VIRUS QV06
B EVANS
Messages postés
157
Date d'inscription
Statut
Membre
Dernière intervention
-
B EVANS Messages postés 157 Date d'inscription Statut Membre Dernière intervention -
B EVANS Messages postés 157 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
J'ai été contaminé par le QV06.
Google Chrome est OK.
Malwarebytes fait avec scan complet mais virus impossible à enlever d'internet explorer.
J'ai suivi tous les conseils vus sur les forums.
Merci de me donner la solution.
J'ai été contaminé par le QV06.
Google Chrome est OK.
Malwarebytes fait avec scan complet mais virus impossible à enlever d'internet explorer.
J'ai suivi tous les conseils vus sur les forums.
Merci de me donner la solution.
A voir également:
- VIRUS QV06
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
236 réponses
re
J'ai refait clic droit sur ZHPDIAG Même message "Violation etc ...
fait ceci s'il te plaît (coche bien les 2 cases)
http://www.overclocking-pc.fr/forums/showthread.php?13174-TUTO-Commande-CHKDSK
laisse bosser le pc (ça peut prendre du temps)
dis moi si tu vois 1 différence
@+
J'ai refait clic droit sur ZHPDIAG Même message "Violation etc ...
fait ceci s'il te plaît (coche bien les 2 cases)
http://www.overclocking-pc.fr/forums/showthread.php?13174-TUTO-Commande-CHKDSK
laisse bosser le pc (ça peut prendre du temps)
dis moi si tu vois 1 différence
@+
Hello,
J'ai fait exactement ce que tu m'as dit.
RAS.
Toujours le même message "Violation etc ....
T'embête pas, si impossible à enlever, je reste comme ça.
Est ce que c'est grave ?
BE
J'ai fait exactement ce que tu m'as dit.
RAS.
Toujours le même message "Violation etc ....
T'embête pas, si impossible à enlever, je reste comme ça.
Est ce que c'est grave ?
BE
re
T'embête pas, si impossible à enlever, je reste comme ça.
Est ce que c'est grave ?
je ne pense pas, car le scan avec OTL "passe" mais c'est pas normal
fait ceci via l'invite de commande (regarde la solution n°2 pour vista)
ATTENTION, il y a 1 espace entre "sfc et scannow" (commande sfc(espace avec la barre "espace" scannow)
http://www.vista-xp.fr/forum/topic346.html
ps: dis moi si ça fonctionne
merci
@+
T'embête pas, si impossible à enlever, je reste comme ça.
Est ce que c'est grave ?
je ne pense pas, car le scan avec OTL "passe" mais c'est pas normal
fait ceci via l'invite de commande (regarde la solution n°2 pour vista)
ATTENTION, il y a 1 espace entre "sfc et scannow" (commande sfc(espace avec la barre "espace" scannow)
http://www.vista-xp.fr/forum/topic346.html
ps: dis moi si ça fonctionne
merci
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Hello,
J'ai fait exactement ce que tu m'as dit et j'ai eu le message par lequel les fichiers ont été réparés.
J'ai redémarré et essayé un diag.
Toujours même message à 20% " Violation etc ....
C'est décourageant.
A+
BE
J'ai fait exactement ce que tu m'as dit et j'ai eu le message par lequel les fichiers ont été réparés.
J'ai redémarré et essayé un diag.
Toujours même message à 20% " Violation etc ....
C'est décourageant.
A+
BE
re
J'ai redémarré et essayé un diag.
Toujours même message à 20% " Violation etc ....
tu peux me dire sur quoi il bloque
merci
@+
J'ai redémarré et essayé un diag.
Toujours même message à 20% " Violation etc ....
tu peux me dire sur quoi il bloque
merci
@+
Hello,
Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.
Merci pour ton aide.
BE
Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.
Merci pour ton aide.
BE
re
clique sur démarrer, et dans la barre de recherche tape "msconfig" puis "enter""
dans la page de "msconfig" clique sur "démarrage" (4ème bouton)
dans la fenêtre qui s'ouvre, clique sur "désactiver tout" sauf l'antivirus
clique sur "appliquer" et "ok"
redémarre le pc et retente le scan avec zhpdiag
merci
@+
clique sur démarrer, et dans la barre de recherche tape "msconfig" puis "enter""
dans la page de "msconfig" clique sur "démarrage" (4ème bouton)
dans la fenêtre qui s'ouvre, clique sur "désactiver tout" sauf l'antivirus
clique sur "appliquer" et "ok"
redémarre le pc et retente le scan avec zhpdiag
merci
@+
Hello,
Toujours pareil même message.
Ma pendule en haut à droite à disparu.
