Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-07-2015 01
Ran by Danilo (administrator) on UNICORNI-9F1ACF on 20-07-2015 18:33:49
Running from C:\Documents and Settings\Danilo\Mes documents\Downloads
Loaded Profiles: Danilo (Available Profiles: Danilo)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Danilo\Mes documents\Downloads\FRST (4).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-57989841-1647877149-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-21-57989841-1647877149-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\S-1-5-21-57989841-1647877149-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://www.webangelis.fr/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2013-09-25] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DCAE91E3-7AC1-4838-BCF3-22FDA0079FA2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Danilo\Application Data\Mozilla\Firefox\Profiles\ugmnih59.default-1385103753828
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-27] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Danilo\Application Data\Mozilla\plugins\npgoogletalk.dll [2011-11-21] (Google)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @talk.google.com/O3DPlugin -> C:\Documents and Settings\Danilo\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll [2011-11-21] ()
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\npgoogletalk.dll [2011-11-21] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll [2011-11-21] ()
FF Extension: Adblock Plus - C:\Documents and Settings\Danilo\Application Data\Mozilla\Firefox\Profiles\ugmnih59.default-1385103753828\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-22]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [825136 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-19] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 AdobeFlashPlayerUpdateSvc; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-08-26] (Cisco Systems, Inc.) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2015-01-13] (Creative)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [27496 2012-09-26] (AVG Technologies)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
S3 CamDrL; C:\WINDOWS\System32\DRIVERS\Camdrl.sys [1075360 2007-02-03] (Logitech Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-13] (REALiX(tm))
S3 hxctlflt; C:\WINDOWS\System32\Drivers\hxctlflt.sys [99968 2009-02-09] (Guillemot Corporation) [File not signed]
R3 LVUSBSta; C:\WINDOWS\System32\DRIVERS\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-19] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2015-01-13] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2012-09-10] (Apple Inc.) [File not signed]
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [4202496 2009-03-04] (Intel Corporation)
S3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6616816 2015-01-13] (Intel Corporation)
S3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [3482112 2009-04-22] () [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 StarOpen; No ImagePath
U1 WS2IFSL; No ImagePath
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\DRIVERS\AegisP.sys 023867B6606FBABCDD52E089C4A507DA
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\drivers\Ambfilt.sys 267FC636801EDC5AB28E14036349E3BE
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgntflt.sys 18FB1022DAFC9036ADA9ECF432FAFD06
C:\WINDOWS\system32\drivers\avgtpx86.sys 3001E24F340D400BFF85935E5777FC5B
C:\WINDOWS\System32\DRIVERS\avipbb.sys 062494C204553210FFC0FC33EA58EB36
C:\WINDOWS\System32\DRIVERS\avkmgr.sys F80F5DCA8A5D9D93CC5BE933D20CAF05
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\System32\DRIVERS\Camdrl.sys 0F5CA31BB3FDB5C1E63C170CFBECC93B
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\drivers\dgderdrv.sys 6216FD7FD227DE454238A702B218CEC7
C:\WINDOWS\System32\DRIVERS\ssudbus.sys 50D5624BB26AF7EAE92EF95F3C6E3CE7
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\WINDOWS\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\e100b325.sys AC9CF17EE2AE003C98EB4F5336C38058
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys C6EE3A87FE609D3E1DB9DBD072A248DE
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\system32\drivers\HWiNFO32.SYS 6FFB351C9C9BB88E91785F4CD7396D31
C:\WINDOWS\System32\Drivers\hxctlflt.sys F02EA43AE8F936124DEBF5B87F12C795
C:\WINDOWS\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\WINDOWS\System32\DRIVERS\igxpmp32.sys 48846B31BE5A4FA662CCFDE7A1BA86B9
