Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2014 01
Ran by Utilisateur (administrator) on ASUSX71Q on 26-04-2014 12:23:51
Running from C:\Documents and Settings\Utilisateur\Bureau
Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Orange) C:\Program Files\Orange\MailNotifier\MailNotifier.exe
() C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
(Orbiscom Ltd. All rights reserved.) C:\Program Files\e-Carte Bleue Société Générale\ecbl-sg.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Documents and Settings\Utilisateur\Bureau\FRST(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [ZoneAlarm Installer] => "C:\Program Files\CheckPoint\Install\Launcher.exe" "C:\Program Files\CheckPoint\Install\Install.exe" /r install /c "C:\Program Files\CheckPoint\Install\Install.xml" /w
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-24] (AVAST Software)
HKU\.DEFAULT\...\Run: [OrangePlayer] => c:\program files\orange\media player\Media Player.exe [319488 2009-09-05] (Orange)
HKU\S-1-5-21-1177238915-920026266-839522115-1003\...\Run: [MailNotifier] => C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744 2013-08-30] (Orange)
HKU\S-1-5-21-1177238915-920026266-839522115-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\DSLMON.lnk
ShortcutTarget: DSLMON.lnk -> C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\e-Carte Bleue Société Générale.lnk
ShortcutTarget: e-Carte Bleue Société Générale.lnk -> C:\Program Files\e-Carte Bleue Société Générale\ecbl-sg.exe (Orbiscom Ltd. All rights reserved.)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {A87D85D1-80B3-4263-A6B4-7B2C47B7C673} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_17_ff&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyEzz0A0CtDtDtD0FtD0AtCtN0D0Tzu0SzzyEtAtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2SyDtB0D0DtC0A0EtBtGtByCzyyDtGyDtAtBtCtG0AtD0F0DtGtByByBzytBzy0Bzy0BtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtCzz0D0DtCtC0FtGtBzytA0BtGtA0E0B0AtGzztD0D0DtGtCzytAyE0AyE0AyC0FzzyEtC2Q&cr=796423916&ir=
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKCU - {5DA9817A-0D22-48F3-A976-DF4DCF818BE6} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
SearchScopes: HKCU - {7CFFCDF7-3C01-4612-B73F-A7BBFA07A902} URL = http://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=fr&q={searchTerms}&gu=7528dbb3d91b4cea8762cb571b748d46&tu=10Q8000Db4B000v&sku=&tstsId=&ver=&&r=312
SearchScopes: HKCU - {814C76CB-2623-43F4-AAD0-58A0E5190A20} URL = http://r.orange.fr/r?ref=O_OI_hook_openSearchIE&url=http%3A//rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata={searchTerms}
SearchScopes: HKCU - {865F07FF-BCF2-4E91-8C43-44C577B1F64A} URL = http://www.clubic.com/r/{searchTerms}/
SearchScopes: HKCU - {A87D85D1-80B3-4263-A6B4-7B2C47B7C673} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites05_14_17_ff&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyEzz0A0CtDtDtD0FtD0AtCtN0D0Tzu0SzzyEtAtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2SyDtB0D0DtC0A0EtBtGtByCzyyDtGyDtAtBtCtG0AtD0F0DtGtByByBzytBzy0Bzy0BtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtCzz0D0DtCtC0FtGtBzytA0BtGtA0E0B0AtGzztD0D0DtGtCzytAyE0AyE0AyC0FzzyEtC2Q&cr=796423916&ir=
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {D3028143-6145-4318-99D3-3EDCE54A95A9} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://wanadoofr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\n7vnt3l8.default
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://www.google.fr
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canalplay.com/CanalPlay - C:\Program Files\Lecteur CANALPLAY\npcplay.dll (Canal+ Distribution)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter - C:\Program Files\Fichiers communs\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\n7vnt3l8.default\searchplugins\orange.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Jeux.frober7922312.src
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [fe_3.6@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2012-01-25]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-09-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-25]

Chrome:
=======
CHR HomePage: about:blank
CHR StartupUrls: "about:blank"]},"translate_blocked_languages":["fr"],"translate_whitelists"
CHR DefaultSearchKeyword: Google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL: &a=dsites05_14_17_ff&cd=2XzuyEtN2Y1L1QzutDtDtBtAyDyEzz0A0CtDtDtD0FtD0AtCtN0D0Tzu0SzzyEtAtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2SyDtB0D0DtC0A0EtBtGtByCzyyDtGyDtAtBtCtG0AtD0F0DtGtByByBzytBzy0Bzy0BtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtCzz0D0DtCtC0FtGtBzytA0BtGtA0E0B0AtGzztD0D0DtGtCzytAyE0AyE0AyC0FzzyEtC2Q&cr=796423916&ir=
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
S2 Orange update Core Service; C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe [699912 2014-01-21] (Orange SA)
S4 Service CANALPLAY; C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [932240 2012-03-06] (Canal+ Distribution)
S4 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S4 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

S2 ADILOADER; C:\WINDOWS\System32\Drivers\adildr.sys [50007 2004-03-02] (Analog Deivces)
S3 adiusbaw; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [127065 2004-03-02] (Analog Devices Inc.)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1503840 2009-02-13] (Atheros Communications, Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-24] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-24] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-04-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-04-24] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-24] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2010-07-30] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2010-07-30] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5760 2007-08-28] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [50704 2009-10-20] (CACE Technologies, Inc.)
S3 PCANDIS5; C:\WINDOWS\system32\PCANDIS5.SYS [16128 2003-08-04] (Printing Communications Assoc., Inc. (PCAUSA))
R1 RapportCerberus_65875; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_65875.sys [357880 2014-04-15] ()
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 PCAMPR5; \??\C:\WINDOWS\system32\PCAMPR5.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U4 wlancfg;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 12:23 - 2014-04-26 12:24 - 00018626 _____ () C:\Documents and Settings\Utilisateur\Bureau\FRST.txt
2014-04-26 12:21 - 2014-04-26 12:21 - 01049088 _____ (Farbar) C:\Documents and Settings\Utilisateur\Bureau\FRST(2).exe
2014-04-26 12:12 - 2014-04-26 12:14 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Rapports 2
2014-04-26 09:36 - 2014-04-24 12:08 - 01365865 _____ () C:\Documents and Settings\Utilisateur\Bureau\AdwCleaner.exe
2014-04-25 22:46 - 2014-04-25 22:50 - 00003504 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-04-25 22:44 - 2014-04-25 22:45 - 09668848 _____ (Microsoft Corporation) C:\Documents and Settings\Utilisateur\Bureau\IE8-WindowsXP-KB2936068-x86-FRA.exe
2014-04-25 19:50 - 2014-04-26 09:39 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Rapports
2014-04-25 19:45 - 2014-04-26 12:23 - 00000000 ____D () C:\FRST
2014-04-25 19:44 - 2014-04-25 19:44 - 01048576 _____ (Farbar) C:\Documents and Settings\Utilisateur\Bureau\FRST.exe
2014-04-25 14:30 - 2001-08-28 14:00 - 00343189 _____ () C:\Documents and Settings\Utilisateur\Bureau\EXPLORER.EX_
2014-04-25 09:21 - 2014-04-26 12:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-25 09:21 - 2014-04-26 12:11 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-04-25 09:21 - 2014-04-25 09:21 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2014-04-25 09:20 - 2014-04-26 12:09 - 00032412 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-25 09:18 - 2014-04-26 12:13 - 00047209 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-25 09:16 - 2014-04-25 09:16 - 00018199 _____ () C:\ComboFix.txt
2014-04-25 09:03 - 2014-04-25 09:03 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\AVAST Software
2014-04-25 09:03 - 2014-04-25 09:03 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Adobe
2014-04-25 09:00 - 2014-04-25 09:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outils d'administration
2014-04-25 08:54 - 2014-04-25 08:54 - 00017264 _____ () C:\Documents and Settings\Administrateur\Bureau\cc_20140425_085437.reg
2014-04-25 08:38 - 2014-04-25 08:38 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
2014-04-25 08:37 - 2014-04-25 08:37 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Windows Search
2014-04-24 16:35 - 2014-04-26 12:12 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-04-24 16:35 - 2014-04-24 16:35 - 00001733 _____ () C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
2014-04-24 16:35 - 2014-04-24 16:35 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\AVAST Software
2014-04-24 16:35 - 2014-04-24 16:35 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
2014-04-24 16:34 - 2014-04-24 16:34 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-24 16:34 - 2014-04-24 16:34 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-24 16:34 - 2014-04-24 16:34 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-04-24 16:31 - 2014-04-24 16:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-24 16:28 - 2014-04-24 16:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-04-24 15:46 - 2014-04-24 15:47 - 88882192 _____ (AVAST Software) C:\Documents and Settings\Utilisateur\Bureau\avast_free_antivirus_setup.exe
2014-04-24 15:30 - 2014-04-24 15:30 - 00000000 ____D () C:\Program Files\Check Point Software Technologies LTD
2014-04-24 15:30 - 2014-04-24 15:30 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\Check Point Software Technologies LTD
2014-04-24 15:20 - 2006-06-29 13:07 - 00014048 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg2.dll
2014-04-24 14:51 - 2014-04-24 14:51 - 00000000 ____D () C:\Program Files\CheckPoint
2014-04-24 13:46 - 2014-04-24 13:46 - 00000000 _RSHD () C:\cmdcons
2014-04-24 13:46 - 2014-04-22 19:04 - 00000212 _____ () C:\Boot.bak
2014-04-24 13:46 - 2004-08-03 23:00 - 00263488 __RSH () C:\cmldr
2014-04-24 13:40 - 2014-04-24 14:03 - 00000000 ____D () C:\WINDOWS\erdnt
2014-04-24 13:37 - 2014-04-24 15:25 - 00000000 ____D () C:\Program Files\Acro Software
2014-04-24 12:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-04-24 11:06 - 2014-04-23 12:20 - 00038912 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2014-04-24 10:09 - 2014-04-24 11:50 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\Nico Mak Computing
2014-04-23 19:30 - 2014-04-24 15:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-04-23 18:36 - 2014-04-23 18:36 - 00000366 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers Téléchargements.lnk
2014-04-23 08:52 - 2014-04-23 08:52 - 00000499 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers explorer.lnk
2014-04-22 19:36 - 2011-05-30 15:42 - 00240640 _____ () C:\WINDOWS\system32\xvidvfw.dll
2014-04-22 19:36 - 2011-05-23 11:52 - 00153088 _____ () C:\WINDOWS\system32\xvid.ax
2014-04-22 19:36 - 2011-05-23 09:46 - 00645632 _____ () C:\WINDOWS\system32\xvidcore.dll
2014-04-22 19:35 - 2014-04-22 19:36 - 00000000 ____D () C:\Program Files\Xvid
2014-04-22 19:35 - 2014-04-22 19:36 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Xvid
2014-04-22 19:33 - 2014-04-22 19:33 - 00000000 ____D () C:\Program Files\DivX
2014-04-22 19:33 - 2012-07-25 12:03 - 00017136 _____ () C:\WINDOWS\system32\sasnative32.exe
2014-04-22 19:32 - 2014-04-24 11:46 - 00000000 ____D () C:\Program Files\DSP-worx
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\LavFilters
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\CDXReader
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-04-22 19:31 - 2014-04-22 19:31 - 00000000 ____D () C:\Program Files\OpenSource Flash Video Splitter
2014-04-22 18:25 - 2014-04-26 12:08 - 00000000 ____D () C:\AdwCleaner
2014-04-22 18:05 - 2014-04-22 18:05 - 00000650 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers firefox.lnk
2014-04-21 19:56 - 2014-04-21 19:56 - 00242087 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\census.cache
2014-04-21 19:53 - 2014-04-21 19:53 - 00208432 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\ars.cache
2014-04-21 17:45 - 2014-04-25 12:47 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Sécurité
2014-04-21 11:10 - 2014-04-21 11:10 - 00000036 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\housecall.guid.cache
2014-04-21 11:03 - 2014-04-22 19:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\iolo
2014-04-21 11:03 - 2014-04-21 20:08 - 00065536 _____ () C:\WINDOWS\system32\config\iolo App.evt
2014-04-21 11:03 - 2014-04-21 11:03 - 00074703 _____ () C:\WINDOWS\system32\mfc45.dat
2014-04-20 06:17 - 2014-04-26 12:15 - 00000444 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{6B14B130-37B3-46A3-A501-D4CFA331FD46}.job
2014-04-18 08:18 - 2014-04-18 08:22 - 00000000 __HDC () C:\WINDOWS\ie8
2014-04-17 10:32 - 2014-04-17 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2014-04-17 10:32 - 2014-04-17 10:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-17 10:32 - 2014-04-17 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
2014-04-12 03:26 - 2014-04-12 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-05 06:39 - 2014-04-26 12:11 - 00000234 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2014-04-05 06:39 - 2014-04-06 05:19 - 00000228 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2014-04-04 19:03 - 2014-04-04 19:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-04-04 12:26 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-04-04 12:26 - 2014-02-27 01:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-04-02 01:11 - 2014-04-02 01:11 - 00123320 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys

==================== One Month Modified Files and Folders =======

2014-04-26 12:24 - 2014-04-26 12:23 - 00018626 _____ () C:\Documents and Settings\Utilisateur\Bureau\FRST.txt
2014-04-26 12:23 - 2014-04-25 19:45 - 00000000 ____D () C:\FRST
2014-04-26 12:23 - 2008-09-24 01:07 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau
2014-04-26 12:21 - 2014-04-26 12:21 - 01049088 _____ (Farbar) C:\Documents and Settings\Utilisateur\Bureau\FRST(2).exe
2014-04-26 12:15 - 2014-04-20 06:17 - 00000444 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{6B14B130-37B3-46A3-A501-D4CFA331FD46}.job
2014-04-26 12:14 - 2014-04-26 12:12 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Rapports 2
2014-04-26 12:13 - 2014-04-25 09:18 - 00047209 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-26 12:12 - 2014-04-24 16:35 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-04-26 12:12 - 2007-10-29 14:00 - 00011936 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-26 12:11 - 2014-04-25 09:21 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-26 12:11 - 2014-04-25 09:21 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-04-26 12:11 - 2014-04-05 06:39 - 00000234 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2014-04-26 12:11 - 2010-08-01 12:16 - 00001062 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 12:11 - 2008-09-24 00:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-26 12:09 - 2014-04-25 09:20 - 00032412 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-26 12:08 - 2014-04-22 18:25 - 00000000 ____D () C:\AdwCleaner
2014-04-26 12:08 - 2010-07-24 11:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-26 12:08 - 2008-09-24 01:07 - 00000184 ___SH () C:\Documents and Settings\Utilisateur\ntuser.ini
2014-04-26 11:31 - 2010-08-01 12:16 - 00001066 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 11:11 - 2012-05-25 21:54 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-26 09:39 - 2014-04-25 19:50 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Rapports
2014-04-25 22:50 - 2014-04-25 22:46 - 00003504 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-04-25 22:45 - 2014-04-25 22:44 - 09668848 _____ (Microsoft Corporation) C:\Documents and Settings\Utilisateur\Bureau\IE8-WindowsXP-KB2936068-x86-FRA.exe
2014-04-25 19:44 - 2014-04-25 19:44 - 01048576 _____ (Farbar) C:\Documents and Settings\Utilisateur\Bureau\FRST.exe
2014-04-25 12:47 - 2014-04-21 17:45 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Sécurité
2014-04-25 12:46 - 2008-09-24 01:07 - 00000000 ____D () C:\Documents and Settings\Utilisateur
2014-04-25 12:43 - 2008-09-24 01:32 - 00000000 ____D () C:\Program Files\Fichiers communs
2014-04-25 12:43 - 2008-09-24 01:07 - 00000000 ___RD () C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes
2014-04-25 12:31 - 2008-09-24 01:07 - 00001599 _____ () C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Assistance à distance.lnk
2014-04-25 12:30 - 2008-09-24 00:06 - 00001599 _____ () C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Assistance à distance.lnk
2014-04-25 09:35 - 2008-09-24 00:03 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-04-25 09:21 - 2014-04-25 09:21 - 00000000 ____N () C:\WINDOWS\Sti_Trace.log
2014-04-25 09:21 - 2008-09-24 00:15 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-04-25 09:21 - 2008-09-24 00:09 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-04-25 09:18 - 2014-03-25 15:09 - 00000184 ___SH () C:\Documents and Settings\Administrateur\ntuser.ini
2014-04-25 09:16 - 2014-04-25 09:16 - 00018199 _____ () C:\ComboFix.txt
2014-04-25 09:14 - 2007-10-29 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-04-25 09:03 - 2014-04-25 09:03 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\AVAST Software
2014-04-25 09:03 - 2014-04-25 09:03 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Adobe
2014-04-25 09:00 - 2014-04-25 09:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outils d'administration
2014-04-25 09:00 - 2014-03-25 15:09 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes
2014-04-25 08:54 - 2014-04-25 08:54 - 00017264 _____ () C:\Documents and Settings\Administrateur\Bureau\cc_20140425_085437.reg
2014-04-25 08:54 - 2014-03-25 15:09 - 00000000 ____D () C:\Documents and Settings\Administrateur\Bureau
2014-04-25 08:54 - 2014-03-25 15:09 - 00000000 ____D () C:\Documents and Settings\Administrateur
2014-04-25 08:38 - 2014-04-25 08:38 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Windows Desktop Search
2014-04-25 08:37 - 2014-04-25 08:37 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Windows Search
2014-04-25 00:13 - 2011-11-16 13:05 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Bureau\Raccourcis Bureau non utilisés
2014-04-24 18:08 - 2013-05-12 18:32 - 00000719 _____ () C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
2014-04-24 18:08 - 2013-05-12 18:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
2014-04-24 16:35 - 2014-04-24 16:35 - 00001733 _____ () C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
2014-04-24 16:35 - 2014-04-24 16:35 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\AVAST Software
2014-04-24 16:35 - 2014-04-24 16:35 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
2014-04-24 16:35 - 2008-09-24 01:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-04-24 16:35 - 2008-09-24 01:31 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2014-04-24 16:34 - 2014-04-24 16:34 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-24 16:34 - 2014-04-24 16:34 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-24 16:34 - 2014-04-24 16:34 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-24 16:34 - 2014-04-24 16:34 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-04-24 16:31 - 2014-04-24 16:31 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-24 16:28 - 2014-04-24 16:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-04-24 16:07 - 2008-09-24 01:30 - 00000328 __RSH () C:\boot.ini
2014-04-24 16:07 - 2007-10-29 14:00 - 00000542 _____ () C:\WINDOWS\win.ini
2014-04-24 15:49 - 2011-10-19 21:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avira
2014-04-24 15:47 - 2014-04-24 15:46 - 88882192 _____ (AVAST Software) C:\Documents and Settings\Utilisateur\Bureau\avast_free_antivirus_setup.exe
2014-04-24 15:30 - 2014-04-24 15:30 - 00000000 ____D () C:\Program Files\Check Point Software Technologies LTD
2014-04-24 15:30 - 2014-04-24 15:30 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\Check Point Software Technologies LTD
2014-04-24 15:28 - 2014-04-23 19:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-04-24 15:26 - 2010-07-30 20:18 - 00000000 ____D () C:\Program Files\orange
2014-04-24 15:26 - 2010-07-30 20:18 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Jeux sur Orange.fr
2014-04-24 15:25 - 2014-04-24 13:37 - 00000000 ____D () C:\Program Files\Acro Software
2014-04-24 14:51 - 2014-04-24 14:51 - 00000000 ____D () C:\Program Files\CheckPoint
2014-04-24 14:03 - 2014-04-24 13:40 - 00000000 ____D () C:\WINDOWS\erdnt
2014-04-24 13:46 - 2014-04-24 13:46 - 00000000 _RSHD () C:\cmdcons
2014-04-24 12:08 - 2014-04-26 09:36 - 01365865 _____ () C:\Documents and Settings\Utilisateur\Bureau\AdwCleaner.exe
2014-04-24 12:03 - 2010-12-22 19:56 - 00000000 ____D () C:\Program Files\Zylom Games
2014-04-24 11:57 - 2008-09-24 01:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer
2014-04-24 11:50 - 2014-04-24 10:09 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\Nico Mak Computing
2014-04-24 11:46 - 2014-04-22 19:32 - 00000000 ____D () C:\Program Files\DSP-worx
2014-04-23 18:36 - 2014-04-23 18:36 - 00000366 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers Téléchargements.lnk
2014-04-23 12:20 - 2014-04-24 11:06 - 00038912 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2014-04-23 09:02 - 2014-03-25 15:09 - 00001599 _____ () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk
2014-04-23 08:52 - 2014-04-23 08:52 - 00000499 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers explorer.lnk
2014-04-22 19:42 - 2010-07-24 12:26 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-04-22 19:36 - 2014-04-22 19:35 - 00000000 ____D () C:\Program Files\Xvid
2014-04-22 19:36 - 2014-04-22 19:35 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Xvid
2014-04-22 19:34 - 2010-08-11 15:53 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-04-22 19:33 - 2014-04-22 19:33 - 00000000 ____D () C:\Program Files\DivX
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\LavFilters
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\CDXReader
2014-04-22 19:32 - 2014-04-22 19:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2014-04-22 19:32 - 2008-09-24 00:02 - 00000000 ____D () C:\WINDOWS\Registration
2014-04-22 19:31 - 2014-04-22 19:31 - 00000000 ____D () C:\Program Files\OpenSource Flash Video Splitter
2014-04-22 19:12 - 2014-04-21 11:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\iolo
2014-04-22 19:04 - 2014-04-24 13:46 - 00000212 _____ () C:\Boot.bak
2014-04-22 18:41 - 2011-09-25 07:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\PC Suite
2014-04-22 18:05 - 2014-04-22 18:05 - 00000650 _____ () C:\Documents and Settings\Utilisateur\Bureau\Raccourci vers firefox.lnk
2014-04-22 17:18 - 2013-04-17 21:26 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-22 17:18 - 2008-09-24 01:31 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2014-04-22 17:05 - 2010-07-31 14:40 - 00000000 ____D () C:\Program Files\HP
2014-04-22 17:04 - 2010-07-31 14:38 - 00008904 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2014-04-22 17:02 - 2010-07-31 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HP
2014-04-22 15:56 - 2008-09-24 01:24 - 00000000 ____D () C:\WINDOWS\twain_32
2014-04-22 15:29 - 2010-08-01 12:16 - 00000000 ____D () C:\Program Files\Google
2014-04-22 14:40 - 2008-09-24 01:32 - 00000000 ____D () C:\Program Files\Fichiers communs\Microsoft Shared
2014-04-22 14:37 - 2011-01-05 11:54 - 00000000 ____D () C:\Program Files\Adobe
2014-04-22 14:01 - 2010-11-12 20:08 - 00000000 ____D () C:\Program Files\Fichiers communs\Apple
2014-04-22 14:01 - 2010-11-12 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-04-22 13:46 - 2012-03-01 08:36 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Application Data\Media Player
2014-04-21 20:57 - 2008-09-24 01:07 - 00000000 ___RD () C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage
2014-04-21 20:14 - 2013-02-07 10:27 - 00000000 ____D () C:\WINDOWS\pss
2014-04-21 20:08 - 2014-04-21 11:03 - 00065536 _____ () C:\WINDOWS\system32\config\iolo App.evt
2014-04-21 19:56 - 2014-04-21 19:56 - 00242087 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\census.cache
2014-04-21 19:53 - 2014-04-21 19:53 - 00208432 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\ars.cache
2014-04-21 17:57 - 2010-09-07 22:34 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-21 11:10 - 2014-04-21 11:10 - 00000036 _____ () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\housecall.guid.cache
2014-04-21 11:03 - 2014-04-21 11:03 - 00074703 _____ () C:\WINDOWS\system32\mfc45.dat
2014-04-20 10:47 - 2011-04-17 17:26 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-04-18 18:20 - 2010-07-24 11:03 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-04-18 17:44 - 2010-08-01 12:16 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Google
2014-04-18 17:40 - 2008-09-24 01:32 - 01257872 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-18 17:31 - 2010-07-24 10:22 - 00000000 ____D () C:\WINDOWS\system32\fr-fr
2014-04-18 17:31 - 2008-09-24 01:24 - 00000000 ____D () C:\WINDOWS\Help
2014-04-18 08:30 - 2010-07-24 11:51 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-04-18 08:22 - 2014-04-18 08:18 - 00000000 __HDC () C:\WINDOWS\ie8
2014-04-18 07:49 - 2008-09-24 01:07 - 00000767 _____ () C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Internet Explorer.lnk
2014-04-17 17:34 - 2010-07-24 11:46 - 00000711 _____ () C:\Documents and Settings\Utilisateur\Bureau\Internet Explorer.lnk
2014-04-17 11:01 - 2010-07-24 11:29 - 00000000 ____D () C:\Documents and Settings\Utilisateur\Tracing
2014-04-17 10:32 - 2014-04-17 10:32 - 00000682 _____ () C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
2014-04-17 10:32 - 2014-04-17 10:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-17 10:32 - 2014-04-17 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
2014-04-15 15:06 - 2013-08-06 12:05 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Trusteer Sécurité des points d'accès
2014-04-12 03:26 - 2014-04-12 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-12 03:26 - 2013-07-24 16:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-12 03:05 - 2010-07-24 11:00 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-11 19:38 - 2013-05-12 06:33 - 00001811 _____ () C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
2014-04-07 17:47 - 2008-09-24 18:22 - 00011878 _____ () C:\WINDOWS\system32\wpa.bak
2014-04-06 05:19 - 2014-04-05 06:39 - 00000228 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2014-04-04 19:03 - 2014-04-04 19:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-04-02 01:11 - 2014-04-02 01:11 - 00123320 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKELL.sys

Files to move or delete:
====================
C:\Documents and Settings\java\jre-windows-i586.exe
C:\Documents and Settings\redist\vcredist_x64.exe
C:\Documents and Settings\redist\vcredist_x86.exe


Some content of TEMP:
====================
C:\Documents and Settings\Utilisateur\Local Settings\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe
[2007-10-29 14:00] - [2008-04-14 04:34] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174

C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2007-10-29 14:00] - [2008-04-14 04:33] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2007-10-29 14:00] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) 0203b1aad358f206cb0a3c1f93cce17a

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================