Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-05-2015 01
Ran by RA (administrator) on THOR-8CF1C1F72E on 28-05-2015 14:21:11
Running from E:\Documents and Settings\RA\Bureau
Loaded Profiles: RA (Available Profiles: RA)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) F:\[XProgrammes]\[Pilotes]\TrackMan Marble FX\MouseWare\system\EM_EXEC.EXE
(SlipStream Data Inc.) E:\WProG\INTERNET\worldlineAccelerator\slipcore.exe
(Microsoft Corporation) E:\Program Files\Microsoft IntelliType Pro\itype.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(KsL Software) F:\[XProgrammes]\SYSTÈME\BDR\Registry First Aid 10\rfagent32.exe
(SoftPerfect Research) F:\[XProgrammes]\INTERNET\TRAFIC METERS\NetWorx\networx.exe
(NetTalk.com Inc.) F:\[XProgrammes]\[Pilotes]\netTALK\nettalkg.exe
(Creative Technology Ltd.) E:\WINDOWS\system32\devldr32.exe
(Andrey Gruber) C:\Z\D\PNotes\PNotes.exe
(Sun Microsystems, Inc.) E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
() F:\[XProgrammes]\INTERNET\NetMeter\NetMeter.exe
() F:\[XProgrammes]\PIMs\Rainlendar2\Rainlendar2.exe
(XRayz Software) F:\[XProgrammes]\ClipCache 3.5\clipc.exe
(BonSoft) F:\[XProgrammes]\ClocX\ClocX.exe
() C:\Z\D\INTERNET\PROXOMITRON\Proxomitron.exe
() F:\[XProgrammes]\[Exec]\Firemin\Firemin.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) E:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Sun Microsystems, Inc.) F:\[XProgrammes]\INTERNET\JAVA\bin\jqs.exe
(LAN Detective Software) F:\[XProgrammes]\INTERNET\TRAFIC MONITOR\LAN Detective Pro\LDIntSvc.exe
(Nero AG) E:\Program Files\Nero\Update\NASvc.exe
() F:\[XProgrammes]\[Pilotes]\netTALK\nettalkl.exe
(PC Tools) E:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) E:\WINDOWS\system32\tcpsvcs.exe
() F:\[XProgrammes]\[Pilotes]\netTALK\nettalkd.exe
(Mozilla Corporation) F:\[XProgrammes]\Mozilla\firefox.exe
(FreeDownloadManager.ORG) F:\[XProgrammes]\INTERNET\Free Download Manager\fdm.exe
(Sysinternals - www.sysinternals.com) F:\[XProgrammes]\SYSTÈME\SYSInternals\PROCESS MONITOR.exe
(Sysinternals) C:\Z\D\DUN\TcpView\Tcpview.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Utility] => E:\WINDOWS\Logi_MwX.Exe [20992 2003-12-11] (Logitech Inc.)
HKLM\...\Run: [SlipStream] => E:\WProG\INTERNET\worldlineAccelerator\slipcore.exe [253952 2006-05-23] (SlipStream Data Inc.)
HKLM\...\Run: [DFX] => E:\Program Files\DFX\DFX.exe [1131880 2013-01-10] ()
HKLM\...\Run: [itype] => E:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [AVP] => E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2015-04-24] (Kaspersky Lab ZAO)
HKLM\...\Run: [StartCCC] => F:\[XProgrammes]\[Pilotes]\ATI\ATI.ACE\Core-Static\CLIStart.exe [98304 2014-01-07] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [rfagent] => F:\[XProgrammes]\SYSTÈME\BDR\Registry First Aid 10\rfagent32.exe [2868248 2014-11-26] (KsL Software)
HKLM\...\Run: [NetWorx] => F:\[XProgrammes]\INTERNET\TRAFIC METERS\NetWorx\networx.exe [4573888 2015-05-16] (SoftPerfect Research)
HKLM\...\Run: [NetTalk] => F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkg.exe [436224 2012-04-30] (NetTalk.com Inc.)
HKLM\...\Run: [PNotes.exe] => C:\Z\D\PNotes\PNotes.exe [992256 2012-08-31] (Andrey Gruber)
HKLM\...\Run: [F:\[XProgrammes]\INTERNET\TRAFIC METERS\NET Traffic Meter\NET Traffic Meter] => "F:\[XProgrammes]\INTERNET\TRAFIC METERS\NET Traffic Meter\NET Traffic Meter.exe"
HKLM\...\Run: [SunJavaUpdateSched] => E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
Winlogon\Notify\AtiExtEvent: E:\WINDOWS\system32\Ati2evxx.dll [2014-01-07] (ATI Technologies Inc.)
Winlogon\Notify\klogon: E:\WINDOWS\system32\klogon.dll [2012-12-20] (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [NetMeter] => F:\[XProgrammes]\INTERNET\NetMeter\NetMeter.exe [293888 2011-11-26] ()
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [Rainlendar2] => F:\[XProgrammes]\PIMs\Rainlendar2\Rainlendar2.exe [2611808 2014-03-16] ()
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [clipc.exe] => F:\[XProgrammes]\ClipCache 3.5\clipc.exe [2063072 2013-11-14] (XRayz Software)
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [ClocX.exe] => F:\[XProgrammes]\ClocX\ClocX.exe [270336 2007-07-26] (BonSoft)
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [Proxomitron.exe] => C:\Z\D\Internet\PROXOMITRON\Proxomitron.exe [157184 2003-10-23] ()
IFEO\firefox.exe: [Debugger] StripMyRights.exe /D /L N
IFEO\pale moon.exe: [Debugger] StripMyRights.exe /D
IFEO\taskmgr.exe: [Debugger] "F:\[XProgrammes]\SYSTÈME\System Explorer\SystemExplorer.exe"
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\ClipCache Pro.lnk [2015-05-25]
ShortcutTarget: ClipCache Pro.lnk -> F:\[XProgrammes]\ClipCache 3.5\clipc.exe (XRayz Software)
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\FireMin.lnk [2015-04-27]
ShortcutTarget: FireMin.lnk -> F:\[XProgrammes]\[Exec]\Firemin\Firemin.exe ()
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\PNotes.lnk [2015-05-24]
ShortcutTarget: PNotes.lnk -> C:\Z\D\PNotes\PNotes.exe (Andrey Gruber)
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\Proxomitron Naoko v4.5.lnk [2015-04-27]
ShortcutTarget: Proxomitron Naoko v4.5.lnk -> C:\Z\D\INTERNET\PROXOMITRON\Proxomitron.exe ()
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => E:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-04-24] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88
HKU\S-1-5-21-73586283-413027322-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88
HKU\S-1-5-21-73586283-413027322-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-73586283-413027322-1606980848-1003 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-73586283-413027322-1606980848-1003 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3319733&octid=EB_ORIGINAL_CTID&ISID=M80A15108-470E-48EA-85C7-730EC5C9B870&SearchSource=58&CUI=&UM=8&UP=SPF8BC14EF-9AC3-4992-A144-E53C32A17B23&D=052815&q={searchTerms}&SSPV=SP22340TB_sp_ie
BHO: PBlockHelper Class -> {4115122B-85FF-4DD3-9515-F075BEDE5EB5} -> E:\WProG\INTERNET\worldlineAccelerator\PBHelper.dll [2006-05-23] (SlipStream Data Inc.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> F:\[XProgrammes]\INTERNET\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\[XProgrammes]\INTERNET\JAVA\bin\jp2ssv.dll [2015-05-26] (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ie\jqs_plugin.dll [2015-05-26] (Sun Microsystems, Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Winsock: Catalog9 01 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 02 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 03 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 09 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 74.116.184.28 74.116.184.29
FireFox:
========
FF ProfilePath: E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.lapresse.ca/international/moyen-orient/|hxxp://fr.canoe.ca/infos/international/nouvelles.html|hxxp://www.lapresse.ca/international/etats-unis/|hxxp://www.lapresse.ca/international/asie-oceanie/|hxxp://www.lapresse.ca/international/europe/|hxxp://www.lapresse.ca/international/amerique-latine/|hxxp://www.lapresse.ca/international/afrique/
FF Keyword.URL: hxxp://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88&l=1&q=
FF NetworkProxy: "ftp", "203.172.220.78"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "203.172.220.78"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "203.172.220.78"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "203.172.220.78"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "203.172.220.78"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> E:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @java.com/JavaPlugin -> F:\[XProgrammes]\INTERNET\JAVA\bin\new_plugin\npjp2.dll [2015-05-26] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> E:\PROGRA~1\FICHIE~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDFXVwer\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\[XProgrammes]\MULTIMÉDIA\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\[XProgrammes]\MULTIMÉDIA\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-73586283-413027322-1606980848-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Extension: Advanced Cookie Manager - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\cookiemgr@jayapal.com [2015-05-24]
FF Extension: Blur (Formerly DoNotTrackMe) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\donottrackplus@abine.com [2015-05-24]
FF Extension: Form History Control - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\formhistory@yahoo.com [2015-05-24]
FF Extension: FEBE - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-24]
FF Extension: Adblock Plus Pop-up Addon - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-07]
FF Extension: Classic Theme Restorer (Customize UI) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-04-22]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-04-22]
FF Extension: Ghostery - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\firefox@ghostery.com.xpi [2015-04-22]
FF Extension: gui:config - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\guiconfig@slosd.net.xpi [2015-04-22]
FF Extension: IsAdmin - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\isadmin@vdtsoftware.ffext.xpi [2015-04-22]
FF Extension: NewScrollbars (aka NoiaScrollbars) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2015-04-22]
FF Extension: NoSquint - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\nosquint@urandom.ca.xpi [2015-04-22]
FF Extension: Resurrect Pages (isup edition) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\resurrect-pages@albirew.fr.xpi [2015-05-27]
FF Extension: Location Bar Enhancer - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\UIEnhancer@girishsharma.xpi [2015-05-24]
FF Extension: Screengrab (fix version) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-04-22]
FF Extension: Resurrect Pages - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2015-04-22]
FF Extension: NoScript - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-22]
FF Extension: Preloader (for Firefox) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{8a8c1ada-2504-45c6-a2d2-265591abbd00}.xpi [2015-04-22]
FF Extension: New Tab Wallpapers - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{a5312b79-bf0d-4825-a25f-b33d67d4a58a}.xpi [2015-04-22]
FF Extension: ML Progress Bar - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{b8fd4271-f7de-4776-a36d-bc9d97aa6fb5}.xpi [2015-04-22]
FF Extension: Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-22]
FF Extension: BetterPrivacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-04-22]
FF Extension: Google Privacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2015-04-22]
FF Extension: Personas Shuffler - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2015-04-22]
FF Extension: Advanced Cookie Manager - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\cookiemgr@jayapal.com [2015-05-27]
FF Extension: Blur (Formerly DoNotTrackMe) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\donottrackplus@abine.com [2015-05-27]
FF Extension: Form History Control - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\formhistory@yahoo.com [2015-05-27]
FF Extension: FEBE - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-27]
FF Extension: Adblock Plus Pop-up Addon - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-27]
FF Extension: Classic Theme Restorer (Customize UI) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-05-27]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\elemhidehelper@adblockplus.org.xpi [2015-05-27]
FF Extension: Ghostery - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\firefox@ghostery.com.xpi [2015-05-27]
FF Extension: gui:config - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\guiconfig@slosd.net.xpi [2015-05-27]
FF Extension: IsAdmin - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\isadmin@vdtsoftware.ffext.xpi [2015-05-27]
FF Extension: NewScrollbars (aka NoiaScrollbars) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2015-05-27]
FF Extension: NoSquint - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\nosquint@urandom.ca.xpi [2015-05-27]
FF Extension: Resurrect Pages (isup edition) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\resurrect-pages@albirew.fr.xpi [2015-05-27]
FF Extension: Location Bar Enhancer - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\UIEnhancer@girishsharma.xpi [2015-05-27]
FF Extension: Screengrab (fix version) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-05-27]
FF Extension: Resurrect Pages - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2015-05-27]
FF Extension: NoScript - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-27]
FF Extension: Preloader (for Firefox) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{8a8c1ada-2504-45c6-a2d2-265591abbd00}.xpi [2015-05-27]
FF Extension: New Tab Wallpapers - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{a5312b79-bf0d-4825-a25f-b33d67d4a58a}.xpi [2015-05-27]
FF Extension: ML Progress Bar - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{b8fd4271-f7de-4776-a36d-bc9d97aa6fb5}.xpi [2015-05-27]
FF Extension: Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-27]
FF Extension: BetterPrivacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-27]
FF Extension: Google Privacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2015-05-27]
FF Extension: Personas Shuffler - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2015-05-27]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-24]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ff [2015-05-26]
FF HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - F:\[XProgrammes]\INTERNET\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - F:\[XProgrammes]\INTERNET\Free Download Manager\Firefox\Extension [2015-05-24]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [643072 2014-01-07] (ATI Technologies Inc.) [File not signed]
R2 AVP; E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2015-04-24] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; E:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 JavaQuickStarterService; F:\[XProgrammes]\INTERNET\JAVA\bin\jqs.exe [153376 2015-05-26] (Sun Microsystems, Inc.)
R2 LanDetective; F:\[XProgrammes]\INTERNET\TRAFIC MONITOR\LAN Detective Pro\LDIntSvc.exe [4807168 2014-12-23] (LAN Detective Software) [File not signed]
R2 NAUpdate; E:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 NetTalkUsrLaunchService; F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkl.exe [55296 2012-04-30] () [File not signed]
R3 NetTalkUsrService; F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkd.exe [91136 2012-04-30] () [File not signed]
R2 PCToolsSSDMonitorSvc; E:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S3 SystemExplorerHelpService; F:\[XProgrammes]\SYSTÈME\System Explorer\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
S2 1ce38fbe; "E:\WINDOWS\system32\rundll32.exe" "e:\Program Files\SustainerPlus\SustainerPlus.dll",serv
S2 afe76e80; "E:\WINDOWS\system32\rundll32.exe" "e:\Program Files\CutterMaker\CutterMaker.dll",serv
S2 MBAMScheduler; "F:\[XProgrammes]\Malwarebytes\mbamscheduler.exe" [X]
S2 MBAMService; "F:\[XProgrammes]\Malwarebytes\mbamservice.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aeaudio; E:\WINDOWS\System32\drivers\aeaudio.sys [127872 2005-03-04] (Andrea Electronics Corporation) [File not signed]
R3 ati2mtag; E:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7875072 2014-01-07] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; E:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
S3 CisUtMonitor; E:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [27600 2011-10-30] (CrystalIdea Software)
R0 CSCrySec; E:\WINDOWS\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; E:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R3 ctljystk; E:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 emu10k; E:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
R3 emu10k1; E:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
S3 epmntdrv; E:\WINDOWS\system32\epmntdrv.sys [13192 2011-07-29] () [File not signed]
S3 EuGdiDrv; E:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R1 Eve; E:\WINDOWS\System32\DRIVERS\eve.sys [33624 2014-04-10] ()
R3 gameenum; E:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 HSFHWBS2; E:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [257408 2006-11-08] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DPV; E:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989696 2006-11-08] (Conexant Systems, Inc.) [File not signed]
R0 kl1; E:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2015-04-24] (Kaspersky Lab ZAO)
R1 KLIF; E:\WINDOWS\System32\DRIVERS\klif.sys [595008 2015-04-24] (Kaspersky Lab ZAO)
R3 klim5; E:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; E:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2015-04-24] (Kaspersky Lab ZAO)
R3 klmouflt; E:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2015-04-24] (Kaspersky Lab ZAO)
R1 kltdi; E:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2015-04-24] (Kaspersky Lab ZAO)
R1 kneps; E:\WINDOWS\System32\DRIVERS\kneps.sys [145224 2015-04-24] (Kaspersky Lab ZAO)
R3 L8042pr2; E:\WINDOWS\System32\DRIVERS\L8042pr2.Sys [51582 2003-12-11] (Logitech, Inc.)
R3 MBAMProtector; E:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mdmxsdk; E:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant) [File not signed]
R2 mi2c; E:\WINDOWS\system32\drivers\mi2c.sys [18224 2015-04-24] (Nicomsoft Ltd.)
S3 nettalkd; E:\WINDOWS\System32\DRIVERS\nettalkd.sys [30280 2011-01-03] (netTALK.com Inc)
R3 nettalkdMP; E:\WINDOWS\System32\DRIVERS\nettalkd.sys [30280 2011-01-03] (netTALK.com Inc)
R1 networx; E:\WINDOWS\System32\drivers\networx.sys [65000 2015-04-30] (NetFilterSDK.com)
R2 npf; E:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
S3 PortTalk; E:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed]
R1 PSSDK42; E:\WINDOWS\system32\Drivers\pssdk42.sys [38976 2015-05-25] (microOLAP Technologies LTD)
R1 PSSDKLBF; E:\WINDOWS\system32\Drivers\pssdklbf.sys [53312 2015-05-25] (microOLAP Technologies LTD)
R3 senfilt; E:\WINDOWS\System32\drivers\senfilt.sys [392704 2005-03-01] (Sensaura) [File not signed]
R3 sfman; E:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SISNIC; E:\WINDOWS\System32\DRIVERS\sisnic.sys [40840 2006-07-13] (SiS Corporation) [File not signed]
R3 SISNICXP; E:\WINDOWS\System32\DRIVERS\sisnicxp.sys [32768 2006-02-14] (SiS Corporation) [File not signed]
R3 smwdm; E:\WINDOWS\System32\drivers\smwdm.sys [220992 2005-03-28] (Analog Devices, Inc.) [File not signed]
R3 winachsf; E:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [730112 2006-11-08] (Conexant Systems, Inc.) [File not signed]
S4 IntelIde; No ImagePath
U5 klflt; E:\Windows\System32\Drivers\klflt.sys [74336 2015-04-24] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 14:21 - 2015-05-28 14:22 - 00032902 _____ () E:\Documents and Settings\RA\Bureau\FRST.txt
2015-05-28 14:20 - 2015-05-28 14:21 - 00000000 ____D () E:\FRST
2015-05-28 14:14 - 2015-05-28 14:14 - 01147392 _____ (Farbar) E:\Documents and Settings\RA\Bureau\FRST.exe
2015-05-28 14:09 - 2015-05-28 14:09 - 00003821 _____ () E:\Documents and Settings\RA\Bureau\TCPView.txt
2015-05-27 21:49 - 2015-05-28 00:00 - 00000209 _____ () E:\Documents and Settings\RA\NetWorkx
2015-05-27 21:36 - 2015-05-27 21:38 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Battlestar.Galactica.Razor.2007.EXTENDED.1080p.BluRay.x264-LEVERAGE
2015-05-27 20:45 - 2015-05-27 20:45 - 00000731 _____ () E:\Documents and Settings\RA\Bureau\viewtimer.ico.lnk
2015-05-27 17:10 - 2015-05-27 17:40 - 00000000 ____D () E:\Program Files\SearchProtect
2015-05-27 14:43 - 2015-05-27 16:37 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\TCPIP
2015-05-27 12:23 - 2015-05-27 12:23 - 00000000 _____ () E:\Documents and Settings\RA\Local Settings\Temp.dat
2015-05-26 17:57 - 2015-05-26 17:57 - 00000000 ____D () E:\Program Files\Fichiers communs\Java
2015-05-26 17:57 - 2015-05-26 17:57 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Sun
2015-05-26 17:56 - 2015-05-26 17:56 - 00472808 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\deployJava1.dll
2015-05-26 17:56 - 2015-05-26 17:56 - 00157472 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javaws.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00145184 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javaw.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00145184 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\java.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00073728 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javacpl.cpl
2015-05-26 17:53 - 2015-05-26 17:53 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Sun
2015-05-26 12:40 - 2015-05-26 12:40 - 00000000 ____D () E:\Documents and Settings\RA\Mes documents\DMS Log Files
2015-05-26 12:40 - 2015-05-26 12:40 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\HHD Software
2015-05-26 12:36 - 2015-05-26 12:36 - 00110592 _____ () E:\WINDOWS\Minidump\Mini052615-01.dmp
2015-05-26 12:32 - 2015-05-26 12:53 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Device Monitoring Studio
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\LanDetectivePro
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\LanDetectivePro
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\LanDetective
2015-05-25 21:04 - 2015-05-25 21:04 - 00053312 _____ (microOLAP Technologies LTD) E:\WINDOWS\system32\Drivers\pssdklbf.sys
2015-05-25 21:04 - 2015-05-25 21:04 - 00038976 _____ (microOLAP Technologies LTD) E:\WINDOWS\system32\Drivers\pssdk42.sys
2015-05-25 21:04 - 2015-05-25 21:04 - 00001637 _____ () E:\Documents and Settings\All Users\Bureau\LanDetective.lnk
2015-05-25 21:04 - 2015-05-25 21:04 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\LanDetective Internet Monitor
2015-05-25 19:37 - 2015-05-25 19:37 - 00000873 _____ () E:\Documents and Settings\RA\Bureau\Repair Windows.lnk
2015-05-25 16:10 - 2015-05-26 12:53 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Trafic Moniteur
2015-05-24 17:25 - 2015-05-24 17:25 - 00000151 _____ () E:\Documents and Settings\RA\Bureau\Bonjour.vbs
2015-05-24 12:43 - 2015-05-28 14:21 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Free Download Manager
2015-05-23 20:09 - 2015-05-23 21:42 - 00000000 ____D () E:\Program Files\SearchProtect(2)
2015-05-23 20:09 - 2015-05-23 21:42 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\SearchProtect(2)
2015-05-23 20:09 - 2015-05-23 20:09 - 00000000 _____ () E:\END
2015-05-23 19:55 - 2015-04-16 11:27 - 00347440 _____ (Microsoft Corporation) E:\Documents and Settings\RA\Bureau\Microsoft Fix It portable.exe
2015-05-23 15:06 - 2015-05-23 15:06 - 00000679 _____ () E:\Documents and Settings\RA\Bureau\Pale Moon.lnk
