cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 01/02/2013 16:10:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pc\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1023,55 Mb Total Physical Memory | 332,64 Mb Available Physical Memory | 32,50% Memory free
2,00 Gb Paging File | 1,26 Gb Available in Paging File | 62,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,24 Gb Total Space | 17,21 Gb Free Space | 46,20% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/02/01 16:08:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pc\Downloads\OTL (3).exe
PRC - [2013/01/29 13:37:28 | 000,015,152 | ---- | M] () -- C:\Windows\System32\jmdp\stij.exe
PRC - [2013/01/29 13:37:26 | 001,087,792 | ---- | M] () -- C:\Windows\System32\dmwu.exe
PRC - [2013/01/23 19:52:11 | 001,591,808 | ---- | M] () -- C:\Users\pc\AppData\Local\Lollipop\Lollipop.exe
PRC - [2013/01/17 14:49:32 | 000,606,520 | ---- | M] (Boxore OU) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe
PRC - [2013/01/04 17:47:40 | 006,394,888 | ---- | M] (Systweak) -- C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/11 15:15:04 | 000,108,544 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2012/10/05 16:08:42 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe
PRC - [2012/06/27 09:34:10 | 005,545,864 | ---- | M] (Aedge Performance BCN SL) -- C:\Program Files\OfferBox\OfferBox.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\program files\windows defender\MpCmdRun.exe
PRC - [2009/04/14 07:43:42 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/01/29 13:37:28 | 000,015,152 | ---- | M] () -- C:\Windows\System32\jmdp\stij.exe
MOD - [2013/01/29 13:36:42 | 000,254,976 | ---- | M] () -- C:\Windows\System32\jmdp\lmrn.dll
MOD - [2013/01/23 19:52:11 | 001,591,808 | ---- | M] () -- C:\Users\pc\AppData\Local\Lollipop\Lollipop.exe
MOD - [2013/01/10 17:59:50 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013/01/10 17:59:35 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/10 17:55:10 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013/01/10 17:51:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\68f617caf670fefc0be769a294dc4ffd\System.ServiceProcess.ni.dll
MOD - [2013/01/10 17:50:33 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\aa0c82eddc6cc12961a92835f777dcc0\System.Web.Services.ni.dll
MOD - [2013/01/10 17:49:56 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013/01/10 17:49:52 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013/01/10 17:49:48 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/10 17:48:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 17:47:21 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 17:47:11 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\43f1725719239288707661115956470e\System.Deployment.ni.dll
MOD - [2013/01/10 17:44:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 17:44:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 17:44:15 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 17:43:44 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/08 01:06:21 | 012,459,624 | ---- | M] () -- C:\Users\pc\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
MOD - [2013/01/04 17:47:40 | 001,731,080 | ---- | M] () -- C:\Program Files\Advanced System Protector\aspsys.dll
MOD - [2013/01/02 17:58:30 | 000,362,029 | ---- | M] () -- C:\Windows\System32\jmdp\sqlite3.dll
MOD - [2012/07/25 12:03:14 | 000,886,272 | ---- | M] () -- C:\Program Files\Advanced System Protector\System.Data.SQLite.dll
MOD - [2010/11/13 01:58:36 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/07/14 09:39:04 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (Browser Manager)
SRV - [2013/01/29 13:37:26 | 001,087,792 | ---- | M] () [Auto | Running] -- C:\Windows\System32\dmwu.exe -- (IBUpdaterService)
SRV - [2013/01/23 20:22:55 | 000,139,576 | ---- | M] (Boxore OU.) [Auto | Stopped] -- C:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate)
SRV - [2012/10/05 16:08:42 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/06/27 09:34:16 | 000,335,240 | ---- | M] (Aedge Performance BCN SL) [Auto | Stopped] -- C:\Program Files\OfferBox\OfferBoxUpdateService.exe -- (OfferBox update service)
SRV - [2012/03/17 23:22:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 23:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (SrvHsfPCI)
DRV - [2009/07/13 23:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/06/18 19:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000.10015&st=1&barid={5915AE0F-DB4C-11E1-A66E-000C76374043}&q={searchTerms}&barid={5915AE0F-DB4C-11E1-A66E-000C76374043}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=111020&tt=4912_1&babsrc=HP_ss&mntrId=641f55f0000000000000000c76374043
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 74 29 D9 73 9E 02 CD 01 [binary data]
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MOOI_frFR495
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.kodak.com:81/proxy.pac


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@boaki.com/BoakiLauncher, version=1.0.2.4: C:\Program Files\Gibcom\Plugins\npUviLaunch.dll ( Gibcom Multimedia)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files\Software\Update\1.2.201.0\npSoftwareOneClick8.dll (Boxore OU.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\pc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\pc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}: C:\ProgramData\Browser Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/01/29 17:00:43 | 000,000,000 | ---D | M]

[2012/07/31 21:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://searchfunmoods.com/?f=1&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtAyByEtDyEtAyDyD0FtDtN0D0Tzu0CtAzztAtN1L2XzutBtFtBtFtCtFyEtDyB&cr=976491151
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\pc\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\pc\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\pc\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Reader = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: Gmail = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Recherche Google = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Reader = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: Gmail = C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (IEAddonBHO Class) - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} - C:\Program Files\Browser Helper Object\Internet Explorer\IEAddon.dll ()
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll (PricePeep)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [Boxore Client] C:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [offerbox] C:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000..\Run: [Facebook Update] C:\Users\pc\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000..\Run: [KGShareApp] C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-21-2282029637-3929049568-1626983271-1000..\Run: [lollipop] c:\users\pc\appdata\local\lollipop\lollipop.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12170F24-4313-44D8-B600-5A7060CC3595}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cf99a2a5-4eb8-11e2-9b02-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cf99a2a5-4eb8-11e2-9b02-806e6f6e6963}\Shell\AutoRun\command - "" = F:\KODAK_Camera_Setup_App.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/01/29 17:00:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp
[2013/01/24 20:33:03 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/01/23 20:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\Boxore
[2013/01/23 20:16:09 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[2013/01/23 20:15:57 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\DealPly
[2013/01/23 20:15:53 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2013/01/23 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\Wajam
[2013/01/23 20:15:22 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\Software
[2013/01/23 20:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Software
[2013/01/23 20:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\DealPly
[2013/01/23 20:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\Wajam
[2013/01/23 19:52:11 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\Lollipop
[2013/01/22 12:45:25 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\WebPlayerBdd
[2013/01/18 07:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2013/01/18 07:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2013/01/18 07:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Protector
[2013/01/18 07:16:31 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Systweak
[2013/01/18 07:16:26 | 000,018,952 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2013/01/18 07:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[2013/01/18 07:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean Pro
[2013/01/17 22:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\WebPlayer
[2013/01/17 22:20:25 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Funmoods
[2013/01/17 22:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2013/01/17 22:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/01/17 22:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\PricePeep
[2013/01/17 22:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\Funmoods
[2013/01/15 18:38:34 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C1269505-4372-40CC-B6AB-419526923AD0}
[2013/01/09 19:01:51 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/09 19:00:39 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013/01/09 19:00:39 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/01/09 19:00:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 19:00:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 19:00:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 19:00:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 19:00:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 19:00:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 19:00:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 19:00:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 19:00:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 19:00:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 19:00:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 19:00:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 19:00:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 19:00:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 19:00:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 18:59:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013/01/09 18:59:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013/01/09 18:59:12 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013/01/09 18:59:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013/01/09 18:59:12 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013/01/09 18:59:12 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013/01/09 18:59:12 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013/01/09 18:59:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013/01/09 18:59:12 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013/01/09 18:59:12 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013/01/09 18:59:11 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/01/09 18:59:10 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013/01/09 18:59:09 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013/01/09 18:59:09 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013/01/09 18:59:09 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013/01/09 18:59:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013/01/09 18:58:32 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013/01/09 18:58:31 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/02/01 15:49:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/01 15:31:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282029637-3929049568-1626983271-1000UA.job
[2013/02/01 15:28:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013/02/01 15:01:08 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/02/01 13:39:22 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2282029637-3929049568-1626983271-1000UA.job
[2013/02/01 12:52:42 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 12:52:42 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 12:46:11 | 000,001,376 | ---- | M] () -- C:\Users\pc\Desktop\Nettoyez votre registre gratuitement!.lnk
[2013/02/01 12:45:54 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/01 12:45:45 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013/02/01 12:44:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/01 12:44:35 | 804,954,112 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/31 20:31:03 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2282029637-3929049568-1626983271-1000Core.job
[2013/01/31 20:17:12 | 000,000,000 | ---- | M] () -- C:\END
[2013/01/29 13:37:26 | 001,087,792 | ---- | M] () -- C:\Windows\System32\dmwu.exe
[2013/01/29 13:34:46 | 000,028,160 | ---- | M] () -- C:\Windows\System32\ImHttpComm.dll
[2013/01/27 10:39:03 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2282029637-3929049568-1626983271-1000Core.job
[2013/01/23 19:51:38 | 000,034,815 | ---- | M] () -- C:\Program Files\Common Files\plugin.crx
[2013/01/22 17:36:41 | 000,073,784 | ---- | M] () -- C:\Users\pc\Desktop\734845_336772966436465_794626892_n.jpg
[2013/01/22 12:45:05 | 000,000,099 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/01/20 19:32:00 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/20 19:31:59 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/20 19:31:59 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/20 19:31:59 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/18 11:15:20 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/01/18 07:17:35 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2013/01/17 22:19:37 | 000,368,102 | ---- | M] () -- C:\Users\pc\AppData\Local\funmoods-speeddial_sf.crx
[2013/01/17 22:19:37 | 000,031,465 | ---- | M] () -- C:\Users\pc\AppData\Local\funmoods.crx
[2013/01/17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/01/15 18:21:49 | 000,002,350 | ---- | M] () -- C:\Users\pc\Desktop\Google Chrome.lnk
[2013/01/10 17:41:34 | 000,294,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/02 17:58:28 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013/01/02 17:58:28 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013/01/02 17:58:28 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013/01/02 17:58:26 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2013/01/02 17:58:26 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/01/30 20:16:55 | 000,000,000 | ---- | C] () -- C:\END
[2013/01/29 11:31:33 | 000,001,376 | ---- | C] () -- C:\Users\pc\Desktop\Nettoyez votre registre gratuitement!.lnk
[2013/01/23 20:16:26 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013/01/23 20:16:13 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013/01/23 19:51:38 | 000,034,815 | ---- | C] () -- C:\Program Files\Common Files\plugin.crx
[2013/01/22 17:36:27 | 000,073,784 | ---- | C] () -- C:\Users\pc\Desktop\734845_336772966436465_794626892_n.jpg
[2013/01/22 12:45:05 | 000,000,099 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/01/18 07:17:35 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2013/01/18 07:17:15 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2013/01/18 07:16:51 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
[2013/01/18 07:16:47 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
[2013/01/17 22:20:45 | 000,002,961 | ---- | C] () -- C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlayerV2.lnk
[2013/01/17 22:20:17 | 000,368,102 | ---- | C] () -- C:\Users\pc\AppData\Local\funmoods-speeddial_sf.crx
[2013/01/17 22:20:12 | 000,031,465 | ---- | C] () -- C:\Users\pc\AppData\Local\funmoods.crx
[2012/11/25 09:52:01 | 001,087,792 | ---- | C] () -- C:\Windows\System32\dmwu.exe
[2012/11/25 09:52:01 | 000,028,160 | ---- | C] () -- C:\Windows\System32\ImHttpComm.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/12/08 12:33:31 | 000,857,088 | ---- | M] (Microsoft Corporation) MD5=0369BA73CE6D918745579B24339765E8 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16481_none_93903c22b7a2b5ea\kernel32.dll
[2012/08/20 18:54:52 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=0B0ACE1E9F27AA44B4FAC72F881B908C -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_94753f2bd07b1432\kernel32.dll
[2011/07/16 05:25:25 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=12DD18C6ECADEDB922E40B494D315206 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_946467d1d088a0a4\kernel32.dll
[2012/11/30 05:47:07 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=22BB6AFDE3D162C3F5E631267070E46D -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_941ebfcbd0bbf3ba\kernel32.dll
[2012/10/04 17:43:05 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=3ED262888758E350C29E02207AF9AC59 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_95904772b4b53b61\kernel32.dll
[2009/07/14 02:15:35 | 000,857,088 | ---- | M] (Microsoft Corporation) MD5=4605F7EE9805F7E1C98D6C959DD2949C -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_93943b64b79f1e1f\kernel32.dll
[2010/11/20 13:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) MD5=5553784D774CA845380650E010BBDA2C -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_95c54f2cb48da1b9\kernel32.dll
[2012/10/04 17:49:12 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=5EB52C62998CF36BAE774FC67775EAEB -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_93ca306cb776b1bd\kernel32.dll
[2012/10/04 17:32:16 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=63350392C018D28C87E6FCB638DFCFE8 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_9644fc0fcdb29ea9\kernel32.dll
[2012/11/30 06:01:46 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=6D0D4B00C7CB4FA829F396A83B327894 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_9610ed07cdd95d0c\kernel32.dll
[2012/08/20 18:40:01 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=6F93A0F455963DC8A9A16BB682C8D589 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_95adb658b49f9b89\kernel32.dll
[2011/07/16 05:34:28 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=7E99A20C758ABB5AE89C7AEEA3A9AEB2 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_93afb334b78b3d5c\kernel32.dll
[2012/08/18 12:21:20 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=8EA21D5227121072B985525B6C0C36A0 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_93eca0c4b75c9098\kernel32.dll
[2012/08/20 18:34:45 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=9139B25AA9CA8749A11F2BE863EF391B -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_95f5498dcdeeffbd\kernel32.dll
[2011/07/16 05:54:28 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=921F8B3FF01501C9934CCB3C270833D7 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_960c0dc1cdddb3a2\kernel32.dll
[2012/10/04 17:51:02 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=A49F39AD51987F9360C316D85040D763 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_9453cf1dd0944eae\kernel32.dll
[2012/11/30 05:47:44 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=AE09B85158C66E2C154C5C9B3C0027B3 -- C:\Windows\System32\kernel32.dll
[2012/11/30 05:47:44 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=AE09B85158C66E2C154C5C9B3C0027B3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_95c62f30b48ce2ee\kernel32.dll
[2011/07/16 05:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=E570CBD732848438EAC574EB3442A2A8 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_95971084b4b0c29f\kernel32.dll
[2012/11/30 06:00:06 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=E9F8A2515D2ADCB9B1208E3576AB31D2 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_93a2f1e4b79386dd\kernel32.dll
[2009/12/08 12:57:44 | 000,857,088 | ---- | M] (Microsoft Corporation) MD5=EB7B2309A2B16EEB73C2C13477FEF8FB -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20591_none_940f0901d0c871a5\kernel32.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2012/05/31 21:12:22 | 125,646,514 | ---- | M] () -- C:\Apache_OpenOffice_incubating_3.4.0_Win_x86_install_fr.exe
[2008/04/11 07:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012/03/15 16:14:42 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Adobe
[2012/12/27 15:16:12 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\BabylonToolbar
[2013/01/23 20:15:57 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\DealPly
[2012/12/24 13:03:24 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\FIXIO PC Utilities
[2013/01/17 22:20:25 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Funmoods
[2012/09/02 20:14:00 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Google
[2012/12/12 20:53:37 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Identities
[2012/12/04 18:31:53 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\IndexEducation
[2012/12/25 19:52:14 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Kodak
[2012/03/15 16:14:42 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Macromedia
[2009/07/14 10:00:22 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Media Center Programs
[2013/01/17 22:20:43 | 000,000,000 | --SD | M] -- C:\Users\pc\AppData\Roaming\Microsoft
[2012/12/29 19:06:34 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\OfferBox
[2012/05/31 21:23:48 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\OpenOffice.org
[2012/12/12 21:24:16 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\PhotoFiltre Studio X
[2012/07/31 21:40:09 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\PhotoScape
[2013/01/18 07:18:47 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Systweak
[2012/12/28 23:40:49 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\ul_data
[2013/01/22 12:45:25 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\WebPlayerBdd
[2012/04/26 20:42:34 | 000,000,000 | ---D | M] -- C:\Users\pc\AppData\Roaming\Windows Live Writer

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2013/01/15 23:22:10 | 000,091,704 | ---- | M] () -- C:\Users\pc\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe
[2013/01/17 22:19:38 | 000,085,504 | ---- | M] () -- C:\Users\pc\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe
[2013/01/17 22:20:43 | 000,230,547 | R--- | M] () -- C:\Users\pc\AppData\Roaming\Microsoft\Installer\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094}\_41AEE37AA709DB5DEA5006.exe
[2013/01/17 22:20:44 | 000,230,547 | R--- | M] () -- C:\Users\pc\AppData\Roaming\Microsoft\Installer\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094}\_752891DB163AFFB96743FE.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll
[2010/11/20 13:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\taskschd.dll

[color=#A23BEC]< %systemroot%\syswow64\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

[color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color]
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\pc\AppData\Local\Google\Chrome\Application\chrome.exe" [2013/01/08 01:06:24 | 001,248,360 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 13:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2010/11/20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2010/11/20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< End of report >

Publicité

Signaler le contenu de ce document

Publicité