Dois je refaire un msconfig ?
BE
Toujours pareil même message.
Ma pendule en haut à droite à disparu.
Dois je refaire un msconfig ?
BE
re
relance "msconfig" , clique sur le 4ème bouton "démarrage" et re-sélectionne "tout" au démarrage
clique sur "appliquer" et "ok"
redémarre le pc
Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.
tu ne vois d'autre écrit a la suite?
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
relance "msconfig" , clique sur le 4ème bouton "démarrage" et re-sélectionne "tout" au démarrage
clique sur "appliquer" et "ok"
redémarre le pc
Il y a marqué "start of entries. Et en dessous Valeu de registre Applnit_DLLS et sous clés Winlogon Notify (autorun) 020.
tu ne vois d'autre écrit a la suite?
@+
le taux de radiation est plus élevé au pôle emploi qu'à Tchernobyl
re
refait 1 scan avec OTL et poste le rapport s'il te plaît
http://sosvirus.net/viewtopic.php?f=281&t=597
n'oublie pas de copier/coller le script dans "personnalisation" avant de lancer le scan
merci
@+
refait 1 scan avec OTL et poste le rapport s'il te plaît
http://sosvirus.net/viewtopic.php?f=281&t=597
n'oublie pas de copier/coller le script dans "personnalisation" avant de lancer le scan
merci
@+
Hello,
J'ai essayé de faire ce que tu me disais.
J'avais gardé OTL sur mon bureau mais le script ne se lancait pas.
J'ai fait suppr et retéléchargé OTL sur mon bureau.
Le script ne s'affiche pas.
Que doit je faire ?
Merci et bonne journée.
J'ai essayé de faire ce que tu me disais.
J'avais gardé OTL sur mon bureau mais le script ne se lancait pas.
J'ai fait suppr et retéléchargé OTL sur mon bureau.
Le script ne s'affiche pas.
Que doit je faire ?
Merci et bonne journée.
re
dans la page de téléchargement pour OTL, tu dois cliquer sur "~ Le Script à copier est >> ici <<" et le script va s'afficher
ensuite, tu fais le copies, puis tu le colles dans "personnalisation"
a la fin su scan les rapports s'afficheront sur ton bureau (OTL et OTL EXTRA)
poste les rapports via ce lien https://www.cjoint.com/ (1 rapport par lien)
merci
@+
dans la page de téléchargement pour OTL, tu dois cliquer sur "~ Le Script à copier est >> ici <<" et le script va s'afficher
ensuite, tu fais le copies, puis tu le colles dans "personnalisation"
a la fin su scan les rapports s'afficheront sur ton bureau (OTL et OTL EXTRA)
poste les rapports via ce lien https://www.cjoint.com/ (1 rapport par lien)
merci
@+
OTL logfile created on: 17/01/2014 09:51:56 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominique\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,67 Gb Available Physical Memory | 33,62% Memory free
4,21 Gb Paging File | 2,79 Gb Available in Paging File | 66,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 52,10 Gb Free Space | 34,95% Space Free | Partition Type: NTFS
Computer Name: PC-DE-DOMINIQUE | User Name: Dominique | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
PRC - [2014/01/06 14:03:11 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/04 11:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/09/04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014/01/12 20:05:31 | 014,971,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\42b813c447c75247166ec04765afa0fd\Kies.Theme.ni.dll
MOD - [2014/01/12 20:05:16 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\1f0027391b7dd5a510bbe91b94f9836d\ASF_cSharpAPI.ni.dll
MOD - [2014/01/12 20:05:16 | 000,064,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\8656c59054c54eff6d74c66f94688bd2\Kies.Common.AllShare.ni.dll
MOD - [2014/01/12 20:04:44 | 002,198,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\ed796834b3eaaad98098d19d47f6e557\Kies.Common.Multimedia.ni.dll
MOD - [2014/01/12 20:04:41 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\dc66ca2905302edf9041fab89e096a25\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2014/01/12 20:04:30 | 001,677,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\6f97ba4e17037fa5b7452d1baf3ab45f\Kies.Locale.ni.dll
MOD - [2014/01/12 20:04:30 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\102ed75142b527655d0df26d463eb685\Kies.Common.Util.ni.dll
MOD - [2014/01/12 20:04:29 | 001,822,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\6af011bab37a0e8a147b641e31e49201\Kies.UI.ni.dll
MOD - [2014/01/12 20:04:29 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\3eaa7e3947cea5c6893ba56c2d010ada\Kies.MVVM.ni.dll
MOD - [2014/01/12 20:04:25 | 001,251,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\ec5b806eb0a1204aaeec99a8517f8f34\Kies.Interface.ni.dll
MOD - [2014/01/12 20:04:18 | 002,138,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\01398443791e63c80578bd4e345ac12c\Kies.ni.exe
MOD - [2014/01/12 20:04:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll
MOD - [2014/01/12 20:03:58 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll
MOD - [2014/01/12 19:00:22 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\3bc7ec22c021d74dce4f8230f3631fca\System.ServiceProcess.ni.dll
MOD - [2014/01/12 19:00:11 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll
MOD - [2014/01/12 19:00:07 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll
MOD - [2014/01/12 19:00:06 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll
MOD - [2014/01/12 18:59:59 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\034c34ee777c7a2efc9c631b1179211c\System.Runtime.Remoting.ni.dll
MOD - [2014/01/12 18:59:48 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll
MOD - [2014/01/12 18:59:31 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll
MOD - [2014/01/12 18:59:30 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll
MOD - [2014/01/12 18:59:27 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll
MOD - [2014/01/06 14:03:16 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2008/01/21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/06 14:03:18 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014/01/06 14:03:18 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/07/18 06:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/06/27 09:37:56 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2012/06/27 09:37:56 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2012/06/27 09:37:56 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2012/06/27 09:37:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2011/02/16 16:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/11/22 09:50:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/04/11 05:38:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/01/21 03:23:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 A2 E5 CF 9E E1 CB 01 [binary data]
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/06 14:03:19 | 000,000,000 | ---D | M]
[2013/03/18 10:51:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions
[2010/12/30 09:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/08/24 12:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/08/24 12:57:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Documents Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2010/12/23 20:08:04 | 000,000,780 | R-S- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Bubble Dock] "C:\Users\Dominique\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Hoolapp Android] "C:\Users\DOMINI~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD8F67C7-A9CB-46D0-AE9E-A7BDD26C6C21}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "startup" - 0
MsConfig - State: "bootini" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sr.sys - FSFilter System Recovery
