cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 16/02/2013 09:01:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Françoise\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,50 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,34% Memory free
3,35 Gb Paging File | 2,86 Gb Available in Paging File | 85,41% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,74 Gb Total Space | 15,38 Gb Free Space | 30,32% Space Free | Partition Type: NTFS
Drive D: | 1002,05 Mb Total Space | 853,56 Mb Free Space | 85,18% Space Free | Partition Type: FAT32
Drive I: | 143,04 Gb Total Space | 46,76 Gb Free Space | 32,69% Space Free | Partition Type: NTFS

Computer Name: CAVALFAIRE | User Name: Françoise | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\Françoise\Mes documents\Téléchargements\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems)
PRC - C:\WINDOWS\system32\slserv.exe ( )


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA ()
MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (JavaQuickStarterService) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe (Oracle Corporation)
SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (ggsemc) -- system32\DRIVERS\ggsemc.sys File not found
DRV - (ggflt) -- system32\DRIVERS\ggflt.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (TrueSight) -- C:\WINDOWS\system32\drivers\TrueSight.sys ()
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (massfilter_hs) -- C:\WINDOWS\system32\drivers\massfilter_hs.sys (HandSet Incorporated)
DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (npf) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RSUSBCCID) -- C:\WINDOWS\system32\drivers\RtsUCcid.sys (Realtek Semiconductor Corp.)
DRV - (RtsUIr) -- C:\WINDOWS\system32\drivers\RtsUIr.sys (Realtek Semiconductor Corp.)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s1018mdm) -- C:\WINDOWS\system32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) -- C:\WINDOWS\system32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) -- C:\WINDOWS\system32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\WINDOWS\system32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) -- C:\WINDOWS\system32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) -- C:\WINDOWS\system32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\WINDOWS\system32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link)
DRV - (M2500) -- C:\WINDOWS\system32\drivers\M2500.sys (Ralink Technology Inc.)
DRV - (vobiw) -- C:\WINDOWS\System32\drivers\vobIW.sys (Pinnacle Systems GmbH)
DRV - (cdrdrv) -- C:\WINDOWS\system32\drivers\Cdrdrv.sys (Pinnacle Systems GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (alcan5wn) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)
DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ASAPIW2K) -- C:\WINDOWS\system32\drivers\asapiW2k.sys (Pinnacle Systems GmbH)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (VOBID) -- C:\WINDOWS\system32\drivers\vobid.sys (Pinnacle Systems)
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software)
DRV - (vobcom) -- C:\WINDOWS\System32\drivers\vobcom.sys (VOB Computersysteme GmbH)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67950089-9EE3-4B88-8212-C90FC732DB19}: "URL" = http://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = http://www.bing.com/search?q={searchTerms}&mkt=fr-FR&form=MIMWA5
IE - HKCU\..\SearchScopes\{A18520B0-9FEE-4954-B56E-743438D50E91}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10264&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGV&apn_dtid=^YYYYYY^YY^FR&apn_uid=4b62c547-7e07-44f2-b85a-3360df36f9b2&apn_sauid=E63260DA-C09C-45F9-B61A-D12770485DBC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: %7B34712C68-7391-4c47-94F3-8F88D49AD632%7D:1.3.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Françoise\Local Settings\Application Data\Citrix\Plugins\92\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\BrowserPlusPlugins\79a16dbeb98784ad06a2e79f420bc4ff\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/17 13:51:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/29 09:40:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/06 09:17:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/06 09:17:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/08 21:46:22 | 000,000,000 | ---D | M]

[2012/01/15 03:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Françoise\Application Data\Mozilla\Extensions
[2012/01/15 03:22:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Françoise\Application Data\Mozilla\Extensions\home2@tomtom.com
[2013/02/06 09:16:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/06 09:16:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/29 09:40:04 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/02/06 09:17:18 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/06/19 19:46:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll
[2008/06/19 19:46:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll
[2012/12/29 09:39:16 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/01/10 21:54:14 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/09/08 11:07:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/05 17:10:58 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/01/10 21:54:13 | 000,001,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2013/01/10 21:54:13 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/12/05 17:10:57 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/12/08 09:22:19 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [InstantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Françoise\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1318403681124 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341728693656 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ED60A22-EA51-4FF4-A569-EF35BB0C0453}: DhcpNameServer = 192.168.0.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Françoise\Application Data\Mozilla\Firefox\Fond d'écran.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Françoise\Application Data\Mozilla\Firefox\Fond d'écran.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/12 06:37:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/11/20 20:36:09 | 000,000,000 | R--D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2011/11/20 20:36:14 | 000,000,000 | R--D | M] - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2010/05/29 06:03:05 | 000,000,000 | ---D | M] - I:\autorun.doc -- [ NTFS ]
O32 - AutoRun File - [2011/11/20 20:36:14 | 000,000,000 | R--D | M] - I:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^Françoise^Menu Démarrer^Programmes^Démarrage^Dropbox.lnk - C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Dropbox.exe - (Dropbox, Inc.)