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\RtkHDAud.sys 1F7C55FC32919644BA9124217A612A64
C:\WINDOWS\System32\DRIVERS\intelide.sys 4B6DA2F0A4095857A9E3F3697399D575
C:\WINDOWS\System32\DRIVERS\intelppm.sys AD340800C35A42D4DE1641A37FEEA34C
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\lvrs.sys ED643E777BA3F7151EF3F0FB6BE4F7F0
C:\WINDOWS\System32\DRIVERS\LVUSBSta.sys 64BC29C3A0388BFC580BB8B1346F7659
C:\WINDOWS\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204
C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 739164A8B8FB2F1B50A498F20AF7B21E
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\WINDOWS\System32\drivers\Monfilt.sys C7D9F9717916B34C1B00DD4834AF485C
C:\WINDOWS\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netaapl.sys 1352E1648213551923A0A822E441553C
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\NETw5x32.sys CCDB8DB66ACD3C0A6C8E171B79F60AC4
C:\WINDOWS\System32\DRIVERS\NETwLx32.sys FB59993DF61A2D72D0D296368B436E4C
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\WINDOWS\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\WINDOWS\System32\DRIVERS\pciide.sys F4BFDE7209C14A07AAA61E4D6AE69EAC
C:\WINDOWS\System32\DRIVERS\pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\WINDOWS\System32\DRIVERS\RTL8192su.sys B1DB1E76D94788B48D9C579F4439C71D
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\WINDOWS\System32\DRIVERS\sffdisk.sys 0FA803C64DF0914B41F807EA276BF2A6
C:\WINDOWS\System32\DRIVERS\sffp_sd.sys C17C331E435ED8737525C86A7557B3AC
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\DRIVERS\snp2uvc.sys A70F178299812DCE4CC0E802D403BE9B
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssmdrv.sys 424566865D82AA4BD8D6546C1F2065FA
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys 9359AB8BEA059222742345ED63147222
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\drivers\tifm21.sys 9179E07503630D6FB2E4162FF0196191
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\Drivers\usbvideo.sys 813236B1183CFCF289E367BD5DE6E29E
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WinUSB.sys FD600B032E741EB6AAB509FC630F7C42
C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\WUDFRd.sys 28B524262BCE6DE1F7EF9F510BA3985B
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 18:22 - 2015-07-20 18:33 - 00000000 ____D C:\FRST
2015-07-20 18:18 - 2015-07-20 18:18 - 00001643 _____ C:\Documents and Settings\Danilo\Bureau\AdwCleaner[S3]20 juillet.txt
2015-07-20 17:21 - 2015-07-20 17:21 - 00069099 _____ C:\Documents and Settings\Danilo\Bureau\ZHPDiag 20 juillet.txt
2015-07-20 16:21 - 2015-07-20 16:21 - 01843712 _____ C:\Documents and Settings\Danilo\ZHPDiag3.exe
2015-07-19 11:34 - 2015-07-19 11:34 - 00000419 _____ C:\WINDOWS\setupapi.log
2015-07-19 11:28 - 2015-07-19 11:28 - 00000060 _____ C:\WINDOWS\setupact.log
2015-07-19 11:28 - 2015-07-19 11:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-18 15:24 - 2015-07-19 18:08 - 00000812 _____ C:\Documents and Settings\Danilo\Bureau\ZHPCleaner.lnk
2015-07-18 14:20 - 2015-07-19 17:38 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-18 14:20 - 2015-07-18 14:20 - 00000777 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2015-07-18 14:20 - 2015-07-18 14:20 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-18 14:20 - 2015-07-18 14:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2015-07-18 14:20 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-18 14:20 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-07 10:23 - 2015-07-07 10:23 - 00000847 _____ C:\Documents and Settings\All Users\Bureau\Avira.lnk
2015-06-27 11:59 - 2015-06-28 07:15 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\Fete Voisins 2015
2015-05-25 21:14 - 2015-05-25 21:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2015-05-25 19:44 - 2015-05-25 19:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2015-05-25 13:07 - 2015-05-25 13:12 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\DANILO
2015-05-19 16:50 - 2015-07-20 18:13 - 00000000 ____D C:\AdwCleaner
2015-05-16 12:40 - 2015-05-16 12:43 - 00000000 ____D C:\WINDOWS\system32\㡋㐶
2015-04-30 15:17 - 2015-07-20 18:16 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-04-30 06:37 - 2015-04-30 06:37 - 00000000 ____D C:\WINDOWS\system32\㍋㐶
2015-04-29 14:37 - 2015-04-29 14:38 - 00000000 ____D C:\WINDOWS\system32\㐶
2015-04-28 06:42 - 2015-04-28 06:44 - 00000000 ____D C:\WINDOWS\system32\捯浵湥獴愠摮匠瑥楴杮屳汁獕牥屳灁汰捩瑡潩慄慴䅜楶慲䅜瑮癩物獵䉜䍁啋屐