SafeBootMin: SRService - Service
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
System Restore Service not available.
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2014/01/16 10:42:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 16:29:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/13 13:18:43 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Desktop\RK_Quarantine
[2014/01/12 19:24:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2014/01/12 19:24:49 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2014/01/12 19:24:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2014/01/12 19:24:39 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2014/01/12 19:23:37 | 000,000,000 | ---D | C] -- C:\history
[2014/01/12 19:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/01/12 18:52:24 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/12 18:33:21 | 000,000,000 | ---D | C] -- C:\875ea7a7d5d3f4eb1008374ce1ecba6b
[2014/01/10 20:43:51 | 000,000,000 | ---D | C] -- C:\Users\Dominique\.android
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Documents\Mobogenie
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\Mobogenie
[2014/01/10 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014/01/10 20:39:31 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2014/01/10 13:03:21 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/01/08 18:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2014/01/08 18:14:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2014/01/08 18:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/08 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx
[2014/01/08 18:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/01/08 18:02:22 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\cache
[2014/01/08 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\genienext
[2014/01/08 17:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/08 17:54:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/08 17:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/08 08:02:35 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/08 07:55:26 | 050,560,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/07 18:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/01/07 18:13:55 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\ZHP
[2014/01/07 09:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2014/01/07 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2014/01/06 14:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/06 13:51:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/06 13:51:01 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/06 13:51:01 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/06 13:51:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/06 13:50:58 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/06 13:50:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/06 13:50:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/06 13:50:57 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/06 13:50:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/06 13:50:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/06 13:50:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/06 13:50:52 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/06 13:50:52 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/06 13:50:52 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/06 13:50:51 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/06 13:50:51 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/06 13:50:51 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/06 13:50:50 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/06 13:50:50 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/06 13:50:48 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/06 13:50:48 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/06 13:50:47 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/06 13:50:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/06 13:50:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/06 13:50:43 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/06 13:50:39 | 002,251,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/06 13:50:39 | 002,225,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/06 13:50:39 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/06 13:50:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/06 13:50:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/06 13:50:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/06 13:50:32 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/06 13:50:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/06 13:50:28 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/06 13:50:27 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/06 13:50:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/06 13:50:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/06 13:50:24 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/06 13:50:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/06 13:50:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/06 13:50:23 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/06 13:50:22 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/06 13:50:22 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/06 13:50:20 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/06 13:50:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/06 13:50:19 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/06 13:50:16 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/05 09:52:29 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\Malwarebytes
[2014/01/05 09:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/05 07:06:11 | 006,852,616 | ---- | C] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2012/03/24 18:30:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Dominique\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014/01/17 09:38:26 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/17 09:38:08 | 2136,965,120 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 20:09:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/13 18:02:18 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/13 18:02:18 | 000,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/13 18:02:17 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/13 18:02:17 | 000,011,520 | ---- | M] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/13 18:02:16 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/13 18:02:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/13 18:02:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/13 18:02:15 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/13 18:02:14 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/13 18:02:12 | 000,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/13 18:02:12 | 000,052,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/13 18:02:12 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/13 18:02:12 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/13 18:02:11 | 000,123,648 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/13 18:02:11 | 000,100,224 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/13 18:02:11 | 000,098,432 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/13 18:02:11 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/13 18:02:10 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/13 18:02:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/13 18:02:09 | 000,142,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/13 18:02:09 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/13 18:02:08 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/13 18:02:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/13 18:02:06 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/13 18:02:05 | 000,043,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/13 18:02:03 | 002,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/13 18:02:02 | 002,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/13 18:02:02 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/13 18:01:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/13 18:01:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/13 18:01:58 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/13 18:01:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/13 18:01:55 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/13 18:01:55 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/13 18:01:54 | 000,099,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/13 18:01:52 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/13 18:01:52 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/13 18:01:52 | 000,027,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/13 18:01:52 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/13 18:01:52 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/13 18:01:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/13 18:01:51 | 000,035,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/13 18:01:50 | 000,125,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/13 18:01:49 | 000,109,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/13 18:01:49 | 000,028,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/13 18:01:49 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/13 18:01:46 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/13 13:17:54 | 003,810,304 | ---- | M] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 19:41:28 | 000,001,768 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/12 19:41:28 | 000,001,645 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/12 18:58:27 | 000,726,038 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/01/12 18:58:27 | 000,638,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/12 18:58:27 | 000,147,962 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/01/12 18:58:27 | 000,121,688 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/10 21:03:40 | 000,000,401 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,108 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:39:59 | 000,000,005 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:17:11 | 000,001,657 | ---- | M] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 20:17:10 | 000,000,797 | ---- | M] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 20:35:43 | 002,697,728 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/08 18:20:48 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 18:14:00 | 001,233,962 | ---- | M] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 14:21:46 | 000,000,299 | ---- | M] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 08:02:11 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:57:12 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/08 07:54:59 | 050,560,384 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/06 14:03:38 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 14:03:18 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/06 14:03:18 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/06 14:03:16 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 14:03:16 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/06 13:56:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2014/01/05 18:34:34 | 000,001,357 | ---- | M] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/05 07:06:11 | 006,852,616 | ---- | M] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2014/01/04 18:20:20 | 001,138,397 | ---- | M] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2014/01/01 17:45:39 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2014/01/13 13:18:33 | 003,810,304 | ---- | C] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 18:12:50 | 2136,965,120 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/10 21:03:40 | 000,000,401 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,005 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:39:58 | 000,000,108 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:17:11 | 000,001,657 | ---- | C] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 16:54:54 | 002,697,728 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/10 13:12:22 | 000,000,797 | ---- | C] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 18:14:23 | 001,233,962 | ---- | C] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 17:54:58 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 14:21:46 | 000,000,299 | ---- | C] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 07:57:12 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/08 07:57:12 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/07 18:13:58 | 000,001,768 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/07 18:13:58 | 000,001,645 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/05 18:34:34 | 000,001,357 | ---- | C] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/04 18:22:43 | 001,138,397 | ---- | C] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2013/10/19 15:00:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013/10/19 15:00:06 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2013/09/23 18:19:51 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/09/23 18:19:51 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/07/04 08:09:08 | 000,234,941 | ---- | C] () -- C:\Users\Dominique\AppData\Local\census.cache
[2012/07/04 08:08:53 | 000,156,351 | ---- | C] () -- C:\Users\Dominique\AppData\Local\ars.cache
[2012/07/04 08:00:20 | 000,000,036 | ---- | C] () -- C:\Users\Dominique\AppData\Local\housecall.guid.cache
[2012/03/24 18:30:26 | 000,007,887 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.cat
[2012/03/24 18:30:26 | 000,001,144 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.inf
[2012/03/24 18:27:28 | 000,001,057 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\vso_ts_preview.xml
[2011/12/12 08:32:41 | 000,000,450 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/23 07:47:43 | 000,023,888 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\UserTile.png
[2010/12/20 11:30:07 | 000,187,904 | ---- | C] () -- C:\Users\Dominique\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2006/11/02 13:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2014/01/07 09:05:48 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Azureus
[2014/01/08 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/10 20:39:31 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2013/02/19 20:44:09 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\HoolappForAndroid
[2011/05/21 14:37:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\iPodder
[2014/01/08 18:03:06 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2012/03/19 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\OpenOffice.org
[2013/02/19 20:33:50 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Opera
[2011/05/23 07:47:42 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\PeerNetworking
[2013/08/10 14:52:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\player
[2012/07/02 08:38:34 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Red Kawa
[2013/10/19 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Samsung
[2013/09/12 18:55:17 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Software Informer
[2012/08/08 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TeamViewer
[2010/12/30 09:19:44 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TomTom
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Vso
[2014/01/15 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\ZHP
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011/04/21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2011/04/21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008/01/21 03:24:43 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009/04/11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011/04/21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dominique\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,67 Gb Available Physical Memory | 33,62% Memory free
4,21 Gb Paging File | 2,79 Gb Available in Paging File | 66,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 52,10 Gb Free Space | 34,95% Space Free | Partition Type: NTFS
Computer Name: PC-DE-DOMINIQUE | User Name: Dominique | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
PRC - [2014/01/06 14:03:11 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/04 11:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/09/04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014/01/12 20:05:31 | 014,971,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\42b813c447c75247166ec04765afa0fd\Kies.Theme.ni.dll
MOD - [2014/01/12 20:05:16 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\1f0027391b7dd5a510bbe91b94f9836d\ASF_cSharpAPI.ni.dll
MOD - [2014/01/12 20:05:16 | 000,064,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\8656c59054c54eff6d74c66f94688bd2\Kies.Common.AllShare.ni.dll
MOD - [2014/01/12 20:04:44 | 002,198,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common23b84511#\ed796834b3eaaad98098d19d47f6e557\Kies.Common.Multimedia.ni.dll
MOD - [2014/01/12 20:04:41 | 000,186,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\dc66ca2905302edf9041fab89e096a25\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2014/01/12 20:04:30 | 001,677,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\6f97ba4e17037fa5b7452d1baf3ab45f\Kies.Locale.ni.dll
MOD - [2014/01/12 20:04:30 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\102ed75142b527655d0df26d463eb685\Kies.Common.Util.ni.dll
MOD - [2014/01/12 20:04:29 | 001,822,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\6af011bab37a0e8a147b641e31e49201\Kies.UI.ni.dll
MOD - [2014/01/12 20:04:29 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\3eaa7e3947cea5c6893ba56c2d010ada\Kies.MVVM.ni.dll
MOD - [2014/01/12 20:04:25 | 001,251,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\ec5b806eb0a1204aaeec99a8517f8f34\Kies.Interface.ni.dll
MOD - [2014/01/12 20:04:18 | 002,138,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\01398443791e63c80578bd4e345ac12c\Kies.ni.exe
MOD - [2014/01/12 20:04:05 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll
MOD - [2014/01/12 20:03:58 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll
MOD - [2014/01/12 19:00:22 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\3bc7ec22c021d74dce4f8230f3631fca\System.ServiceProcess.ni.dll
MOD - [2014/01/12 19:00:11 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\639f444db9491d25b5d158531e1f7d9b\System.Xaml.ni.dll
MOD - [2014/01/12 19:00:07 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a2eb039301af47660eebc7566ce02b9c\PresentationFramework.ni.dll
MOD - [2014/01/12 19:00:06 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll
MOD - [2014/01/12 18:59:59 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\034c34ee777c7a2efc9c631b1179211c\System.Runtime.Remoting.ni.dll
MOD - [2014/01/12 18:59:48 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b9fe579783a35b57dd7e69375f35e239\PresentationCore.ni.dll
MOD - [2014/01/12 18:59:31 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\ef90aeb894485d14b249d102309b6df3\WindowsBase.ni.dll
MOD - [2014/01/12 18:59:30 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll
MOD - [2014/01/12 18:59:27 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll
MOD - [2014/01/06 14:03:16 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
MOD - [2013/12/04 03:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2007/11/06 21:58:20 | 000,294,912 | ---- | M] () -- C:\Program Files\HomePlayer\HomePlayer.exe
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2014/01/06 14:03:11 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/18 06:34:30 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2011/12/14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2008/01/21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/06 14:03:18 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2014/01/06 14:03:18 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/07/18 06:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/06/27 09:37:56 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2012/06/27 09:37:56 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2012/06/27 09:37:56 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2012/06/27 09:37:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2011/02/16 16:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/11/22 09:50:19 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/04/11 05:38:59 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/01/21 03:23:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 A2 E5 CF 9E E1 CB 01 [binary data]
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/06 14:03:19 | 000,000,000 | ---D | M]
[2013/03/18 10:51:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions
[2010/12/30 09:19:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominique\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/08/24 12:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/08/24 12:57:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Mysearchdial (Enabled)
CHR - default_search_provider: search_url = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0101&cd=2XzuyEtN2Y1L1QzutDtDtC0C0B0F0CzztDtCzzzyzz0ByC0DtN0D0Tzu0SyBtAzytN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1084642501&ir=
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms},
CHR - homepage: https://www.google.com/?gws_rd=ssl
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Documents Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Recherche Google = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2010/12/23 20:08:04 | 000,000,780 | R-S- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HomePlayer] C:\Program Files\HomePlayer\HomePlayer.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Bubble Dock] "C:\Users\Dominique\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [Hoolapp Android] "C:\Users\DOMINI~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized File not found
O4 - HKU\S-1-5-21-1703551601-2082685466-2049412002-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD8F67C7-A9CB-46D0-AE9E-A7BDD26C6C21}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dominique\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - State: "startup" - 0
MsConfig - State: "bootini" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sr.sys - FSFilter System Recovery
SafeBootMin: SRService - Service
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
System Restore Service not available.
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2014/01/16 10:42:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 16:29:30 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/13 13:18:43 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Desktop\RK_Quarantine
[2014/01/12 19:24:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2014/01/12 19:24:49 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2014/01/12 19:24:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2014/01/12 19:24:39 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2014/01/12 19:23:37 | 000,000,000 | ---D | C] -- C:\history
[2014/01/12 19:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/01/12 18:52:24 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/12 18:33:21 | 000,000,000 | ---D | C] -- C:\875ea7a7d5d3f4eb1008374ce1ecba6b
[2014/01/10 20:43:51 | 000,000,000 | ---D | C] -- C:\Users\Dominique\.android
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\Documents\Mobogenie
[2014/01/10 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\Mobogenie
[2014/01/10 20:43:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2014/01/10 20:39:31 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2014/01/10 13:03:21 | 000,000,000 | ---D | C] -- C:\Pre_Scan
[2014/01/08 18:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2014/01/08 18:14:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/08 18:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2014/01/08 18:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2014/01/08 18:03:02 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/08 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\DSP-worx
[2014/01/08 18:03:00 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2014/01/08 18:02:22 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\cache
[2014/01/08 18:02:21 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Local\genienext
[2014/01/08 17:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/08 17:54:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/08 17:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/08 08:02:35 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:56:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/01/08 07:55:26 | 050,560,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/07 18:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2014/01/07 18:13:55 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\ZHP
[2014/01/07 09:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2014/01/07 09:05:48 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2014/01/06 14:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/06 13:51:02 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/06 13:51:01 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/06 13:51:01 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/06 13:51:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/06 13:50:58 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/06 13:50:57 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/06 13:50:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/06 13:50:57 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/06 13:50:56 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/06 13:50:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/06 13:50:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/06 13:50:53 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/06 13:50:52 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/06 13:50:52 | 000,100,224 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/06 13:50:52 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/06 13:50:52 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/06 13:50:51 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/06 13:50:51 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/06 13:50:51 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/06 13:50:51 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/06 13:50:50 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/06 13:50:50 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/06 13:50:48 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/06 13:50:48 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/06 13:50:47 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/06 13:50:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/06 13:50:44 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/06 13:50:43 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/06 13:50:39 | 002,251,776 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/06 13:50:39 | 002,225,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/06 13:50:39 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/06 13:50:34 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/06 13:50:34 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/06 13:50:32 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/06 13:50:32 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/06 13:50:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/06 13:50:28 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/06 13:50:27 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/06 13:50:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/06 13:50:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/06 13:50:24 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/06 13:50:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/06 13:50:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/06 13:50:23 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/06 13:50:22 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/06 13:50:22 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/06 13:50:20 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/06 13:50:20 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/06 13:50:19 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/06 13:50:16 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/05 09:52:29 | 000,000,000 | ---D | C] -- C:\Users\Dominique\AppData\Roaming\Malwarebytes
[2014/01/05 09:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/05 07:06:11 | 006,852,616 | ---- | C] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2012/03/24 18:30:26 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Dominique\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014/01/17 09:38:26 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:16 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/17 09:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/17 09:38:08 | 2136,965,120 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 10:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dominique\Desktop\OTL (1).exe