2015-05-23 12:25 - 1998-01-14 19:23 - 00066372 _____ () E:\WINDOWS\system32\Drivers\HLP.SYS
2015-05-23 12:17 - 2015-05-23 15:44 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Moonchild Productions
2015-05-23 12:17 - 2015-05-23 12:17 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\Moonchild Productions
2015-05-21 19:39 - 2015-05-21 19:47 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\NetTalk reg
2015-05-21 03:10 - 2015-05-21 03:10 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Tracker Software
2015-05-21 03:09 - 2015-05-21 03:09 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange
2015-05-21 01:25 - 2015-05-21 01:43 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\DI-524
2015-05-20 13:23 - 2015-05-20 13:23 - 00000707 _____ () E:\Documents and Settings\RA\Bureau\PROCESS MONITOR.exe.lnk
2015-05-19 11:14 - 2015-05-01 23:20 - 00000500 _____ () E:\Documents and Settings\RA\Bureau\InCtrl 5.lnk
2015-05-19 00:21 - 2015-05-21 13:08 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\NIC Gifs
2015-05-19 00:20 - 2015-05-17 11:13 - 00000913 _____ () E:\Documents and Settings\RA\Bureau\Technicians Toolbox.lnk
2015-05-18 16:26 - 2015-05-18 16:26 - 73116258 _____ () E:\Documents and Settings\RA\Bureau\Gene Rosen FULLY EXPOSED!! Sandy Hook Hoax FreeRadioRevolution Classic.mp4
2015-05-17 11:45 - 2015-05-17 11:45 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\SoftPerfect
2015-05-17 11:45 - 2015-04-30 11:59 - 00065000 _____ (NetFilterSDK.com) E:\WINDOWS\system32\Drivers\networx.sys
2015-05-17 11:40 - 2015-05-17 11:44 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Net Meter Pro
2015-05-16 11:03 - 2015-05-16 11:04 - 00001314 _____ () E:\Documents and Settings\RA\Bureau\Regedit.lnk
2015-05-15 13:54 - 2015-05-15 13:54 - 00118784 _____ () E:\WINDOWS\Minidump\Mini051515-01.dmp
2015-05-15 11:31 - 2015-05-15 11:32 - 00001405 _____ () E:\Documents and Settings\RA\Bureau\Gestionnaire de périphériques.lnk
2015-05-14 22:39 - 2015-05-14 22:39 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Nero
2015-05-14 22:34 - 2015-05-26 22:34 - 00000296 _____ () E:\WINDOWS\Tasks\Nero Info.job
2015-05-14 22:34 - 2015-05-14 22:34 - 00000000 ____D () E:\Documents and Settings\All Users\Nero
2015-05-14 22:33 - 2015-05-14 23:05 - 00002707 _____ () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 2015.lnk
2015-05-14 22:32 - 2015-05-14 22:32 - 00000000 ____D () E:\Program Files\Nero
2015-05-14 22:26 - 2015-05-15 12:33 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero
2015-05-14 22:26 - 2015-05-14 23:04 - 00000000 ____D () E:\Program Files\Fichiers communs\Nero
2015-05-14 22:25 - 2015-05-15 12:37 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Nero
2015-05-14 21:59 - 2015-05-14 21:59 - 00000000 ____D () E:\Program Files\Microsoft.NET
2015-05-14 21:57 - 2015-05-14 22:20 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Package Cache
2015-05-14 21:56 - 2015-05-14 21:57 - 00008605 _____ () E:\WINDOWS\KB942288-v3.log
2015-05-14 21:56 - 2015-05-14 21:56 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB942288-v3$
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\FreeDownloadManager.ORG
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2015-05-14 13:59 - 2015-05-14 13:59 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Free Download Manager
2015-05-13 22:30 - 2015-05-14 05:14 - 00000276 _____ () E:\Documents and Settings\RA\Bureau\Interdiction d'installer de programmes RÉVOQUÉE.reg
2015-05-12 21:56 - 2015-05-12 22:03 - 1119744003 _____ () E:\Documents and Settings\RA\Bureau\Hellstorm - Exposing The Real Genocide of Nazi Germany (Full Documentary).mp4
2015-05-12 00:35 - 2015-05-12 00:55 - 510708400 _____ () E:\Documents and Settings\RA\Bureau\Les Visiteurs (21-9).mp4
2015-05-12 00:25 - 2015-05-12 00:25 - 00110592 _____ () E:\WINDOWS\Minidump\Mini051215-01.dmp
2015-05-11 18:54 - 2015-05-11 18:54 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\ChemTable Software
2015-05-11 18:53 - 2015-05-11 18:54 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\ChemTable Software
2015-05-09 13:06 - 2015-05-09 13:06 - 00000000 ____D () E:\Program Files\Galloway Software
2015-05-09 13:05 - 2015-05-09 13:05 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Keyboard Manager
2015-05-08 21:05 - 2015-05-27 19:01 - 00000320 _____ () E:\WINDOWS\Tasks\Start Registry Reviver for THOR-8CF1C1F72E@RA(logon).job
2015-05-08 21:05 - 2015-05-08 21:05 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\ReviverSoft
2015-05-08 21:05 - 2015-05-08 21:05 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\ReviverSoft
2015-05-08 20:58 - 2015-05-08 20:58 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Desk Registry 1.03
2015-05-08 17:19 - 2015-05-08 17:19 - 00000000 ____D () E:\Program Files\Fichiers communs\PC Tools
2015-05-08 17:19 - 2015-05-08 17:19 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\PC Tools Registry Mechanic
2015-05-08 17:19 - 2012-08-21 14:44 - 00038560 _____ () E:\WINDOWS\system32\CleanMFT32.exe
2015-05-08 17:19 - 2008-09-17 21:17 - 00658432 _____ (Microsoft Corporation) E:\WINDOWS\system32\MSCOMCT2.OCX
2015-05-08 17:19 - 2008-04-02 15:54 - 01101824 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBox210.ocx
2015-05-08 17:19 - 2008-04-02 15:53 - 00880640 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBox10.ocx
2015-05-08 17:19 - 2008-04-02 15:53 - 00212992 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBoxVB12.ocx
2015-05-08 17:14 - 2015-05-08 17:14 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Product_RM
2015-05-08 17:14 - 2015-05-08 17:14 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\PC Tools
2015-05-07 14:18 - 2015-05-07 14:21 - 396316614 _____ () E:\Documents and Settings\RA\Bureau\Les Visiteurs (16-9).mp4
2015-05-07 14:12 - 2015-05-25 21:59 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\vlc
2015-05-07 13:51 - 2015-05-07 13:51 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
2015-05-07 13:48 - 2015-05-07 13:48 - 00000000 ____D () E:\Program Files\WinPcap
2015-05-07 13:48 - 2015-05-07 13:48 - 00000000 ____D () E:\Program Files\VSO
2015-05-07 13:48 - 2014-04-10 12:05 - 00033624 _____ () E:\WINDOWS\system32\Drivers\eve.sys
2015-05-06 22:58 - 2015-05-07 14:12 - 00000000 ____D () E:\Documents and Settings\RA\Mes documents\VSO Downloader
2015-05-06 22:58 - 2015-05-06 22:58 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\VSO
2015-05-06 21:59 - 2015-05-06 21:59 - 00012326 _____ () E:\drwtsn32.log
2015-05-05 01:44 - 2015-05-05 01:44 - 00000754 _____ () E:\WINDOWS\WORDPAD.INI
2015-05-03 16:12 - 2015-05-23 12:28 - 00003137 _____ () E:\Documents and Settings\RA\.kdiff3rc
2015-05-03 14:53 - 2015-05-03 14:53 - 00000396 _____ () E:\Documents and Settings\RA\Bureau\La Boîte Élextronique.lnk
2015-05-03 14:48 - 2015-05-03 14:48 - 00011936 _____ () E:\WINDOWS\system32\wpa.bak
2015-05-03 14:30 - 2015-05-27 19:03 - 00011936 _____ () E:\WINDOWS\system32\wpa.dbl
2015-05-03 14:30 - 2013-04-07 18:12 - 00001374 _____ () E:\WINDOWS\system32\wpa.dbl.RA1
2015-05-03 14:28 - 2015-05-03 14:11 - 00001172 _____ () E:\WINDOWS\system32\wpa.dbl.RA2
2015-05-02 13:15 - 2015-05-02 13:15 - 00000000 ____D () E:\WINDOWS\SiS
2015-05-01 13:07 - 2015-05-01 13:07 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\KeePass
2015-04-30 23:26 - 2015-04-30 23:26 - 00006170 _____ () E:\WINDOWS\DPINST.LOG
2015-04-30 23:26 - 2015-04-30 23:26 - 00000000 ____D () E:\Program Files\Innovative Solutions
2015-04-30 16:25 - 2006-02-14 16:02 - 00032768 _____ (SiS Corporation) E:\WINDOWS\system32\Drivers\sisnicxp.sys
2015-04-29 00:17 - 2015-04-29 00:17 - 00110592 _____ () E:\WINDOWS\Minidump\Mini042915-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 14:23 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Temp
2015-05-28 14:21 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA\Bureau
2015-05-28 14:19 - 2013-05-02 22:08 - 00000426 ____H () E:\WINDOWS\Tasks\User_Feed_Synchronization-{A3265C46-D417-4EB6-8617-FE2345007F11}.job
2015-05-28 14:18 - 2015-04-23 23:55 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-05-28 10:19 - 2013-03-08 15:37 - 00032618 _____ () E:\WINDOWS\SchedLgU.Txt
2015-05-28 03:35 - 2013-03-08 15:30 - 01146639 _____ () E:\WINDOWS\WindowsUpdate.log
2015-05-27 21:49 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA
2015-05-27 20:45 - 2013-03-05 09:15 - 00000000 ____D () E:\Documents and Settings\All Users\Bureau
2015-05-27 19:12 - 2013-04-08 02:28 - 00000642 _____ () E:\Documents and Settings\All Users\Bureau\Firefox.lnk
2015-05-27 19:09 - 2013-03-05 09:18 - 00000159 _____ () E:\WINDOWS\wiadebug.log
2015-05-27 19:09 - 2013-03-05 09:18 - 00000050 _____ () E:\WINDOWS\wiaservc.log
2015-05-27 19:02 - 2015-04-22 21:01 - 00000000 ____D () E:\Documents and Settings\RA\.rainlendar2
2015-05-27 19:02 - 2015-04-22 05:48 - 00000673 _____ () E:\WINDOWS\clipc.INI
2015-05-27 19:01 - 2013-03-08 15:37 - 00000006 ____H () E:\WINDOWS\Tasks\SA.DAT
2015-05-27 19:00 - 2013-03-08 15:41 - 00000184 ___SH () E:\Documents and Settings\RA\ntuser.ini
2015-05-27 18:57 - 2013-03-08 15:24 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
2015-05-27 09:34 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Accessoires
2015-05-26 17:57 - 2013-03-05 09:16 - 00000000 ____D () E:\Program Files\Fichiers communs
2015-05-26 17:52 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes
2015-05-26 16:49 - 2013-03-05 09:16 - 01350399 _____ () E:\WINDOWS\iis6.log
2015-05-26 16:49 - 2013-03-05 09:16 - 01154347 _____ () E:\WINDOWS\FaxSetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00600654 _____ () E:\WINDOWS\ocgen.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00549085 _____ () E:\WINDOWS\tsoc.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00398007 _____ () E:\WINDOWS\comsetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00376006 _____ () E:\WINDOWS\msmqinst.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00243729 _____ () E:\WINDOWS\ntdtcsetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00205675 _____ () E:\WINDOWS\netfxocm.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00082664 _____ () E:\WINDOWS\MedCtrOC.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00065502 _____ () E:\WINDOWS\ocmsn.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00058185 _____ () E:\WINDOWS\msgsocm.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00057896 _____ () E:\WINDOWS\tabletoc.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00001917 _____ () E:\WINDOWS\imsins.log
2015-05-26 12:53 - 2013-03-08 15:37 - 00000000 ___SD () E:\Documents and Settings\NetworkService
2015-05-26 12:53 - 2013-03-08 15:37 - 00000000 ___SD () E:\Documents and Settings\LocalService
2015-05-26 12:53 - 2013-03-08 15:28 - 00000000 ____D () E:\WINDOWS\Registration
2015-05-26 12:36 - 2015-04-22 22:01 - 00000000 ____D () E:\WINDOWS\Minidump
2015-05-26 12:32 - 2015-04-26 15:02 - 00427301 _____ () E:\WINDOWS\setupapi.log
2015-05-25 21:04 - 2013-03-05 09:15 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-05-25 18:24 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage
2015-05-25 16:37 - 2015-04-22 00:34 - 00524288 _____ () E:\WINDOWS\system32\config\ACEEvent.evt
2015-05-24 12:43 - 2013-04-05 20:52 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\INTERNET
2015-05-23 21:42 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\Resources
2015-05-23 15:59 - 2013-04-05 20:51 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\INTERNET
2015-05-21 04:02 - 2015-04-26 15:33 - 00272960 _____ () E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-05-21 01:45 - 2013-03-05 09:15 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer
2015-05-19 20:52 - 2015-04-22 23:21 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\Adobe
2015-05-19 20:52 - 2013-05-03 08:02 - 00778416 _____ (Adobe Systems Incorporated) E:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-19 20:52 - 2013-05-03 08:02 - 00142512 _____ (Adobe Systems Incorporated) E:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-19 12:50 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\security
2015-05-19 12:47 - 2013-04-06 02:55 - 00000438 __RSH () E:\Documents and Settings\All Users\ntuser.pol
2015-05-19 12:44 - 2013-03-08 15:28 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
2015-05-19 11:27 - 2015-04-22 01:12 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Aller à
2015-05-16 16:56 - 2015-04-22 00:27 - 00000000 ____D () E:\WINDOWS\Microsoft.NET
2015-05-16 11:32 - 2013-03-05 09:16 - 01193168 _____ () E:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 11:21 - 2013-04-05 20:32 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Matériel
2015-05-16 10:59 - 2013-03-05 09:16 - 00001917 _____ () E:\WINDOWS\imsins.BAK
2015-05-15 12:36 - 2013-03-08 15:28 - 00008250 _____ () E:\WINDOWS\wmsetup.log
2015-05-15 11:34 - 2013-04-05 20:32 - 00000000 ____D () E:\WINDOWS\system32\ReinstallBackups
2015-05-14 23:23 - 2013-03-05 09:15 - 00000000 ___HD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2015-05-14 22:34 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\Cursors
2015-05-14 21:57 - 2013-03-05 09:16 - 00000000 ____D () E:\Program Files\Fichiers communs\Microsoft Shared
2015-05-14 21:57 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\system32\mui
2015-05-13 10:44 - 2013-03-08 15:54 - 00013872 _____ () E:\Documents and Settings\RA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-12 17:15 - 2008-04-14 08:00 - 00000558 _____ () E:\WINDOWS\win.ini
2015-05-11 23:20 - 2013-03-05 09:14 - 00102232 _____ () E:\WINDOWS\system32\FNTCACHE.DAT
2015-05-09 20:06 - 2013-04-22 19:29 - 00000751 _____ () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeraCopy.lnk
2015-05-09 13:06 - 2015-04-24 00:15 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Galloway Software
2015-05-08 21:02 - 2015-04-22 14:28 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Registry First Aid
2015-05-08 17:19 - 2015-04-22 14:24 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\TEMP
2015-04-29 00:26 - 2015-04-24 20:14 - 00000454 _____ () E:\Documents and Settings\RA\Bureau\MOI.lnk
Some files in TEMP:
====================
E:\Documents and Settings\RA\Local Settings\Temp\ChangeIcon.exe
E:\Documents and Settings\RA\Local Settings\Temp\dateinj01.dll
E:\Documents and Settings\RA\Local Settings\Temp\Foxit Updater.exe
E:\Documents and Settings\RA\Local Settings\Temp\vlc-2.2.1-win32.exe
E:\Documents and Settings\RA\Local Settings\Temp\xmlUpdater.exe
E:\Documents and Settings\RA\Local Settings\Temp\xuninst.exe
E:\Documents and Settings\RA\Local Settings\Temp\{AD09A872-32B0-4B17-A21B-CD9150487F82}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
E:\WINDOWS\explorer.exe => File is digitally signed
E:\WINDOWS\system32\winlogon.exe => File is digitally signed
E:\WINDOWS\system32\svchost.exe => File is digitally signed
E:\WINDOWS\system32\services.exe => File is digitally signed
E:\WINDOWS\system32\User32.dll => File is digitally signed
E:\WINDOWS\system32\userinit.exe => File is digitally signed
E:\WINDOWS\system32\rpcss.dll => File is digitally signed
E:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
Ran by RA (administrator) on THOR-8CF1C1F72E on 28-05-2015 14:21:11
Running from E:\Documents and Settings\RA\Bureau
Loaded Profiles: RA (Available Profiles: RA)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) E:\WINDOWS\system32\ati2evxx.exe
(Logitech Inc.) F:\[XProgrammes]\[Pilotes]\TrackMan Marble FX\MouseWare\system\EM_EXEC.EXE
(SlipStream Data Inc.) E:\WProG\INTERNET\worldlineAccelerator\slipcore.exe
(Microsoft Corporation) E:\Program Files\Microsoft IntelliType Pro\itype.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(KsL Software) F:\[XProgrammes]\SYSTÈME\BDR\Registry First Aid 10\rfagent32.exe
(SoftPerfect Research) F:\[XProgrammes]\INTERNET\TRAFIC METERS\NetWorx\networx.exe
(NetTalk.com Inc.) F:\[XProgrammes]\[Pilotes]\netTALK\nettalkg.exe
(Creative Technology Ltd.) E:\WINDOWS\system32\devldr32.exe
(Andrey Gruber) C:\Z\D\PNotes\PNotes.exe
(Sun Microsystems, Inc.) E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
() F:\[XProgrammes]\INTERNET\NetMeter\NetMeter.exe
() F:\[XProgrammes]\PIMs\Rainlendar2\Rainlendar2.exe
(XRayz Software) F:\[XProgrammes]\ClipCache 3.5\clipc.exe
(BonSoft) F:\[XProgrammes]\ClocX\ClocX.exe
() C:\Z\D\INTERNET\PROXOMITRON\Proxomitron.exe
() F:\[XProgrammes]\[Exec]\Firemin\Firemin.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) E:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Sun Microsystems, Inc.) F:\[XProgrammes]\INTERNET\JAVA\bin\jqs.exe
(LAN Detective Software) F:\[XProgrammes]\INTERNET\TRAFIC MONITOR\LAN Detective Pro\LDIntSvc.exe
(Nero AG) E:\Program Files\Nero\Update\NASvc.exe
() F:\[XProgrammes]\[Pilotes]\netTALK\nettalkl.exe
(PC Tools) E:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) E:\WINDOWS\system32\tcpsvcs.exe
() F:\[XProgrammes]\[Pilotes]\netTALK\nettalkd.exe
(Mozilla Corporation) F:\[XProgrammes]\Mozilla\firefox.exe
(FreeDownloadManager.ORG) F:\[XProgrammes]\INTERNET\Free Download Manager\fdm.exe
(Sysinternals - www.sysinternals.com) F:\[XProgrammes]\SYSTÈME\SYSInternals\PROCESS MONITOR.exe
(Sysinternals) C:\Z\D\DUN\TcpView\Tcpview.exe
(Kaspersky Lab ZAO) E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Utility] => E:\WINDOWS\Logi_MwX.Exe [20992 2003-12-11] (Logitech Inc.)
HKLM\...\Run: [SlipStream] => E:\WProG\INTERNET\worldlineAccelerator\slipcore.exe [253952 2006-05-23] (SlipStream Data Inc.)
HKLM\...\Run: [DFX] => E:\Program Files\DFX\DFX.exe [1131880 2013-01-10] ()
HKLM\...\Run: [itype] => E:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [AVP] => E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2015-04-24] (Kaspersky Lab ZAO)
HKLM\...\Run: [StartCCC] => F:\[XProgrammes]\[Pilotes]\ATI\ATI.ACE\Core-Static\CLIStart.exe [98304 2014-01-07] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [rfagent] => F:\[XProgrammes]\SYSTÈME\BDR\Registry First Aid 10\rfagent32.exe [2868248 2014-11-26] (KsL Software)
HKLM\...\Run: [NetWorx] => F:\[XProgrammes]\INTERNET\TRAFIC METERS\NetWorx\networx.exe [4573888 2015-05-16] (SoftPerfect Research)
HKLM\...\Run: [NetTalk] => F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkg.exe [436224 2012-04-30] (NetTalk.com Inc.)
HKLM\...\Run: [PNotes.exe] => C:\Z\D\PNotes\PNotes.exe [992256 2012-08-31] (Andrey Gruber)
HKLM\...\Run: [F:\[XProgrammes]\INTERNET\TRAFIC METERS\NET Traffic Meter\NET Traffic Meter] => "F:\[XProgrammes]\INTERNET\TRAFIC METERS\NET Traffic Meter\NET Traffic Meter.exe"
HKLM\...\Run: [SunJavaUpdateSched] => E:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
Winlogon\Notify\AtiExtEvent: E:\WINDOWS\system32\Ati2evxx.dll [2014-01-07] (ATI Technologies Inc.)
Winlogon\Notify\klogon: E:\WINDOWS\system32\klogon.dll [2012-12-20] (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [NetMeter] => F:\[XProgrammes]\INTERNET\NetMeter\NetMeter.exe [293888 2011-11-26] ()
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [Rainlendar2] => F:\[XProgrammes]\PIMs\Rainlendar2\Rainlendar2.exe [2611808 2014-03-16] ()
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [clipc.exe] => F:\[XProgrammes]\ClipCache 3.5\clipc.exe [2063072 2013-11-14] (XRayz Software)
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [ClocX.exe] => F:\[XProgrammes]\ClocX\ClocX.exe [270336 2007-07-26] (BonSoft)
HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Run: [Proxomitron.exe] => C:\Z\D\Internet\PROXOMITRON\Proxomitron.exe [157184 2003-10-23] ()
IFEO\firefox.exe: [Debugger] StripMyRights.exe /D /L N
IFEO\pale moon.exe: [Debugger] StripMyRights.exe /D
IFEO\taskmgr.exe: [Debugger] "F:\[XProgrammes]\SYSTÈME\System Explorer\SystemExplorer.exe"
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\ClipCache Pro.lnk [2015-05-25]
ShortcutTarget: ClipCache Pro.lnk -> F:\[XProgrammes]\ClipCache 3.5\clipc.exe (XRayz Software)
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\FireMin.lnk [2015-04-27]
ShortcutTarget: FireMin.lnk -> F:\[XProgrammes]\[Exec]\Firemin\Firemin.exe ()
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\PNotes.lnk [2015-05-24]
ShortcutTarget: PNotes.lnk -> C:\Z\D\PNotes\PNotes.exe (Andrey Gruber)
Startup: E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage\Proxomitron Naoko v4.5.lnk [2015-04-27]
ShortcutTarget: Proxomitron Naoko v4.5.lnk -> C:\Z\D\INTERNET\PROXOMITRON\Proxomitron.exe ()
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => E:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-04-24] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88
HKU\S-1-5-21-73586283-413027322-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88
HKU\S-1-5-21-73586283-413027322-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-73586283-413027322-1606980848-1003 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\S-1-5-21-73586283-413027322-1606980848-1003 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3319733&octid=EB_ORIGINAL_CTID&ISID=M80A15108-470E-48EA-85C7-730EC5C9B870&SearchSource=58&CUI=&UM=8&UP=SPF8BC14EF-9AC3-4992-A144-E53C32A17B23&D=052815&q={searchTerms}&SSPV=SP22340TB_sp_ie
BHO: PBlockHelper Class -> {4115122B-85FF-4DD3-9515-F075BEDE5EB5} -> E:\WProG\INTERNET\worldlineAccelerator\PBHelper.dll [2006-05-23] (SlipStream Data Inc.)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> F:\[XProgrammes]\INTERNET\Free Download Manager\iefdm2.dll [2015-05-14] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> F:\[XProgrammes]\INTERNET\JAVA\bin\jp2ssv.dll [2015-05-26] (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ie\jqs_plugin.dll [2015-05-26] (Sun Microsystems, Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Winsock: Catalog9 01 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 02 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 03 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Winsock: Catalog9 09 E:\WProG\INTERNET\WORLDL~1\sliplsp.dll [86016 2013-03-08] (SlipStream Data Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 74.116.184.28 74.116.184.29
FireFox:
========
FF ProfilePath: E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://www.lapresse.ca/international/moyen-orient/|hxxp://fr.canoe.ca/infos/international/nouvelles.html|hxxp://www.lapresse.ca/international/etats-unis/|hxxp://www.lapresse.ca/international/asie-oceanie/|hxxp://www.lapresse.ca/international/europe/|hxxp://www.lapresse.ca/international/amerique-latine/|hxxp://www.lapresse.ca/international/afrique/
FF Keyword.URL: hxxp://websearch.searchtotal.info/?pid=23503&r=2015/05/27&hid=5339637394589543956&lg=EN&cc=CA&unqvl=88&l=1&q=
FF NetworkProxy: "ftp", "203.172.220.78"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "203.172.220.78"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "203.172.220.78"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "203.172.220.78"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "203.172.220.78"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> E:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-19] ()
FF Plugin: @java.com/JavaPlugin -> F:\[XProgrammes]\INTERNET\JAVA\bin\new_plugin\npjp2.dll [2015-05-26] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> E:\PROGRA~1\FICHIE~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDFXVwer\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\[XProgrammes]\MULTIMÉDIA\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\[XProgrammes]\MULTIMÉDIA\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-73586283-413027322-1606980848-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> F:\[XProgrammes]\PDF\PDF-XChange Editor\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Extension: Advanced Cookie Manager - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\cookiemgr@jayapal.com [2015-05-24]
FF Extension: Blur (Formerly DoNotTrackMe) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\donottrackplus@abine.com [2015-05-24]
FF Extension: Form History Control - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\formhistory@yahoo.com [2015-05-24]
FF Extension: FEBE - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-24]
FF Extension: Adblock Plus Pop-up Addon - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-07]
FF Extension: Classic Theme Restorer (Customize UI) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-04-22]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-04-22]
FF Extension: Ghostery - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\firefox@ghostery.com.xpi [2015-04-22]
FF Extension: gui:config - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\guiconfig@slosd.net.xpi [2015-04-22]
FF Extension: IsAdmin - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\isadmin@vdtsoftware.ffext.xpi [2015-04-22]
FF Extension: NewScrollbars (aka NoiaScrollbars) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2015-04-22]
FF Extension: NoSquint - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\nosquint@urandom.ca.xpi [2015-04-22]
FF Extension: Resurrect Pages (isup edition) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\resurrect-pages@albirew.fr.xpi [2015-05-27]
FF Extension: Location Bar Enhancer - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\UIEnhancer@girishsharma.xpi [2015-05-24]
FF Extension: Screengrab (fix version) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-04-22]
FF Extension: Resurrect Pages - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2015-04-22]
FF Extension: NoScript - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-22]
FF Extension: Preloader (for Firefox) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{8a8c1ada-2504-45c6-a2d2-265591abbd00}.xpi [2015-04-22]
FF Extension: New Tab Wallpapers - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{a5312b79-bf0d-4825-a25f-b33d67d4a58a}.xpi [2015-04-22]
FF Extension: ML Progress Bar - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{b8fd4271-f7de-4776-a36d-bc9d97aa6fb5}.xpi [2015-04-22]
FF Extension: Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-22]
FF Extension: BetterPrivacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-04-22]
FF Extension: Google Privacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2015-04-22]
FF Extension: Personas Shuffler - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\33folp4c.default\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2015-04-22]
FF Extension: Advanced Cookie Manager - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\cookiemgr@jayapal.com [2015-05-27]
FF Extension: Blur (Formerly DoNotTrackMe) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\donottrackplus@abine.com [2015-05-27]
FF Extension: Form History Control - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\formhistory@yahoo.com [2015-05-27]
FF Extension: FEBE - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-05-27]
FF Extension: Adblock Plus Pop-up Addon - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-27]
FF Extension: Classic Theme Restorer (Customize UI) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2015-05-27]
FF Extension: Element Hiding Helper for Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\elemhidehelper@adblockplus.org.xpi [2015-05-27]
FF Extension: Ghostery - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\firefox@ghostery.com.xpi [2015-05-27]
FF Extension: gui:config - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\guiconfig@slosd.net.xpi [2015-05-27]
FF Extension: IsAdmin - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\isadmin@vdtsoftware.ffext.xpi [2015-05-27]
FF Extension: NewScrollbars (aka NoiaScrollbars) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2015-05-27]
FF Extension: NoSquint - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\nosquint@urandom.ca.xpi [2015-05-27]
FF Extension: Resurrect Pages (isup edition) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\resurrect-pages@albirew.fr.xpi [2015-05-27]
FF Extension: Location Bar Enhancer - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\UIEnhancer@girishsharma.xpi [2015-05-27]
FF Extension: Screengrab (fix version) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2015-05-27]
FF Extension: Resurrect Pages - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}.xpi [2015-05-27]
FF Extension: NoScript - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-27]
FF Extension: Preloader (for Firefox) - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{8a8c1ada-2504-45c6-a2d2-265591abbd00}.xpi [2015-05-27]
FF Extension: New Tab Wallpapers - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{a5312b79-bf0d-4825-a25f-b33d67d4a58a}.xpi [2015-05-27]
FF Extension: ML Progress Bar - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{b8fd4271-f7de-4776-a36d-bc9d97aa6fb5}.xpi [2015-05-27]
FF Extension: Adblock Plus - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-27]
FF Extension: BetterPrivacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-05-27]
FF Extension: Google Privacy - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2015-05-27]
FF Extension: Personas Shuffler - E:\Documents and Settings\RA\Application Data\Mozilla\Firefox\Profiles\ibxgvz8j.Sauvegarde\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2015-05-27]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2015-04-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-04-24]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - F:\[XProgrammes]\INTERNET\JAVA\lib\deploy\jqs\ff [2015-05-26]
FF HKU\S-1-5-21-73586283-413027322-1606980848-1003\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - F:\[XProgrammes]\INTERNET\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - F:\[XProgrammes]\INTERNET\Free Download Manager\Firefox\Extension [2015-05-24]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2012-12-29]
CHR HKLM\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [643072 2014-01-07] (ATI Technologies Inc.) [File not signed]
R2 AVP; E:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2015-04-24] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; E:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 JavaQuickStarterService; F:\[XProgrammes]\INTERNET\JAVA\bin\jqs.exe [153376 2015-05-26] (Sun Microsystems, Inc.)
R2 LanDetective; F:\[XProgrammes]\INTERNET\TRAFIC MONITOR\LAN Detective Pro\LDIntSvc.exe [4807168 2014-12-23] (LAN Detective Software) [File not signed]
R2 NAUpdate; E:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 NetTalkUsrLaunchService; F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkl.exe [55296 2012-04-30] () [File not signed]
R3 NetTalkUsrService; F:\[XProgrammes]\[Pilotes]\NetTALK\nettalkd.exe [91136 2012-04-30] () [File not signed]
R2 PCToolsSSDMonitorSvc; E:\Program Files\Fichiers communs\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S3 SystemExplorerHelpService; F:\[XProgrammes]\SYSTÈME\System Explorer\System Explorer\service\SystemExplorerService.exe [567008 2014-12-20] (Mister Group)
S2 1ce38fbe; "E:\WINDOWS\system32\rundll32.exe" "e:\Program Files\SustainerPlus\SustainerPlus.dll",serv
S2 afe76e80; "E:\WINDOWS\system32\rundll32.exe" "e:\Program Files\CutterMaker\CutterMaker.dll",serv
S2 MBAMScheduler; "F:\[XProgrammes]\Malwarebytes\mbamscheduler.exe" [X]
S2 MBAMService; "F:\[XProgrammes]\Malwarebytes\mbamservice.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aeaudio; E:\WINDOWS\System32\drivers\aeaudio.sys [127872 2005-03-04] (Andrea Electronics Corporation) [File not signed]
R3 ati2mtag; E:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7875072 2014-01-07] (ATI Technologies Inc.) [File not signed]
R3 AtiHDAudioService; E:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
S3 CisUtMonitor; E:\WINDOWS\System32\DRIVERS\CisUtMonitor.sys [27600 2011-10-30] (CrystalIdea Software)
R0 CSCrySec; E:\WINDOWS\System32\DRIVERS\CSCrySec.sys [88632 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; E:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [39736 2011-06-02] (Infowatch)
R3 ctljystk; E:\WINDOWS\System32\DRIVERS\ctljystk.sys [3712 2001-08-17] (Creative Technology Ltd.)
R3 emu10k; E:\WINDOWS\System32\drivers\emu10k1m.sys [283904 2001-08-17] (Creative Technology Ltd.)
R3 emu10k1; E:\WINDOWS\System32\drivers\ctlfacem.sys [6912 2001-08-17] (Creative Technology Ltd.)
S3 epmntdrv; E:\WINDOWS\system32\epmntdrv.sys [13192 2011-07-29] () [File not signed]
S3 EuGdiDrv; E:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R1 Eve; E:\WINDOWS\System32\DRIVERS\eve.sys [33624 2014-04-10] ()
R3 gameenum; E:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 HSFHWBS2; E:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [257408 2006-11-08] (Conexant Systems, Inc.) [File not signed]
R3 HSF_DPV; E:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989696 2006-11-08] (Conexant Systems, Inc.) [File not signed]
R0 kl1; E:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2015-04-24] (Kaspersky Lab ZAO)
R1 KLIF; E:\WINDOWS\System32\DRIVERS\klif.sys [595008 2015-04-24] (Kaspersky Lab ZAO)
R3 klim5; E:\WINDOWS\System32\DRIVERS\klim5.sys [35672 2012-06-27] (Kaspersky Lab ZAO)
R3 klkbdflt; E:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2015-04-24] (Kaspersky Lab ZAO)
R3 klmouflt; E:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2015-04-24] (Kaspersky Lab ZAO)
R1 kltdi; E:\WINDOWS\System32\DRIVERS\kltdi.sys [44000 2015-04-24] (Kaspersky Lab ZAO)
R1 kneps; E:\WINDOWS\System32\DRIVERS\kneps.sys [145224 2015-04-24] (Kaspersky Lab ZAO)
R3 L8042pr2; E:\WINDOWS\System32\DRIVERS\L8042pr2.Sys [51582 2003-12-11] (Logitech, Inc.)
R3 MBAMProtector; E:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 mdmxsdk; E:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Conexant) [File not signed]
R2 mi2c; E:\WINDOWS\system32\drivers\mi2c.sys [18224 2015-04-24] (Nicomsoft Ltd.)
S3 nettalkd; E:\WINDOWS\System32\DRIVERS\nettalkd.sys [30280 2011-01-03] (netTALK.com Inc)
R3 nettalkdMP; E:\WINDOWS\System32\DRIVERS\nettalkd.sys [30280 2011-01-03] (netTALK.com Inc)
R1 networx; E:\WINDOWS\System32\drivers\networx.sys [65000 2015-04-30] (NetFilterSDK.com)
R2 npf; E:\WINDOWS\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
S3 PortTalk; E:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic http://www.beyondlogic.org) [File not signed]
R1 PSSDK42; E:\WINDOWS\system32\Drivers\pssdk42.sys [38976 2015-05-25] (microOLAP Technologies LTD)
R1 PSSDKLBF; E:\WINDOWS\system32\Drivers\pssdklbf.sys [53312 2015-05-25] (microOLAP Technologies LTD)
R3 senfilt; E:\WINDOWS\System32\drivers\senfilt.sys [392704 2005-03-01] (Sensaura) [File not signed]
R3 sfman; E:\WINDOWS\System32\drivers\sfmanm.sys [36480 2001-08-17] (Creative Technology Ltd.)
S3 SISNIC; E:\WINDOWS\System32\DRIVERS\sisnic.sys [40840 2006-07-13] (SiS Corporation) [File not signed]
R3 SISNICXP; E:\WINDOWS\System32\DRIVERS\sisnicxp.sys [32768 2006-02-14] (SiS Corporation) [File not signed]
R3 smwdm; E:\WINDOWS\System32\drivers\smwdm.sys [220992 2005-03-28] (Analog Devices, Inc.) [File not signed]
R3 winachsf; E:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [730112 2006-11-08] (Conexant Systems, Inc.) [File not signed]
S4 IntelIde; No ImagePath
U5 klflt; E:\Windows\System32\Drivers\klflt.sys [74336 2015-04-24] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 14:21 - 2015-05-28 14:22 - 00032902 _____ () E:\Documents and Settings\RA\Bureau\FRST.txt
2015-05-28 14:20 - 2015-05-28 14:21 - 00000000 ____D () E:\FRST
2015-05-28 14:14 - 2015-05-28 14:14 - 01147392 _____ (Farbar) E:\Documents and Settings\RA\Bureau\FRST.exe
2015-05-28 14:09 - 2015-05-28 14:09 - 00003821 _____ () E:\Documents and Settings\RA\Bureau\TCPView.txt
2015-05-27 21:49 - 2015-05-28 00:00 - 00000209 _____ () E:\Documents and Settings\RA\NetWorkx
2015-05-27 21:36 - 2015-05-27 21:38 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Battlestar.Galactica.Razor.2007.EXTENDED.1080p.BluRay.x264-LEVERAGE
2015-05-27 20:45 - 2015-05-27 20:45 - 00000731 _____ () E:\Documents and Settings\RA\Bureau\viewtimer.ico.lnk
2015-05-27 17:10 - 2015-05-27 17:40 - 00000000 ____D () E:\Program Files\SearchProtect
2015-05-27 14:43 - 2015-05-27 16:37 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\TCPIP
2015-05-27 12:23 - 2015-05-27 12:23 - 00000000 _____ () E:\Documents and Settings\RA\Local Settings\Temp.dat
2015-05-26 17:57 - 2015-05-26 17:57 - 00000000 ____D () E:\Program Files\Fichiers communs\Java
2015-05-26 17:57 - 2015-05-26 17:57 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Sun
2015-05-26 17:56 - 2015-05-26 17:56 - 00472808 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\deployJava1.dll
2015-05-26 17:56 - 2015-05-26 17:56 - 00157472 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javaws.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00145184 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javaw.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00145184 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\java.exe
2015-05-26 17:56 - 2015-05-26 17:56 - 00073728 _____ (Sun Microsystems, Inc.) E:\WINDOWS\system32\javacpl.cpl
2015-05-26 17:53 - 2015-05-26 17:53 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Sun
2015-05-26 12:40 - 2015-05-26 12:40 - 00000000 ____D () E:\Documents and Settings\RA\Mes documents\DMS Log Files
2015-05-26 12:40 - 2015-05-26 12:40 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\HHD Software
2015-05-26 12:36 - 2015-05-26 12:36 - 00110592 _____ () E:\WINDOWS\Minidump\Mini052615-01.dmp
2015-05-26 12:32 - 2015-05-26 12:53 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Device Monitoring Studio
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\LanDetectivePro
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\LanDetectivePro
2015-05-25 21:06 - 2015-05-25 21:06 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\LanDetective
2015-05-25 21:04 - 2015-05-25 21:04 - 00053312 _____ (microOLAP Technologies LTD) E:\WINDOWS\system32\Drivers\pssdklbf.sys
2015-05-25 21:04 - 2015-05-25 21:04 - 00038976 _____ (microOLAP Technologies LTD) E:\WINDOWS\system32\Drivers\pssdk42.sys
2015-05-25 21:04 - 2015-05-25 21:04 - 00001637 _____ () E:\Documents and Settings\All Users\Bureau\LanDetective.lnk
2015-05-25 21:04 - 2015-05-25 21:04 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\LanDetective Internet Monitor
2015-05-25 19:37 - 2015-05-25 19:37 - 00000873 _____ () E:\Documents and Settings\RA\Bureau\Repair Windows.lnk
2015-05-25 16:10 - 2015-05-26 12:53 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Trafic Moniteur
2015-05-24 17:25 - 2015-05-24 17:25 - 00000151 _____ () E:\Documents and Settings\RA\Bureau\Bonjour.vbs
2015-05-24 12:43 - 2015-05-28 14:21 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Free Download Manager
2015-05-23 20:09 - 2015-05-23 21:42 - 00000000 ____D () E:\Program Files\SearchProtect(2)
2015-05-23 20:09 - 2015-05-23 21:42 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\SearchProtect(2)
2015-05-23 20:09 - 2015-05-23 20:09 - 00000000 _____ () E:\END
2015-05-23 19:55 - 2015-04-16 11:27 - 00347440 _____ (Microsoft Corporation) E:\Documents and Settings\RA\Bureau\Microsoft Fix It portable.exe
2015-05-23 15:06 - 2015-05-23 15:06 - 00000679 _____ () E:\Documents and Settings\RA\Bureau\Pale Moon.lnk
2015-05-23 12:25 - 1998-01-14 19:23 - 00066372 _____ () E:\WINDOWS\system32\Drivers\HLP.SYS
2015-05-23 12:17 - 2015-05-23 15:44 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Moonchild Productions
2015-05-23 12:17 - 2015-05-23 12:17 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\Moonchild Productions
2015-05-21 19:39 - 2015-05-21 19:47 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\NetTalk reg
2015-05-21 03:10 - 2015-05-21 03:10 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Tracker Software
2015-05-21 03:09 - 2015-05-21 03:09 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange
2015-05-21 01:25 - 2015-05-21 01:43 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\DI-524
2015-05-20 13:23 - 2015-05-20 13:23 - 00000707 _____ () E:\Documents and Settings\RA\Bureau\PROCESS MONITOR.exe.lnk
2015-05-19 11:14 - 2015-05-01 23:20 - 00000500 _____ () E:\Documents and Settings\RA\Bureau\InCtrl 5.lnk
2015-05-19 00:21 - 2015-05-21 13:08 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\NIC Gifs
2015-05-19 00:20 - 2015-05-17 11:13 - 00000913 _____ () E:\Documents and Settings\RA\Bureau\Technicians Toolbox.lnk
2015-05-18 16:26 - 2015-05-18 16:26 - 73116258 _____ () E:\Documents and Settings\RA\Bureau\Gene Rosen FULLY EXPOSED!! Sandy Hook Hoax FreeRadioRevolution Classic.mp4
2015-05-17 11:45 - 2015-05-17 11:45 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\SoftPerfect
2015-05-17 11:45 - 2015-04-30 11:59 - 00065000 _____ (NetFilterSDK.com) E:\WINDOWS\system32\Drivers\networx.sys
2015-05-17 11:40 - 2015-05-17 11:44 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Net Meter Pro
2015-05-16 11:03 - 2015-05-16 11:04 - 00001314 _____ () E:\Documents and Settings\RA\Bureau\Regedit.lnk
2015-05-15 13:54 - 2015-05-15 13:54 - 00118784 _____ () E:\WINDOWS\Minidump\Mini051515-01.dmp
2015-05-15 11:31 - 2015-05-15 11:32 - 00001405 _____ () E:\Documents and Settings\RA\Bureau\Gestionnaire de périphériques.lnk
2015-05-14 22:39 - 2015-05-14 22:39 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Nero
2015-05-14 22:34 - 2015-05-26 22:34 - 00000296 _____ () E:\WINDOWS\Tasks\Nero Info.job
2015-05-14 22:34 - 2015-05-14 22:34 - 00000000 ____D () E:\Documents and Settings\All Users\Nero
2015-05-14 22:33 - 2015-05-14 23:05 - 00002707 _____ () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 2015.lnk
2015-05-14 22:32 - 2015-05-14 22:32 - 00000000 ____D () E:\Program Files\Nero
2015-05-14 22:26 - 2015-05-15 12:33 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero
2015-05-14 22:26 - 2015-05-14 23:04 - 00000000 ____D () E:\Program Files\Fichiers communs\Nero
2015-05-14 22:25 - 2015-05-15 12:37 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Nero
2015-05-14 21:59 - 2015-05-14 21:59 - 00000000 ____D () E:\Program Files\Microsoft.NET
2015-05-14 21:57 - 2015-05-14 22:20 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Package Cache
2015-05-14 21:56 - 2015-05-14 21:57 - 00008605 _____ () E:\WINDOWS\KB942288-v3.log
2015-05-14 21:56 - 2015-05-14 21:56 - 00000000 __HDC () E:\WINDOWS\$NtUninstallKB942288-v3$
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\FreeDownloadManager.ORG
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2015-05-14 13:59 - 2015-05-14 13:59 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Free Download Manager
2015-05-13 22:30 - 2015-05-14 05:14 - 00000276 _____ () E:\Documents and Settings\RA\Bureau\Interdiction d'installer de programmes RÉVOQUÉE.reg
2015-05-12 21:56 - 2015-05-12 22:03 - 1119744003 _____ () E:\Documents and Settings\RA\Bureau\Hellstorm - Exposing The Real Genocide of Nazi Germany (Full Documentary).mp4
2015-05-12 00:35 - 2015-05-12 00:55 - 510708400 _____ () E:\Documents and Settings\RA\Bureau\Les Visiteurs (21-9).mp4
2015-05-12 00:25 - 2015-05-12 00:25 - 00110592 _____ () E:\WINDOWS\Minidump\Mini051215-01.dmp
2015-05-11 18:54 - 2015-05-11 18:54 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\ChemTable Software
2015-05-11 18:53 - 2015-05-11 18:54 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\ChemTable Software
2015-05-09 13:06 - 2015-05-09 13:06 - 00000000 ____D () E:\Program Files\Galloway Software
2015-05-09 13:05 - 2015-05-09 13:05 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Keyboard Manager
2015-05-08 21:05 - 2015-05-27 19:01 - 00000320 _____ () E:\WINDOWS\Tasks\Start Registry Reviver for THOR-8CF1C1F72E@RA(logon).job
2015-05-08 21:05 - 2015-05-08 21:05 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\ReviverSoft
2015-05-08 21:05 - 2015-05-08 21:05 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\ReviverSoft
2015-05-08 20:58 - 2015-05-08 20:58 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Desk Registry 1.03
2015-05-08 17:19 - 2015-05-08 17:19 - 00000000 ____D () E:\Program Files\Fichiers communs\PC Tools
2015-05-08 17:19 - 2015-05-08 17:19 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\PC Tools Registry Mechanic
2015-05-08 17:19 - 2012-08-21 14:44 - 00038560 _____ () E:\WINDOWS\system32\CleanMFT32.exe
2015-05-08 17:19 - 2008-09-17 21:17 - 00658432 _____ (Microsoft Corporation) E:\WINDOWS\system32\MSCOMCT2.OCX
2015-05-08 17:19 - 2008-04-02 15:54 - 01101824 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBox210.ocx
2015-05-08 17:19 - 2008-04-02 15:53 - 00880640 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBox10.ocx
2015-05-08 17:19 - 2008-04-02 15:53 - 00212992 _____ (Woodbury Associates Limited) E:\WINDOWS\system32\UniBoxVB12.ocx
2015-05-08 17:14 - 2015-05-08 17:14 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Product_RM
2015-05-08 17:14 - 2015-05-08 17:14 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\PC Tools
2015-05-07 14:18 - 2015-05-07 14:21 - 396316614 _____ () E:\Documents and Settings\RA\Bureau\Les Visiteurs (16-9).mp4
2015-05-07 14:12 - 2015-05-25 21:59 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\vlc
2015-05-07 13:51 - 2015-05-07 13:51 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
2015-05-07 13:48 - 2015-05-07 13:48 - 00000000 ____D () E:\Program Files\WinPcap
2015-05-07 13:48 - 2015-05-07 13:48 - 00000000 ____D () E:\Program Files\VSO
2015-05-07 13:48 - 2014-04-10 12:05 - 00033624 _____ () E:\WINDOWS\system32\Drivers\eve.sys
2015-05-06 22:58 - 2015-05-07 14:12 - 00000000 ____D () E:\Documents and Settings\RA\Mes documents\VSO Downloader
2015-05-06 22:58 - 2015-05-06 22:58 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\VSO
2015-05-06 21:59 - 2015-05-06 21:59 - 00012326 _____ () E:\drwtsn32.log
2015-05-05 01:44 - 2015-05-05 01:44 - 00000754 _____ () E:\WINDOWS\WORDPAD.INI
2015-05-03 16:12 - 2015-05-23 12:28 - 00003137 _____ () E:\Documents and Settings\RA\.kdiff3rc
2015-05-03 14:53 - 2015-05-03 14:53 - 00000396 _____ () E:\Documents and Settings\RA\Bureau\La Boîte Élextronique.lnk
2015-05-03 14:48 - 2015-05-03 14:48 - 00011936 _____ () E:\WINDOWS\system32\wpa.bak
2015-05-03 14:30 - 2015-05-27 19:03 - 00011936 _____ () E:\WINDOWS\system32\wpa.dbl
2015-05-03 14:30 - 2013-04-07 18:12 - 00001374 _____ () E:\WINDOWS\system32\wpa.dbl.RA1
2015-05-03 14:28 - 2015-05-03 14:11 - 00001172 _____ () E:\WINDOWS\system32\wpa.dbl.RA2
2015-05-02 13:15 - 2015-05-02 13:15 - 00000000 ____D () E:\WINDOWS\SiS
2015-05-01 13:07 - 2015-05-01 13:07 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\KeePass
2015-04-30 23:26 - 2015-04-30 23:26 - 00006170 _____ () E:\WINDOWS\DPINST.LOG
2015-04-30 23:26 - 2015-04-30 23:26 - 00000000 ____D () E:\Program Files\Innovative Solutions
2015-04-30 16:25 - 2006-02-14 16:02 - 00032768 _____ (SiS Corporation) E:\WINDOWS\system32\Drivers\sisnicxp.sys
2015-04-29 00:17 - 2015-04-29 00:17 - 00110592 _____ () E:\WINDOWS\Minidump\Mini042915-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-28 14:23 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Temp
2015-05-28 14:21 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA\Bureau
2015-05-28 14:19 - 2013-05-02 22:08 - 00000426 ____H () E:\WINDOWS\Tasks\User_Feed_Synchronization-{A3265C46-D417-4EB6-8617-FE2345007F11}.job
2015-05-28 14:18 - 2015-04-23 23:55 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-05-28 10:19 - 2013-03-08 15:37 - 00032618 _____ () E:\WINDOWS\SchedLgU.Txt
2015-05-28 03:35 - 2013-03-08 15:30 - 01146639 _____ () E:\WINDOWS\WindowsUpdate.log
2015-05-27 21:49 - 2013-03-08 15:41 - 00000000 ____D () E:\Documents and Settings\RA
2015-05-27 20:45 - 2013-03-05 09:15 - 00000000 ____D () E:\Documents and Settings\All Users\Bureau
2015-05-27 19:12 - 2013-04-08 02:28 - 00000642 _____ () E:\Documents and Settings\All Users\Bureau\Firefox.lnk
2015-05-27 19:09 - 2013-03-05 09:18 - 00000159 _____ () E:\WINDOWS\wiadebug.log
2015-05-27 19:09 - 2013-03-05 09:18 - 00000050 _____ () E:\WINDOWS\wiaservc.log
2015-05-27 19:02 - 2015-04-22 21:01 - 00000000 ____D () E:\Documents and Settings\RA\.rainlendar2
2015-05-27 19:02 - 2015-04-22 05:48 - 00000673 _____ () E:\WINDOWS\clipc.INI
2015-05-27 19:01 - 2013-03-08 15:37 - 00000006 ____H () E:\WINDOWS\Tasks\SA.DAT
2015-05-27 19:00 - 2013-03-08 15:41 - 00000184 ___SH () E:\Documents and Settings\RA\ntuser.ini
2015-05-27 18:57 - 2013-03-08 15:24 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
2015-05-27 09:34 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Accessoires
2015-05-26 17:57 - 2013-03-05 09:16 - 00000000 ____D () E:\Program Files\Fichiers communs
2015-05-26 17:52 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes
2015-05-26 16:49 - 2013-03-05 09:16 - 01350399 _____ () E:\WINDOWS\iis6.log
2015-05-26 16:49 - 2013-03-05 09:16 - 01154347 _____ () E:\WINDOWS\FaxSetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00600654 _____ () E:\WINDOWS\ocgen.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00549085 _____ () E:\WINDOWS\tsoc.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00398007 _____ () E:\WINDOWS\comsetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00376006 _____ () E:\WINDOWS\msmqinst.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00243729 _____ () E:\WINDOWS\ntdtcsetup.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00205675 _____ () E:\WINDOWS\netfxocm.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00082664 _____ () E:\WINDOWS\MedCtrOC.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00065502 _____ () E:\WINDOWS\ocmsn.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00058185 _____ () E:\WINDOWS\msgsocm.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00057896 _____ () E:\WINDOWS\tabletoc.log
2015-05-26 16:49 - 2013-03-05 09:16 - 00001917 _____ () E:\WINDOWS\imsins.log
2015-05-26 12:53 - 2013-03-08 15:37 - 00000000 ___SD () E:\Documents and Settings\NetworkService
2015-05-26 12:53 - 2013-03-08 15:37 - 00000000 ___SD () E:\Documents and Settings\LocalService
2015-05-26 12:53 - 2013-03-08 15:28 - 00000000 ____D () E:\WINDOWS\Registration
2015-05-26 12:36 - 2015-04-22 22:01 - 00000000 ____D () E:\WINDOWS\Minidump
2015-05-26 12:32 - 2015-04-26 15:02 - 00427301 _____ () E:\WINDOWS\setupapi.log
2015-05-25 21:04 - 2013-03-05 09:15 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-05-25 18:24 - 2013-03-08 15:41 - 00000000 ___RD () E:\Documents and Settings\RA\Menu Démarrer\Programmes\Démarrage
2015-05-25 16:37 - 2015-04-22 00:34 - 00524288 _____ () E:\WINDOWS\system32\config\ACEEvent.evt
2015-05-24 12:43 - 2013-04-05 20:52 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\INTERNET
2015-05-23 21:42 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\Resources
2015-05-23 15:59 - 2013-04-05 20:51 - 00000000 ____D () E:\Documents and Settings\RA\Menu Démarrer\Programmes\INTERNET
2015-05-21 04:02 - 2015-04-26 15:33 - 00272960 _____ () E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-05-21 01:45 - 2013-03-05 09:15 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer
2015-05-19 20:52 - 2015-04-22 23:21 - 00000000 ____D () E:\Documents and Settings\RA\Local Settings\Application Data\Adobe
2015-05-19 20:52 - 2013-05-03 08:02 - 00778416 _____ (Adobe Systems Incorporated) E:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-19 20:52 - 2013-05-03 08:02 - 00142512 _____ (Adobe Systems Incorporated) E:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-19 12:50 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\security
2015-05-19 12:47 - 2013-04-06 02:55 - 00000438 __RSH () E:\Documents and Settings\All Users\ntuser.pol
2015-05-19 12:44 - 2013-03-08 15:28 - 00000000 ___RD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
2015-05-19 11:27 - 2015-04-22 01:12 - 00000000 ____D () E:\Documents and Settings\RA\Bureau\Aller à
2015-05-16 16:56 - 2015-04-22 00:27 - 00000000 ____D () E:\WINDOWS\Microsoft.NET
2015-05-16 11:32 - 2013-03-05 09:16 - 01193168 _____ () E:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 11:21 - 2013-04-05 20:32 - 00000000 ____D () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Matériel
2015-05-16 10:59 - 2013-03-05 09:16 - 00001917 _____ () E:\WINDOWS\imsins.BAK
2015-05-15 12:36 - 2013-03-08 15:28 - 00008250 _____ () E:\WINDOWS\wmsetup.log
2015-05-15 11:34 - 2013-04-05 20:32 - 00000000 ____D () E:\WINDOWS\system32\ReinstallBackups
2015-05-14 23:23 - 2013-03-05 09:15 - 00000000 ___HD () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2015-05-14 22:34 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\Cursors
2015-05-14 21:57 - 2013-03-05 09:16 - 00000000 ____D () E:\Program Files\Fichiers communs\Microsoft Shared
2015-05-14 21:57 - 2013-03-05 09:06 - 00000000 ____D () E:\WINDOWS\system32\mui
2015-05-13 10:44 - 2013-03-08 15:54 - 00013872 _____ () E:\Documents and Settings\RA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-12 17:15 - 2008-04-14 08:00 - 00000558 _____ () E:\WINDOWS\win.ini
2015-05-11 23:20 - 2013-03-05 09:14 - 00102232 _____ () E:\WINDOWS\system32\FNTCACHE.DAT
2015-05-09 20:06 - 2013-04-22 19:29 - 00000751 _____ () E:\Documents and Settings\All Users\Menu Démarrer\Programmes\TeraCopy.lnk
2015-05-09 13:06 - 2015-04-24 00:15 - 00000000 ____D () E:\Documents and Settings\RA\Application Data\Galloway Software
2015-05-08 21:02 - 2015-04-22 14:28 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\Registry First Aid
2015-05-08 17:19 - 2015-04-22 14:24 - 00000000 ____D () E:\Documents and Settings\All Users\Application Data\TEMP
2015-04-29 00:26 - 2015-04-24 20:14 - 00000454 _____ () E:\Documents and Settings\RA\Bureau\MOI.lnk
Some files in TEMP:
====================
E:\Documents and Settings\RA\Local Settings\Temp\ChangeIcon.exe
E:\Documents and Settings\RA\Local Settings\Temp\dateinj01.dll
E:\Documents and Settings\RA\Local Settings\Temp\Foxit Updater.exe
E:\Documents and Settings\RA\Local Settings\Temp\vlc-2.2.1-win32.exe
E:\Documents and Settings\RA\Local Settings\Temp\xmlUpdater.exe
E:\Documents and Settings\RA\Local Settings\Temp\xuninst.exe
E:\Documents and Settings\RA\Local Settings\Temp\{AD09A872-32B0-4B17-A21B-CD9150487F82}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
E:\WINDOWS\explorer.exe => File is digitally signed
E:\WINDOWS\system32\winlogon.exe => File is digitally signed
E:\WINDOWS\system32\svchost.exe => File is digitally signed
E:\WINDOWS\system32\services.exe => File is digitally signed
E:\WINDOWS\system32\User32.dll => File is digitally signed
E:\WINDOWS\system32\userinit.exe => File is digitally signed
E:\WINDOWS\system32\rpcss.dll => File is digitally signed
E:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================