MsConfig - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: [b]CanonMyPrinter[/b] - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: [b]InstantTray[/b] - hkey= - key= - C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe (Pinnacle Systems)
MsConfig - StartUpReg: [b]PinnacleDriverCheck[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Screenpresso[/b] - hkey= - key= - C:\Documents and Settings\Françoise\Local Settings\Application Data\Learnpulse\Screenpresso\Screenpresso.exe (Learnpulse)
MsConfig - StartUpReg: [b]Skype[/b] - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: [b]Sony Ericsson PC Companion[/b] - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Mise à jour de sécurité pour Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {72AD53CC-CCC0-3757-8480-9EE176866A7C} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {969B3B70-8765-11D5-9809-0050BACBF861} - rundll32.exe advpack.dll,LaunchINFSection C:\Program Files\CyberLink\MP3PowerEncoder\Cyber.inf,PerUserStub
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\MP3PowerEncoder\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\vdrcodec.dll (Pinnacle Systems)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.spv1 - C:\Documents and Settings\Françoise\Local Settings\Application Data\Learnpulse\Screenpresso\ScreenpressoCodec.dll (LearnPulse)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/02/13 16:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Bureau\RK_Quarantine
[2013/02/10 14:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Subliminal Visuel Concentration
[2013/02/10 14:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Subliminal Visuel Concentration
[2013/02/07 09:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Bureau\Kevin Trudeau
[2013/02/06 09:16:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/02 08:07:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Françoise\Recent
[2013/01/29 14:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\Menu Démarrer\Programmes\FANTAZIORKA
[2013/01/29 14:47:10 | 000,000,000 | ---D | C] -- C:\Program Files\FANTAZIORKA
[2013/01/26 18:39:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Françoise\AppData
[2013/01/20 09:57:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
[2013/01/20 09:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/20 09:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/10/24 19:11:08 | 003,623,592 | ---- | C] (Ask) -- C:\Program Files\Fichiers communs\ApnToolbarInstaller.exe
[2011/10/24 19:11:08 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Fichiers communs\ApnStub.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/02/16 09:04:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/02/16 08:51:01 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/16 07:15:58 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/16 07:15:39 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/16 07:15:37 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/16 07:11:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/16 07:08:20 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/15 02:35:25 | 000,435,934 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\85379058exercices-d-expansion-de-la-conscience-gg-31-jours-pdf.pdf
[2013/02/15 02:32:00 | 000,280,279 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\2012-01-31_Combinaisons-chiffrées_vers-courte.pdf
[2013/02/14 22:18:01 | 000,003,922 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_14 22_18.rtf
[2013/02/14 16:22:33 | 000,015,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2013/02/14 07:10:26 | 000,013,700 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/13 13:43:08 | 000,043,217 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Virement M Vermeylen.pdf
[2013/02/12 22:12:49 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Subliminal Visuel Concentration.lnk
[2013/02/12 21:30:09 | 000,092,672 | ---- | M] () -- C:\Documents and Settings\Françoise\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/12 10:14:57 | 000,045,196 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\alimentation jesus.jpg
[2013/02/11 23:59:13 | 000,557,078 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/02/11 23:59:13 | 000,108,770 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/02/11 23:59:12 | 000,480,984 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/11 23:59:12 | 000,088,690 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/11 23:54:41 | 000,056,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/02/11 23:39:41 | 000,071,980 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\20130209 Soirée Nicole Fraysse.jpg
[2013/02/09 16:00:02 | 000,814,294 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Vivre Cru bruxelles1.pdf
[2013/02/08 13:51:29 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/08 13:51:28 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/07 22:10:28 | 000,003,050 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_07 22_10.rtf
[2013/02/07 09:24:48 | 002,049,024 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\Outlook.pst
[2013/02/06 19:05:55 | 000,091,114 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Langue Aspects.jpg
[2013/02/06 15:19:40 | 000,000,484 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\NEWAYS.lnk
[2013/02/05 09:37:54 | 000,075,362 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Régénère Invit Suisse.jpg
