cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by Administrateur (administrator) on PATAUD on 23-04-2015 07:30:13
Running from C:\Documents and Settings\Fabien\Bureau
Loaded Profiles: Fabien & Administrateur (Available profiles: Fabien & Administrateur)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(InterVideo) C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
() C:\WINDOWS\system32\PSIService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(www.shadowexplorer.com) C:\Program Files\ShadowExplorer\sesvc.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Lenovo Group Limited) C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo.) C:\WINDOWS\system32\TPHDEXLG.exe
(Lenovo Group Limited) C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
(Lenovo Group Limited) C:\WINDOWS\system32\tp4serv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo.) C:\WINDOWS\system32\TpShocks.exe
(Lenovo Group Ltd.) C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Sonic Solutions) C:\WINDOWS\system32\DLA\DLACTRLW.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
(Lenovo Group Limited) C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
(Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
(Lenovo Group Limited) C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PWRMGRTR] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [BLOG] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
HKLM\...\Run: [TPFNF7] => C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-04-09] (Lenovo Group Limited)
HKLM\...\Run: [TrackPointSrv] => C:\WINDOWS\system32\tp4serv.exe [91184 2007-04-26] (Lenovo Group Limited)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [181544 2007-09-28] (Lenovo.)
HKLM\...\Run: [EZEJMNAP] => C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [243248 2007-03-28] (Lenovo Group Ltd.)
HKLM\...\Run: [DLA] => C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2006-02-02] (Sonic Solutions)
HKLM\...\Run: [AwaySch] => C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited)
HKLM\...\Run: [LPManager] => C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE [124256 2007-07-12] (Lenovo Group Limited)
HKLM\...\Run: [ACTray] => C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [413696 2007-07-05] (Lenovo )
HKLM\...\Run: [ACWLIcon] => C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [126976 2007-07-05] (Lenovo )
HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited)
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-27] ()
Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2007-07-05] (Lenovo )
Winlogon\Notify\tpfnf2: C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [2006-09-06] ()
Winlogon\Notify\tphotkey: C:\Program Files\Lenovo\HOTKEY\tphklock.dll [2006-12-14] ()
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-580653093-3094153614-2514855005-1008\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2009-02-04] (Microsoft Corporation)
HKU\S-1-5-21-580653093-3094153614-2514855005-1008\...\MountPoints2: {c160c9aa-da17-11e4-8fbe-a1dd2c061c15} - E:\LaunchU3.exe
HKU\S-1-5-21-580653093-3094153614-2514855005-1008\...\MountPoints2: {f82d635c-9528-11dd-87d2-00215c31a32f} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
AppInit_DLLs: c:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL => c:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-01-06] (Sophos Limited)
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk [2008-06-24]
ShortcutTarget: BTTray.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk [2008-06-24]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-580653093-3094153614-2514855005-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\S-1-5-21-580653093-3094153614-2514855005-1008\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-580653093-3094153614-2514855005-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-580653093-3094153614-2514855005-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-580653093-3094153614-2514855005-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
SearchScopes: HKU\S-1-5-21-580653093-3094153614-2514855005-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=LENIE
SearchScopes: HKU\S-1-5-21-580653093-3094153614-2514855005-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30] (Adobe Systems Incorporated)
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02] (Sonic Solutions)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-31] (Oracle Corporation)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-31] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2013-09-25] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL [2009-02-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_ifslsp.dll [89592 2014-03-04] (Sophos Limited)
Winsock: Catalog9 02 C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_ifslsp.dll [89592 2014-03-04] (Sophos Limited)
Winsock: Catalog9 16 C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_ifslsp.dll [89592 2014-03-04] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (No Name) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (No Name) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (No Name) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-07-05] (Lenovo ) [File not signed]
R2 AcSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [184320 2007-07-05] (Lenovo ) [File not signed]
R2 btwdins; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [266295 2007-02-27] (Broadcom Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [647168 2007-04-16] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited)
R2 IviRegMgr; C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 odserv; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] () [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-04-16] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-04-16] (Intel Corporation ) [File not signed]
R2 SAVAdminService; c:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [290296 2014-01-06] (Sophos Limited)
R2 SAVService; c:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe [206328 2014-01-06] (Sophos Limited)
R2 sesvc; C:\Program Files\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [771456 2015-04-22] (Enigma Software Group USA, LLC.)
R2 SUService; c:\program files\lenovo\system update\suservice.exe [28672 2009-06-12] (Lenovo Group Limited) [File not signed]
R2 swi_service; c:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3109880 2014-01-06] (Sophos Limited)
S2 swi_update; C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe [1471992 2014-01-06] (Sophos Limited)
R2 ThinkVantage Registry Monitor Service; C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe [644408 2007-09-26] (Lenovo Group Limited)
R2 TVT Scheduler; C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited) [File not signed]
S2 WinVNC4; "C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-18] (Microsoft Corporation)
S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21393 2008-06-24] (Cisco Systems, Inc.)
R1 ANC; C:\WINDOWS\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions) [File not signed]
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions) [File not signed]
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions) [File not signed]
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions) [File not signed]
R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89472 2006-03-01] (Sonic Solutions) [File not signed]
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions) [File not signed]
S3 G400; C:\WINDOWS\System32\DRIVERS\G400m.sys [322560 2001-08-23] (Matrox Graphics Inc.)
R3 HdAudAddService; C:\WINDOWS\System32\drivers\CHDAudN.sys [666112 2007-04-27] (Conexant Systems Inc.)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2007-03-25] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-03-25] (Conexant Systems, Inc.)
R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2007-04-02] () [File not signed]
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation)
R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2008-06-24] (Microsoft Corporation) [File not signed]
R2 PROCDD; C:\WINDOWS\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-03-29] (Intel Corporation) [File not signed]
R1 SAVOnAccessControl; C:\WINDOWS\System32\DRIVERS\savonaccesscontrol.sys [172232 2014-01-06] (Sophos Limited)
R1 SAVOnAccessFilter; C:\WINDOWS\System32\DRIVERS\savonaccessfilter.sys [33736 2014-01-06] (Sophos Limited)
R1 SKMScan; C:\WINDOWS\System32\DRIVERS\skmscan.sys [33096 2014-01-06] (Sophos Limited)
S4 SophosBootDriver; C:\WINDOWS\System32\DRIVERS\SophosBootDriver.sys [14976 2014-01-06] (Sophos Plc)
R3 Tp4Track; C:\WINDOWS\System32\DRIVERS\tp4track.sys [22832 2007-04-26] (Lenovo Group Limited)
R1 TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation)
R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [4442 2007-09-05] () [File not signed]
R1 TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [12848 2007-04-09] ()
S3 TwoTrack; C:\WINDOWS\System32\DRIVERS\TwoTrack.sys [11520 2001-08-17] (IBM Corporation)
S3 ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 07:30 - 2015-04-23 07:30 - 00022719 _____ () C:\Documents and Settings\Fabien\Bureau\FRST.txt
2015-04-22 15:49 - 2015-04-22 15:49 - 00089992 _____ () C:\Documents and Settings\Fabien\Mes documents\04222015_151001.log
2015-04-22 15:10 - 2015-04-22 15:10 - 00000000 ____D () C:\_OTL
2015-04-22 07:03 - 2015-04-22 07:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-21 08:14 - 2015-04-21 08:14 - 00061034 _____ () C:\Extras.Txt
2015-04-21 08:13 - 2015-04-21 08:13 - 00161024 _____ () C:\OTL.Txt
2015-04-21 07:57 - 2015-04-21 07:57 - 00161024 _____ () C:\Documents and Settings\Fabien\Bureau\OTL.Txt
2015-04-21 07:57 - 2015-04-21 07:57 - 00061034 _____ () C:\Documents and Settings\Fabien\Bureau\Extras.Txt
2015-04-21 07:45 - 2015-04-21 07:45 - 00000512 _____ () C:\PhysicalMBR.bin
2015-04-21 07:40 - 2015-04-21 07:36 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Fabien\Bureau\OTL.exe
2015-04-21 07:37 - 2015-04-22 16:54 - 00000026 _____ () C:\WINDOWS\system32\Procdb.ini
2015-04-21 07:05 - 2015-04-23 07:27 - 00000000 ____D () C:\Documents and Settings\Fabien\Mes documents\Téléchargements
2015-04-20 19:31 - 2015-04-20 19:31 - 00001251 _____ () C:\ZHPFix[R4].txt
2015-04-20 19:30 - 2015-04-20 19:30 - 00001251 _____ () C:\Documents and Settings\Administrateur\Bureau\ZHPFixReport.txt
2015-04-20 18:58 - 2015-04-20 10:42 - 06881977 _____ (Nicolas Coolman ) C:\Documents and Settings\Fabien\Bureau\ZHPDiag2.exe
2015-04-20 18:19 - 2015-04-20 18:19 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-04-20 18:18 - 2015-04-20 18:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2015-04-20 15:07 - 2015-04-20 15:07 - 00000000 ____D () C:\Documents and Settings\Fabien\Bureau\%AppData%
2015-04-20 15:04 - 2015-04-20 15:04 - 00129387 _____ () C:\ZHPDiag.txt
2015-04-20 11:14 - 2015-04-20 11:14 - 00129387 _____ () C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.txt
2015-04-20 11:13 - 2015-04-20 11:13 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-04-20 10:49 - 2015-04-20 10:49 - 00129704 _____ () C:\Documents and Settings\Fabien\Bureau\ZHPDiag.txt
2015-04-20 10:44 - 2015-04-20 19:30 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\ZHP
2015-04-20 10:44 - 2015-04-20 18:59 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\ZHP
2015-04-20 10:44 - 2015-04-20 11:13 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-04-20 10:44 - 2015-04-20 10:44 - 00001635 _____ () C:\Documents and Settings\Administrateur\Bureau\ZHPFix.lnk
2015-04-20 10:44 - 2015-04-20 10:44 - 00001530 _____ () C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.lnk
2015-04-20 10:44 - 2015-04-20 10:44 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2015-04-20 10:18 - 2015-04-20 10:16 - 00000595 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT (2).lnk
2015-04-20 10:18 - 2015-04-15 18:19 - 00001132 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT.LNK
2015-04-20 10:18 - 2015-04-15 18:19 - 00001127 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT (3).lnk
2015-04-20 10:18 - 2015-03-30 11:56 - 00009032 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT.HTML
2015-04-20 10:18 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT.TXT
2015-04-20 10:18 - 2015-03-30 11:56 - 00000276 _____ () C:\Documents and Settings\Fabien\Mes documents\HELP_DECRYPT.URL
2015-04-20 10:16 - 2015-04-02 18:29 - 00000000 ____H () C:\Documents and Settings\Fabien\Mes documents\Default.decryptedKLR.rdp
2015-04-20 09:45 - 2008-04-14 04:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2015-04-20 09:45 - 2008-04-14 04:33 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
2015-04-20 09:27 - 2015-04-20 09:27 - 17593008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2015-04-15 19:52 - 2015-04-15 19:52 - 00000000 __SHD () C:\Documents and Settings\Administrateur\PrivacIE
2015-04-15 19:22 - 2015-04-15 19:22 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Macromedia
2015-04-15 19:17 - 2015-04-20 10:38 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\www.shadowexplorer.com
2015-04-15 19:17 - 2015-04-15 19:17 - 00001567 _____ () C:\Documents and Settings\Administrateur\Bureau\ShadowExplorer.lnk
2015-04-15 19:17 - 2015-04-15 19:17 - 00000000 ____D () C:\Program Files\ShadowExplorer
2015-04-15 19:17 - 2015-04-15 19:17 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ShadowExplorer
2015-04-15 19:15 - 2015-04-15 19:59 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\U3
2015-04-15 19:07 - 2015-04-15 19:57 - 00001818 _____ () C:\Documents and Settings\Administrateur\Bureau\Google Chrome.lnk
2015-04-15 19:07 - 2015-04-15 19:07 - 00000810 _____ () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk
2015-04-15 19:07 - 2015-04-15 19:07 - 00000795 _____ () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Windows Media Player.lnk
2015-04-15 19:07 - 2015-04-15 19:07 - 00000789 _____ () C:\Documents and Settings\Administrateur\Bureau\Windows Media Player.lnk
2015-04-15 19:07 - 2015-04-15 19:07 - 00000000 __SHD () C:\Documents and Settings\Administrateur\IETldCache
2015-04-15 19:07 - 2015-04-15 19:07 - 00000000 ____D () C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
2015-04-08 12:04 - 2015-04-08 12:04 - 00000664 _____ () C:\Documents and Settings\Fabien\Local Settings\Application Data\d3d9caps.tmp
2015-04-07 13:56 - 2015-04-07 13:56 - 00000052 _____ () C:\Documents and Settings\Fabien\Mes documents\exemple.bat
2015-04-03 17:40 - 2015-04-22 15:56 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\U3
2015-04-03 09:59 - 2015-04-03 09:59 - 00000000 ___RD () C:\Documents and Settings\Fabien\Mes documents\Mes images
2015-04-03 09:54 - 2015-04-03 09:54 - 00077558 _____ () C:\spyhunter.log
2015-04-03 07:55 - 2015-04-03 07:55 - 00020894 _____ () C:\sh4_service.log
2015-04-02 18:53 - 2015-04-03 20:05 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\Enigma Software Group
2015-04-02 18:53 - 2015-04-02 18:53 - 00000000 ____D () C:\sh4ldr
2015-04-02 18:50 - 2015-04-02 18:50 - 07125376 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Fabien\Bureau\SpyHunter4.exe
2015-04-02 18:45 - 2015-04-02 18:45 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Fabien\Bureau\SpyHunter-Installer.exe
2015-04-02 18:29 - 2015-04-02 18:29 - 00000000 ____H () C:\Documents and Settings\Fabien\Mes documents\Default.rdp
2015-03-31 15:57 - 2015-04-20 09:47 - 00002139 _____ () C:\Documents and Settings\All Users\Bureau\DAF Sprint Toolbox.lnk
2015-03-31 15:57 - 2015-04-01 15:04 - 00002127 _____ () C:\Documents and Settings\All Users\Bureau\DAF Sprint.lnk
2015-03-31 15:57 - 2015-03-31 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DAF Sprint
2015-03-31 15:57 - 2015-03-31 15:57 - 00000000 ____D () C:\toTopec
2015-03-31 11:57 - 2015-03-31 11:40 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-03-31 11:38 - 2015-03-31 11:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2015-03-31 03:00 - 2015-04-15 19:13 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-31 02:58 - 2015-03-31 02:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-31 02:58 - 2015-03-31 02:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2015-03-31 02:58 - 2015-03-31 02:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-03-31 02:58 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-31 02:58 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-31 02:07 - 2015-04-23 07:30 - 00000000 ____D () C:\FRST
2015-03-31 02:05 - 2015-04-23 07:27 - 01139200 _____ (Farbar) C:\Documents and Settings\Fabien\Bureau\FRST.exe
2015-03-30 16:03 - 2015-03-30 16:03 - 00009032 _____ () C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.HTML
2015-03-30 16:03 - 2015-03-30 16:03 - 00009032 _____ () C:\Documents and Settings\NetworkService\HELP_DECRYPT.HTML
2015-03-30 16:03 - 2015-03-30 16:03 - 00009032 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.HTML
2015-03-30 16:03 - 2015-03-30 16:03 - 00009032 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.HTML
2015-03-30 16:03 - 2015-03-30 16:03 - 00009032 _____ () C:\Documents and Settings\HELP_DECRYPT.HTML
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\NetworkService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\NetworkService\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\NetworkService\Application Data\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\LocalService\Application Data\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00004704 _____ () C:\Documents and Settings\HELP_DECRYPT.TXT
2015-03-30 16:03 - 2015-03-30 16:03 - 00000276 _____ () C:\Documents and Settings\NetworkService\Local Settings\HELP_DECRYPT.URL
2015-03-30 16:03 - 2015-03-30 16:03 - 00000276 _____ () C:\Documents and Settings\NetworkService\HELP_DECRYPT.URL
2015-03-30 16:03 - 2015-03-30 16:03 - 00000276 _____ () C:\Documents and Settings\LocalService\Local Settings\HELP_DECRYPT.URL
2015-03-30 16:03 - 2015-03-30 16:03 - 00000276 _____ () C:\Documents and Settings\LocalService\HELP_DECRYPT.URL
2015-03-30 16:03 - 2015-03-30 16:03 - 00000276 _____ () C:\Documents and Settings\HELP_DECRYPT.URL
2015-03-30 14:09 - 2015-03-30 14:09 - 00009032 _____ () C:\Documents and Settings\Fabien\Local Settings\HELP_DECRYPT.HTML
2015-03-30 14:09 - 2015-03-30 14:09 - 00009032 _____ () C:\Documents and Settings\Fabien\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-03-30 14:09 - 2015-03-30 14:09 - 00004704 _____ () C:\Documents and Settings\Fabien\Local Settings\HELP_DECRYPT.TXT
2015-03-30 14:09 - 2015-03-30 14:09 - 00004704 _____ () C:\Documents and Settings\Fabien\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-03-30 14:09 - 2015-03-30 14:09 - 00000276 _____ () C:\Documents and Settings\Fabien\Local Settings\HELP_DECRYPT.URL
2015-03-30 14:09 - 2015-03-30 14:09 - 00000276 _____ () C:\Documents and Settings\Fabien\Local Settings\Application Data\HELP_DECRYPT.URL
2015-03-30 11:56 - 2015-03-30 11:56 - 00009032 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.HTML
2015-03-30 11:56 - 2015-03-30 11:56 - 00009032 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.HTML
2015-03-30 11:56 - 2015-03-30 11:56 - 00009032 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.HTML
2015-03-30 11:56 - 2015-03-30 11:56 - 00009032 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.HTML
2015-03-30 11:56 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.TXT
2015-03-30 11:56 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-03-30 11:56 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.TXT
2015-03-30 11:56 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.TXT
2015-03-30 11:56 - 2015-03-30 11:56 - 00004704 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.TXT
2015-03-30 11:56 - 2015-03-30 11:56 - 00000276 _____ () C:\Documents and Settings\Default User\Local Settings\HELP_DECRYPT.URL
2015-03-30 11:56 - 2015-03-30 11:56 - 00000276 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\HELP_DECRYPT.URL
2015-03-30 11:56 - 2015-03-30 11:56 - 00000276 _____ () C:\Documents and Settings\Default User\HELP_DECRYPT.URL
2015-03-30 11:56 - 2015-03-30 11:56 - 00000276 _____ () C:\Documents and Settings\Default User\Application Data\HELP_DECRYPT.URL
2015-03-30 11:55 - 2015-03-30 11:55 - 00009032 _____ () C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.HTML
2015-03-30 11:55 - 2015-03-30 11:55 - 00004704 _____ () C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.TXT
2015-03-30 11:55 - 2015-03-30 11:55 - 00004704 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\HELP_DECRYPT.TXT
2015-03-30 11:55 - 2015-03-30 11:55 - 00004704 _____ () C:\Documents and Settings\Administrateur\HELP_DECRYPT.TXT
2015-03-30 11:55 - 2015-03-30 11:55 - 00004704 _____ () C:\Documents and Settings\Administrateur\Application Data\HELP_DECRYPT.TXT
2015-03-30 11:55 - 2015-03-30 11:55 - 00000276 _____ () C:\Documents and Settings\Administrateur\Local Settings\HELP_DECRYPT.URL
2015-03-24 11:09 - 2015-04-22 15:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 07:30 - 2009-10-30 17:39 - 00001056 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-23 07:30 - 2008-07-29 16:15 - 00000000 ____D () C:\Documents and Settings\Fabien\Bureau
2015-04-23 07:30 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\Administrateur\Local Settings\Temp
2015-04-23 07:27 - 2012-04-05 10:37 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-04-23 07:27 - 2008-07-29 16:15 - 00000000 ____D () C:\Documents and Settings\Fabien\Local Settings\Temp
2015-04-22 17:08 - 2006-01-27 00:01 - 00000184 ___SH () C:\Documents and Settings\Administrateur\ntuser.ini
2015-04-22 16:55 - 2014-03-10 09:28 - 00000224 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2015-04-22 16:55 - 2009-10-30 17:39 - 00001052 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-22 16:54 - 2006-01-26 15:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-22 16:54 - 2006-01-26 15:47 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-04-22 16:53 - 2008-06-24 14:35 - 00025452 _____ () C:\TPHKLOCK.TXT
2015-04-22 16:53 - 2007-07-27 08:37 - 00000380 _____ () C:\WINDOWS\system32\IPSCtrl.INI
2015-04-22 16:53 - 2006-01-27 00:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-22 16:05 - 2006-01-27 00:01 - 00032574 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-22 16:04 - 2008-07-29 16:15 - 00000184 ___SH () C:\Documents and Settings\Fabien\ntuser.ini
2015-04-22 16:04 - 2006-01-26 23:51 - 01677438 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-22 15:57 - 2008-06-24 14:42 - 00000971 _____ () C:\WINDOWS\wininit.ini
2015-04-22 15:54 - 2008-06-24 14:34 - 00535488 _____ () C:\WINDOWS\system32\TPAPSLOG.LOG
2015-04-22 15:18 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-04-22 15:18 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-04-22 15:13 - 2013-03-15 14:21 - 00833178 _____ () C:\WINDOWS\setupapi.log
2015-04-22 15:11 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2015-04-22 15:11 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\Administrateur
2015-04-22 15:04 - 2008-07-29 16:15 - 00079784 _____ () C:\Documents and Settings\Fabien\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-04-22 12:00 - 2011-03-11 09:07 - 00000530 _____ () C:\WINDOWS\Tasks\Contrôle journalier.job
2015-04-21 07:06 - 2014-11-28 13:58 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-04-20 19:30 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\Administrateur\Bureau
2015-04-20 19:21 - 2008-06-24 22:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes
2015-04-20 10:44 - 2008-06-24 22:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2015-04-20 10:07 - 2014-03-04 17:42 - 00000000 ____D () C:\escw_103_sa
2015-04-20 10:07 - 2008-10-29 19:05 - 00000000 ____D () C:\tohost
2015-04-20 10:07 - 2008-10-29 19:04 - 00000000 ____D () C:\toDMS
2015-04-20 10:07 - 2008-10-29 19:01 - 00000000 ____D () C:\CWC-DIR
2015-04-20 10:07 - 2008-06-24 22:03 - 00000000 ____D () C:\SWTOOLS
2015-04-20 10:07 - 2008-06-24 22:00 - 00000000 ____D () C:\VALUEADD
2015-04-20 10:07 - 2008-06-24 21:58 - 00000000 ____D () C:\I386
2015-04-20 09:48 - 2012-06-22 10:04 - 00000000 ____D () C:\FABIEN BEDINI
2015-04-20 09:27 - 2012-04-05 10:37 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-04-20 09:27 - 2011-07-04 18:42 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-04-20 08:55 - 2006-01-26 22:35 - 00002278 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-15 21:50 - 2008-07-29 16:15 - 00000000 ___RD () C:\Documents and Settings\Fabien\Menu Démarrer\Programmes\Démarrage
2015-04-15 19:56 - 2008-06-24 14:50 - 00000000 ____D () C:\Documents and Settings\Administrateur\Application Data\Adobe
2015-04-15 19:56 - 2008-06-24 14:43 - 00000000 ____D () C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
2015-04-15 19:07 - 2008-06-24 22:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Mes documents\Mes images
2015-04-15 19:07 - 2008-06-24 22:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Mes documents\Ma musique
2015-04-15 19:07 - 2008-06-24 22:00 - 00000000 ___RD () C:\Documents and Settings\Administrateur\Favoris
2015-04-15 19:07 - 2006-01-27 00:01 - 00000745 _____ () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk
2015-04-15 19:07 - 2006-01-26 23:49 - 00126371 _____ () C:\WINDOWS\wmsetup.log
2015-04-15 18:49 - 2009-07-01 11:07 - 00065536 _____ () C:\WINDOWS\system32\config\Lenovo-M.evt
2015-04-11 15:00 - 2014-03-10 09:28 - 00000218 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2015-04-05 22:19 - 2008-07-29 10:27 - 00000000 ____D () C:\SWSHARE
2015-04-04 08:06 - 2008-06-24 22:00 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-04-04 08:06 - 2008-06-24 22:00 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-04-03 17:35 - 2009-04-27 08:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961373$
2015-04-03 14:35 - 2010-11-15 11:43 - 00000000 __SHD () C:\WINDOWS\CSC
2015-04-02 20:09 - 2008-07-29 16:15 - 00001606 _____ () C:\Documents and Settings\Fabien\Menu Démarrer\Programmes\Assistance à distance.lnk
2015-04-02 19:33 - 2006-01-26 23:53 - 00001606 _____ () C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Assistance à distance.lnk
2015-04-02 19:31 - 2006-01-27 00:01 - 00001606 _____ () C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk
2015-04-02 18:53 - 2006-01-26 22:35 - 00285747 _____ () C:\shldr
2015-04-01 16:38 - 2008-06-24 15:06 - 00065536 _____ () C:\WINDOWS\system32\config\ODiag.evt
2015-03-31 11:57 - 2008-06-24 14:38 - 00000000 ____D () C:\Program Files\Java
2015-03-31 11:57 - 2006-01-26 15:45 - 01135776 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-31 11:48 - 2008-06-24 14:38 - 00000000 ____D () C:\Program Files\Fichiers communs\Java
2015-03-31 11:42 - 2014-03-05 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
2015-03-31 11:40 - 2012-02-27 15:54 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-03-31 10:37 - 2014-04-10 14:54 - 00000000 ____D () C:\Documents and Settings\Fabien\Bureau\Immatriculations
2015-03-31 07:57 - 2011-12-15 19:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2624667$
2015-03-31 02:56 - 2008-07-29 16:15 - 00000000 ___RD () C:\Documents and Settings\Fabien\Favoris
2015-03-30 16:03 - 2014-12-10 19:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Adobe
2015-03-30 16:03 - 2009-10-23 08:57 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Intel
2015-03-30 16:03 - 2008-07-29 16:15 - 00000000 ___HD () C:\Documents and Settings\Fabien\Modèles
2015-03-30 16:03 - 2008-06-24 14:32 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Intel
2015-03-30 14:09 - 2014-03-05 10:05 - 00000000 ____D () C:\Documents and Settings\Fabien\Local Settings\Application Data\Sun
2015-03-30 14:09 - 2010-06-17 18:46 - 00000000 ____D () C:\Documents and Settings\Fabien\Local Settings\Application Data\Sophos
2015-03-30 14:09 - 2009-12-30 11:29 - 00000000 ____D () C:\Documents and Settings\Fabien\Local Settings\Application Data\PCHealth
2015-03-30 13:59 - 2009-10-30 17:39 - 00000000 ____D () C:\Documents and Settings\Fabien\Local Settings\Application Data\Google
2015-03-30 11:57 - 2008-10-30 10:11 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\Sun
2015-03-30 11:56 - 2015-03-11 12:12 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\Mozilla
2015-03-30 11:56 - 2010-03-10 12:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sophos
2015-03-30 11:56 - 2008-07-29 16:15 - 00000000 ____D () C:\Documents and Settings\Fabien\Application Data\Adobe
2015-03-30 11:56 - 2008-06-24 22:00 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2015-03-30 11:56 - 2008-06-24 22:00 - 00000000 ___HD () C:\Documents and Settings\Default User\Modèles
2015-03-30 11:56 - 2008-06-24 22:00 - 00000000 ___HD () C:\Documents and Settings\All Users\Modèles
2015-03-30 11:56 - 2008-06-24 22:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SBSI
2015-03-30 11:55 - 2008-06-24 22:00 - 00000000 ___HD () C:\Documents and Settings\Administrateur\Modèles
2015-03-30 11:55 - 2008-06-24 14:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lenovo
2015-03-26 11:27 - 2015-03-11 12:11 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-03-30 11:55 - 2015-03-30 11:55 - 0004704 _____ () C:\Documents and Settings\Administrateur\Application Data\HELP_DECRYPT.TXT
2006-02-15 15:14 - 2006-02-15 15:14 - 0000137 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat
2015-03-30 11:55 - 2015-03-30 11:55 - 0004704 _____ () C:\Documents and Settings\Administrateur\Local Settings\Application Data\HELP_DECRYPT.TXT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité