cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 12/01/2013 12:24:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gaetan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,87 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 63,44% Memory free
5,97 Gb Paging File | 4,86 Gb Available in Paging File | 81,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,19 Gb Total Space | 218,69 Gb Free Space | 74,85% Space Free | Partition Type: NTFS
Drive D: | 5,90 Gb Total Space | 0,88 Gb Free Space | 14,84% Space Free | Partition Type: NTFS

Computer Name: PC-DE-GAETAN | User Name: Gaetan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/01/12 12:23:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gaetan\Desktop\OTL.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/18 15:46:00 | 004,349,952 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/12/05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012/12/05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012/12/05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012/12/05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012/12/05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012/12/05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012/12/05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012/12/05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013/01/09 06:38:29 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/14 01:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/10/30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/02/11 22:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\npf.sys -- (npf)
DRV - [2010/08/12 11:07:50 | 000,292,712 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/05/22 20:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/26 17:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/08/29 13:56:24 | 000,096,384 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\camfilt2.sys -- (camfilt2)
DRV - [2007/02/02 12:55:46 | 000,167,464 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ov530vid.sys -- (ovt530)
DRV - [2006/11/22 12:41:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BtNetDrv.sys -- (BT)
DRV - [2006/11/22 12:40:50 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2006/11/22 12:40:34 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\VComm.sys -- (VComm)
DRV - [2006/11/22 12:40:20 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2006/11/22 12:40:02 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2006/11/22 12:39:30 | 000,033,936 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2006/11/22 12:39:14 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2006/11/22 12:39:00 | 000,034,576 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2006/11/02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Presario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Presario&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A59BA928-AD15-4907-9162-EB4FE70B371F}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {AEEC3B59-CA98-4EBA-A140-57B94E283583} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{A59BA928-AD15-4907-9162-EB4FE70B371F}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/20 09:34:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/06/09 11:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaetan\AppData\Roaming\mozilla\Extensions
[2012/06/09 11:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaetan\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/10/29 08:51:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gaetan\AppData\Roaming\mozilla\Firefox\Profiles\0vjd4st9.default\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://search.iminent.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.iminent.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjamchknccokmaecnbknhbfhaicfafd\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjamchknccokmaecnbknhbfhaicfafd\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: WOT = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.6_0\
CHR - Extension: YouTube = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_2\
CHR - Extension: Adblock Plus = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Recherche Google = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_2\
CHR - Extension: AdBlock = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: avast! WebRep = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\Gaetan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1d970ed5-3eda-438d-bffd-715931e2775b} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92863D82-884C-4C23-A5C2-F31400E4B230}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gaetan\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gaetan\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/07/30 07:15:58 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/07/30 07:16:01 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]EPSON Stylus DX8400 Series[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - c:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]hpsysdrv[/b] - hkey= - key= - c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]KBD[/b] - hkey= - key= - C:\hp\KBD\KbdStub.exe ()
MsConfig - StartUpReg: [b]Launcher[/b] - hkey= - key= - C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
MsConfig - StartUpReg: [b]MailNotifier[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvCplDaemon[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvMediaCenter[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NvSvc[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]orangeinside[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]OsdMaestro[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
MsConfig - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
MsConfig - StartUpReg: [b]Sidebar[/b] - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/01/12 12:23:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gaetan\Desktop\OTL.exe
[2013/01/12 10:46:36 | 000,000,000 | ---D | C] -- C:\Users\Gaetan\AppData\Local\Temp
[2013/01/10 09:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2013/01/10 09:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2013/01/10 09:33:59 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/01/10 00:46:33 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/01/10 00:46:03 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/12/21 05:15:12 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/21 05:15:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/01/12 12:23:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gaetan\Desktop\OTL.exe
[2013/01/12 11:38:15 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/12 11:30:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/12 11:30:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/12 10:49:22 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/12 10:49:22 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/12 10:46:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/12 09:26:29 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2013/01/10 12:25:27 | 000,325,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/10 12:07:45 | 000,678,804 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/01/10 12:07:45 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/10 12:07:45 | 000,126,420 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/01/10 12:07:44 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/10 10:09:53 | 000,106,496 | ---- | M] () -- C:\Users\Gaetan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/10 09:34:01 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/01/10 09:34:01 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/01/09 06:38:29 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/09 06:38:29 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/07 17:43:07 | 000,000,170 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\wklnhst.dat
[2013/01/05 10:15:29 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/01/12 09:26:29 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2013/01/10 09:34:01 | 000,000,794 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/01/10 09:34:01 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2012/11/01 11:51:55 | 000,000,170 | ---- | C] () -- C:\Users\Gaetan\AppData\Roaming\wklnhst.dat
[2012/10/29 19:00:34 | 000,325,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/06/26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/06/26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/06/26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/06/12 02:17:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/06/11 23:37:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/06/11 23:37:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/06/10 14:10:03 | 000,012,800 | ---- | C] () -- C:\Users\Gaetan\lettres motiv anne sophie.wps
[2012/06/10 14:10:03 | 000,011,264 | ---- | C] () -- C:\Users\Gaetan\cv anne sophie.wps
[2012/06/10 14:10:03 | 000,010,752 | ---- | C] () -- C:\Users\Gaetan\LETTRE DE MOTIV GAETAN.wps
[2012/06/10 14:10:03 | 000,009,728 | ---- | C] () -- C:\Users\Gaetan\cv gaetan.wps
[2012/06/10 14:04:46 | 000,106,496 | ---- | C] () -- C:\Users\Gaetan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/10 12:23:46 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012/06/10 12:23:46 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012/06/10 12:23:46 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012/06/10 12:23:46 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012/06/10 12:23:46 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012/06/10 12:23:46 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012/06/10 12:23:46 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012/06/10 12:23:46 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012/06/10 12:23:46 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012/06/10 12:23:46 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012/06/10 12:23:46 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012/06/10 12:23:46 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012/06/10 12:23:46 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012/06/10 12:23:46 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012/06/10 12:23:46 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012/06/10 12:23:46 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012/06/10 12:23:46 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012/06/10 12:23:46 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012/06/10 12:23:46 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012/06/10 12:17:30 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini
[2012/06/10 11:31:47 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2012/06/10 10:22:52 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/02/11 22:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2012/07/30 12:17:01 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Adobe
[2012/06/10 12:14:10 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\ArcSoft
[2012/07/24 08:45:35 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Azureus
[2012/06/28 11:25:06 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Foxit Software
[2012/06/10 11:12:46 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\GetRightToGo
[2012/06/09 10:46:02 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Google
[2012/06/09 09:55:51 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Hewlett-Packard
[2012/08/06 12:19:54 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\HpUpdate
[2012/06/09 09:59:19 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Identities
[2012/06/10 12:23:44 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\InstallShield
[2012/07/29 20:11:22 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\IObit
[2012/06/09 09:58:05 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Macromedia
[2012/06/10 11:08:36 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Malwarebytes
[2006/11/02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Media Center Programs
[2012/11/01 11:51:58 | 000,000,000 | --SD | M] -- C:\Users\Gaetan\AppData\Roaming\Microsoft
[2012/08/02 10:41:56 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Mozilla
[2012/06/10 17:50:40 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\MusicNet
[2012/06/09 12:17:05 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Real
[2012/06/21 09:58:57 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Roxio
[2012/08/07 09:07:41 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Samsung
[2012/11/01 11:51:57 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\Template
[2013/01/10 10:15:15 | 000,000,000 | ---D | M] -- C:\Users\Gaetan\AppData\Roaming\vlc

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2012/06/10 13:23:53 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\Gaetan\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2012/10/30 07:28:29 | 000,060,888 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AdminDelegator.exe
[2012/10/30 07:28:29 | 000,088,024 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012/10/30 07:28:30 | 000,077,264 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012/10/30 07:28:30 | 000,843,208 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012/07/16 12:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012/07/16 12:23:58 | 000,278,968 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012/06/26 15:04:30 | 000,320,000 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012/07/16 12:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012/06/26 15:03:34 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012/06/26 15:03:34 | 000,321,536 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012/07/16 12:19:36 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012/07/16 12:24:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012/06/26 15:03:16 | 000,106,960 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012/06/26 15:03:16 | 000,101,328 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012/07/16 12:24:06 | 000,021,432 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012/07/16 12:24:06 | 003,742,648 | ---- | M] (Freeware) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012/06/26 15:03:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012/06/26 15:03:04 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012/07/16 12:24:08 | 000,451,000 | ---- | M] (ml) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012/06/26 15:02:34 | 024,164,152 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012/10/11 01:33:52 | 000,966,072 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012/10/11 01:33:52 | 000,297,912 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012/10/09 01:17:54 | 000,580,096 | ---- | M] (Samsung Electronics) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2012/10/11 01:33:56 | 000,277,432 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012/09/26 12:58:30 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012/10/11 01:33:54 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012/09/27 07:19:08 | 000,171,008 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012/09/27 07:21:52 | 000,325,120 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012/10/10 06:06:28 | 000,689,152 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012/10/11 01:33:56 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012/10/11 01:34:04 | 000,063,416 | ---- | M] () -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012/10/11 01:22:52 | 000,060,888 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2012/10/11 01:22:52 | 000,088,024 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012/10/11 01:22:50 | 000,077,264 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012/10/11 01:33:58 | 000,842,680 | ---- | M] (Samsung) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012/10/11 01:34:00 | 003,767,312 | ---- | M] (Freeware) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012/09/26 12:57:20 | 000,266,240 | ---- | M] (ENJsoft corp.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012/09/26 12:57:20 | 000,102,400 | ---- | M] (ENJsoft corp.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012/10/11 01:34:02 | 000,596,920 | ---- | M] (ml) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012/09/26 12:57:10 | 014,754,760 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012/07/16 12:24:08 | 000,451,000 | ---- | M] (ml) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012/10/11 01:34:02 | 000,596,920 | ---- | M] (ml) -- C:\Users\Gaetan\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2012/06/10 09:05:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012/06/10 09:05:52 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012/06/10 09:05:52 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2012/06/10 09:34:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2012/06/10 09:34:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012/06/10 09:05:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\System32\wininit.exe
[2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : monmodem.netgear.com
Address: 192.168.0.1
Nom : WWW.GOOGLE.FR
Addresses: 2a00:1450:400c:c00::5e
173.194.78.94

< End of report >

Publicité

Signaler le contenu de ce document

Publicité