[2014/01/15 20:09:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/13 18:02:18 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/13 18:02:18 | 000,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/13 18:02:17 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/13 18:02:17 | 000,011,520 | ---- | M] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/13 18:02:16 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/13 18:02:15 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/13 18:02:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbccid.sys.bak
[2014/01/13 18:02:15 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/13 18:02:14 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/13 18:02:14 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/13 18:02:12 | 000,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/13 18:02:12 | 000,052,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/13 18:02:12 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/13 18:02:12 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/13 18:02:11 | 000,123,648 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys.bak
[2014/01/13 18:02:11 | 000,100,224 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bserd.sys.bak
[2014/01/13 18:02:11 | 000,098,432 | ---- | M] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys.bak
[2014/01/13 18:02:11 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys.bak
[2014/01/13 18:02:11 | 000,012,416 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys.bak
[2014/01/13 18:02:11 | 000,012,288 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys.bak
[2014/01/13 18:02:10 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/13 18:02:10 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/13 18:02:09 | 000,142,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/13 18:02:09 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys.bak
[2014/01/13 18:02:08 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/13 18:02:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/13 18:02:06 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/13 18:02:05 | 000,043,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/13 18:02:03 | 002,251,776 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys.bak
[2014/01/13 18:02:02 | 002,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys.bak
[2014/01/13 18:02:02 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/13 18:01:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/13 18:01:58 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys.bak
[2014/01/13 18:01:58 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys.bak
[2014/01/13 18:01:58 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/13 18:01:55 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/13 18:01:55 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/13 18:01:54 | 000,099,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/13 18:01:52 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/13 18:01:52 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/13 18:01:52 | 000,027,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/13 18:01:52 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys.bak
[2014/01/13 18:01:52 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/13 18:01:52 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/13 18:01:51 | 000,035,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/13 18:01:50 | 000,125,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/13 18:01:49 | 000,109,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/13 18:01:49 | 000,028,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/13 18:01:49 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/13 18:01:46 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/13 13:17:54 | 003,810,304 | ---- | M] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 19:41:28 | 000,001,768 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/12 19:41:28 | 000,001,645 | ---- | M] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/12 18:58:27 | 000,726,038 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2014/01/12 18:58:27 | 000,638,182 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/12 18:58:27 | 000,147,962 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2014/01/12 18:58:27 | 000,121,688 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/10 21:03:40 | 000,000,401 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,108 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:39:59 | 000,000,005 | ---- | M] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:17:11 | 000,001,657 | ---- | M] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 20:17:10 | 000,000,797 | ---- | M] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 20:35:43 | 002,697,728 | ---- | M] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/08 18:20:48 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 18:14:00 | 001,233,962 | ---- | M] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 14:21:46 | 000,000,299 | ---- | M] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 08:02:11 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\Users\Dominique\Desktop\jre-7u45-windows-i586.exe
[2014/01/08 07:57:12 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/08 07:54:59 | 050,560,384 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Dominique\Desktop\AdbeRdr11004_fr_FR.exe
[2014/01/06 14:03:38 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/06 14:03:18 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/06 14:03:18 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/06 14:03:18 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/06 14:03:18 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/06 14:03:18 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/06 14:03:18 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/06 14:03:18 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/06 14:03:16 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/06 14:03:16 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/06 13:56:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2014/01/05 18:34:34 | 000,001,357 | ---- | M] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/05 07:06:11 | 006,852,616 | ---- | M] (ESTsoft Corp. ) -- C:\Users\Dominique\Documents\ALZip [1].exe
[2014/01/04 18:20:20 | 001,138,397 | ---- | M] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2014/01/01 17:45:39 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2014/01/13 13:18:33 | 003,810,304 | ---- | C] () -- C:\Users\Dominique\Desktop\RogueKiller.exe
[2014/01/12 18:12:50 | 2136,965,120 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/10 21:03:40 | 000,000,401 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan - Raccourci.lnk
[2014/01/10 20:39:59 | 000,000,005 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WBPU-TTL.DAT
[2014/01/10 20:39:58 | 000,000,108 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\WB.CFG
[2014/01/10 20:17:11 | 000,001,657 | ---- | C] () -- C:\Users\Dominique\Desktop\Donate.lnk
[2014/01/10 16:54:54 | 002,697,728 | ---- | C] () -- C:\Users\Dominique\Desktop\Pre_Scan.exe
[2014/01/10 13:12:22 | 000,000,797 | ---- | C] () -- C:\Users\Dominique\Desktop\Internet Explorer.lnk
[2014/01/08 18:14:23 | 001,233,962 | ---- | C] () -- C:\Users\Dominique\Desktop\adwcleaner-3.016.exe
[2014/01/08 17:54:58 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/08 14:21:46 | 000,000,299 | ---- | C] () -- C:\Users\Dominique\Desktop\Dominique - Raccourci.lnk
[2014/01/08 07:57:12 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/08 07:57:12 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/01/07 18:13:58 | 000,001,768 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPFix.lnk
[2014/01/07 18:13:58 | 000,001,645 | ---- | C] () -- C:\Users\Dominique\Desktop\ZHPDiag.lnk
[2014/01/05 18:34:34 | 000,001,357 | ---- | C] () -- C:\Users\Dominique\Desktop\mbam-log-2014-01-05 (09-54-33) - Raccourci.lnk
[2014/01/04 18:22:43 | 001,138,397 | ---- | C] () -- C:\Users\Dominique\Documents\7z922 [1].exe
[2013/10/19 15:00:06 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013/10/19 15:00:06 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2013/09/23 18:19:51 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/09/23 18:19:51 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/07/04 08:09:08 | 000,234,941 | ---- | C] () -- C:\Users\Dominique\AppData\Local\census.cache
[2012/07/04 08:08:53 | 000,156,351 | ---- | C] () -- C:\Users\Dominique\AppData\Local\ars.cache
[2012/07/04 08:00:20 | 000,000,036 | ---- | C] () -- C:\Users\Dominique\AppData\Local\housecall.guid.cache
[2012/03/24 18:30:26 | 000,007,887 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.cat
[2012/03/24 18:30:26 | 000,001,144 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\pcouffin.inf
[2012/03/24 18:27:28 | 000,001,057 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\vso_ts_preview.xml
[2011/12/12 08:32:41 | 000,000,450 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/23 07:47:43 | 000,023,888 | ---- | C] () -- C:\Users\Dominique\AppData\Roaming\UserTile.png
[2010/12/20 11:30:07 | 000,187,904 | ---- | C] () -- C:\Users\Dominique\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2006/11/02 13:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[color=#E56717]========== LOP Check ==========[/color]
[2014/01/07 09:05:48 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\AVAST Software
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Azureus
[2014/01/08 18:03:04 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\CDXReader
[2014/01/10 20:39:31 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\DigitalSites
[2013/02/19 20:44:09 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\HoolappForAndroid
[2011/05/21 14:37:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\iPodder
[2014/01/08 18:03:06 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\LavFilters
[2012/03/19 16:15:05 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\OpenOffice.org
[2013/02/19 20:33:50 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Opera
[2011/05/23 07:47:42 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\PeerNetworking
[2013/08/10 14:52:59 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\player
[2012/07/02 08:38:34 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Red Kawa
[2013/10/19 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Samsung
[2013/09/12 18:55:17 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Software Informer
[2012/08/08 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TeamViewer
[2010/12/30 09:19:44 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\TomTom
[2012/11/12 09:54:26 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\Vso
[2014/01/15 19:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dominique\AppData\Roaming\ZHP
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< MD5 for: AFD.SYS >[/color]
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\System32\drivers\afd.sys
[2011/04/21 14:58:27 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=3911B972B55FEA0478476B2E777B29FA -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18457_none_d99fb42e5bb59d9b\afd.sys
[2011/04/21 14:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) MD5=48EB99503533C27AC6135648E5474457 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18639_none_d7d0e0cc5e7d461c\afd.sys
[2011/04/21 14:28:53 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=70EE0FC7A0F384DBD929A01384AEEB4B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.22629_none_da4bc33774b91967\afd.sys
[2008/01/21 03:24:43 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
[2009/04/11 05:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6002.18005_none_d9d3bb9e5b8eea9c\afd.sys
[2011/04/21 14:12:21 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=C8AF25017CECB75906A571AC70D2D306 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.22905_none_d876efff77862705\afd.sys
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856
salut
relance OTL en tant qu'administrateur (clic droit)
copie tout le texte depuis ce lien https://www.cjoint.com/?DArvRAgqnd4
colle le dans "personnalisation" de OTL>>>regarde l'image
clique sur correction
poste le rapport via ce lien https://www.cjoint.com/index.php
===================================================
ensuite, clique sur démarrer>panneau de configuration>programmes et
fonctionnalités et fait moi 1 capture d'écran>>>faire 1 capture d'écran
poste la via ce lien https://www.cjoint.com/index.php
ps: si la page complète ne rentre pas dans la capture, fait en 2
merci
@+
relance OTL en tant qu'administrateur (clic droit)
copie tout le texte depuis ce lien https://www.cjoint.com/?DArvRAgqnd4
colle le dans "personnalisation" de OTL>>>regarde l'image
clique sur correction
poste le rapport via ce lien https://www.cjoint.com/index.php
===================================================
ensuite, clique sur démarrer>panneau de configuration>programmes et
fonctionnalités et fait moi 1 capture d'écran>>>faire 1 capture d'écran
poste la via ce lien https://www.cjoint.com/index.php
ps: si la page complète ne rentre pas dans la capture, fait en 2
merci
@+
