Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Dafour (administrator) on DAFOUR-B76E5A3B on 17-03-2015 21:10:17
Running from E:\Téléchargements
Loaded Profiles: Dafour & UpdatusUser (Available profiles: Dafour & UpdatusUser)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIHLE.EXE
() C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) E:\Téléchargements\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Six Engine] => C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [5756544 2010-02-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [uTorrent] => C:\Documents and Settings\Dafour\Application Data\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-17] (Google Inc.)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\MountPoints2: {04a44987-ba0f-11e2-a65b-4c60de5c47cf} - G:\iStudio.exe
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG311v3 Smart Wizard.lnk
ShortcutTarget: NETGEAR WG311v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-583907252-1788223648-1801674531-1008\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-583907252-1788223648-1801674531-1008] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-583907252-1788223648-1801674531-1004 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_frFR523
SearchScopes: HKU\S-1-5-21-583907252-1788223648-1801674531-1008 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-09] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll [2013-05-29] (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll [2013-05-29] (Google Inc.)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Dafour\Application Data\Mozilla\Firefox\Profiles\ll7n1v4l.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.fr/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @ma-config.com/HardwareDetection -> C:\Program Files\ma-config.com\nphardwaredetection.dll [2012-09-02] (Cybelsoft)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Français Language Pack - C:\Documents and Settings\Dafour\Application Data\Mozilla\Firefox\Profiles\ll7n1v4l.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2014-04-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-09-10]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-09-10]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-12-31]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (YouTube) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google Search) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Kaspersky URL Advisor) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-04-14]
CHR Extension: (Safe Money) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-04-14]
CHR Extension: (Virtual Keyboard) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-04-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-30]
CHR Extension: (Gmail) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR Extension: (Anti-Banner) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-04-14]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2015-01-19] (Apple Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S3 maconfservice; C:\Program Files\ma-config.com\maconfservice.exe [312264 2012-09-02] (CybelSoft)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [652800 2010-02-26] (Nokia) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ahcix86; C:\WINDOWS\System32\DRIVERS\ahcix86.sys [187960 2009-10-06] (Advanced Micro Devices, Inc)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [102888 2011-11-03] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [313832 2011-11-03] (ASMedia Technology Inc)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [13056 2013-10-24] ()
S3 driverhardwarev2; C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [16640 2011-07-21] (CybelSoft)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [595040 2014-05-20] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [145224 2015-02-17] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\WNA1000M.sys [994664 2011-01-31] (Realtek Semiconductor Corporation )
S3 W8335XP; C:\WINDOWS\System32\DRIVERS\WG311v3XP.sys [282624 2005-12-29] (Marvell Semiconductor, Inc) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz134; \??\C:\WINDOWS\TEMP\cpuz134\cpuz134_x32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74336 2014-05-20] (Kaspersky Lab ZAO)
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 20:51 - 2015-03-17 20:51 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2015-03-17 13:29 - 2015-03-17 19:47 - 00009666 _____ () C:\WINDOWS\setupapi.log
2015-03-17 12:13 - 2015-03-17 12:13 - 00022567 _____ () C:\Documents and Settings\Dafour\Bureau\mode.txt
2015-03-17 08:05 - 2015-03-17 08:05 - 00024771 _____ () C:\Documents and Settings\Dafour\Bureau\eset online scanner.txt
2015-03-16 17:59 - 2015-03-16 17:59 - 00000000 ____D () C:\Program Files\ESET
2015-03-16 08:51 - 2015-03-17 18:55 - 00017408 _____ () C:\Documents and Settings\Dafour\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-15 21:12 - 2015-03-15 20:53 - 01135104 _____ (Farbar) C:\Documents and Settings\Dafour\Bureau\FRST(1).exe
2015-03-15 17:38 - 2015-03-15 17:38 - 00030097 _____ () C:\Documents and Settings\Dafour\Bureau\FRST.txt deux.txt
2015-03-15 17:37 - 2015-03-15 17:37 - 00035163 _____ () C:\Documents and Settings\Dafour\Bureau\Addition.txt premier.txt
2015-03-15 17:36 - 2015-03-17 21:10 - 00000000 ____D () C:\FRST
2015-03-15 16:18 - 2015-03-17 18:47 - 00000120 _____ () C:\WINDOWS\setupact.log
2015-03-15 16:18 - 2015-03-15 16:18 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 14:54 - 2015-03-15 14:54 - 00001481 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPFixReport.txt
2015-03-15 12:00 - 2015-03-15 12:00 - 00115782 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.txt rep.txt
2015-03-15 11:58 - 2015-03-15 11:58 - 00115782 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.txt
2015-03-15 11:54 - 2015-03-15 11:54 - 00001628 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPFix.lnk
2015-03-15 11:54 - 2015-03-15 11:54 - 00001523 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.lnk
2015-03-15 10:31 - 2015-03-15 11:46 - 00004049 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPCleaner.txt
2015-03-15 10:27 - 2015-03-15 11:36 - 00000812 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPCleaner.lnk
2015-03-07 23:17 - 2015-03-17 20:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-04 13:26 - 2015-03-04 13:26 - 00000104 _____ () C:\Documents and Settings\Dafour\Bureau\Raccourci vers Corbeille.lnk
2015-03-02 16:17 - 2015-03-02 16:17 - 00000000 ____D () C:\Documents and Settings\Dafour\Local Settings\Application Data\eMule0.60
2015-03-02 16:00 - 2015-03-02 16:00 - 00000152 _____ () C:\WINDOWS\$PREFFILE
2015-02-28 12:49 - 2015-02-28 12:49 - 00369495 _____ () C:\Documents and Settings\Dafour\Bureau\photo.php
2015-02-19 18:09 - 2015-02-19 18:09 - 00001542 _____ () C:\Documents and Settings\All Users\Bureau\iTunes.lnk
2015-02-19 18:09 - 2015-02-19 18:09 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 21:10 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour\Local Settings\Temp
2015-03-17 21:00 - 2014-09-02 19:15 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\uTorrent
2015-03-17 20:55 - 2012-09-10 13:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-03-17 20:54 - 2014-03-19 09:13 - 00000224 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2015-03-17 20:54 - 2012-09-10 08:40 - 01220930 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-17 20:52 - 2013-09-24 09:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-17 20:52 - 2013-09-24 09:11 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-17 20:52 - 2012-09-10 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-17 20:51 - 2014-04-13 17:59 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-03-17 20:51 - 2014-04-13 17:59 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\ZHP
2015-03-17 20:51 - 2012-09-10 10:29 - 00000000 __SHD () C:\Documents and Settings\Default User\Local Settings\Historique
2015-03-17 20:51 - 2012-09-10 10:29 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-03-17 20:51 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau
2015-03-17 20:51 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour
2015-03-17 20:50 - 2013-07-28 19:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-17 20:48 - 2014-04-15 15:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-17 20:42 - 2013-09-24 09:10 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-17 20:41 - 2013-11-28 09:19 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\a garder
2015-03-17 20:25 - 2012-11-09 13:46 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-17 18:20 - 2014-07-01 18:14 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-17 18:11 - 2012-09-10 08:46 - 00000184 ___SH () C:\Documents and Settings\Dafour\ntuser.ini
2015-03-17 12:32 - 2012-09-10 09:22 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-17 12:22 - 2012-09-10 10:29 - 01615898 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-17 11:06 - 2013-06-08 07:08 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-03-16 16:57 - 2012-09-16 17:51 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\vlc
2015-03-16 16:55 - 2012-09-10 08:45 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Historique
2015-03-15 21:15 - 2012-09-10 08:46 - 00000000 __SHD () C:\Documents and Settings\Dafour\Local Settings\Historique
2015-03-15 21:13 - 2014-02-18 21:11 - 00000184 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-03-15 21:13 - 2014-02-18 21:11 - 00000000 ___HD () C:\Documents and Settings\UpdatusUser\Local Settings\Historique
2015-03-15 21:13 - 2012-09-10 08:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-03-15 21:13 - 2012-09-10 08:43 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Local Settings\Historique
