cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by FIFI (administrator) on FIFI-4C3ED58687 on 15-09-2014 21:51:09
Running from C:\Documents and Settings\FIFI\Mes documents\Téléchargements
Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) OS Language: Français (France)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.)
HKLM\...\Run: [SetDefPrt] => C:\Program Files\Brother\Brmfl06a\BrStDvPt.exe [49152 2005-01-26] (Brother Industories, Ltd.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-1004336348-1993962763-839522115-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Pense-bête.lnk
ShortcutTarget: Pense-bête.lnk -> C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE (The Learning Company)
Startup: C:\Documents and Settings\FIFI\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: Fichiers hors connexion -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Liens - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {32505657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF ProfilePath: C:\Documents and Settings\FIFI\Application Data\Mozilla\Firefox\Profiles\jt7vsoag.default-1405614413513
FF Homepage: https://www.google.fr/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: WOT - C:\Documents and Settings\FIFI\Application Data\Mozilla\Firefox\Profiles\jt7vsoag.default-1405614413513\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-17]
FF Extension: Adblock Plus - C:\Documents and Settings\FIFI\Application Data\Mozilla\Firefox\Profiles\jt7vsoag.default-1405614413513\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-17]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-05-29]

Chrome:
=======
CHR CustomProfile: C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Documents Google) - C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09]
CHR Extension: (YouTube) - C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-31]
CHR Extension: (Google Search) - C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-31]
CHR Extension: (Google Wallet) - C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Gmail) - C:\Documents and Settings\FIFI\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-20] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [755536 2013-05-15] (CybelSoft)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [97648 2014-07-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)
R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-18] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-08-13] (Avira GmbH)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R3 vsbus; C:\WINDOWS\System32\DRIVERS\vsb.sys [18167 2005-10-05] (ELTIMA Software) [File not signed]
S3 vserial; C:\WINDOWS\System32\DRIVERS\vserial.sys [47104 2005-10-05] (ELTIMA Software) [File not signed]
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\FRST
2014-09-15 12:26 - 2014-09-15 12:26 - 00024153 _____ () C:\Documents and Settings\FIFI\Mes documents\nade77.odt
2014-09-13 11:10 - 2014-09-13 11:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-11 19:21 - 2014-09-11 19:21 - 00096753 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag1109.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00096753 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPDiag.txt
2014-09-11 19:06 - 2014-09-11 19:06 - 00011907 _____ () C:\Documents and Settings\FIFI\Mes documents\mp pour greg.odt
2014-09-11 09:30 - 2014-09-11 09:30 - 00006022 _____ () C:\Documents and Settings\FIFI\Mes documents\09112014_092502.log
2014-09-10 23:30 - 2014-09-10 23:30 - 00003286 _____ () C:\Documents and Settings\FIFI\Mes documents\09102014_233019.log
2014-09-10 23:24 - 2014-09-10 23:24 - 00014733 _____ () C:\Documents and Settings\FIFI\Mes documents\mot de valérie sur ovs payant.odt
2014-09-10 23:14 - 2014-09-10 23:16 - 00000404 _____ () C:\WINDOWS\wmsetup.log
2014-09-10 01:17 - 2014-09-10 02:18 - 00345971 _____ () C:\Documents and Settings\FIFI\Mes documents\Diaporama de loulette.odp
2014-09-10 00:01 - 2014-09-10 02:32 - 00002391 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft PowerPoint .lnk
2014-09-09 23:59 - 2014-09-09 23:59 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-09 23:56 - 2014-09-09 23:56 - 00000000 ____D () C:\Program Files\MSECache
2014-09-09 23:31 - 2014-09-09 23:31 - 00000338 _____ () C:\Documents and Settings\FIFI\Mes documents\09092014_233108.log
2014-09-09 23:30 - 2014-09-09 23:30 - 00000000 ____D () C:\_OTL
2014-09-07 23:18 - 2014-09-07 23:18 - 00000000 ____D () C:\Program Files\SEAF
2014-09-07 08:18 - 2014-09-07 08:18 - 00014685 _____ () C:\Documents and Settings\FIFI\Mes documents\xxxxxxxxxxxxxxxx.odt
2014-09-07 08:16 - 2014-09-07 08:16 - 00094766 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag60.txt
2014-09-07 08:06 - 2014-09-07 08:06 - 00001611 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPFix[R1]50.txt
2014-09-07 08:06 - 2014-09-07 08:06 - 00001611 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPFixReport.txt
2014-09-07 08:02 - 2014-09-07 08:02 - 00028865 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag44.txt
2014-09-04 18:18 - 2014-09-04 18:18 - 00031153 _____ () C:\Documents and Settings\FIFI\Mes documents\rando de casimir le meme jour que moi.odt
2014-09-04 11:51 - 2014-09-04 11:51 - 00096157 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag33.txt
2014-09-04 11:39 - 2014-09-04 11:39 - 00001041 _____ () C:\Documents and Settings\FIFI\Mes documents\JRT.txt
2014-09-04 09:03 - 2014-09-04 09:03 - 00005430 _____ () C:\Documents and Settings\FIFI\Mes documents\AdwCleaner[S0].txt
2014-09-04 08:38 - 2014-09-04 08:48 - 00000000 ____D () C:\AdwCleaner
2014-09-03 21:22 - 2014-09-11 19:20 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-09-03 20:58 - 2014-09-11 19:20 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-09-03 20:58 - 2014-09-11 19:09 - 00000000 ____D () C:\Documents and Settings\FIFI\Application Data\ZHP
2014-09-03 20:58 - 2014-09-11 19:08 - 00001628 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPFix.lnk
2014-09-03 20:58 - 2014-09-11 19:08 - 00001523 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPDiag.lnk
2014-09-03 20:58 - 2014-09-11 19:08 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2014-09-03 18:34 - 2014-09-15 19:37 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 18:34 - 2014-09-03 18:34 - 00000777 _____ () C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2014-09-03 18:34 - 2014-09-03 18:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2014-09-03 18:33 - 2014-09-03 18:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-03 18:33 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-03 18:33 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-01 10:28 - 2014-09-01 10:29 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Dossier Secrétariat Sylvana
2014-08-30 10:09 - 2014-08-30 10:09 - 00032507 _____ () C:\Documents and Settings\FIFI\Mes documents\soirée de gab du 25 octobre.odt
2014-08-30 10:04 - 2014-08-30 10:04 - 00026880 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie de Casi le 25octobre.odt
2014-08-30 10:00 - 2014-08-30 10:00 - 00012626 _____ () C:\Documents and Settings\FIFI\Mes documents\mp de jean rene.odt
2014-08-30 09:57 - 2014-08-30 09:57 - 00023324 _____ () C:\Documents and Settings\FIFI\Mes documents\mp de loicor.odt
2014-08-30 09:55 - 2014-08-30 09:55 - 00025278 _____ () C:\Documents and Settings\FIFI\Mes documents\mp envoyé a myriam.odt
2014-08-29 16:23 - 2014-08-30 09:40 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\OVS2
2014-08-29 16:21 - 2014-08-29 16:21 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Nouveau dossier (2)
2014-08-29 11:54 - 2014-08-29 11:54 - 00021799 _____ () C:\Documents and Settings\FIFI\Mes documents\message ovs bordeaux sur les mo.odt
2014-08-28 12:45 - 2014-08-28 14:13 - 00030556 _____ () C:\Documents and Settings\FIFI\Mes documents\message de casi et val au 28 aout.odt
2014-08-27 13:46 - 2014-08-27 16:07 - 00020937 _____ () C:\Documents and Settings\FIFI\Mes documents\Message a Isaline.odt
2014-08-27 10:35 - 2014-08-29 16:42 - 00041537 _____ () C:\Documents and Settings\FIFI\Mes documents\Candidature de membre OR.odt
2014-08-26 12:36 - 2014-08-26 12:36 - 00029970 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 27 septembre.odt
2014-08-25 11:01 - 2014-08-25 17:44 - 00030589 _____ () C:\Documents and Settings\FIFI\Mes documents\sortie du 6 septembre de casimir.odt
2014-08-25 10:58 - 2014-08-25 17:40 - 00041324 _____ () C:\Documents and Settings\FIFI\Mes documents\sortie du 6 septembre de moi.odt
2014-08-22 17:16 - 2014-08-29 15:31 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-22 11:34 - 2014-08-22 11:34 - 00009926 _____ () C:\Documents and Settings\FIFI\Mes documents\petanque.php
2014-08-22 10:16 - 2014-08-22 10:16 - 00009830 _____ () C:\Documents and Settings\FIFI\Mes documents\petanque.jpeg
2014-08-21 21:50 - 2014-08-21 21:50 - 00011750 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 11 septembre.odt
2014-08-21 21:44 - 2014-08-21 22:30 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Fiches activités de septembre 2014
2014-08-21 21:36 - 2014-08-21 21:36 - 00031820 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie 16 septembre.odt
2014-08-21 21:25 - 2014-08-21 21:25 - 00018991 _____ () C:\Documents and Settings\FIFI\Mes documents\Sorties le 9 septembre.odt
2014-08-21 14:50 - 2014-08-21 14:50 - 00023113 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 30 septembre.odt
2014-08-21 14:40 - 2014-08-21 14:43 - 00023521 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 25 septembre.odt
2014-08-21 14:29 - 2014-08-21 21:54 - 00031908 _____ () C:\Documents and Settings\FIFI\Mes documents\SORTIE DU 18 SEPTEMBRE.odt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 21:52 - 2012-01-29 19:43 - 00000000 ____D () C:\Documents and Settings\FIFI\Local Settings\Temp
2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\FRST
2014-09-15 21:51 - 2012-01-29 19:49 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Téléchargements
2014-09-15 20:59 - 2013-01-29 11:23 - 00001002 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-15 20:40 - 2012-01-29 19:34 - 01618531 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-15 19:37 - 2014-09-03 18:34 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 18:57 - 2014-03-27 18:25 - 00000220 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job
2014-09-15 18:54 - 2012-02-28 12:47 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-15 18:54 - 2012-02-28 12:47 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-09-15 18:54 - 2012-01-29 19:40 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-15 13:45 - 2012-01-29 19:43 - 00000184 ___SH () C:\Documents and Settings\FIFI\ntuser.ini
2014-09-15 13:45 - 2012-01-29 19:43 - 00000000 ____D () C:\Documents and Settings\FIFI
2014-09-15 13:45 - 2012-01-29 19:40 - 00032496 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-15 12:26 - 2014-09-15 12:26 - 00024153 _____ () C:\Documents and Settings\FIFI\Mes documents\nade77.odt
2014-09-14 13:54 - 2012-10-03 21:06 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Citations en Images
2014-09-14 02:26 - 2012-04-24 23:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-13 11:11 - 2014-09-13 11:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-11 19:21 - 2014-09-11 19:21 - 00096753 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag1109.txt
2014-09-11 19:21 - 2014-09-11 19:21 - 00096753 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPDiag.txt
2014-09-11 19:21 - 2012-01-29 19:43 - 00000000 ____D () C:\Documents and Settings\FIFI\Bureau
2014-09-11 19:20 - 2014-09-03 21:22 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-09-11 19:20 - 2014-09-03 20:58 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-09-11 19:09 - 2014-09-03 20:58 - 00000000 ____D () C:\Documents and Settings\FIFI\Application Data\ZHP
2014-09-11 19:08 - 2014-09-03 20:58 - 00001628 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPFix.lnk
2014-09-11 19:08 - 2014-09-03 20:58 - 00001523 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPDiag.lnk
2014-09-11 19:08 - 2014-09-03 20:58 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
2014-09-11 19:06 - 2014-09-11 19:06 - 00011907 _____ () C:\Documents and Settings\FIFI\Mes documents\mp pour greg.odt
2014-09-11 09:30 - 2014-09-11 09:30 - 00006022 _____ () C:\Documents and Settings\FIFI\Mes documents\09112014_092502.log
2014-09-11 09:25 - 2012-01-29 19:40 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-09-10 23:30 - 2014-09-10 23:30 - 00003286 _____ () C:\Documents and Settings\FIFI\Mes documents\09102014_233019.log
2014-09-10 23:24 - 2014-09-10 23:24 - 00014733 _____ () C:\Documents and Settings\FIFI\Mes documents\mot de valérie sur ovs payant.odt
2014-09-10 23:16 - 2014-09-10 23:14 - 00000404 _____ () C:\WINDOWS\wmsetup.log
2014-09-10 17:59 - 2012-05-22 22:32 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-10 17:59 - 2012-01-29 20:25 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-09-10 13:53 - 2013-08-14 10:52 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 13:49 - 2012-01-29 21:42 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-10 09:11 - 2012-01-29 20:16 - 00146808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-10 02:32 - 2014-09-10 00:01 - 00002391 _____ () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Visionneuse Microsoft PowerPoint .lnk
2014-09-10 02:18 - 2014-09-10 01:17 - 00345971 _____ () C:\Documents and Settings\FIFI\Mes documents\Diaporama de loulette.odp
2014-09-10 00:18 - 2012-01-29 19:44 - 00024880 _____ () C:\Documents and Settings\FIFI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-09-10 00:01 - 2012-01-29 20:17 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2014-09-09 23:59 - 2014-09-09 23:59 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-09 23:59 - 2012-01-29 20:17 - 00000000 ____D () C:\Program Files\Fichiers communs\Microsoft Shared
2014-09-09 23:56 - 2014-09-09 23:56 - 00000000 ____D () C:\Program Files\MSECache
2014-09-09 23:31 - 2014-09-09 23:31 - 00000338 _____ () C:\Documents and Settings\FIFI\Mes documents\09092014_233108.log
2014-09-09 23:30 - 2014-09-09 23:30 - 00000000 ____D () C:\_OTL
2014-09-09 11:34 - 2012-01-30 20:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-09-09 11:20 - 2012-06-18 21:51 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Registre
2014-09-09 11:12 - 2012-11-24 09:52 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Banque
2014-09-08 18:20 - 2014-03-27 18:25 - 00000214 _____ () C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job
2014-09-07 23:18 - 2014-09-07 23:18 - 00000000 ____D () C:\Program Files\SEAF
2014-09-07 08:18 - 2014-09-07 08:18 - 00014685 _____ () C:\Documents and Settings\FIFI\Mes documents\xxxxxxxxxxxxxxxx.odt
2014-09-07 08:16 - 2014-09-07 08:16 - 00094766 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag60.txt
2014-09-07 08:06 - 2014-09-07 08:06 - 00001611 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPFix[R1]50.txt
2014-09-07 08:06 - 2014-09-07 08:06 - 00001611 _____ () C:\Documents and Settings\FIFI\Bureau\ZHPFixReport.txt
2014-09-07 08:05 - 2012-01-30 14:12 - 00000000 ____D () C:\Documents and Settings\FIFI\Local Settings\Application Data\Temp
2014-09-07 08:02 - 2014-09-07 08:02 - 00028865 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag44.txt
2014-09-04 18:18 - 2014-09-04 18:18 - 00031153 _____ () C:\Documents and Settings\FIFI\Mes documents\rando de casimir le meme jour que moi.odt
2014-09-04 11:51 - 2014-09-04 11:51 - 00096157 _____ () C:\Documents and Settings\FIFI\Mes documents\ZHPDiag33.txt
2014-09-04 11:39 - 2014-09-04 11:39 - 00001041 _____ () C:\Documents and Settings\FIFI\Mes documents\JRT.txt
2014-09-04 09:03 - 2014-09-04 09:03 - 00005430 _____ () C:\Documents and Settings\FIFI\Mes documents\AdwCleaner[S0].txt
2014-09-04 08:48 - 2014-09-04 08:38 - 00000000 ____D () C:\AdwCleaner
2014-09-03 20:48 - 2012-01-29 19:43 - 00000000 ___RD () C:\Documents and Settings\FIFI\Mes documents\Mes images
2014-09-03 18:34 - 2014-09-03 18:34 - 00000777 _____ () C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
2014-09-03 18:34 - 2014-09-03 18:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
2014-09-03 18:34 - 2012-01-29 20:17 - 00000000 ____D () C:\Documents and Settings\All Users\Bureau
2014-09-03 18:33 - 2014-09-03 18:33 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-03 18:14 - 2004-08-05 14:00 - 00000952 _____ () C:\WINDOWS\win.ini
2014-09-03 10:38 - 2012-02-09 03:18 - 00000000 ____D () C:\Documents and Settings\FIFI\Application Data\Malwarebytes
2014-09-03 10:38 - 2012-02-09 03:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-09-03 03:29 - 2012-03-23 20:08 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-09-03 03:26 - 2012-01-29 19:43 - 00000000 ___RD () C:\Documents and Settings\FIFI\Menu Démarrer\Programmes
2014-09-01 10:29 - 2014-09-01 10:28 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Dossier Secrétariat Sylvana
2014-08-30 10:09 - 2014-08-30 10:09 - 00032507 _____ () C:\Documents and Settings\FIFI\Mes documents\soirée de gab du 25 octobre.odt
2014-08-30 10:04 - 2014-08-30 10:04 - 00026880 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie de Casi le 25octobre.odt
2014-08-30 10:00 - 2014-08-30 10:00 - 00012626 _____ () C:\Documents and Settings\FIFI\Mes documents\mp de jean rene.odt
2014-08-30 09:57 - 2014-08-30 09:57 - 00023324 _____ () C:\Documents and Settings\FIFI\Mes documents\mp de loicor.odt
2014-08-30 09:55 - 2014-08-30 09:55 - 00025278 _____ () C:\Documents and Settings\FIFI\Mes documents\mp envoyé a myriam.odt
2014-08-30 09:40 - 2014-08-29 16:23 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\OVS2
2014-08-29 16:42 - 2014-08-27 10:35 - 00041537 _____ () C:\Documents and Settings\FIFI\Mes documents\Candidature de membre OR.odt
2014-08-29 16:21 - 2014-08-29 16:21 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Nouveau dossier (2)
2014-08-29 15:31 - 2014-08-22 17:16 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-29 11:54 - 2014-08-29 11:54 - 00021799 _____ () C:\Documents and Settings\FIFI\Mes documents\message ovs bordeaux sur les mo.odt
2014-08-28 14:13 - 2014-08-28 12:45 - 00030556 _____ () C:\Documents and Settings\FIFI\Mes documents\message de casi et val au 28 aout.odt
2014-08-28 10:45 - 2004-08-05 14:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-27 16:07 - 2014-08-27 13:46 - 00020937 _____ () C:\Documents and Settings\FIFI\Mes documents\Message a Isaline.odt
2014-08-26 12:36 - 2014-08-26 12:36 - 00029970 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 27 septembre.odt
2014-08-26 12:35 - 2014-08-06 10:09 - 00029970 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 19 septembre.odt
2014-08-26 11:49 - 2014-08-06 09:26 - 00013213 _____ () C:\Documents and Settings\FIFI\Mes documents\Sorties le 6 septembre.odt
2014-08-26 11:38 - 2014-08-06 10:18 - 00020490 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 20 septembre.odt
2014-08-26 11:31 - 2014-08-06 09:37 - 00017391 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 12 septembre.odt
2014-08-26 11:23 - 2014-08-06 09:09 - 00020940 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie 5 septembre.odt
2014-08-25 17:44 - 2014-08-25 11:01 - 00030589 _____ () C:\Documents and Settings\FIFI\Mes documents\sortie du 6 septembre de casimir.odt
2014-08-25 17:40 - 2014-08-25 10:58 - 00041324 _____ () C:\Documents and Settings\FIFI\Mes documents\sortie du 6 septembre de moi.odt
2014-08-22 11:34 - 2014-08-22 11:34 - 00009926 _____ () C:\Documents and Settings\FIFI\Mes documents\petanque.php
2014-08-22 10:16 - 2014-08-22 10:16 - 00009830 _____ () C:\Documents and Settings\FIFI\Mes documents\petanque.jpeg
2014-08-21 22:30 - 2014-08-21 21:44 - 00000000 ____D () C:\Documents and Settings\FIFI\Mes documents\Fiches activités de septembre 2014
2014-08-21 21:58 - 2014-08-06 10:32 - 00030517 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie du 25 septembre.odt
2014-08-21 21:54 - 2014-08-21 14:29 - 00031908 _____ () C:\Documents and Settings\FIFI\Mes documents\SORTIE DU 18 SEPTEMBRE.odt
2014-08-21 21:50 - 2014-08-21 21:50 - 00011750 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 11 septembre.odt
2014-08-21 21:36 - 2014-08-21 21:36 - 00031820 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie 16 septembre.odt
2014-08-21 21:25 - 2014-08-21 21:25 - 00018991 _____ () C:\Documents and Settings\FIFI\Mes documents\Sorties le 9 septembre.odt
2014-08-21 14:50 - 2014-08-21 14:50 - 00023113 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 30 septembre.odt
2014-08-21 14:43 - 2014-08-21 14:40 - 00023521 _____ () C:\Documents and Settings\FIFI\Mes documents\Sortie le 25 septembre.odt

Some content of TEMP:
====================
C:\Documents and Settings\FIFI\Local Settings\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité