe (Avanquest Software) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [Dropbox Update] C:\Documents and Settings\Rémy\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_28E451B1B06A0C9DEEB8393C40390B61] C:\Documents and Settings\Rémy\Local Settings\Application Data\Chromium\Application\chrome.exe (The Chromium Authors) O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe () O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.) O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) O4 - Startup: C:\Documents and Settings\Rémy\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk = C:\Documents and Settings\Rémy\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm () O9 - Extra Button: Clavier virtuel - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Analyse des liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3CDCE93-FCE3-403B-8AC4-FE36C445C244}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - No CLSID value found. O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Rémy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Rémy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/12/08 12:59:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004/11/10 19:24:30 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/08/26 21:37:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rémy\Bureau\OTL.exe [2015/08/25 15:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Pour sortie BE [2015/08/23 18:06:21 | 000,000,000 | ---D | C] -- C:\Samsung [2015/08/23 09:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype [2015/08/23 09:02:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype [2015/08/20 09:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Menu Démarrer\Programmes\Balabolka [2015/08/20 09:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Application Data\Balabolka [2015/08/20 09:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\Balabolka [2015/08/20 09:24:37 | 000,000,000 | ---D | C] -- d:\Nouveau dossier [2015/08/20 09:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Application Data\Hunspell [2015/08/20 09:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft [2015/08/20 09:18:58 | 000,000,000 | ---D | C] -- d:\Balabolka [2015/08/19 21:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Photos récentes [2015/08/08 18:46:39 | 000,000,000 | ---D | C] -- d:\Insectes 01 [2015/08/08 08:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Menu Démarrer\Programmes\Dropbox [2015/08/06 20:12:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Photos Claude Minimes le 2 08 15 [2015/08/05 09:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Ma Musique [2015/08/05 09:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Gigeux(Québec) [2015/08/04 15:19:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Papillons en 2015 [2015/08/03 15:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rémy\Bureau\Pour Christian [2015/08/01 17:39:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer [2015/07/29 09:03:35 | 000,000,000 | ---D | C] -- d:\Québécois 01c [2014/07/06 12:00:49 | 009,414,952 | ---- | C] (PC Cleaners) -- C:\Documents and Settings\All Users\Application Data\pclunst.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/08/27 08:52:00 | 000,001,056 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2015/08/27 08:46:40 | 000,001,168 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job [2015/08/27 08:46:00 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job [2015/08/27 08:40:43 | 000,001,262 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1614895754-261903793-1801674531-1004UA.job [2015/08/27 08:38:15 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2015/08/27 08:26:47 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\powersuite_monitor.job [2015/08/27 08:26:24 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0DBDE0C7-73FD-40C6-AA57-810B302876C5}.job [2015/08/27 08:24:32 | 000,001,052 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2015/08/27 08:24:32 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [2015/08/27 08:24:31 | 000,001,878 | ---- | M] () -- C:\WINDOWS\tasks\Pricora 1.1-chromeinstaller.job [2015/08/27 08:24:31 | 000,001,804 | ---- | M] () -- C:\WINDOWS\tasks\Pricora 1.1-firefoxinstaller.job [2015/08/27 08:24:31 | 000,001,184 | ---- | M] () -- C:\WINDOWS\tasks\Pricora 1.1-codedownloader.job [2015/08/27 08:24:31 | 000,001,180 | ---- | M] () -- C:\WINDOWS\tasks\Pricora 1.1-updater.job [2015/08/27 08:24:31 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\Pricora 1.1-enabler.job [2015/08/27 08:24:31 | 000,000,704 | ---- | M] () -- C:\WINDOWS\tasks\igdhbblpcellaljokkpfhcjlagemhgjl.job [2015/08/27 08:24:31 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job [2015/08/27 08:24:31 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Update.job [2015/08/27 08:24:31 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Driver Booster Scan.job [2015/08/27 08:24:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2015/08/26 22:08:40 | 000,020,936 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps [2015/08/26 21:56:08 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\Rémy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/08/26 21:37:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rémy\Bureau\OTL.exe [2015/08/26 20:29:31 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk [2015/08/26 18:00:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job [2015/08/26 15:01:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job [2015/08/26 14:40:00 | 000,001,210 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1614895754-261903793-1801674531-1004Core.job [2015/08/26 10:55:05 | 000,211,442 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\BITAS.JPG [2015/08/26 10:54:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job [2015/08/25 18:29:08 | 000,295,136 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\01net Question.JPG [2015/08/25 16:02:18 | 000,052,982 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Paretologic.JPG [2015/08/25 15:26:58 | 000,000,147 | ---- | M] () -- C:\WINDOWS\CARTES.INI [2015/08/25 10:43:19 | 003,752,030 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Sexe_en_plein_air_A.wmv [2015/08/24 10:09:01 | 000,140,917 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Jeune lézard.jpg [2015/08/23 21:42:59 | 000,000,125 | ---- | M] () -- C:\Documents and Settings\Rémy\default.pls [2015/08/23 21:42:18 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2015/08/23 21:12:18 | 000,834,081 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Pièce jointe sans titre 000739.gif [2015/08/23 08:58:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2015/08/22 15:59:37 | 000,000,500 | ---- | M] () -- C:\WINDOWS\PR2.JEU [2015/08/22 10:32:47 | 000,353,216 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Mail 1.mp3 [2015/08/21 20:47:30 | 000,001,811 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk [2015/08/20 09:25:55 