2015-03-15 21:13 - 2012-09-10 08:43 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-03-15 11:58 - 2014-04-13 18:02 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-03-14 20:40 - 2014-02-18 09:06 - 00000000 ____D () C:\AdwCleaner
2015-03-14 08:45 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-13 15:52 - 2012-09-10 13:55 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\vu
2015-03-13 13:05 - 2014-11-25 18:32 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\enfant
2015-03-12 16:33 - 2013-02-05 20:32 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-03-11 21:18 - 2012-09-11 09:11 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-08 15:00 - 2014-03-19 09:13 - 00000218 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2015-03-08 10:24 - 2012-09-10 08:39 - 00000000 ____D () C:\WINDOWS\srchasst
2015-03-03 08:45 - 2014-02-17 19:17 - 00001024 ____H () C:\WINDOWS\system32\config\elam.LOG
2015-03-02 22:18 - 2012-10-07 12:54 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2015-03-02 16:28 - 2013-09-29 17:11 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2015-03-02 16:28 - 2012-09-10 10:29 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2015-03-02 16:17 - 2012-09-10 08:46 - 00000000 ___RD () C:\Documents and Settings\Dafour\Menu Démarrer\Programmes
2015-02-28 12:51 - 2013-09-08 09:38 - 00090624 ___SH () C:\Documents and Settings\Dafour\Bureau\Thumbs.db
2015-02-24 21:19 - 2012-09-10 13:47 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\a voir
2015-02-19 18:09 - 2013-10-08 10:54 - 00000000 ____D () C:\Program Files\iTunes
2015-02-19 18:08 - 2013-10-08 10:54 - 00000000 ____D () C:\Program Files\iPod
2015-02-17 18:13 - 2012-08-13 15:49 - 00145224 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
==================== Files in the root of some directories =======
2015-03-16 08:51 - 2015-03-17 18:55 - 0017408 _____ () C:\Documents and Settings\Dafour\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by Dafour (administrator) on DAFOUR-B76E5A3B on 17-03-2015 21:10:17
Running from E:\Téléchargements
Loaded Profiles: Dafour & UpdatusUser (Available profiles: Dafour & UpdatusUser)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIHLE.EXE
() C:\Program Files\NETGEAR\WG311v3\WG311v3.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) E:\Téléchargements\FRST(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Six Engine] => C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [5756544 2010-02-03] (ASUSTeK Computer Inc.)
HKLM\...\Run: [AVP] => C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [uTorrent] => C:\Documents and Settings\Dafour\Application Data\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-02-17] (Google Inc.)
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-583907252-1788223648-1801674531-1004\...\MountPoints2: {04a44987-ba0f-11e2-a65b-4c60de5c47cf} - G:\iStudio.exe
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NETGEAR WG311v3 Smart Wizard.lnk
ShortcutTarget: NETGEAR WG311v3 Smart Wizard.lnk -> C:\Program Files\NETGEAR\WG311v3\WG311v3.exe ()
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-583907252-1788223648-1801674531-1008\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-583907252-1788223648-1801674531-1008] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-583907252-1788223648-1801674531-1004 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}&rlz=1I7MXGB_frFR523
SearchScopes: HKU\S-1-5-21-583907252-1788223648-1801674531-1008 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-05-20] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-09] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-11] (Kaspersky Lab ZAO)
BHO: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll [2013-05-29] (Google Inc.)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll [2013-05-29] (Google Inc.)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Dafour\Application Data\Mozilla\Firefox\Profiles\ll7n1v4l.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.fr/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @ma-config.com/HardwareDetection -> C:\Program Files\ma-config.com\nphardwaredetection.dll [2012-09-02] (Cybelsoft)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll [2014-02-12] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Extension: Français Language Pack - C:\Documents and Settings\Dafour\Application Data\Mozilla\Firefox\Profiles\ll7n1v4l.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2014-04-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-09-10]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Kaspersky виртуелна тастатура - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-09-10]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-09-10]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2012-12-31]
Chrome:
=======
CHR Profile: C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (YouTube) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Google Search) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Kaspersky URL Advisor) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-04-14]
CHR Extension: (Safe Money) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-04-14]
CHR Extension: (Virtual Keyboard) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-04-14]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-30]
CHR Extension: (Gmail) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR Extension: (Anti-Banner) - C:\Documents and Settings\Dafour\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-04-14]
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-17]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744 2015-01-19] (Apple Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
S3 maconfservice; C:\Program Files\ma-config.com\maconfservice.exe [312264 2012-09-02] (CybelSoft)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MyEpson Portal Service; C:\Program Files\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S3 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [652800 2010-02-26] (Nokia) [File not signed]
R2 ZuneBusEnum; C:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ahcix86; C:\WINDOWS\System32\DRIVERS\ahcix86.sys [187960 2009-10-06] (Advanced Micro Devices, Inc)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [102888 2011-11-03] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [313832 2011-11-03] (ASMedia Technology Inc)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [13056 2013-10-24] (
S3 driverhardwarev2; C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [16640 2011-07-21] (CybelSoft)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [595040 2014-05-20] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [145224 2015-02-17] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [124264 2012-07-03] (NVIDIA Corporation)
R3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\WNA1000M.sys [994664 2011-01-31] (Realtek Semiconductor Corporation )
S3 W8335XP; C:\WINDOWS\System32\DRIVERS\WG311v3XP.sys [282624 2005-12-29] (Marvell Semiconductor, Inc) [File not signed]
R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation)
S3 cpuz134; \??\C:\WINDOWS\TEMP\cpuz134\cpuz134_x32.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74336 2014-05-20] (Kaspersky Lab ZAO)
S3 ProcObsrv; \??\C:\Program Files\Glary Utilities 3\ProcObsrv.sys [X]
U1 WS2IFSL; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 20:51 - 2015-03-17 20:51 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2015-03-17 13:29 - 2015-03-17 19:47 - 00009666 _____ () C:\WINDOWS\setupapi.log
2015-03-17 12:13 - 2015-03-17 12:13 - 00022567 _____ () C:\Documents and Settings\Dafour\Bureau\mode.txt
2015-03-17 08:05 - 2015-03-17 08:05 - 00024771 _____ () C:\Documents and Settings\Dafour\Bureau\eset online scanner.txt
2015-03-16 17:59 - 2015-03-16 17:59 - 00000000 ____D () C:\Program Files\ESET
2015-03-16 08:51 - 2015-03-17 18:55 - 00017408 _____ () C:\Documents and Settings\Dafour\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-15 21:12 - 2015-03-15 20:53 - 01135104 _____ (Farbar) C:\Documents and Settings\Dafour\Bureau\FRST(1).exe
2015-03-15 17:38 - 2015-03-15 17:38 - 00030097 _____ () C:\Documents and Settings\Dafour\Bureau\FRST.txt deux.txt
2015-03-15 17:37 - 2015-03-15 17:37 - 00035163 _____ () C:\Documents and Settings\Dafour\Bureau\Addition.txt premier.txt
2015-03-15 17:36 - 2015-03-17 21:10 - 00000000 ____D () C:\FRST
2015-03-15 16:18 - 2015-03-17 18:47 - 00000120 _____ () C:\WINDOWS\setupact.log
2015-03-15 16:18 - 2015-03-15 16:18 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-15 14:54 - 2015-03-15 14:54 - 00001481 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPFixReport.txt
2015-03-15 12:00 - 2015-03-15 12:00 - 00115782 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.txt rep.txt
2015-03-15 11:58 - 2015-03-15 11:58 - 00115782 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.txt
2015-03-15 11:54 - 2015-03-15 11:54 - 00001628 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPFix.lnk
2015-03-15 11:54 - 2015-03-15 11:54 - 00001523 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPDiag.lnk
2015-03-15 10:31 - 2015-03-15 11:46 - 00004049 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPCleaner.txt
2015-03-15 10:27 - 2015-03-15 11:36 - 00000812 _____ () C:\Documents and Settings\Dafour\Bureau\ZHPCleaner.lnk
2015-03-07 23:17 - 2015-03-17 20:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-04 13:26 - 2015-03-04 13:26 - 00000104 _____ () C:\Documents and Settings\Dafour\Bureau\Raccourci vers Corbeille.lnk
2015-03-02 16:17 - 2015-03-02 16:17 - 00000000 ____D () C:\Documents and Settings\Dafour\Local Settings\Application Data\eMule0.60
2015-03-02 16:00 - 2015-03-02 16:00 - 00000152 _____ () C:\WINDOWS\$PREFFILE
2015-02-28 12:49 - 2015-02-28 12:49 - 00369495 _____ () C:\Documents and Settings\Dafour\Bureau\photo.php
2015-02-19 18:09 - 2015-02-19 18:09 - 00001542 _____ () C:\Documents and Settings\All Users\Bureau\iTunes.lnk
2015-02-19 18:09 - 2015-02-19 18:09 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-17 21:10 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour\Local Settings\Temp
2015-03-17 21:00 - 2014-09-02 19:15 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\uTorrent
2015-03-17 20:55 - 2012-09-10 13:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-03-17 20:54 - 2014-03-19 09:13 - 00000224 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2015-03-17 20:54 - 2012-09-10 08:40 - 01220930 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-17 20:52 - 2013-09-24 09:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-17 20:52 - 2013-09-24 09:11 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-17 20:52 - 2012-09-10 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-17 20:51 - 2014-04-13 17:59 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-03-17 20:51 - 2014-04-13 17:59 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\ZHP
2015-03-17 20:51 - 2012-09-10 10:29 - 00000000 __SHD () C:\Documents and Settings\Default User\Local Settings\Historique
2015-03-17 20:51 - 2012-09-10 10:29 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-03-17 20:51 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau
2015-03-17 20:51 - 2012-09-10 08:46 - 00000000 ____D () C:\Documents and Settings\Dafour
2015-03-17 20:50 - 2013-07-28 19:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-17 20:48 - 2014-04-15 15:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-17 20:42 - 2013-09-24 09:10 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-17 20:41 - 2013-11-28 09:19 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\a garder
2015-03-17 20:25 - 2012-11-09 13:46 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-17 18:20 - 2014-07-01 18:14 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-17 18:11 - 2012-09-10 08:46 - 00000184 ___SH () C:\Documents and Settings\Dafour\ntuser.ini
2015-03-17 12:32 - 2012-09-10 09:22 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-17 12:22 - 2012-09-10 10:29 - 01615898 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-17 11:06 - 2013-06-08 07:08 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-03-16 16:57 - 2012-09-16 17:51 - 00000000 ____D () C:\Documents and Settings\Dafour\Application Data\vlc
2015-03-16 16:55 - 2012-09-10 08:45 - 00000000 ___HD () C:\Documents and Settings\LocalService\Local Settings\Historique
2015-03-15 21:15 - 2012-09-10 08:46 - 00000000 __SHD () C:\Documents and Settings\Dafour\Local Settings\Historique
2015-03-15 21:13 - 2014-02-18 21:11 - 00000184 ___SH () C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-03-15 21:13 - 2014-02-18 21:11 - 00000000 ___HD () C:\Documents and Settings\UpdatusUser\Local Settings\Historique
2015-03-15 21:13 - 2012-09-10 08:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-03-15 21:13 - 2012-09-10 08:43 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Local Settings\Historique
2015-03-15 21:13 - 2012-09-10 08:43 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-03-15 11:58 - 2014-04-13 18:02 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-03-14 20:40 - 2014-02-18 09:06 - 00000000 ____D () C:\AdwCleaner
2015-03-14 08:45 - 2008-04-14 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-13 15:52 - 2012-09-10 13:55 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\vu
2015-03-13 13:05 - 2014-11-25 18:32 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\enfant
2015-03-12 16:33 - 2013-02-05 20:32 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-03-11 21:18 - 2012-09-11 09:11 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-08 15:00 - 2014-03-19 09:13 - 00000218 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2015-03-08 10:24 - 2012-09-10 08:39 - 00000000 ____D () C:\WINDOWS\srchasst
2015-03-03 08:45 - 2014-02-17 19:17 - 00001024 ____H () C:\WINDOWS\system32\config\elam.LOG
2015-03-02 22:18 - 2012-10-07 12:54 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2015-03-02 16:28 - 2013-09-29 17:11 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2015-03-02 16:28 - 2012-09-10 10:29 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2015-03-02 16:17 - 2012-09-10 08:46 - 00000000 ___RD () C:\Documents and Settings\Dafour\Menu Démarrer\Programmes
2015-02-28 12:51 - 2013-09-08 09:38 - 00090624 ___SH () C:\Documents and Settings\Dafour\Bureau\Thumbs.db
2015-02-24 21:19 - 2012-09-10 13:47 - 00000000 ____D () C:\Documents and Settings\Dafour\Bureau\a voir
2015-02-19 18:09 - 2013-10-08 10:54 - 00000000 ____D () C:\Program Files\iTunes
2015-02-19 18:08 - 2013-10-08 10:54 - 00000000 ____D () C:\Program Files\iPod
2015-02-17 18:13 - 2012-08-13 15:49 - 00145224 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys
==================== Files in the root of some directories =======
2015-03-16 08:51 - 2015-03-17 18:55 - 0017408 _____ () C:\Documents and Settings\Dafour\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================