2015-04-28 06:33 - 2015-07-20 18:15 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-04-28 06:33 - 2015-04-30 15:15 - 00000000 ____C C:\WINDOWS\Sti_Trace.log
2015-04-23 22:46 - 2015-06-27 12:18 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\VelSatis Grise
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 18:34 - 2012-10-09 13:14 - 00000000 ____D C:\Documents and Settings\Danilo\Local Settings\Temp
2015-07-20 18:33 - 2014-07-30 08:50 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-20 18:18 - 2010-08-03 14:34 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau
2015-07-20 18:16 - 2010-08-03 14:27 - 01521475 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-20 18:15 - 2015-02-03 23:17 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d03ff6c20fc524.job
2015-07-20 18:14 - 2015-04-03 07:30 - 00032550 _____ C:\WINDOWS\SchedLgU.Txt
2015-07-20 18:14 - 2010-08-03 14:32 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2015-07-20 18:14 - 2010-08-03 14:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-20 18:13 - 2014-01-28 09:02 - 00200442 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-07-20 18:13 - 2010-08-03 14:34 - 00000184 ___SH C:\Documents and Settings\Danilo\ntuser.ini
2015-07-20 18:13 - 2010-08-03 14:34 - 00000000 ____D C:\Documents and Settings\Danilo
2015-07-20 16:18 - 2015-03-27 14:15 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\ZHP
2015-07-20 15:03 - 2013-04-18 16:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2015-07-20 15:02 - 2010-08-03 15:59 - 00000000 ___RD C:\Program Files\Fichiers communs
2015-07-20 15:02 - 2010-08-03 15:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-07-20 15:02 - 2010-08-03 15:58 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2015-07-20 14:39 - 2010-08-03 16:22 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\Skype
2015-07-20 14:25 - 2014-05-01 17:29 - 00933706 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-1647877149-682003330-1003-0.dat
2015-07-19 17:30 - 2010-08-03 14:32 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-07-18 08:23 - 2010-10-06 16:03 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\vlc
2015-07-17 07:59 - 2014-07-28 23:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData
2015-07-16 13:27 - 2001-08-24 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-07-14 18:31 - 2014-07-30 08:55 - 00001811 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
2015-07-09 17:02 - 2015-04-01 22:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-07-07 10:22 - 2015-02-02 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira
2015-07-07 10:22 - 2014-11-08 08:45 - 00000000 ____D C:\Program Files\Avira
==================== Files in the root of some directories =======
2012-10-15 16:02 - 2012-10-15 16:02 - 0007887 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.cat
2012-10-15 16:02 - 2012-10-15 16:02 - 0001144 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.inf
2012-10-15 16:02 - 2012-10-15 16:02 - 0000055 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.log
2012-10-15 16:02 - 2012-10-15 16:02 - 0047360 ____C (VSO Software) C:\Documents and Settings\Danilo\Application Data\pcouffin.sys
2013-03-19 17:51 - 2013-05-10 22:00 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Rock Kit
2013-03-19 17:52 - 2013-05-10 22:02 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Rule Actions
2013-03-19 17:51 - 2013-05-10 22:00 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Sample Delay
2013-03-19 17:49 - 2013-05-10 22:02 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Solid Colors
2012-10-15 15:52 - 2012-10-15 15:55 - 0001057 ____C () C:\Documents and Settings\Danilo\Application Data\vso_ts_preview.xml
2014-01-30 00:24 - 2014-01-30 00:24 - 0000059 _____ () C:\Documents and Settings\Danilo\Application Data\WB.CFG
2011-09-07 22:09 - 2014-12-14 10:46 - 0000664 _____ () C:\Documents and Settings\Danilo\Local Settings\Application Data\d3d9caps.dat
2010-08-05 13:16 - 2015-05-29 11:26 - 0054784 ____C () C:\Documents and Settings\Danilo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Danilo\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Ran by Danilo (administrator) on UNICORNI-9F1ACF on 20-07-2015 18:33:49
Running from C:\Documents and Settings\Danilo\Mes documents\Downloads
Loaded Profiles: Danilo (Available Profiles: Danilo)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Danilo\Mes documents\Downloads\FRST (4).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-57989841-1647877149-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.files-ftp.com/~unicorni/phpBB2/index.php
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
HKU\S-1-5-21-57989841-1647877149-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\S-1-5-21-57989841-1647877149-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://www.webangelis.fr/cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2013-09-25] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DCAE91E3-7AC1-4838-BCF3-22FDA0079FA2}: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Danilo\Application Data\Mozilla\Firefox\Profiles\ugmnih59.default-1385103753828
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-27] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Danilo\Application Data\Mozilla\plugins\npgoogletalk.dll [2011-11-21] (Google)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @talk.google.com/O3DPlugin -> C:\Documents and Settings\Danilo\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll [2011-11-21] ()
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-57989841-1647877149-682003330-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll [2013-07-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\npgoogletalk.dll [2011-11-21] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Danilo\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll [2011-11-21] ()
FF Extension: Adblock Plus - C:\Documents and Settings\Danilo\Application Data\Mozilla\Firefox\Profiles\ugmnih59.default-1385103753828\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-22]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Danilo\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-30]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [825136 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-19] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S3 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 AdobeFlashPlayerUpdateSvc; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-08-26] (Cisco Systems, Inc.) [File not signed]
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2015-01-13] (Creative)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [108448 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [27496 2012-09-26] (AVG Technologies)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136728 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
S3 CamDrL; C:\WINDOWS\System32\DRIVERS\Camdrl.sys [1075360 2007-02-03] (Logitech Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-13] (REALiX(tm))
S3 hxctlflt; C:\WINDOWS\System32\Drivers\hxctlflt.sys [99968 2009-02-09] (Guillemot Corporation) [File not signed]
R3 LVUSBSta; C:\WINDOWS\System32\DRIVERS\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2015-07-19] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2015-01-13] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2012-09-10] (Apple Inc.) [File not signed]
S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [4202496 2009-03-04] (Intel Corporation)
S3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6616816 2015-01-13] (Intel Corporation)
S3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [3482112 2009-04-22] () [File not signed]
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 StarOpen; No ImagePath
U1 WS2IFSL; No ImagePath
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\DRIVERS\AegisP.sys 023867B6606FBABCDD52E089C4A507DA
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\drivers\Ambfilt.sys 267FC636801EDC5AB28E14036349E3BE
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgntflt.sys 18FB1022DAFC9036ADA9ECF432FAFD06
C:\WINDOWS\system32\drivers\avgtpx86.sys 3001E24F340D400BFF85935E5777FC5B
C:\WINDOWS\System32\DRIVERS\avipbb.sys 062494C204553210FFC0FC33EA58EB36
C:\WINDOWS\System32\DRIVERS\avkmgr.sys F80F5DCA8A5D9D93CC5BE933D20CAF05
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\System32\DRIVERS\Camdrl.sys 0F5CA31BB3FDB5C1E63C170CFBECC93B
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\drivers\dgderdrv.sys 6216FD7FD227DE454238A702B218CEC7
C:\WINDOWS\System32\DRIVERS\ssudbus.sys 50D5624BB26AF7EAE92EF95F3C6E3CE7
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\WINDOWS\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\e100b325.sys AC9CF17EE2AE003C98EB4F5336C38058
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys C6EE3A87FE609D3E1DB9DBD072A248DE
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\system32\drivers\HWiNFO32.SYS 6FFB351C9C9BB88E91785F4CD7396D31
C:\WINDOWS\System32\Drivers\hxctlflt.sys F02EA43AE8F936124DEBF5B87F12C795