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Balabolka.lnk [2015/08/20 08:56:18 | 000,403,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2015/08/18 17:52:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2015/08/18 11:14:06 | 014,118,912 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Escapade 15 août.pps [2015/08/18 09:14:20 | 000,028,855 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Sandy a.jpg [2015/08/17 22:11:01 | 000,006,840 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Sandy.jpg [2015/08/17 14:16:08 | 002,334,294 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Love.JPG [2015/08/17 13:55:40 | 000,776,247 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\Balançoire.JPG [2015/08/13 17:11:04 | 000,010,910 | ---- | M] () -- C:\Documents and Settings\Rémy\Application Data\wklnhst.dat [2015/08/12 15:41:25 | 000,778,440 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2015/08/12 15:41:25 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2015/08/10 10:28:11 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI [2015/08/08 08:43:39 | 000,001,141 | ---- | M] () -- C:\Documents and Settings\Rémy\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk [2015/08/06 16:51:34 | 003,504,554 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\101 Maximes.mp3 [2015/08/06 08:28:10 | 000,053,363 | ---- | M] () -- C:\Documents and Settings\Rémy\Bureau\PB_1.JPG [2015/08/02 10:22:31 | 000,001,829 | ---- | M] () -- C:\Documents and Settings\Rémy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/08/01 17:35:21 | 000,573,092 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2015/08/01 17:35:21 | 000,500,490 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2015/08/01 17:35:21 | 000,103,206 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2015/08/01 17:35:21 | 000,086,722 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2015/08/01 17:34:33 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtnicxp.sys [2015/08/01 17:34:33 | 000,073,728 | ---- | M] () -- C:\WINDOWS\System32\RtNicProp32.dll [2015/08/01 17:34:01 | 009,888,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RtsUStoricon.dll [2015/08/01 17:34:01 | 000,209,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtsUStor.sys [2015/08/01 09:33:12 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Rémy\Application Data\Microsoft\Internet Explorer\Quick Launch\Powersuite.lnk [2015/08/01 09:33:12 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Powersuite.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/08/26 10:55:05 | 000,211,442 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\BITAS.JPG [2015/08/25 18:29:08 | 000,295,136 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\01net Question.JPG [2015/08/25 16:02:18 | 000,052,982 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Paretologic.JPG [2015/08/25 10:45:20 | 003,752,030 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Sexe_en_plein_air_A.wmv [2015/08/23 21:13:04 | 000,834,081 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Pièce jointe sans titre 000739.gif [2015/08/23 18:02:15 | 000,140,917 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Jeune lézard.jpg [2015/08/22 18:45:39 | 002,334,294 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Love.JPG [2015/08/22 18:44:13 | 000,776,247 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Balançoire.JPG [2015/08/22 10:32:47 | 000,353,216 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Mail 1.mp3 [2015/08/20 09:25:55 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Balabolka.lnk [2015/08/18 11:14:57 | 014,118,912 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Escapade 15 août.pps [2015/08/18 09:13:00 | 000,028,855 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Sandy a.jpg [2015/08/17 22:10:58 | 000,006,840 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\Sandy.jpg [2015/08/06 16:51:13 | 003,504,554 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\101 Maximes.mp3 [2015/08/06 08:28:10 | 000,053,363 | ---- | C] () -- C:\Documents and Settings\Rémy\Bureau\PB_1.JPG [2015/08/02 10:22:31 | 000,001,829 | ---- | C] () -- C:\Documents and Settings\Rémy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/08/01 09:33:20 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\powersuite_monitor.job [2015/08/01 09:33:12 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Rémy\Application Data\Microsoft\Internet Explorer\Quick Launch\Powersuite.lnk [2015/08/01 09:33:12 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Powersuite.lnk [2014/07/21 21:24:39 | 000,013,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys [2014/06/10 09:50:01 | 000,000,542 | ---- | C] () -- C:\Documents and Settings\Rémy\Local Settings\Application Data\LMIR0001.tmp.bat [2014/04/11 21:03:03 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\WB.CFG [2013/12/30 10:52:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2013/12/30 10:52:40 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2013/12/30 10:52:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2013/12/30 10:52:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2013/10/24 20:48:59 | 001,609,472 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012/11/06 10:29:00 | 000,001,158 | ---- | C] () -- C:\Documents and Settings\Rémy\Application Data\ShiftN.ini [2012/06/17 23:03:02 | 001,907,226 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1614895754-261903793-1801674531-1004-0.dat [2012/06/17 23:03:02 | 000,383,274 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2011/12/20 11:27:21 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Rémy\default.pls [2011/12/08 23:01:57 | 000,173,056 | ---- | C] () -- C:\Documents and Settings\Rémy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/12/08 18:46:13 | 000,010,910 | ---- | C] () -- C:\Documents and Settings\Rémy\Application Data\wklnhst.dat [2011/12/08 17:00:03 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\Rémy\Local Settings\Application Data\WebpageIcons.db [color=#E56717]========== ZeroAccess Check ==========[/color] [2011/12/09 19:23:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2011/09/05 15:56:25 | 001,510,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 304 bytes -> d:\Page picture it.JPG:Updt_SummaryInformation @Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Rémy\Bureau\Sandy a.jpg:SummaryInformation @Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Rémy\Bureau\Love.JPG:SummaryInformation @Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Rémy\Bureau\Jeune lézard.jpg:SummaryInformation @Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Rémy\Bureau\Chenille L=5mm à Périgny 17180 le 17 08 2013.JPG:SummaryInformation @Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Rémy\Bureau\Balançoire.JPG:SummaryInformation @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:628C9914 @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:373E1720 @Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:58DD92AC < End of report >