Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-05-2015 02
Ran by doirat (administrator) on USER-F1FB0DB07E on 18-05-2015 22:13:59
Running from C:\Documents and Settings\doirat\Bureau
Loaded Profiles: doirat (Available profiles: doirat)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXTCS.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
(SFR) C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Winlogon\Notify\IfxWlxEN: C:\WINDOWS\system32\IfxWlxEN.dll [2006-02-28] (Infineon Technologies AG)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\MountPoints2: {01d6e0b7-1867-11e2-8bfc-8fa8b2f27230} - F:\Toshiba\Launcher\start.exe
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\MountPoints2: {700e7100-186e-11e2-8bfe-0016d4cf7794} - E:\SFRLauncher.exe
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = res://C:\WINDOWS\system32\xpsp3res.dll/dnserror.htm
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.delta-homes.com/?type=hp&ts=1402635330&from=wpm0612&uid=WDCXWD800BEVS-75RST0_WD-WXE20736625266252
URLSearchHook: HKU\S-1-5-21-57989841-789336058-1417001333-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = http://www.basicseek.com/?prt=BASICSEEK113&sp=&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = http://www.basicseek.com/?prt=bscsk50r1&keywords={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default
FF SelectedSearchEngine: Search
FF Homepage: about:home
FF Keyword.URL: hxxp://badoo.com/startpage/?source=bsb&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-12] ()
FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-06] ()
FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-06] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\user.js [2015-03-06]
FF SearchPlugin: C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\searchplugins\badoo.xml [2015-02-12]
FF Extension: MediaPlayerplus - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68(2).com [2015-02-15]
FF Extension: UniDEaollse - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\LBPDb@g.org [2015-02-23]
FF Extension: youtubeadblocker - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\Vuyn@0a9.org [2015-02-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-22]
FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-06]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-06]
FF Extension: No Name - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; C:\WINDOWS\system32\IFXSPMGT.exe [507904 2006-02-28] (Infineon Technologies AG) [File not signed]
R2 IFXTCS; C:\WINDOWS\system32\IFXTCS.exe [737280 2006-02-28] (Infineon Technologies AG) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 PersonalSecureDriveService; C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE [99872 2006-02-28] (Infineon Technologies AG)
R2 SFR.Dashboard.Service; C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe [25008 2012-03-16] (SFR)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 cm_km_w; C:\WINDOWS\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-03-22] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [37888 2006-03-22] (ENE Technology Inc.)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36352 2006-02-28] (Infineon Technologies AG)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [116744 2014-12-05] (Kaspersky Lab ZAO)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [36024 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [671432 2014-12-05] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [23648 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [60552 2014-08-21] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO)
S3 Ktp; C:\WINDOWS\System32\DRIVERS\Ktp.sys [27904 2006-03-17] (ELANTECH Devices Corp.)
S1 lusbaudio; C:\WINDOWS\System32\drivers\OVSound2.sys [25216 2001-08-17] (Microsoft Corporation)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [9216 2012-03-16] (MBB Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [20096 2005-11-19] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R1 PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [36768 2006-02-28] (Infineon Technologies AG)
S3 QCEmerald; C:\WINDOWS\System32\DRIVERS\OVCE.sys [31872 2001-08-17] (Microsoft Corporation)
S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [130048 2012-03-16] (ZTE Corporation)
S4 IntelIde; No ImagePath
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S3 NETw3x32; system32\DRIVERS\NETw3x32.sys [X]
S4 s24trans; system32\DRIVERS\s24trans.sys [X]
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\AGRSM.sys C41A5740468D0B9CB46E6390A0E15CE3
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\WINDOWS\System32\DRIVERS\cm_km_w.sys 1A5800ECFBB105B2674D2C0F3885C3E1
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\WINDOWS\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\EMS7SK.sys 01857B94BD3F8C99188862D026C925C0
C:\WINDOWS\System32\DRIVERS\ESD7SK.sys 5983F3F91487C2A2A514C17245A0E25D
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS 0A359837E021BC04A04A6FD189492C65
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\RtkHDAud.sys 27B220620A480E54BF57E4750CA9B65F
C:\WINDOWS\System32\DRIVERS\intelppm.sys AD340800C35A42D4DE1641A37FEEA34C
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\WINDOWS\System32\DRIVERS\kbdhid.sys 94C59CB884BA010C063687C3A50DCE8E
C:\WINDOWS\System32\DRIVERS\kl1.sys 48A104DDC01F6547DED5F9C4C796DD46
C:\WINDOWS\System32\DRIVERS\kldisk.sys 926D0E54CD4BBF0160AB9B10A4010719
C:\WINDOWS\System32\DRIVERS\klflt.sys 8A2E7E91820FDFDE572D58A356BAC187
C:\WINDOWS\System32\DRIVERS\klhk.sys 097918B5AA3F9E32B9E68F0D87CF5B94
C:\WINDOWS\System32\DRIVERS\klif.sys 714DF2F748C5E04DD2523601A5D60992
C:\WINDOWS\System32\DRIVERS\klim5.sys 2C85E9963B1F71E3B631B61F00790512
C:\WINDOWS\System32\DRIVERS\klkbdflt.sys B60AFAF05E704BF226C886D311FFDA16
C:\WINDOWS\System32\DRIVERS\klmouflt.sys 480E19A71C6EDE70B7536E96B223CE1F
C:\WINDOWS\System32\DRIVERS\klpd.sys EB0D72D2844C57F5F146D7A15B04FBF9
C:\WINDOWS\System32\DRIVERS\kltdf.sys B705C6EEE2B14B89E51C92442DE4BDDC
C:\WINDOWS\System32\DRIVERS\kltdi.sys EDB35F43026CC3CA52DD11D5FBC625A9
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\System32\DRIVERS\kneps.sys 24025B8E6A6AE596EC6C7E4B1A10C660
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\Ktp.sys 85F2D0B638D6364653DE992B9A370FE8
C:\WINDOWS\System32\drivers\OVSound2.sys 081CAF42D5DB1FCF8794FD77BEFD1B11
C:\WINDOWS\System32\drivers\massfilter.sys B4B8B993A83084CE25DC776965903CE7
C:\WINDOWS\system32\drivers\mbam.sys AB73A39A5E45F465B02C11C500BB0278
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\WINDOWS\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\WINDOWS\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\NETwLx32.sys 72062B53186E4A3F5FCBC41EBB62B905
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\System32\DRIVERS\NuidFltr.sys CF7E041663119E09D2E118521ADA9300
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys F55138BC8319DC17DC1A2D7D5908ED72
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\WINDOWS\System32\Drivers\PCASp50.sys 07C02C892E8E1A72D6BF35004F0E9C5E
C:\WINDOWS\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\WINDOWS\System32\DRIVERS\pciide.sys F4BFDE7209C14A07AAA61E4D6AE69EAC
C:\WINDOWS\System32\DRIVERS\pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\WINDOWS\System32\drivers\psd.sys E07D23DE6E595A24B3F0B8BAB0080149
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\OVCE.sys 90849934D37133E069F31F3E9A66C9BC
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys 6BB86099E1B4F9994D4F733F0C9E4C22
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\Wdf01000.sys FD47474BD21794508AF449D9D91AF6E6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B
C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys 45D3EE3EFB3D543584178FFCF322D057
C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys 6CE50D8D4FB57D7D4B2EF7EFB028C8DE
C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys 45D3EE3EFB3D543584178FFCF322D057
C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys 45D3EE3EFB3D543584178FFCF322D057
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== Three Months Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 22:13 - 2015-05-18 22:14 - 00028866 _____ () C:\Documents and Settings\doirat\Bureau\FRST.txt