C:\WINDOWS\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\WINDOWS\System32\DRIVERS\igxpmp32.sys 48846B31BE5A4FA662CCFDE7A1BA86B9
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\RtkHDAud.sys 1F7C55FC32919644BA9124217A612A64
C:\WINDOWS\System32\DRIVERS\intelide.sys 4B6DA2F0A4095857A9E3F3697399D575
C:\WINDOWS\System32\DRIVERS\intelppm.sys AD340800C35A42D4DE1641A37FEEA34C
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\lvrs.sys ED643E777BA3F7151EF3F0FB6BE4F7F0
C:\WINDOWS\System32\DRIVERS\LVUSBSta.sys 64BC29C3A0388BFC580BB8B1346F7659
C:\WINDOWS\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204
C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 739164A8B8FB2F1B50A498F20AF7B21E
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\WINDOWS\System32\drivers\Monfilt.sys C7D9F9717916B34C1B00DD4834AF485C
C:\WINDOWS\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netaapl.sys 1352E1648213551923A0A822E441553C
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\NETw5x32.sys CCDB8DB66ACD3C0A6C8E171B79F60AC4
C:\WINDOWS\System32\DRIVERS\NETwLx32.sys FB59993DF61A2D72D0D296368B436E4C
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\WINDOWS\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\WINDOWS\System32\DRIVERS\pciide.sys F4BFDE7209C14A07AAA61E4D6AE69EAC
C:\WINDOWS\System32\DRIVERS\pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\WINDOWS\System32\DRIVERS\RTL8192su.sys B1DB1E76D94788B48D9C579F4439C71D
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\WINDOWS\System32\DRIVERS\sffdisk.sys 0FA803C64DF0914B41F807EA276BF2A6
C:\WINDOWS\System32\DRIVERS\sffp_sd.sys C17C331E435ED8737525C86A7557B3AC
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\DRIVERS\snp2uvc.sys A70F178299812DCE4CC0E802D403BE9B
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssmdrv.sys 424566865D82AA4BD8D6546C1F2065FA
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys 9359AB8BEA059222742345ED63147222
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\drivers\tifm21.sys 9179E07503630D6FB2E4162FF0196191
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\Drivers\usbvideo.sys 813236B1183CFCF289E367BD5DE6E29E
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WinUSB.sys FD600B032E741EB6AAB509FC630F7C42
C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\WUDFRd.sys 28B524262BCE6DE1F7EF9F510BA3985B
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 18:22 - 2015-07-20 18:33 - 00000000 ____D C:\FRST
2015-07-20 18:18 - 2015-07-20 18:18 - 00001643 _____ C:\Documents and Settings\Danilo\Bureau\AdwCleaner[S3]20 juillet.txt
2015-07-20 17:21 - 2015-07-20 17:21 - 00069099 _____ C:\Documents and Settings\Danilo\Bureau\ZHPDiag 20 juillet.txt
2015-07-20 16:21 - 2015-07-20 16:21 - 01843712 _____ C:\Documents and Settings\Danilo\ZHPDiag3.exe
2015-07-19 11:34 - 2015-07-19 11:34 - 00000419 _____ C:\WINDOWS\setupapi.log
2015-07-19 11:28 - 2015-07-19 11:28 - 00000060 _____ C:\WINDOWS\setupact.log
2015-07-19 11:28 - 2015-07-19 11:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-18 15:24 - 2015-07-19 18:08 - 00000812 _____ C:\Documents and Settings\Danilo\Bureau\ZHPCleaner.lnk
2015-07-18 14:20 - 2015-07-19 17:38 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-18 14:20 - 2015-07-18 14:20 - 00000777 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2015-07-18 14:20 - 2015-07-18 14:20 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-18 14:20 - 2015-07-18 14:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2015-07-18 14:20 - 2015-06-18 08:41 - 00121560 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-18 14:20 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-07 10:23 - 2015-07-07 10:23 - 00000847 _____ C:\Documents and Settings\All Users\Bureau\Avira.lnk
2015-06-27 11:59 - 2015-06-28 07:15 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\Fete Voisins 2015
2015-05-25 21:14 - 2015-05-25 21:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
2015-05-25 19:44 - 2015-05-25 19:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2015-05-25 13:07 - 2015-05-25 13:12 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\DANILO
2015-05-19 16:50 - 2015-07-20 18:13 - 00000000 ____D C:\AdwCleaner
2015-05-16 12:40 - 2015-05-16 12:43 - 00000000 ____D C:\WINDOWS\system32\㡋㐶
2015-04-30 15:17 - 2015-07-20 18:16 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-04-30 06:37 - 2015-04-30 06:37 - 00000000 ____D C:\WINDOWS\system32\㍋㐶
2015-04-29 14:37 - 2015-04-29 14:38 - 00000000 ____D C:\WINDOWS\system32\㐶
2015-04-28 06:42 - 2015-04-28 06:44 - 00000000 ____D C:\WINDOWS\system32\捯浵湥獴愠摮匠瑥楴杮屳汁獕牥屳灁汰捩瑡潩慄慴䅜楶慲䅜瑮癩物獵䉜䍁啋屐
2015-04-28 06:33 - 2015-07-20 18:15 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-04-28 06:33 - 2015-04-30 15:15 - 00000000 ____C C:\WINDOWS\Sti_Trace.log
2015-04-23 22:46 - 2015-06-27 12:18 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau\VelSatis Grise
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 18:34 - 2012-10-09 13:14 - 00000000 ____D C:\Documents and Settings\Danilo\Local Settings\Temp
2015-07-20 18:33 - 2014-07-30 08:50 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-20 18:18 - 2010-08-03 14:34 - 00000000 ____D C:\Documents and Settings\Danilo\Bureau
2015-07-20 18:16 - 2010-08-03 14:27 - 01521475 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-20 18:15 - 2015-02-03 23:17 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d03ff6c20fc524.job
2015-07-20 18:14 - 2015-04-03 07:30 - 00032550 _____ C:\WINDOWS\SchedLgU.Txt
2015-07-20 18:14 - 2010-08-03 14:32 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2015-07-20 18:14 - 2010-08-03 14:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-20 18:13 - 2014-01-28 09:02 - 00200442 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-07-20 18:13 - 2010-08-03 14:34 - 00000184 ___SH C:\Documents and Settings\Danilo\ntuser.ini
2015-07-20 18:13 - 2010-08-03 14:34 - 00000000 ____D C:\Documents and Settings\Danilo
2015-07-20 16:18 - 2015-03-27 14:15 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\ZHP
2015-07-20 15:03 - 2013-04-18 16:04 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2015-07-20 15:02 - 2010-08-03 15:59 - 00000000 ___RD C:\Program Files\Fichiers communs
2015-07-20 15:02 - 2010-08-03 15:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-07-20 15:02 - 2010-08-03 15:58 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2015-07-20 14:39 - 2010-08-03 16:22 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\Skype
2015-07-20 14:25 - 2014-05-01 17:29 - 00933706 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-1647877149-682003330-1003-0.dat
2015-07-19 17:30 - 2010-08-03 14:32 - 00000000 __SHD C:\Documents and Settings\LocalService
2015-07-18 08:23 - 2010-10-06 16:03 - 00000000 ____D C:\Documents and Settings\Danilo\Application Data\vlc
2015-07-17 07:59 - 2014-07-28 23:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData
2015-07-16 13:27 - 2001-08-24 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-07-14 18:31 - 2014-07-30 08:55 - 00001811 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
2015-07-09 17:02 - 2015-04-01 22:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Package Cache
2015-07-07 10:22 - 2015-02-02 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avira
2015-07-07 10:22 - 2014-11-08 08:45 - 00000000 ____D C:\Program Files\Avira
==================== Files in the root of some directories =======
2012-10-15 16:02 - 2012-10-15 16:02 - 0007887 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.cat
2012-10-15 16:02 - 2012-10-15 16:02 - 0001144 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.inf
2012-10-15 16:02 - 2012-10-15 16:02 - 0000055 ____C () C:\Documents and Settings\Danilo\Application Data\pcouffin.log
2012-10-15 16:02 - 2012-10-15 16:02 - 0047360 ____C (VSO Software) C:\Documents and Settings\Danilo\Application Data\pcouffin.sys
2013-03-19 17:51 - 2013-05-10 22:00 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Rock Kit
2013-03-19 17:52 - 2013-05-10 22:02 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Rule Actions
2013-03-19 17:51 - 2013-05-10 22:00 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Sample Delay
2013-03-19 17:49 - 2013-05-10 22:02 - 0000000 ____C () C:\Documents and Settings\Danilo\Application Data\Solid Colors
2012-10-15 15:52 - 2012-10-15 15:55 - 0001057 ____C () C:\Documents and Settings\Danilo\Application Data\vso_ts_preview.xml
2014-01-30 00:24 - 2014-01-30 00:24 - 0000059 _____ () C:\Documents and Settings\Danilo\Application Data\WB.CFG
2011-09-07 22:09 - 2014-12-14 10:46 - 0000664 _____ () C:\Documents and Settings\Danilo\Local Settings\Application Data\d3d9caps.dat
2010-08-05 13:16 - 2015-05-29 11:26 - 0054784 ____C () C:\Documents and Settings\Danilo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Documents and Settings\Danilo\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Danilo\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================