[2013/02/03 08:47:34 | 000,922,185 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\flyer imprimable Danses Scarées Lille mars 2013.pdf
[2013/01/31 22:19:37 | 000,003,492 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_31 22_19.rtf
[2013/01/31 12:36:02 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/01/30 17:12:31 | 000,070,915 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Additifs alimentaires.jpg
[2013/01/29 14:47:17 | 000,001,048 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Mandala-Crystal-VL.lnk
[2013/01/24 21:51:59 | 000,001,280 | ---- | M] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_24 21_51.rtf
[2013/01/22 08:41:05 | 001,136,499 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\S Campagnie stages de jeûne 2013-1.pdf
[2013/01/20 10:45:02 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2013/01/19 08:56:28 | 000,014,228 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie dessus pied.jpg
[2013/01/19 08:56:08 | 000,034,495 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie côtés pieds.jpg
[2013/01/19 08:55:37 | 000,032,448 | ---- | M] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie Plantes pieds.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/02/16 09:04:36 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/02/15 02:35:24 | 000,435,934 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\85379058exercices-d-expansion-de-la-conscience-gg-31-jours-pdf.pdf
[2013/02/15 02:31:59 | 000,280,279 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\2012-01-31_Combinaisons-chiffrées_vers-courte.pdf
[2013/02/14 22:18:01 | 000,003,922 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_14 22_18.rtf
[2013/02/14 07:16:39 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2013/02/13 13:43:08 | 000,043,217 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Virement M Vermeylen.pdf
[2013/02/12 22:12:49 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Subliminal Visuel Concentration.lnk
[2013/02/12 10:14:55 | 000,045,196 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\alimentation jesus.jpg
[2013/02/11 23:54:41 | 000,056,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/02/11 23:39:39 | 000,071,980 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\20130209 Soirée Nicole Fraysse.jpg
[2013/02/11 05:23:29 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/09 16:00:02 | 000,814,294 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Vivre Cru bruxelles1.pdf
[2013/02/07 22:10:28 | 000,003,050 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_02_07 22_10.rtf
[2013/02/06 19:05:53 | 000,091,114 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Langue Aspects.jpg
[2013/02/06 15:33:47 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1220945662-1897051121-839522115-1004.job
[2013/02/06 15:19:40 | 000,000,484 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\NEWAYS.lnk
[2013/02/05 09:37:52 | 000,075,362 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Régénère Invit Suisse.jpg
[2013/02/03 08:47:34 | 000,922,185 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\flyer imprimable Danses Scarées Lille mars 2013.pdf
[2013/01/31 22:19:37 | 000,003,492 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_31 22_19.rtf
[2013/01/30 17:12:29 | 000,070,915 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Additifs alimentaires.jpg
[2013/01/29 14:47:17 | 000,001,048 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Mandala-Crystal-VL.lnk
[2013/01/24 21:51:59 | 000,001,280 | ---- | C] () -- C:\Documents and Settings\Françoise\Mes documents\ChatLog New Meeting 2013_01_24 21_51.rtf
[2013/01/22 08:41:05 | 001,136,499 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\S Campagnie stages de jeûne 2013-1.pdf
[2013/01/20 10:45:02 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2013/01/19 08:56:27 | 000,014,228 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie dessus pied.jpg
[2013/01/19 08:56:07 | 000,034,495 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie côtés pieds.jpg
[2013/01/19 08:55:36 | 000,032,448 | ---- | C] () -- C:\Documents and Settings\Françoise\Bureau\Reflexologie Plantes pieds.jpg
[2012/10/09 22:21:21 | 000,000,912 | ---- | C] () -- C:\Documents and Settings\Françoise\.recently-used.xbel
[2012/09/17 21:27:01 | 000,373,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/08/08 17:57:36 | 000,038,506 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Valeurs séparées par des virgules (Windows).ADR
[2012/08/06 18:13:17 | 000,038,484 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Microsoft Excel.ADR
[2012/08/06 17:31:37 | 000,027,226 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\Carnet d'adresses personnel.ADR
[2012/07/30 19:11:21 | 000,584,584 | ---- | C] () -- C:\WINDOWS\adb.exe
[2012/07/25 19:27:52 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Françoise\g2mdlhlpx.exe
[2012/03/09 07:38:19 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/03/06 09:11:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/28 16:00:26 | 000,000,021 | ---- | C] () -- C:\WINDOWS\kit.ini
[2012/01/07 13:43:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/24 19:11:13 | 000,444,283 | ---- | C] () -- C:\Program Files\Fichiers communs\WinPcapNmap.exe
[2011/10/17 11:17:21 | 000,092,672 | ---- | C] () -- C:\Documents and Settings\Françoise\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 07:22:46 | 000,038,604 | ---- | C] () -- C:\Documents and Settings\Françoise\Application Data\wklnhst.dat
[2011/10/13 21:10:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2011/10/13 21:07:46 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2011/10/12 17:35:36 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/10/12 13:07:49 | 000,075,776 | ---- | C] () -- C:\WINDOWS\SendToClip.exe
[2011/10/12 09:53:40 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2011/10/12 09:41:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/10/12 08:30:43 | 000,475,136 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2011/10/12 08:30:43 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\slmh.exe
[2011/10/12 08:30:43 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\minirec.exe
[2011/10/12 08:30:43 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll
[2011/10/12 08:30:43 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2011/10/12 08:30:43 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SmCfg.exe
[2011/10/12 08:30:43 | 000,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
[2011/10/12 08:27:05 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011/10/12 08:05:33 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2011/10/12 07:26:47 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/10/12 07:25:34 | 000,346,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/12 06:59:22 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011/10/12 06:59:21 | 001,301,704 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011/10/12 06:59:21 | 000,548,888 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011/10/12 06:59:21 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011/10/12 06:59:21 | 000,086,512 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011/10/12 06:59:16 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2011/10/12 06:59:16 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2011/10/12 06:59:15 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe
[2011/10/12 06:59:13 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe
[2011/10/12 06:39:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/10/12 06:35:07 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2011/10/12 12:48:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/14 03:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 11:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/14 03:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2012/04/05 06:14:11 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Françoise\Application Data\.#
[2011/10/21 13:50:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Adobe
[2012/09/08 18:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Apple Computer
[2011/10/12 09:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Avira
[2012/09/25 06:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Canon
[2012/03/06 07:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\CheckPoint
[2013/01/23 07:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\cronometer
[2011/10/13 21:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\CyberLink
[2011/12/19 09:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\DAEMON Tools Lite
[2012/09/12 23:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Dropbox
[2013/02/06 16:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\dvdcss
[2012/01/15 05:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Foxit Software
[2011/10/12 09:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\FreeAudioPack
[2011/10/12 23:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Help
[2011/10/12 06:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Identities
[2012/10/10 07:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\inkscape
[2011/10/12 11:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Macromedia
[2011/10/12 12:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Malwarebytes
[2012/07/26 03:14:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Françoise\Application Data\Microsoft
[2011/10/12 09:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Mozilla
[2012/08/18 08:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\MyPhoneExplorer
[2012/07/18 09:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Oracle
[2011/12/26 18:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\PhotoFiltre
[2013/02/07 08:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Real
[2012/12/29 09:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\RealNetworks
[2012/08/06 05:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Skype
[2011/12/21 06:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Sony
[2011/10/19 05:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Sun
[2012/01/20 09:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Thunderbird
[2012/01/15 03:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\TomTom
[2012/01/17 14:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\TuneUp Software
[2012/02/01 21:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\VDownloader
[2013/02/13 13:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\vlc
[2013/01/20 08:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\WindSolutions
[2011/10/12 13:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\WinRAR
[2012/10/10 06:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Xilisoft
[2012/03/20 07:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Françoise\Application Data\Yahoo!

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2012/06/14 03:08:56 | 027,595,032 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Dropbox.exe
[2012/06/14 03:09:00 | 000,874,440 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\DropboxUpdateHelper.exe
[2012/06/14 03:09:06 | 000,181,776 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Françoise\Application Data\Dropbox\bin\Uninstall.exe
[2011/12/04 21:01:46 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2011/12/04 21:01:46 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Françoise\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2012/09/08 16:51:43 | 007,860,520 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans.exe
[2013/01/19 21:34:15 | 004,279,440 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2013/01/19 21:37:21 | 008,488,168 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe
[2013/01/20 08:07:08 | 007,955,968 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTransPhoto.exe
[2012/02/01 14:35:35 | 003,712,288 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.340_FR.exe
[2012/09/08 16:46:10 | 004,156,736 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.360_FR.exe
[2013/01/19 21:33:46 | 004,279,440 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\CopyTrans_Suite_v2.370_FR.exe
[2013/01/20 01:05:24 | 005,509,352 | ---- | M] (WindSolutions) -- C:\Documents and Settings\Françoise\Application Data\WindSolutions\CopyTransControlCenter\Applications\iCloner.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2011/11/20 20:36:09 | 000,000,000 | R--D | M] -- C:\Autorun.inf
[2011/10/13 21:07:32 | 000,000,000 | -H-D | M] -- C:\BJPrinter
[2011/12/05 14:33:28 | 000,000,000 | ---D | M] -- C:\BrowserPlusPlugins
[2011/12/08 09:10:56 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2013/01/20 09:57:57 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2012/03/08 06:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2012/08/08 05:10:15 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013/02/10 14:10:17 | 000,000,000 | ---D | M] -- C:\Program Files
[2012/04/16 18:43:53 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012/03/08 07:04:01 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011/10/12 11:00:45 | 000,000,000 | ---D | M] -- C:\ST_NG_SetupWizard
[2011/12/16 06:49:55 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013/02/14 16:14:10 | 000,000,000 | ---D | M] -- C:\WINDOWS

[color=#A23BEC]< %systemdrive%\*.exe >[/color]

[color=#A23BEC]< %programfiles%\*. >[/color]
[2012/08/03 19:59:49 | 000,000,000 | ---D | M] -- C:\Program Files\ABC Amber vCard Converter
[2011/10/21 07:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2013/01/03 16:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\adslTV
[2012/05/31 04:58:38 | 000,000,000 | ---D | M] -- C:\Program Files\Amazon
[2012/03/07 13:25:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/10/15 21:12:29 | 000,000,000 | ---D | M] -- C:\Program Files\Avanquest update
[2012/12/17 07:36:46 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2012/09/08 17:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/10/13 21:18:21 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2011/10/13 20:53:43 | 000,000,000 | -H-D | M] -- C:\Program Files\CanonBJ
[2013/02/02 06:20:17 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2012/03/06 07:16:57 | 000,000,000 | ---D | M] -- C:\Program Files\CheckPoint
[2012/12/29 09:46:48 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/10/12 06:34:52 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2012/11/18 18:23:49 | 000,000,000 | ---D | M] -- C:\Program Files\CRON-O-METER
[2011/10/14 16:39:31 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2011/10/13 21:40:40 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2012/06/26 13:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\Dropbox
[2012/01/16 09:12:42 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2013/01/29 14:47:10 | 000,000,000 | ---D | M] -- C:\Program Files\FANTAZIORKA
[2012/12/29 09:39:35 | 000,000,000 | ---D | M] -- C:\Program Files\Fichiers communs
[2011/10/12 09:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\Free Audio Pack
[2011/10/17 17:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Free PDF to Word Converter
[2012/07/01 19:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/07/30 19:11:39 | 000,000,000 | ---D | M] -- C:\Program Files\Handset USB Driver
[2012/04/25 05:50:38 | 000,000,000 | ---D | M] -- C:\Program Files\HeartMath
[2013/02/13 23:33:56 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2012/07/08 10:11:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2013/01/20 09:55:07 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2013/01/20 09:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/07/18 09:06:58 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/10/12 10:54:06 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com
[2013/01/17 07:49:05 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/12 06:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011/10/16 08:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Keyboard Layout Creator 1.4
[2012/10/07 19:09:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/07/08 10:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2012/08/08 05:51:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2012/08/08 13:41:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/10/15 07:07:49 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works Suite 2004
[2012/08/08 05:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/20 17:58:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/10/12 09:41:57 | 000,000,000 | ---D | M] -- C:\Program Files\MozBackup
[2013/02/15 07:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2013/02/06 15:31:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/09 07:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2011/10/12 17:25:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012/10/07 19:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2011/10/20 17:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\msn
[2011/10/12 06:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2011/10/14 06:42:33 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/10/12 17:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2012/08/17 22:51:42 | 000,000,000 | ---D | M] -- C:\Program Files\MyPhoneExplorer
[2012/01/18 18:14:33 | 000,000,000 | ---D | M] -- C:\Program Files\MyTomTom 3
[2011/10/20 16:59:17 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2012/10/10 07:16:48 | 000,000,000 | ---D | M] -- C:\Program Files\office Convert Pdf to PowerPoint for ppt Free
[2011/10/12 12:53:18 | 000,000,000 | ---D | M] -- C:\Program Files\OpenXML-ODF Translator
[2012/07/18 09:08:34 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2011/10/20 18:05:59 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2012/03/09 07:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2011/12/26 18:46:38 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre
[2011/10/13 20:31:50 | 000,000,000 | ---D | M] -- C:\Program Files\Pinnacle
[2012/04/05 06:10:55 | 000,000,000 | ---D | M] -- C:\Program Files\Quantum Intech
[2012/03/07 13:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2012/12/29 09:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2012/12/29 09:40:04 | 000,000,000 | ---D | M] -- C:\Program Files\RealNetworks
[2012/08/05 09:31:09 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2012/12/17 14:29:02 | 000,000,000 | ---D | M] -- C:\Program Files\Recuva
[2011/10/12 17:25:41 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/11/28 20:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\Secunia
[2011/10/12 13:07:50 | 000,000,000 | ---D | M] -- C:\Program Files\Send To Toys
[2011/10/12 06:34:12 | 000,000,000 | ---D | M] -- C:\Program Files\Services en ligne
[2011/10/14 23:23:53 | 000,000,000 | ---D | M] -- C:\Program Files\SIW
[2012/07/25 23:02:40 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2012/08/01 14:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2013/01/20 00:11:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Ericsson
[2011/12/21 06:33:23 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Media Go Install
[2013/02/12 22:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Subliminal Visuel Concentration
[2012/01/18 18:14:39 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2012/03/20 07:50:25 | 000,000,000 | ---D | M] -- C:\Program Files\trend micro
[2011/11/28 21:50:54 | 000,000,000 | ---D | M] -- C:\Program Files\TubeMaster++
[2012/01/17 14:47:23 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUp Utilities 2012
[2012/08/08 05:55:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2013/01/09 13:19:57 | 000,000,000 | ---D | M] -- C:\Program Files\VDownloader
[2011/10/12 09:58:39 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/11/28 21:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\VlcPlus
[2012/01/16 22:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2012/01/16 23:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/10/20 16:59:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/10/12 06:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2011/10/24 19:11:15 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2011/10/12 13:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011/10/12 06:38:07 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2012/10/10 06:58:29 | 000,000,000 | ---D | M] -- C:\Program Files\Xilisoft
[2011/12/05 14:32:54 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\system32\eventlog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe

< End of report >

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !