Bonjour et bonne année :bzh:
Je pensais t'avoir expédier les rapports FRST mais je crois que ça n'a pas marché .Alors j'ai désinstallé le tout ,j'ai rechargé FRST et j'ai effectué un autre scan dont voila les rapports en espérant que cela fonctionne Merci encore pour ton aide ( les rapports me semble long,j'espère que ça va passer
Ha ça y est , je viens de m'apercevoir que deux fichiers ensemble était trop volumineux alors je je pense que je vais te les envoyer en deux fois .Est ce que c'est bon ? Merci :bzh:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by Administrateur (administrator) on SWEET-721B5C1E5 on 03-01-2014 16:16:59
Running from D:\Téléchargements
Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(RealNetworks, Inc.) C:\Program Files\Online Games Manager\ogmservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Sclient) C:\WINDOWS\SClient\SClient.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft ) C:\WINDOWS\SClient\Uploader\NetService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ultracopier.first-world.info) C:\Program Files\Supercopier\supercopier.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Documents and Settings\Administrateur\Application Data\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) D:\Téléchargements\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152 2006-02-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM\...\Run: [SDTray] - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-01] (AVAST Software)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\01aec77b-ac54-4b57-bd84-0eecbf43151a.exe /check [181136 2014-01-01] (AVAST Software)
HKCU\...\Run: [ultracopier] - C:\Program Files\Supercopier\supercopier.exe [174080 2013-05-23] (ultracopier.first-world.info)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-02] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe [96056 2013-12-15] (Siber Systems)
HKCU\...\Run: [Google+ Auto Backup] - C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3622864 2013-12-23] (Google Inc.)
HKCU\...\Policies\Explorer: [NoStartBanner] 1
HKCU\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKCU\...\Policies\Explorer: [ForceStartMenuLogoff] 0
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoCDBurning] 1
MountPoints2: {080aa087-7b98-11e2-ac65-0015f21537de} - F:\KODAK_Camera_Setup_App.exe
HKU\Default User\...\RunOnce: [nlpo_01] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\eHome"
HKU\Default User\...\RunOnce: [nlpo_02] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\help"
HKU\Default User\...\RunOnce: [nlpo_03] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\pchealth"
HKU\Default User\...\RunOnce: [nlpo_04] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst"
HKU\Default User\...\RunOnce: [nlpo_05] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\system32\Oobe"
HKU\Default User\...\RunOnce: [nlpo_06] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Help\Tours"
HKU\Default User\...\RunOnce: [nlpo_07] - rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\system32\Inetsrv"
HKU\Default User\...\RunOnce: [nlpo_08] - cmd.exe /c md "%USERPROFILE%\Local Settings\Temp"
HKU\Default User\...\RunOnce: [nlpo_09] - rundll32 advpack.dll,DelNodeRunDLL32 "%SystemRoot%\System32\dllcache"
HKU\Default User\...\RunOnce: [nlpo_10] - cmd.exe /c md "%SystemRoot%\System32\dllcache"
HKU\Default User\...\RunOnce: [nlpo_11] - cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"
HKU\Default User\...\RunOnce: [nlpo_12] - rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg
HKU\Default User\...\RunOnce: [nlpo_13] - rundll32 advpack.dll,LaunchINFSection nlite.inf,S
Startup: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Administrateur\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie" onclick="window.open(this.href);return false;
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.google.fr/" onclick="window.open(this.href);return false;
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://googlefr/" onclick="window.open(this.href);return false;
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
http://g.msn.com/1me10IE8ENUS02/120" onclick="window.open(this.href);return false;
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.search.msn.com/" onclick="window.open(this.href);return false;{SUB_RFC1766}/srchasst/srchasst.htm
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: ECarteBleueBrowserHelper Class - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll (Orbiscom Ltd. All rights reserved.)
BHO: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: HP Smart Print Helper - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll (Hewlett-Packard)
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
Toolbar: HKCU - avast! EasyPass Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab" onclick="window.open(this.href);return false;
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab" onclick="window.open(this.href);return false;
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\49zap028.default-1388182814640
FF Homepage: hxxp://
www.google.fr" onclick="window.open(this.href);return false;
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: avast! Ad Blocker - C:\Program Files\Mozilla Firefox\extensions\
adblocker@avast.com.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [
fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [
ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: avast! EasyPass Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox
Chrome:
=======
CHR RestoreOnStartup: "hxxp://
www.google.com/"
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL:
http://feed.snapdo.com/?publisher=Vitta ... type=ds&q=" onclick="window.open(this.href);return false;{searchTerms}&installDate=20/12/2013
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Ad Blocker) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_1
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1
CHR Extension: (Gmail) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor12.0; C:\Program Files\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624 2013-09-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-01] (AVAST Software)
S2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ogmservice; C:\Program Files\Online Games Manager\ogmservice.exe [559552 2013-08-08] (RealNetworks, Inc.)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 SClient; C:\WINDOWS\SClient\SClient.exe [1691648 2013-09-10] (Sclient)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 ACDaemon;
S2 Freemake Improver;
S2 FreemakeVideoCapture;
S3 usnsvc; C:\Program Files\MSN Messenger\usnsvc.dll [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4011264 2006-07-21] (Realtek Semiconductor Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-01-01] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-01] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [252336 2014-01-01] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2014-01-01] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-01] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-01] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-01] ()
R3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2011-04-16] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-02-01] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2006-02-01] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-02-01] (HP)
S3 KMW_USB; C:\Windows\System32\DRIVERS\tkfilter.sys [7040 2007-03-13] ()
R3 LKbdFlt2; C:\Windows\System32\DRIVERS\LKbdFlt2.sys [5846 2002-05-21] (Logitech)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation)
R0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [89856 2006-02-26] (NVIDIA Corporation)
R0 nvcchflt; C:\Windows\System32\DRIVERS\nvcchflt.sys [16640 2006-02-26] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [34176 2006-04-14] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [13056 2006-04-14] (NVIDIA Corporation)
R3 PGR1394b; C:\Windows\System32\DRIVERS\HS3dSensor1394.sys [72704 2008-02-19] (Point Grey Research)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-07-19] (Corel Corporation)
R2 SBKUPNT; C:\WINDOWS\system32\Drivers\SBKUPNT.SYS [14976 2001-07-13] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [436792 2011-08-15] ()
R2 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2012-06-03] ()
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (The OpenVPN Project)
U3 aqpa9u47; C:\Windows\System32\Drivers\aqpa9u47.sys [0 ] (NVIDIA Corporation)
S3 CrystalSysInfo; No ImagePath
S3 esgiguard; No ImagePath
S4 IntelIde; No ImagePath
U4 Messenger;
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TrueSight; \??\ [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()
S3 WinRing0_1_2_0; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-01 15:08 - 2014-01-01 15:11 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\RogueKiller
2014-01-01 14:48 - 2014-01-01 14:48 - 00436792 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00223128 _____ (DT Soft Ltd.) C:\WINDOWS\system32\Drivers\dtscsi.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00144128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00123008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxg.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00046848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irbus.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00046096 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\pxhelp20.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00035088 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00030336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00023456 _____ (Phoenix Technologies) C:\WINDOWS\system32\Drivers\DrvAgent32.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00009968 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\cdralw2k.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00009840 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\cdr4_xp.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00005504 _____ C:\WINDOWS\system32\Drivers\StarOpen.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2014-01-01 11:34 - 2014-01-01 11:34 - 00001827 _____ C:\Documents and Settings\Administrateur\Bureau\Google Chrome.lnk
2014-01-01 11:33 - 2014-01-01 11:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
2014-01-01 09:12 - 2014-01-01 09:12 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\AVAST Software
2014-01-01 03:03 - 2014-01-01 03:03 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
2014-01-01 02:38 - 2013-09-16 05:33 - 2202923018 _____ C:\Documents and Settings\Administrateur\Bureau\FF6.2013.EXTENDED.AC3.zone-telechargement.com.avi
2013-12-31 07:55 - 2013-12-31 07:55 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google+ Auto Backup
2013-12-30 17:30 - 2013-12-30 17:38 - 00129953 _____ C:\WINDOWS\hpoins09.dat
2013-12-27 14:58 - 2013-12-27 15:44 - 00000000 ____D C:\Program Files\ZHPDiag
2013-12-27 14:58 - 2013-12-27 14:58 - 00000000 ____D C:\WINDOWS\system32\{userappdata}
2013-12-27 14:58 - 2013-12-27 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2013-12-27 11:01 - 2013-12-27 11:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-27 10:55 - 2013-12-27 10:55 - 00001673 _____ C:\AdwCleaner[R28].txt
2013-12-27 10:55 - 2013-12-27 10:55 - 00000359 _____ C:\AdwCleaner[S18].txt
2013-12-27 10:50 - 2013-12-27 10:51 - 00001612 _____ C:\AdwCleaner[R27].txt
2013-12-27 05:55 - 2013-12-27 05:55 - 00001551 _____ C:\AdwCleaner[R26].txt
2013-12-26 18:10 - 2014-01-03 16:13 - 00000000 ____D C:\FRST
2013-12-26 17:44 - 2013-12-26 17:44 - 00001532 _____ C:\AdwCleaner[S17].txt
2013-12-26 17:41 - 2013-12-26 17:41 - 00001467 _____ C:\AdwCleaner[R25].txt
2013-12-26 12:01 - 2013-12-26 12:01 - 00000746 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2013-12-26 12:01 - 2013-12-26 12:01 - 00000740 _____ C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
2013-12-26 12:01 - 2013-12-26 12:01 - 00000000 __SHD C:\Documents and Settings\Administrateur\IECompatCache
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 ____C (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2013-12-23 16:35 - 2013-12-23 23:09 - 00000000 ____D C:\Documents and Settings\Administrateur\ultracopier
2013-12-22 08:24 - 2013-12-23 23:03 - 00000000 ____D C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP
2013-12-20 18:41 - 2013-12-20 18:41 - 00000079 _____ C:\WINDOWS\wininit.ini
2013-12-19 20:52 - 2013-12-19 20:52 - 00002172 _____ C:\Documents and Settings\Administrateur\.recently-used.xbel
2013-12-19 18:00 - 2013-12-19 20:59 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Photoshop
2013-12-19 17:51 - 2014-01-03 02:00 - 00000368 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SWEET-721B5C1E5-Administrateur.job
2013-12-19 17:05 - 2013-12-19 17:05 - 00001683 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Elements 12.lnk
2013-12-19 14:43 - 2013-12-19 14:43 - 00000812 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Download Assistant.lnk
2013-12-19 14:43 - 2013-12-19 14:43 - 00000000 ____D C:\Program Files\Adobe Download Assistant
2013-12-19 14:43 - 2013-12-19 14:43 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-12-16 17:01 - 2013-12-16 17:01 - 00000000 ____D C:\Malwarebytes
2013-12-16 04:17 - 2013-12-16 04:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
2013-12-11 21:02 - 2013-12-11 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 21:02 - 2013-12-11 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 20:58 - 2013-12-11 20:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 20:58 - 2013-12-11 20:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 20:57 - 2013-12-11 20:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-04 18:41 - 2013-12-22 15:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-12-04 18:40 - 2013-12-22 11:58 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-04 18:39 - 2013-12-04 18:39 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Ultracopier
==================== One Month Modified Files and Folders =======
2014-01-03 16:13 - 2013-12-26 18:10 - 00000000 ____D C:\FRST
2014-01-03 16:13 - 2011-04-17 15:45 - 00001072 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 16:04 - 2012-04-01 10:22 - 00001002 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-03 16:02 - 2012-11-21 14:18 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\PHOTOS
2014-01-03 16:00 - 2013-11-25 18:02 - 00000300 _____ C:\WINDOWS\Tasks\RegistryBooster Maintenance.job
2014-01-03 16:00 - 2011-04-16 19:09 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau
2014-01-03 15:01 - 2013-01-27 09:42 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-03 08:43 - 2002-09-07 03:00 - 00001719 ____C C:\WINDOWS\win.ini
2014-01-03 06:04 - 2011-04-16 19:09 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-03 02:10 - 2013-10-22 19:29 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2014-01-03 02:10 - 2011-04-16 19:06 - 01146668 ____C C:\WINDOWS\WindowsUpdate.log
2014-01-03 02:00 - 2013-12-19 17:51 - 00000368 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SWEET-721B5C1E5-Administrateur.job
2014-01-03 02:00 - 2011-04-21 09:08 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
2014-01-02 20:58 - 2011-10-09 17:14 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\vlc
2014-01-02 20:13 - 2011-04-17 15:45 - 00001068 ____C C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 14:24 - 2011-04-16 19:09 - 00000000 ____D C:\Documents and Settings\Administrateur
2014-01-01 16:11 - 2011-04-16 20:58 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2014-01-01 15:11 - 2014-01-01 15:08 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\RogueKiller
2014-01-01 14:48 - 2014-01-01 14:48 - 00436792 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00223128 _____ (DT Soft Ltd.) C:\WINDOWS\system32\Drivers\dtscsi.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00144128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00123008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxg.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00046848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irbus.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00046096 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\pxhelp20.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00035088 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap0901.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00030336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00023456 _____ (Phoenix Technologies) C:\WINDOWS\system32\Drivers\DrvAgent32.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00009968 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\cdralw2k.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00009840 _____ (Corel Corporation) C:\WINDOWS\system32\Drivers\cdr4_xp.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00005504 _____ C:\WINDOWS\system32\Drivers\StarOpen.sys.bak
2014-01-01 14:48 - 2014-01-01 14:48 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2014-01-01 11:38 - 2013-01-28 14:55 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\AVAST
2014-01-01 11:37 - 2012-03-20 18:09 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\Raccourcis
2014-01-01 11:35 - 2011-06-22 13:47 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2014-01-01 11:34 - 2014-01-01 11:34 - 00001827 _____ C:\Documents and Settings\Administrateur\Bureau\Google Chrome.lnk
2014-01-01 11:33 - 2014-01-01 11:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
2014-01-01 11:33 - 2011-04-16 20:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-01-01 11:32 - 2013-11-25 18:02 - 00000294 _____ C:\WINDOWS\Tasks\RegistryBooster Startup.job
2014-01-01 11:32 - 2011-04-17 15:44 - 00000000 ____D C:\Program Files\Google
2014-01-01 09:13 - 2012-03-22 18:23 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Dropbox
2014-01-01 09:12 - 2014-01-01 09:12 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\AVAST Software
2014-01-01 09:08 - 2002-09-07 03:00 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2014-01-01 09:06 - 2011-04-24 17:48 - 00000159 ____C C:\WINDOWS\wiadebug.log
2014-01-01 09:06 - 2011-04-24 17:48 - 00000050 ____C C:\WINDOWS\wiaservc.log
2014-01-01 09:06 - 2011-04-16 19:09 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2014-01-01 03:03 - 2014-01-01 03:03 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
2014-01-01 03:00 - 2013-03-15 15:43 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-01 03:00 - 2013-03-15 15:43 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-01 03:00 - 2013-03-15 15:43 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-01 03:00 - 2013-01-27 18:54 - 00026136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-01-01 03:00 - 2013-01-27 09:42 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-01 03:00 - 2013-01-27 09:42 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-01 03:00 - 2013-01-27 09:42 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-01 03:00 - 2013-01-27 09:42 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-01 03:00 - 2013-01-27 09:41 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-01 03:00 - 2013-01-27 09:41 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-01 02:59 - 2013-01-27 18:54 - 00252336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2014-01-01 02:51 - 2011-04-16 19:07 - 00003072 ____C C:\WINDOWS\system32\CONFIG.NT
2013-12-31 18:35 - 2013-09-05 18:15 - 00000000 ____D C:\AdwCleaner
2013-12-31 13:47 - 2012-03-31 15:38 - 00000000 ____D C:\Documents and Settings\Administrateur\.gimp-2.6
2013-12-31 11:41 - 2011-04-17 15:45 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
2013-12-31 08:26 - 2011-06-05 17:44 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\MUSIQUE
2013-12-31 07:55 - 2013-12-31 07:55 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google+ Auto Backup
2013-12-30 22:12 - 2012-01-30 17:35 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-12-30 17:38 - 2013-12-30 17:30 - 00129953 _____ C:\WINDOWS\hpoins09.dat
2013-12-30 17:38 - 2011-04-26 14:56 - 00019381 ____C C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2013-12-30 17:38 - 2011-04-16 20:58 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2013-12-30 17:35 - 2011-04-16 20:49 - 00000000 ____D C:\WINDOWS\twain_32
2013-12-28 18:33 - 2011-06-05 17:01 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Audacity
2013-12-27 15:51 - 2011-04-16 19:09 - 00000000 __SHD C:\WINDOWS\CSC
2013-12-27 15:44 - 2013-12-27 14:58 - 00000000 ____D C:\Program Files\ZHPDiag
2013-12-27 15:40 - 2013-10-01 13:02 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\ZHP
2013-12-27 14:58 - 2013-12-27 14:58 - 00000000 ____D C:\WINDOWS\system32\{userappdata}
2013-12-27 14:58 - 2013-12-27 14:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2013-12-27 14:31 - 2012-04-25 13:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-27 11:02 - 2013-12-27 11:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-27 10:55 - 2013-12-27 10:55 - 00001673 _____ C:\AdwCleaner[R28].txt
2013-12-27 10:55 - 2013-12-27 10:55 - 00000359 _____ C:\AdwCleaner[S18].txt
2013-12-27 10:51 - 2013-12-27 10:50 - 00001612 _____ C:\AdwCleaner[R27].txt
2013-12-27 08:44 - 2013-09-10 13:33 - 00000000 ____D C:\WINDOWS\SClient
2013-12-27 05:55 - 2013-12-27 05:55 - 00001551 _____ C:\AdwCleaner[R26].txt
2013-12-26 18:26 - 2013-11-16 09:52 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Dropbox
2013-12-26 18:26 - 2011-04-16 19:09 - 00000000 ___RD C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
2013-12-26 18:16 - 2011-04-16 20:49 - 00000000 ____D C:\WINDOWS\Provisioning
2013-12-26 17:44 - 2013-12-26 17:44 - 00001532 _____ C:\AdwCleaner[S17].txt
2013-12-26 17:41 - 2013-12-26 17:41 - 00001467 _____ C:\AdwCleaner[R25].txt
2013-12-26 12:04 - 2011-04-16 19:09 - 00000000 ___RD C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes
2013-12-26 12:01 - 2013-12-26 12:01 - 00000746 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2013-12-26 12:01 - 2013-12-26 12:01 - 00000740 _____ C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
2013-12-26 12:01 - 2013-12-26 12:01 - 00000000 __SHD C:\Documents and Settings\Administrateur\IECompatCache
2013-12-25 14:50 - 2012-06-17 14:42 - 00000000 ____D C:\Program Files\DivX
2013-12-25 14:50 - 2011-11-04 16:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DivX
2013-12-25 14:49 - 2013-05-13 17:54 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX
2013-12-24 19:45 - 2011-06-22 14:03 - 00000000 ____D C:\WINDOWS\pss
2013-12-24 19:45 - 2011-04-16 20:55 - 00000212 ___SH C:\boot.ini
2013-12-24 19:45 - 2002-09-07 03:00 - 00000227 ____C C:\WINDOWS\system.ini
2013-12-23 23:09 - 2013-12-23 16:35 - 00000000 ____D C:\Documents and Settings\Administrateur\ultracopier
2013-12-23 23:07 - 2013-09-11 14:36 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-23 23:03 - 2013-12-22 08:24 - 00000000 ____D C:\WINDOWS\220FB0354744483A9A0B41DF77061583.TMP
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 ____C (Google Inc.) C:\WINDOWS\system32\GPhotos.scr
2013-12-23 16:34 - 2012-12-15 09:54 - 00091568 _____ C:\Documents and Settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-12-23 16:30 - 2012-12-21 00:04 - 01326512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-22 15:46 - 2013-12-04 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-12-22 11:58 - 2013-12-04 18:40 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2013-12-22 08:34 - 2013-09-10 13:31 - 00000000 __SHD C:\WINDOWS\WebTool
2013-12-22 08:24 - 2013-09-11 14:35 - 00000000 ____D C:\Program Files\Fichiers communs\Wise Installation Wizard
2013-12-22 08:02 - 2013-06-12 16:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2839229$
2013-12-21 08:30 - 2013-10-11 14:39 - 00131072 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2013-12-20 18:44 - 2011-08-18 14:05 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2013-12-20 18:41 - 2013-12-20 18:41 - 00000079 _____ C:\WINDOWS\wininit.ini
2013-12-20 15:10 - 2011-04-21 14:20 - 00000000 ____D C:\Program Files\CCleaner
2013-12-20 02:00 - 2011-04-16 19:16 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2013-12-19 20:59 - 2013-12-19 18:00 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Photoshop
2013-12-19 20:52 - 2013-12-19 20:52 - 00002172 _____ C:\Documents and Settings\Administrateur\.recently-used.xbel
2013-12-19 20:52 - 2012-03-31 16:17 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\gtk-2.0
2013-12-19 17:51 - 2011-11-06 18:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
2013-12-19 17:51 - 2011-04-20 13:41 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\Adobe
2013-12-19 17:33 - 2011-04-16 19:16 - 00000000 ____D C:\Program Files\Fichiers communs\Adobe
2013-12-19 17:06 - 2011-04-16 19:16 - 00000000 ____D C:\Program Files\Adobe
2013-12-19 17:05 - 2013-12-19 17:05 - 00001683 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Elements 12.lnk
2013-12-19 14:43 - 2013-12-19 14:43 - 00000812 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Download Assistant.lnk
2013-12-19 14:43 - 2013-12-19 14:43 - 00000000 ____D C:\Program Files\Adobe Download Assistant
2013-12-19 14:43 - 2013-12-19 14:43 - 00000000 ____D C:\Documents and Settings\Administrateur\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-12-19 14:22 - 2013-11-11 07:12 - 00000000 ____D C:\Documents and Settings\Administrateur\Bureau\Taille Haie
2013-12-19 14:22 - 2013-11-04 17:15 - 00011264 ___SH C:\Documents and Settings\Administrateur\Bureau\Thumbs.db
2013-12-19 14:11 - 2013-01-27 18:55 - 00104752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFW.sys
2013-12-17 00:15 - 2013-01-27 09:45 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Drive
2013-12-16 17:01 - 2013-12-16 17:01 - 00000000 ____D C:\Malwarebytes
2013-12-16 04:17 - 2013-12-16 04:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Earth
2013-12-15 15:01 - 2013-07-07 14:14 - 00000000 ____D C:\Program Files\Fichiers communs\DVDVideoSoft
2013-12-15 08:15 - 2013-01-27 18:56 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\avast! EasyPass
2013-12-14 18:20 - 2011-08-15 13:34 - 00000000 ____D C:\Program Files\Fichiers communs\Adobe AIR
2013-12-14 14:33 - 2013-10-11 19:55 - 00000000 ___HD C:\Documents and Settings\Administrateur\Bureau\.picasaoriginals
2013-12-12 18:45 - 2013-11-20 19:18 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-12-12 18:45 - 2013-03-09 05:42 - 00001684 _____ C:\Documents and Settings\All Users\Bureau\Mozilla Thunderbird.lnk
2013-12-12 18:45 - 2011-08-04 13:28 - 00001690 ____C C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Thunderbird.lnk
2013-12-12 18:45 - 2011-04-17 17:07 - 00000000 ____D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Thunderbird
2013-12-12 18:28 - 2012-04-01 10:22 - 00692616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-12 18:28 - 2011-05-18 17:51 - 00071048 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-11 21:03 - 2011-04-22 17:08 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-11 21:02 - 2013-12-11 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 21:02 - 2013-12-11 21:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 21:02 - 2013-08-14 20:18 - 00012872 _____ C:\WINDOWS\system32\TZLog.log
2013-12-11 21:02 - 2013-07-11 13:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-11 20:58 - 2013-12-11 20:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 20:58 - 2013-12-11 20:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 20:58 - 2011-04-16 19:09 - 88123800 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-11 20:57 - 2013-12-11 20:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-10 18:19 - 2012-11-01 14:11 - 00000000 ____D C:\Program Files\RealArcade
2013-12-07 20:28 - 2011-09-13 13:59 - 00000000 ___RD C:\Documents and Settings\Administrateur\Bureau\Videos du Net
2013-12-04 18:39 - 2013-12-04 18:39 - 00000000 ____D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Ultracopier
2013-12-04 18:38 - 2011-04-16 19:09 - 00000000 ___RD C:\Documents and Settings\Administrateur\Favoris
Some content of TEMP:
====================
C:\Documents and Settings\Administrateur\Local Settings\Temp\ntdll_dump.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2004-08-04 07:55] - [2008-04-14 03:34] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2006-09-09 16:45] - [2008-04-14 03:33] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
==========