2015-05-18 22:13 - 2015-05-18 22:14 - 00000000 ____D () C:\FRST
2015-05-18 22:08 - 2015-05-18 22:07 - 01146368 _____ (Farbar) C:\Documents and Settings\doirat\Bureau\FRST.exe
2015-05-18 20:57 - 2015-05-18 20:57 - 00034226 _____ () C:\Documents and Settings\doirat\Bureau\ZHPDiag.txt
2015-05-18 20:29 - 2015-05-18 20:29 - 00024608 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-18 20:27 - 2015-05-18 20:27 - 00127704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-18 17:50 - 2015-05-18 17:50 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\Epson
2015-05-18 17:37 - 2015-05-18 17:37 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\Infineon
2015-05-17 21:17 - 2015-05-18 20:53 - 00005359 _____ () C:\Documents and Settings\doirat\Bureau\ZHPCleaner.txt
2015-05-17 21:13 - 2015-05-17 21:13 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-17 20:56 - 2015-05-17 21:13 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-17 20:56 - 2015-05-17 20:56 - 00001628 _____ () C:\Documents and Settings\doirat\Bureau\ZHPFix.lnk
2015-05-17 20:56 - 2015-05-17 20:56 - 00001523 _____ () C:\Documents and Settings\doirat\Bureau\ZHPDiag.lnk
2015-05-17 20:56 - 2015-05-17 20:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2015-05-17 20:54 - 2015-05-18 17:51 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 20:52 - 2015-05-18 20:57 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\ZHP
2015-05-17 20:52 - 2015-05-18 20:28 - 00000812 _____ () C:\Documents and Settings\doirat\Bureau\ZHPCleaner.lnk
2015-05-17 20:51 - 2015-05-17 20:51 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\vlc
2015-05-17 20:49 - 2015-05-17 20:49 - 00000777 _____ () C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-05-17 20:49 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-17 20:49 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-17 20:35 - 2015-05-17 20:35 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2015-05-17 20:35 - 2015-05-17 20:35 - 00000724 _____ () C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
2015-05-17 20:35 - 2015-05-17 20:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-17 20:35 - 2015-05-17 20:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-06 18:24 - 2015-05-17 21:04 - 00001024 ____H () C:\WINDOWS\system32\config\elam.LOG
2015-03-06 18:24 - 2015-03-06 18:24 - 00262144 _____ () C:\WINDOWS\system32\config\elam
2015-03-06 17:41 - 2015-03-06 17:41 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Kaspersky Anti-Virus
2015-03-06 17:41 - 2015-03-06 17:40 - 00001826 _____ () C:\Documents and Settings\All Users\Bureau\Kaspersky Anti-Virus.lnk
2015-03-06 17:36 - 2015-05-18 21:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-03-06 17:36 - 2015-03-06 17:36 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-03-06 17:34 - 2014-12-05 01:10 - 00671432 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-03-06 17:34 - 2014-12-05 01:10 - 00116744 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-03-06 17:34 - 2014-08-12 18:32 - 00036024 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2015-02-20 14:53 - 2015-05-17 21:09 - 00000000 ____D () C:\Program Files\QR Image from URL
2015-02-20 14:52 - 2015-02-20 14:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\hljhjhenbobadbpfdiifeepabnoniofg
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 22:14 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat\Local Settings\Temp
2015-05-18 22:13 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat\Bureau
2015-05-18 22:00 - 2012-10-16 17:51 - 01997897 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-18 21:59 - 2015-01-10 19:19 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-05-18 21:59 - 2012-10-17 16:40 - 00045378 _____ () C:\WINDOWS\system32\nvapps.xml
2015-05-18 21:59 - 2012-10-16 19:15 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-05-18 21:59 - 2012-10-16 19:15 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-05-18 21:59 - 2012-10-16 17:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-18 21:04 - 2014-05-13 18:29 - 00120186 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-789336058-1417001333-1004-0.dat
2015-05-18 21:04 - 2014-05-13 18:02 - 00120186 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-05-18 21:04 - 2012-10-16 18:00 - 00000184 ___SH () C:\Documents and Settings\doirat\ntuser.ini
2015-05-18 21:04 - 2012-10-16 17:59 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-18 21:01 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat
2015-05-18 20:55 - 2014-05-30 19:26 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-18 18:41 - 2012-10-21 23:20 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-05-18 17:40 - 2014-05-13 17:54 - 00000000 ____D () C:\Program Files\globalUpdate
2015-05-18 17:40 - 2013-12-13 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Conduit
2015-05-18 17:40 - 2013-03-29 00:35 - 00000000 ____D () C:\Program Files\Fichiers communs\337
2015-05-18 17:40 - 2013-01-28 09:33 - 00000000 ____D () C:\Program Files\Boxore
2015-05-18 17:40 - 2012-10-21 23:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2015-05-18 17:39 - 2015-02-15 21:18 - 00000000 ____D () C:\Documents and Settings\doirat\Mes documents\Téléchargements
2015-05-18 17:39 - 2014-07-05 15:17 - 00000000 ____D () C:\Program Files\focusbase
2015-05-18 17:34 - 2012-10-17 20:55 - 00000000 ____D () C:\Documents and Settings\doirat\Local Settings\Application Data\Google
2015-05-18 05:59 - 2014-05-20 17:19 - 00000000 ____D () C:\Program Files\003
2015-05-18 05:59 - 2008-04-14 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-17 21:11 - 2012-10-16 19:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-05-17 20:53 - 2014-07-30 23:09 - 00000682 _____ () C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2015-05-17 20:53 - 2014-07-30 23:09 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-17 20:51 - 2012-10-16 18:00 - 00000000 ___RD () C:\Documents and Settings\doirat\Menu Démarrer\Programmes
2015-05-17 20:49 - 2012-10-16 19:11 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2015-05-17 20:20 - 2015-01-20 16:53 - 00000112 _____ () C:\Documents and Settings\All Users\Application Data\qtEnO5.dat
2015-05-17 20:18 - 2012-10-16 19:12 - 01524164 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-05-13 17:58 - 2014-05-13 17:59 - 0000318 _____ () C:\Documents and Settings\doirat\Application Data\aps.uninstall.scan.results
2014-05-13 18:05 - 2014-05-12 17:03 - 1728484 _____ (AnyProtect.com) C:\Documents and Settings\doirat\Local Settings\Application Data\AnyProtectScannerSetup.exe
2012-10-17 16:29 - 2012-10-17 16:29 - 0005120 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-13 17:56 - 2014-05-13 17:56 - 1746032 _____ (AnyProtect.com) C:\Documents and Settings\doirat\Local Settings\Application Data\nsmB1.tmp
2013-01-28 09:10 - 2013-01-28 09:10 - 20480000 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\store-pp.jbs
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Ran by doirat (administrator) on USER-F1FB0DB07E on 18-05-2015 22:13:59
Running from C:\Documents and Settings\doirat\Bureau
Loaded Profiles: doirat (Available profiles: doirat)
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXSPMGT.exe
(Infineon Technologies AG) C:\WINDOWS\system32\IFXTCS.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE
(SFR) C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
(Infineon Technologies AG) C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Winlogon\Notify\IfxWlxEN: C:\WINDOWS\system32\IfxWlxEN.dll [2006-02-28] (Infineon Technologies AG)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\MountPoints2: {01d6e0b7-1867-11e2-8bfc-8fa8b2f27230} - F:\Toshiba\Launcher\start.exe
HKU\S-1-5-21-57989841-789336058-1417001333-1004\...\MountPoints2: {700e7100-186e-11e2-8bfe-0016d4cf7794} - E:\SFRLauncher.exe
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssstars.scr [14336 2008-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = res://C:\WINDOWS\system32\xpsp3res.dll/dnserror.htm
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
HKU\S-1-5-21-57989841-789336058-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.delta-homes.com/?type=hp&ts=1402635330&from=wpm0612&uid=WDCXWD800BEVS-75RST0_WD-WXE20736625266252
URLSearchHook: HKU\S-1-5-21-57989841-789336058-1417001333-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\.DEFAULT -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = http://www.basicseek.com/?prt=BASICSEEK113&sp=&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> {F42D4712-298F-4502-8668-7B9940C3FB00} URL = http://www.basicseek.com/?prt=bscsk50r1&keywords={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2014-12-05] (Kaspersky Lab ZAO)
Toolbar: HKU\S-1-5-21-57989841-789336058-1417001333-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2002-05-23] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-25] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default
FF SelectedSearchEngine: Search
FF Homepage: about:home
FF Keyword.URL: hxxp://badoo.com/startpage/?source=bsb&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-12] ()
FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-06] ()
FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-06] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF user.js: detected! => C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\user.js [2015-03-06]
FF SearchPlugin: C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\searchplugins\badoo.xml [2015-02-12]
FF Extension: MediaPlayerplus - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68(2).com [2015-02-15]
FF Extension: UniDEaollse - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\LBPDb@g.org [2015-02-23]
FF Extension: youtubeadblocker - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\Extensions\Vuyn@0a9.org [2015-02-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-10-22]
FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-06]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-06]
FF Extension: No Name - C:\Documents and Settings\doirat\Application Data\Mozilla\Firefox\Profiles\52mazhos.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; C:\WINDOWS\system32\IFXSPMGT.exe [507904 2006-02-28] (Infineon Technologies AG) [File not signed]
R2 IFXTCS; C:\WINDOWS\system32\IFXTCS.exe [737280 2006-02-28] (Infineon Technologies AG) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 PersonalSecureDriveService; C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE [99872 2006-02-28] (Infineon Technologies AG)
R2 SFR.Dashboard.Service; C:\Program Files\SFR\Gestionnaire de Connexion\SFR.Dashboard.Service.exe [25008 2012-03-16] (SFR)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 cm_km_w; C:\WINDOWS\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-03-22] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [37888 2006-03-22] (ENE Technology Inc.)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [36352 2006-02-28] (Infineon Technologies AG)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [116744 2014-12-05] (Kaspersky Lab ZAO)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [36024 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [671432 2014-12-05] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [23648 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [60552 2014-08-21] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO)
S3 Ktp; C:\WINDOWS\System32\DRIVERS\Ktp.sys [27904 2006-03-17] (ELANTECH Devices Corp.)
S1 lusbaudio; C:\WINDOWS\System32\drivers\OVSound2.sys [25216 2001-08-17] (Microsoft Corporation)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [9216 2012-03-16] (MBB Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 PCASp50; C:\WINDOWS\System32\Drivers\PCASp50.sys [20096 2005-11-19] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R1 PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [36768 2006-02-28] (Infineon Technologies AG)
S3 QCEmerald; C:\WINDOWS\System32\DRIVERS\OVCE.sys [31872 2001-08-17] (Microsoft Corporation)
S3 ZTEusbnet; C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys [130048 2012-03-16] (ZTE Corporation)
S4 IntelIde; No ImagePath
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S1 netfilter; system32\drivers\netfilter.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S3 NETw3x32; system32\DRIVERS\NETw3x32.sys [X]
S4 s24trans; system32\DRIVERS\s24trans.sys [X]
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys E5E6DBFC41EA8AAD005CB9A57A96B43B
C:\WINDOWS\System32\DRIVERS\ACPIEC.sys E4ABC1212B70BB03D35E60681C447210
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\AGRSM.sys C41A5740468D0B9CB46E6390A0E15CE3
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\WINDOWS\System32\DRIVERS\cm_km_w.sys 1A5800ECFBB105B2674D2C0F3885C3E1
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F5DEADD42335FB33EDCA74ECB2F36CBA
C:\WINDOWS\System32\drivers\dmio.sys 5A7C47C9B3F9FB92A66410A7509F0C71
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\EMS7SK.sys 01857B94BD3F8C99188862D026C925C0
C:\WINDOWS\System32\DRIVERS\ESD7SK.sys 5983F3F91487C2A2A514C17245A0E25D
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys 31F923EB2170FC172C81ABDA0045D18C
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys A86859B77B908C18C2657F284AA29FE3
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys A09BDC4ED10E3B2E0EC27BB94AF32516
C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS 0A359837E021BC04A04A6FD189492C65
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\drivers\RtkHDAud.sys 27B220620A480E54BF57E4750CA9B65F
C:\WINDOWS\System32\DRIVERS\intelppm.sys AD340800C35A42D4DE1641A37FEEA34C
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 355836975A67B6554BCA60328CD6CB74
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 16813155807C6881F4BFBF6657424659
C:\WINDOWS\System32\DRIVERS\kbdhid.sys 94C59CB884BA010C063687C3A50DCE8E
C:\WINDOWS\System32\DRIVERS\kl1.sys 48A104DDC01F6547DED5F9C4C796DD46
C:\WINDOWS\System32\DRIVERS\kldisk.sys 926D0E54CD4BBF0160AB9B10A4010719
C:\WINDOWS\System32\DRIVERS\klflt.sys 8A2E7E91820FDFDE572D58A356BAC187
C:\WINDOWS\System32\DRIVERS\klhk.sys 097918B5AA3F9E32B9E68F0D87CF5B94
C:\WINDOWS\System32\DRIVERS\klif.sys 714DF2F748C5E04DD2523601A5D60992
C:\WINDOWS\System32\DRIVERS\klim5.sys 2C85E9963B1F71E3B631B61F00790512
C:\WINDOWS\System32\DRIVERS\klkbdflt.sys B60AFAF05E704BF226C886D311FFDA16
C:\WINDOWS\System32\DRIVERS\klmouflt.sys 480E19A71C6EDE70B7536E96B223CE1F
C:\WINDOWS\System32\DRIVERS\klpd.sys EB0D72D2844C57F5F146D7A15B04FBF9
C:\WINDOWS\System32\DRIVERS\kltdf.sys B705C6EEE2B14B89E51C92442DE4BDDC
C:\WINDOWS\System32\DRIVERS\kltdi.sys EDB35F43026CC3CA52DD11D5FBC625A9
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\System32\DRIVERS\kneps.sys 24025B8E6A6AE596EC6C7E4B1A10C660
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\Ktp.sys 85F2D0B638D6364653DE992B9A370FE8
C:\WINDOWS\System32\drivers\OVSound2.sys 081CAF42D5DB1FCF8794FD77BEFD1B11
C:\WINDOWS\System32\drivers\massfilter.sys B4B8B993A83084CE25DC776965903CE7
C:\WINDOWS\system32\drivers\mbam.sys AB73A39A5E45F465B02C11C500BB0278
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys 510ADE9327FE84C10254E1902697E25F
C:\WINDOWS\System32\DRIVERS\mouclass.sys 027C01BD7EF3349AAEBC883D8A799EFB
C:\WINDOWS\System32\DRIVERS\mouhid.sys 124D6846040C79B9C997F78EF4B2A4E5
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\NETwLx32.sys 72062B53186E4A3F5FCBC41EBB62B905
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\System32\DRIVERS\NuidFltr.sys CF7E041663119E09D2E118521ADA9300
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys F55138BC8319DC17DC1A2D7D5908ED72
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 8FD0BDBEA875D06CCF6C945CA9ABAF75
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 9575C5630DB8FB804649A6959737154C
C:\WINDOWS\System32\Drivers\PCASp50.sys 07C02C892E8E1A72D6BF35004F0E9C5E
C:\WINDOWS\System32\DRIVERS\pci.sys 043410877BDA580C528F45165F7125BC
C:\WINDOWS\System32\DRIVERS\pciide.sys F4BFDE7209C14A07AAA61E4D6AE69EAC
C:\WINDOWS\System32\DRIVERS\pcmcia.sys F0406CBC60BDB0394A0E17FFB04CDD3D
C:\WINDOWS\System32\drivers\psd.sys E07D23DE6E595A24B3F0B8BAB0080149
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\OVCE.sys 90849934D37133E069F31F3E9A66C9BC
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys D8EB2A7904DB6C916EB5361878DDCBAE
C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys 6BB86099E1B4F9994D4F733F0C9E4C22
C:\WINDOWS\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\system32\Drivers\Serial.sys 93D313C31F7AD9EA2B75F26075413C7C
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 39626E6DC1FB39434EC40C42722B660A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 46DE1126684369BACE4849E4FC8C43CA
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\Wdf01000.sys FD47474BD21794508AF449D9D91AF6E6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\wpdusb.sys CF4DEF1BF66F06964DC0D91844239104
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B
C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys 45D3EE3EFB3D543584178FFCF322D057
C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys 6CE50D8D4FB57D7D4B2EF7EFB028C8DE
C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys 45D3EE3EFB3D543584178FFCF322D057
C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys 45D3EE3EFB3D543584178FFCF322D057
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== Three Months Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 22:13 - 2015-05-18 22:14 - 00028866 _____ () C:\Documents and Settings\doirat\Bureau\FRST.txt
2015-05-18 22:13 - 2015-05-18 22:14 - 00000000 ____D () C:\FRST
2015-05-18 22:08 - 2015-05-18 22:07 - 01146368 _____ (Farbar) C:\Documents and Settings\doirat\Bureau\FRST.exe
2015-05-18 20:57 - 2015-05-18 20:57 - 00034226 _____ () C:\Documents and Settings\doirat\Bureau\ZHPDiag.txt
2015-05-18 20:29 - 2015-05-18 20:29 - 00024608 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-18 20:27 - 2015-05-18 20:27 - 00127704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-18 17:50 - 2015-05-18 17:50 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\Epson
2015-05-18 17:37 - 2015-05-18 17:37 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\Infineon
2015-05-17 21:17 - 2015-05-18 20:53 - 00005359 _____ () C:\Documents and Settings\doirat\Bureau\ZHPCleaner.txt
2015-05-17 21:13 - 2015-05-17 21:13 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-17 20:56 - 2015-05-17 21:13 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-05-17 20:56 - 2015-05-17 20:56 - 00001628 _____ () C:\Documents and Settings\doirat\Bureau\ZHPFix.lnk
2015-05-17 20:56 - 2015-05-17 20:56 - 00001523 _____ () C:\Documents and Settings\doirat\Bureau\ZHPDiag.lnk
2015-05-17 20:56 - 2015-05-17 20:56 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2015-05-17 20:54 - 2015-05-18 17:51 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-17 20:52 - 2015-05-18 20:57 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\ZHP
2015-05-17 20:52 - 2015-05-18 20:28 - 00000812 _____ () C:\Documents and Settings\doirat\Bureau\ZHPCleaner.lnk
2015-05-17 20:51 - 2015-05-17 20:51 - 00000000 ____D () C:\Documents and Settings\doirat\Application Data\vlc
2015-05-17 20:49 - 2015-05-17 20:49 - 00000777 _____ () C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2015-05-17 20:49 - 2015-05-17 20:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-05-17 20:49 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-17 20:49 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-17 20:35 - 2015-05-17 20:35 - 00000730 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2015-05-17 20:35 - 2015-05-17 20:35 - 00000724 _____ () C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
2015-05-17 20:35 - 2015-05-17 20:35 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-17 20:35 - 2015-05-17 20:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-06 18:24 - 2015-05-17 21:04 - 00001024 ____H () C:\WINDOWS\system32\config\elam.LOG
2015-03-06 18:24 - 2015-03-06 18:24 - 00262144 _____ () C:\WINDOWS\system32\config\elam
2015-03-06 17:41 - 2015-03-06 17:41 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Kaspersky Anti-Virus
2015-03-06 17:41 - 2015-03-06 17:40 - 00001826 _____ () C:\Documents and Settings\All Users\Bureau\Kaspersky Anti-Virus.lnk
2015-03-06 17:36 - 2015-05-18 21:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-03-06 17:36 - 2015-03-06 17:36 - 00000000 ____D () C:\Program Files\Kaspersky Lab
2015-03-06 17:34 - 2014-12-05 01:10 - 00671432 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2015-03-06 17:34 - 2014-12-05 01:10 - 00116744 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2015-03-06 17:34 - 2014-08-12 18:32 - 00036024 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2015-02-20 14:53 - 2015-05-17 21:09 - 00000000 ____D () C:\Program Files\QR Image from URL
2015-02-20 14:52 - 2015-02-20 14:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\hljhjhenbobadbpfdiifeepabnoniofg
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-18 22:14 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat\Local Settings\Temp
2015-05-18 22:13 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat\Bureau
2015-05-18 22:00 - 2012-10-16 17:51 - 01997897 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-18 21:59 - 2015-01-10 19:19 - 00000374 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-05-18 21:59 - 2012-10-17 16:40 - 00045378 _____ () C:\WINDOWS\system32\nvapps.xml
2015-05-18 21:59 - 2012-10-16 19:15 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-05-18 21:59 - 2012-10-16 19:15 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-05-18 21:59 - 2012-10-16 17:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-18 21:04 - 2014-05-13 18:29 - 00120186 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-57989841-789336058-1417001333-1004-0.dat
2015-05-18 21:04 - 2014-05-13 18:02 - 00120186 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-05-18 21:04 - 2012-10-16 18:00 - 00000184 ___SH () C:\Documents and Settings\doirat\ntuser.ini
2015-05-18 21:04 - 2012-10-16 17:59 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-18 21:01 - 2012-10-16 18:00 - 00000000 ____D () C:\Documents and Settings\doirat
2015-05-18 20:55 - 2014-05-30 19:26 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-18 18:41 - 2012-10-21 23:20 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-05-18 17:40 - 2014-05-13 17:54 - 00000000 ____D () C:\Program Files\globalUpdate
2015-05-18 17:40 - 2013-12-13 18:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Conduit
2015-05-18 17:40 - 2013-03-29 00:35 - 00000000 ____D () C:\Program Files\Fichiers communs\337
2015-05-18 17:40 - 2013-01-28 09:33 - 00000000 ____D () C:\Program Files\Boxore
2015-05-18 17:40 - 2012-10-21 23:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2015-05-18 17:39 - 2015-02-15 21:18 - 00000000 ____D () C:\Documents and Settings\doirat\Mes documents\Téléchargements
2015-05-18 17:39 - 2014-07-05 15:17 - 00000000 ____D () C:\Program Files\focusbase
2015-05-18 17:34 - 2012-10-17 20:55 - 00000000 ____D () C:\Documents and Settings\doirat\Local Settings\Application Data\Google
2015-05-18 05:59 - 2014-05-20 17:19 - 00000000 ____D () C:\Program Files\003
2015-05-18 05:59 - 2008-04-14 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-17 21:11 - 2012-10-16 19:11 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-05-17 20:53 - 2014-07-30 23:09 - 00000682 _____ () C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2015-05-17 20:53 - 2014-07-30 23:09 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-17 20:51 - 2012-10-16 18:00 - 00000000 ___RD () C:\Documents and Settings\doirat\Menu Démarrer\Programmes
2015-05-17 20:49 - 2012-10-16 19:11 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2015-05-17 20:20 - 2015-01-20 16:53 - 00000112 _____ () C:\Documents and Settings\All Users\Application Data\qtEnO5.dat
2015-05-17 20:18 - 2012-10-16 19:12 - 01524164 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-05-13 17:58 - 2014-05-13 17:59 - 0000318 _____ () C:\Documents and Settings\doirat\Application Data\aps.uninstall.scan.results
2014-05-13 18:05 - 2014-05-12 17:03 - 1728484 _____ (AnyProtect.com) C:\Documents and Settings\doirat\Local Settings\Application Data\AnyProtectScannerSetup.exe
2012-10-17 16:29 - 2012-10-17 16:29 - 0005120 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-13 17:56 - 2014-05-13 17:56 - 1746032 _____ (AnyProtect.com) C:\Documents and Settings\doirat\Local Settings\Application Data\nsmB1.tmp
2013-01-28 09:10 - 2013-01-28 09:10 - 20480000 _____ () C:\Documents and Settings\doirat\Local Settings\Application Data\store-pp.jbs
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================