Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2014 03
Ran by Propriétaire (administrator) on PROPRI-F0DC6D6B on 28-01-2014 20:25:08
Running from C:\Documents and Settings\Propriétaire\Bureau
Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\WINDOWS\system32\FsUsbExService.Exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Protexis Inc.) C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
(MainSoft) C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\LogiTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Facebook Inc.) C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Adobe Systems Incorporated) C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
(Dropbox, Inc.) C:\Documents and Settings\Propriétaire\Application Data\Dropbox\bin\Dropbox.exe
(Logitech Inc.) C:\Program Files\Logitech\Video\FxSvr2.exe
(Logitech, Inc.) C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-19] (Logitech Inc.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM\...\Run: [ATICustomerCare] - C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [296056 2012-04-03] (RealNetworks, Inc.)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20065896 2012-03-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Philips Device Listener] - C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-03-19] ()
HKLM\...\Run: [Minuteur] - C:\Program Files\MTR\Minuteur.exe
HKLM\...\Run: [LogitechVideoTray] - C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [LogitechVideoRepair] - C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-08] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-31] (APN)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Fichiers communs\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Fichiers communs\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2012-11-01] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20587168 2013-11-18] (Skype Technologies S.A.)
HKCU\...\Run: [GoogleDriveSync] - "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
HKCU\...\Run: [Facebook Update] - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
MountPoints2: {2f6ab740-2738-11e1-8efa-485b3908c34a} - K:\RunGame.exe
MountPoints2: {8bc5b6bb-7b8c-11df-bf63-485b3908c34a} - G:\sm.exe
MountPoints2: {8c14bac1-522d-11e1-b4ea-485b3908c34a} - G:\KODAK_Camera_Setup_App.exe
HKU\Samu\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [ 2012-04-18] (Apple Inc.)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Device Detector 3.lnk
ShortcutTarget: Device Detector 3.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
Startup: C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Propriétaire\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0AA2AC21-57BB-4C32-AC72-59287EDC77DE} URL = http://www.google.fr/search?hl=fr&q={searchTerms}+&meta=
SearchScopes: HKCU - {7F396D30-EC4E-4323-ADA2-9B9062FEDE78} URL = http://search.softonic.com/MOY00005/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=64db374d000000000000485b3908c34a&r=203
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM - No Name - {0cc09160-108c-4759-bab1-5c12c216e005} - No File
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.2.72 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.2.72 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.2.72 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.2.72 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.4 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: FTdownloader V6.0 - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com [2013-12-02]
FF Extension: MixiDJ Toolbar - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\ffxtlbr@mixidj.com [2013-09-22]
FF Extension: No Name - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\staged [2014-01-28]
FF Extension: WOT - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-29]
FF Extension: DownloadHelper - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-27]
FF Extension: Adblock Plus Pop-up Addon - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\adblockpopups@jessehakanen.net.xpi [2013-05-01]
FF Extension: ClipToMP3_Plugin - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\jid0-5zkqw0l5jBWPCHzR9mnB6h7y1tn@jetpack.xpi [2013-04-30]
FF Extension: Ask Toolbar - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\toolbar_CME-V7@apn.ask.com.xpi [2013-12-31]
FF Extension: Adblock Plus - C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\n8f6gaaq.default-1365781200036\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-04-03]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Docs) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-17]
CHR Extension: (Google Drive) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-17]
CHR Extension: (YouTube) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-17]
CHR Extension: (Google Search) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-17]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-11-17]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-11-17]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Gmail) - C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-17]
CHR HKLM\...\Chrome\Extension: [hfikdpojhgckaejifppccjeedkjcndpp] - C:\Documents and Settings\Propriétaire\Application Data\BabSolution\CR\hola.crx [2013-11-17]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-04-03]
CHR HKLM\...\Chrome\Extension: [khcceooakamlehbimaepcldnnlnkcmfk] - C:\Program Files\SaveSense\SaveSense.crx [2012-04-03]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-31] (APN LLC.)
R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008 2012-12-21] (Apple Inc.)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-07-02] ()
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182184 2013-09-04] (Oracle Corporation)
S3 LBTServ; C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe [295192 2011-09-27] (Logitech, Inc.)
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [4023760 2010-12-01] (INCA Internet Co., Ltd.)
S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728 2010-03-10] (Protexis Inc.)
R2 PTWsvc; C:\Program Files\MainSoft\PC TimeWatch\PTWsvc.exe [954368 2009-11-24] (MainSoft)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S3 SwitchBoard; C:\Program Files\Fichiers communs\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
R2 TabletServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe [7054200 2012-02-28] (Wacom Technology, Corp.)
R2 TouchServiceWacom; C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe [479096 2012-02-28] (Wacom Technology, Corp.)
S2 savesenselive; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe /svc [x]
S3 savesenselivem; C:\Program Files\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [x]
S2 WinkHandler; C:\Program Files\Iminent\WinkHandler.exe [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [100368 2011-12-20] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [90400 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135648 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [20104 2010-04-06] (IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [25864 2010-04-06] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2011-12-15] (DT Soft Ltd)
R3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2009-12-22] ()
S3 HDJCtrl; C:\WINDOWS\System32\Drivers\HDJCtrl.sys [11008 2007-02-08] (Hercules (R))
S3 HDJMidi; C:\WINDOWS\System32\DRIVERS\HDJMidi.sys [39296 2007-02-08] (Hercules Technologies)
S3 hidkmdf; C:\WINDOWS\System32\DRIVERS\hidkmdf.sys [11640 2012-02-17] (Windows (R) Win 7 DDK provider)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [23048 2010-04-06] (IVT Corporation.)
R3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation)
R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-09] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation)
R3 PTWDrv; C:\Program Files\MainSoft\PC TimeWatch\PTWatch.sys [4096 2003-10-20] ()
S3 QCMerced; C:\WINDOWS\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [443448 2011-12-15] ()
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [13120 2013-08-25] ()
S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.)
S3 WacHidRouter; C:\WINDOWS\System32\DRIVERS\wachidrouter.sys [41336 2012-02-17] (Wacom Technology)
S3 wacomrouterfilter; C:\WINDOWS\System32\DRIVERS\wacomrouterfilter.sys [11640 2012-02-17] (Wacom Technology)
S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [32128 2008-04-13] (Microsoft Corporation)
U3 abylc70t; C:\WINDOWS\system32\Drivers\abylc70t.sys [0 ] (Microsoft Corporation)
S3 BT; system32\DRIVERS\btnetdrv.sys [x]
S3 BTCOM; system32\DRIVERS\btcomport.sys [x]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [x]
S3 cpuz132; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S4 IntelIde; No ImagePath
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [x]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [x]
S3 XDva390; \??\C:\WINDOWS\system32\XDva390.sys [x]
S3 XDva391; \??\C:\WINDOWS\system32\XDva391.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 20:25 - 2014-01-28 20:25 - 00028907 _____ C:\Documents and Settings\Propriétaire\Bureau\FRST.txt
2014-01-28 20:24 - 2014-01-28 20:24 - 00000000 ____D C:\FRST
2014-01-28 20:22 - 2014-01-28 20:22 - 01136640 _____ (Farbar) C:\Documents and Settings\Propriétaire\Bureau\FRST.exe
2014-01-27 13:47 - 2014-01-27 13:47 - 00000165 ____H C:\Documents and Settings\Propriétaire\Mes documents\~$diporama buzatti.pptx
2014-01-25 18:41 - 2014-01-25 18:42 - 00000000 ____D C:\Program Files\NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00528920 _____ (NCH Software) C:\Documents and Settings\Propriétaire\Bureau\switchsetup.exe
2014-01-25 18:41 - 2014-01-25 18:41 - 00000826 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Switch - Convertisseur de fichiers audio.lnk
2014-01-25 18:41 - 2014-01-25 18:41 - 00000820 _____ C:\Documents and Settings\All Users\Bureau\Switch - Convertisseur de fichiers audio.lnk
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Suite NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Programmes audio
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NCH Software
2014-01-25 14:12 - 2014-01-25 14:12 - 00000000 ____D C:\Documents and Settings\Propriétaire\Bureau\appareil photo papa
2014-01-21 14:22 - 2014-01-26 18:05 - 00518613 _____ C:\Documents and Settings\Propriétaire\Mes documents\diporama buzatti.pptx
2014-01-20 12:56 - 2014-01-20 12:56 - 01069512 _____ (Solid State Networks) C:\Documents and Settings\Propriétaire\Bureau\install_flashplayer12x32au_mssa_aaa_aih.exe
2014-01-16 03:01 - 2014-01-16 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 03:00 - 2014-01-16 03:01 - 00004404 _____ C:\WINDOWS\KB2914368.log
2014-01-05 11:52 - 2014-01-05 11:52 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\AMPSoft
2014-01-05 11:51 - 2014-01-28 19:51 - 00000416 _____ C:\WINDOWS\Tasks\At3.job
2014-01-05 11:51 - 2014-01-05 11:51 - 00000692 _____ C:\Documents and Settings\Propriétaire\Bureau\FREE Games.url
2014-01-03 12:11 - 2014-01-03 12:12 - 00000789 _____ C:\Documents and Settings\Propriétaire\Bureau\période3.pub.lnk

==================== One Month Modified Files and Folders =======

2014-01-28 20:25 - 2014-01-28 20:25 - 00028907 _____ C:\Documents and Settings\Propriétaire\Bureau\FRST.txt
2014-01-28 20:25 - 2013-11-17 14:20 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 20:25 - 2010-06-01 14:22 - 00000000 ____D C:\Documents and Settings\Propriétaire\Bureau
2014-01-28 20:24 - 2014-01-28 20:24 - 00000000 ____D C:\FRST
2014-01-28 20:23 - 2013-09-22 21:23 - 00000414 _____ C:\WINDOWS\Tasks\At1.job
2014-01-28 20:22 - 2014-01-28 20:22 - 01136640 _____ (Farbar) C:\Documents and Settings\Propriétaire\Bureau\FRST.exe
2014-01-28 20:22 - 2012-05-31 18:18 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\Skype
2014-01-28 20:21 - 2013-06-23 10:05 - 00290487 _____ C:\WINDOWS\setupapi.log
2014-01-28 20:21 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-28 20:17 - 2013-06-30 07:13 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-28 20:02 - 2013-11-29 22:57 - 00000932 _____ C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-01-28 20:01 - 2013-12-02 19:57 - 00002126 _____ C:\WINDOWS\Tasks\FTdownloader V6.0-firefoxinstaller.job
2014-01-28 19:57 - 2013-12-02 19:57 - 00001334 _____ C:\WINDOWS\Tasks\FTdownloader V6.0-updater.job
2014-01-28 19:57 - 2013-11-29 22:57 - 00000416 _____ C:\WINDOWS\Tasks\At2.job
2014-01-28 19:51 - 2014-01-05 11:51 - 00000416 _____ C:\WINDOWS\Tasks\At3.job
2014-01-28 17:02 - 2010-06-01 14:20 - 00032462 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-28 14:25 - 2013-11-17 14:20 - 00001064 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 08:23 - 2010-06-01 14:15 - 01096492 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-28 08:16 - 2010-07-29 13:10 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2014-01-28 08:15 - 2013-06-02 18:00 - 00000300 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1604221776-1801674531-1003.job
2014-01-28 08:15 - 2013-06-02 18:00 - 00000292 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1604221776-1801674531-1003.job
2014-01-28 08:15 - 2012-03-23 19:23 - 00000000 ___RD C:\Documents and Settings\Propriétaire\Mes documents\Dropbox
2014-01-28 08:15 - 2012-03-23 19:21 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\Dropbox
2014-01-28 08:13 - 2013-11-29 22:57 - 00000928 _____ C:\WINDOWS\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-01-28 08:13 - 2010-06-01 15:52 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-28 08:13 - 2010-06-01 15:52 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-28 08:13 - 2010-06-01 14:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-27 23:03 - 2010-06-01 14:22 - 00000184 ___SH C:\Documents and Settings\Propriétaire\ntuser.ini
2014-01-27 23:02 - 2010-06-01 14:22 - 00000000 ___HD C:\Documents and Settings\Propriétaire
2014-01-27 13:47 - 2014-01-27 13:47 - 00000165 ____H C:\Documents and Settings\Propriétaire\Mes documents\~$diporama buzatti.pptx
2014-01-27 11:29 - 2013-04-27 17:44 - 00000000 ____D C:\Documents and Settings\Propriétaire\.homeplayer
2014-01-27 11:17 - 2010-06-08 18:41 - 00104960 _____ C:\Documents and Settings\Propriétaire\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 18:05 - 2014-01-21 14:22 - 00518613 _____ C:\Documents and Settings\Propriétaire\Mes documents\diporama buzatti.pptx
2014-01-26 02:00 - 2013-06-21 13:58 - 00000364 _____ C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-PROPRI-F0DC6D6B-Propriétaire.job
2014-01-25 18:42 - 2014-01-25 18:41 - 00000000 ____D C:\Program Files\NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00528920 _____ (NCH Software) C:\Documents and Settings\Propriétaire\Bureau\switchsetup.exe
2014-01-25 18:41 - 2014-01-25 18:41 - 00000826 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Switch - Convertisseur de fichiers audio.lnk
2014-01-25 18:41 - 2014-01-25 18:41 - 00000820 _____ C:\Documents and Settings\All Users\Bureau\Switch - Convertisseur de fichiers audio.lnk
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Suite NCH Software
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Programmes audio
2014-01-25 18:41 - 2014-01-25 18:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NCH Software
2014-01-25 18:41 - 2012-05-20 22:43 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2014-01-25 18:41 - 2010-06-01 22:02 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-01-25 18:41 - 2010-06-01 14:22 - 00000000 ___RD C:\Documents and Settings\Propriétaire\Favoris
2014-01-25 18:32 - 2013-06-21 00:34 - 00004040 _____ C:\WINDOWS\wmsetup.log
2014-01-25 14:12 - 2014-01-25 14:12 - 00000000 ____D C:\Documents and Settings\Propriétaire\Bureau\appareil photo papa
2014-01-23 16:41 - 2012-06-01 22:05 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2014-01-23 16:40 - 2010-06-01 14:14 - 00000000 ____D C:\WINDOWS\Registration
2014-01-20 16:26 - 2013-11-27 18:11 - 00000000 ____D C:\Documents and Settings\Propriétaire\Bureau\sauvegarde USB Juju
2014-01-20 12:56 - 2014-01-20 12:56 - 01069512 _____ (Solid State Networks) C:\Documents and Settings\Propriétaire\Bureau\install_flashplayer12x32au_mssa_aaa_aih.exe
2014-01-19 19:18 - 2013-11-27 18:22 - 00000000 ____D C:\Documents and Settings\Propriétaire\Bureau\chat bureau
2014-01-16 08:00 - 2013-02-09 07:22 - 00002347 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader XI.lnk
2014-01-16 03:05 - 2010-06-01 17:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-01-16 03:04 - 2013-08-14 22:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 03:01 - 2014-01-16 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 03:01 - 2014-01-16 03:00 - 00004404 _____ C:\WINDOWS\KB2914368.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00204024 _____ C:\WINDOWS\FaxSetup.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00097548 _____ C:\WINDOWS\ocgen.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00077847 _____ C:\WINDOWS\tsoc.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00068261 _____ C:\WINDOWS\comsetup.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00041264 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00032646 _____ C:\WINDOWS\iis6.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00011286 _____ C:\WINDOWS\ocmsn.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00010197 _____ C:\WINDOWS\msgsocm.log
2014-01-16 03:01 - 2013-07-11 23:24 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-16 03:01 - 2010-06-01 14:50 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-12 19:34 - 2010-06-01 14:59 - 00000000 ___RD C:\Documents and Settings\Propriétaire\Bureau\kit entretien PC
2014-01-08 19:12 - 2013-10-26 14:36 - 00000000 ____D C:\AdwCleaner
2014-01-08 10:58 - 2010-06-01 14:22 - 00000000 ___RD C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
2014-01-08 10:57 - 2013-09-20 22:21 - 00001054 _____ C:\Documents and Settings\Propriétaire\Bureau\Dropbox.lnk
2014-01-08 10:57 - 2013-09-20 22:16 - 00000000 ____D C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Dropbox
2014-01-06 16:51 - 2013-12-19 17:57 - 00000072 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-01-06 16:28 - 2010-06-01 22:01 - 03718824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-05 16:04 - 2011-03-03 20:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DVD Shrink
2014-01-05 13:57 - 2010-06-01 14:56 - 00104304 _____ C:\Documents and Settings\Propriétaire\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-05 12:18 - 2010-06-01 14:22 - 00000000 ___RD C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes
2014-01-05 11:52 - 2014-01-05 11:52 - 00000000 ____D C:\Documents and Settings\Propriétaire\Application Data\AMPSoft
2014-01-05 11:51 - 2014-01-05 11:51 - 00000692 _____ C:\Documents and Settings\Propriétaire\Bureau\FREE Games.url
2014-01-04 12:11 - 2013-10-21 20:24 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2014-01-04 00:14 - 2010-06-01 15:01 - 00000000 ____D C:\Documents and Settings\Propriétaire\Mes documents\Téléchargements
2014-01-03 21:19 - 2010-06-01 22:02 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
2014-01-03 21:19 - 2010-06-01 22:01 - 00000228 __RSH C:\boot.ini
2014-01-03 21:19 - 2008-04-14 13:00 - 00000855 _____ C:\WINDOWS\win.ini
2014-01-03 21:19 - 2008-04-14 13:00 - 00000227 _____ C:\WINDOWS\system.ini
2014-01-03 19:07 - 2011-12-18 19:43 - 00000000 ____D C:\WINDOWS\pss
2014-01-03 18:36 - 2013-05-25 22:01 - 00000000 ____D C:\Program Files\MRU-Blaster
2014-01-03 18:36 - 2013-05-25 22:01 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\MRU-Blaster
2014-01-03 17:22 - 2012-03-19 22:15 - 00000000 ____D C:\Program Files\CDBurnerXP
2014-01-03 15:05 - 2013-10-16 12:58 - 00001623 _____ C:\Documents and Settings\All Users\Bureau\CDBurnerXP.lnk
2014-01-03 15:05 - 2012-03-19 22:15 - 00001563 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk
2014-01-03 12:12 - 2014-01-03 12:11 - 00000789 _____ C:\Documents and Settings\Propriétaire\Bureau\période3.pub.lnk

Files to move or delete:
====================
C:\Documents and Settings\Propriétaire\AutoLauncher.exe
C:\Documents and Settings\Propriétaire\fbchathistory.dat
C:\Documents and Settings\Propriétaire\WoZ.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job


Some content of TEMP:
====================
C:\Documents and Settings\Propriétaire\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\BoxoreInstaller.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\IMsetup.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Installer.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\mgsqlite3.dll
C:\Documents and Settings\Propriétaire\Local Settings\Temp\MSETUP4.EXE
C:\Documents and Settings\Propriétaire\Local Settings\Temp\OB.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Optimizer_Pro.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\RegAsm.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\sas.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\setup.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\The Sims 2_uninst.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\uninst1.exe
C:\Documents and Settings\Propriétaire\Local Settings\Temp\UpdaterCopy.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe
[2008-04-14 13:00] - [2008-04-14 13:00] - 0512000 ____A (Microsoft Corporation) dd73d6b9f6b4cb630cf35b438b540174

C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2008-04-14 13:00] - [2008-04-14 13:00] - 0579584 ____A (Microsoft Corporation) e853f84d3ce2faa2a802e33cf89ac023

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2008-04-14 13:00] - [2009-02-09 11:53] - 0401408 ____A (Microsoft Corporation) 0203b1aad358f206cb0a3c1f93cce17a

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================