Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2016
Exécuté par priver (administrateur) sur PENTIUM4 (07-05-2016 14:19:13)
Exécuté depuis C:\Documents and Settings\priver\Bureau
Profils chargés: priver (Profils disponibles: priver)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\S3Trayp.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2006-09-21] (S3 Graphics, Inc.)
HKLM\...\Run: [S3Trayp] => C:\WINDOWS\system32\S3trayp.exe [176128 2007-06-11] (S3 Graphics Co., Ltd.)
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [uTorrent] => C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Common Files Manager] => C:\Program Files\Windows Common Files\Commgr.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [WindowMessenger] => C:\RECYCLER\X-1-5-21-1960408961-725345543-839522115-1003\WinSysApp.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Alerter] => C:\Program Files\Windows Alerter\WinAlert.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-03-13] (Tonec Inc.)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {759adccd-ac5d-11e5-80a6-001bb9b527fa} - F:\RECYCLER\MuOdRdG.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {916b19e1-cb47-11e5-80ef-001bb9b527fa} - E:\مكتبة-طالب-العلم-الرقمية.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {a47b447d-810b-11dc-a17b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage\ 30 ( 59 60 ) - .mp4.lnk [2015-02-14]
ShortcutTarget: 30 ( 59 60 ) - .mp4.lnk -> C:\Documents and Settings\All Users\Application Data\{ffbd0fce-b2ab-ac9b-ffbd-d0fceb2a3f3a}\ 30 ( 59 60 ) - .mp4.exe (Pas de fichier)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.dz/
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par 01net.com
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.01net.com/telecharger/
hxxp://www.01men.com/
URLSearchHook: [S-1-5-21-1708537768-484763869-1606980848-1003] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1708537768-484763869-1606980848-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF SelectedSearchEngine: Search Provided by Yahoo
FF Homepage: hxxp://www.google.dz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default\searchplugins\Search Provided by Yahoo.xml [2016-04-18]
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-03-10]
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5 [2016-05-07] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.dz/
CHR Profile: C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-07]
CHR Extension: (Google Docs) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Search and Replace) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2015-07-26] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (YouTube) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (Recherche Google) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (EaxstraCuoupon) - C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo\ []
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 FET5X86V; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [43520 2008-12-04] (VIA Technologies, Inc. ) [Fichier non signé]
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [138864 2016-01-28] (Tonec Inc.)
R3 S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [714240 2007-07-11] (S3 Graphics Co., Ltd.) [Fichier non signé]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2016-04-23] ()
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-01] (VIA Technologies, Inc.)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [208384 2007-10-16] (VIA Technologies, Inc.)
S0 43865634; system32\drivers\96851762.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-07 14:16 - 2016-05-07 14:19 - 00013791 _____ C:\Documents and Settings\priver\Bureau\FRST.txt
2016-05-07 14:02 - 2016-05-07 14:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2016-05-07 14:01 - 2013-10-05 14:36 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco
2016-05-07 13:56 - 2016-05-07 14:00 - 18943645 _____ C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco.rar
2016-05-07 13:13 - 2016-05-07 13:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-07 10:24 - 2016-05-07 10:24 - 00000000 ____H C:\Documents and Settings\All Users\Application Data\cm-lock
2016-05-07 02:15 - 2016-05-07 10:24 - 00000000 ____D C:\Program Files\Convar
2016-05-06 22:56 - 2016-05-06 22:56 - 00000696 _____ C:\Documents and Settings\priver\Bureau\Internet Download Manager.lnk
2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Internet Download Manager
2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
2016-05-06 22:55 - 2016-04-10 00:54 - 06832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe
2016-05-06 22:55 - 2016-04-10 00:52 - 00000363 _____ C:\Program Files\serial.txt
2016-05-06 22:55 - 2016-03-13 09:36 - 03919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe
2016-05-06 22:54 - 2016-05-06 22:54 - 08107937 _____ C:\Program Files\IDM 6.25 build 14.rar
2016-05-06 01:59 - 2016-05-06 01:59 - 00001819 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk
2016-05-06 01:59 - 2016-05-06 01:59 - 00001813 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000736 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000730 _____ C:\Documents and Settings\All Users\Bureau\امينة.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-06 01:50 - 2016-05-07 13:55 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-06 01:50 - 2016-05-07 10:24 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ C:\Program Files\Firefox Setup 43.0.1.exe
2016-05-05 18:35 - 2016-05-05 18:37 - 06871040 _____ C:\Program Files\GUT34.tmp
2016-05-05 18:35 - 2016-05-05 18:35 - 00000000 ____D C:\Program Files\GUM33.tmp
2016-05-05 18:34 - 2016-05-05 18:34 - 00987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2016-05-05 18:33 - 2016-05-05 18:33 - 04727984 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\priver\Bureau\tdsskiller.exe
2016-05-05 18:30 - 2016-05-05 18:31 - 00010115 _____ C:\WINDOWS\setuplog.txt
2016-05-05 17:59 - 2016-05-07 14:19 - 00000000 ____D C:\FRST
2016-05-05 17:57 - 2016-05-05 17:58 - 01728000 _____ (Farbar) C:\Documents and Settings\priver\Bureau\FRST.exe
2016-05-05 01:34 - 2016-05-05 01:34 - 00000000 ____D C:\WINDOWS\pss
2016-05-04 03:13 - 2016-05-04 03:13 - 00000000 ____D C:\Shamelah_Library
2016-05-03 02:12 - 2016-05-03 02:12 - 02359350 _____ C:\Documents and Settings\priver\Mes documents\Sans titre.bmp
2016-05-03 01:40 - 2016-05-03 01:40 - 00000895 _____ C:\Documents and Settings\All Users\Bureau\EaseUS Data Recovery Wizard 8.6.lnk
2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Program Files\EaseUS
2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EaseUS Data Recovery Wizard 8.6
2016-05-03 01:40 - 2014-12-18 11:09 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0
2016-05-03 01:32 - 2016-05-03 01:32 - 00000104 _____ C:\Documents and Settings\priver\Bureau\Poste de travail.lnk
2016-05-03 01:26 - 2016-05-03 01:29 - 10500298 _____ C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0_3.zip
2016-05-01 01:34 - 2016-05-01 01:34 - 00090112 _____ C:\WINDOWS\Minidump\Mini050116-01.dmp
2016-04-20 07:15 - 2016-04-23 01:40 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-20 07:15 - 2016-04-20 07:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller
2016-04-18 04:43 - 2016-04-18 04:43 - 00000376 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-04-18 04:43 - 2016-04-18 04:43 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-18 04:01 - 2016-04-18 04:01 - 00002088 _____ C:\Documents and Settings\priver\Bureau\Hetman Partition Recovery.lnk
2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Program Files\Hetman Software
2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Hetman Software
2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Program Files\CodeMeter
2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Recover My Files v5
2016-04-18 03:42 - 2012-07-19 15:18 - 00666024 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WibuCm32.dll
2016-04-17 02:43 - 2016-04-17 02:43 - 00005120 _____ C:\Documents and Settings\priver\Application Data\GiftBag.db
2016-04-17 02:41 - 2016-04-17 02:41 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Tencent
2016-04-17 02:29 - 2016-05-07 13:30 - 00001496 _____ C:\WINDOWS\Tasks\Sosition Reports.job
2016-04-17 02:29 - 2016-04-17 02:31 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Application Data\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-17 01:36 - 2016-05-05 17:41 - 00000000 ____D C:\Program Files\ZHPFix
2016-04-17 00:36 - 2016-04-17 02:06 - 00000000 ____D C:\Documents and Settings\priver\Application Data\ZHP
2016-04-17 00:36 - 2016-04-17 00:36 - 00000802 _____ C:\Documents and Settings\priver\Bureau\ZHPDiag.lnk
2016-04-15 22:21 - 2008-11-13 10:25 - 00137024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinet.ocx
2016-04-15 22:21 - 2005-06-10 13:22 - 00450560 _____ (Sky Software) C:\WINDOWS\system32\filevw61.ocx
2016-04-15 22:21 - 2005-06-10 13:22 - 00352256 _____ (Sky Software) C:\WINDOWS\system32\shcmb61.ocx
2016-04-15 22:21 - 2005-06-10 13:21 - 00417792 _____ (Sky Software) C:\WINDOWS\system32\fldrvw61.ocx
2016-04-15 22:21 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx
2016-04-15 22:21 - 2005-04-13 03:00 - 00331784 _____ (VBGold Software) C:\WINDOWS\system32\aresize.ocx
2016-04-15 22:21 - 2004-10-02 09:36 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\system32\richtx32.ocx
2016-04-15 22:21 - 1999-09-28 21:42 - 01050896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet35.dll
2016-04-15 22:21 - 1998-06-18 10:33 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vb5db.dll
2016-04-15 22:21 - 1998-05-18 00:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbar332.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00407312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrepl35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00123664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjter35.dll
2016-04-15 22:21 - 1997-07-19 19:00 - 00227600 _____ (Microsoft) C:\WINDOWS\system32\msflxgrd.ocx
2016-04-15 03:33 - 2016-04-18 03:44 - 00000000 ____D C:\Program Files\CCleaner
2016-04-12 15:08 - 2016-05-07 01:07 - 00133120 ___SH C:\Documents and Settings\priver\Mes documents\Thumbs.db
2016-04-12 14:34 - 2016-04-12 14:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PC1Data
2016-04-12 14:34 - 2016-04-12 14:34 - 04454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe
2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\Program Files\Fichiers communs\IObit
2016-04-12 02:36 - 2016-04-12 02:47 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData
2016-04-12 02:35 - 2016-04-12 02:48 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IObit
2016-04-12 02:35 - 2016-04-12 02:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Temp
2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Bureau
2016-05-07 14:15 - 2014-10-15 20:55 - 00000000 ____D C:\Documents and Settings\priver\Application Data\uTorrent
2016-05-07 14:11 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2016-05-07 14:01 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents
2016-05-07 13:58 - 2014-10-09 19:16 - 00000000 ____D C:\Documents and Settings\priver\Application Data\vlc
2016-05-07 10:24 - 2007-10-23 02:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-07 03:38 - 2007-10-23 02:30 - 00000184 ___SH C:\Documents and Settings\priver\ntuser.ini
2016-05-07 03:38 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver
2016-05-07 03:38 - 2007-10-23 02:26 - 00032564 _____ C:\WINDOWS\SchedLgU.Txt
2016-05-07 02:42 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes
2016-05-07 01:26 - 2007-10-23 02:30 - 00000000 __SHD C:\Documents and Settings\priver\Local Settings\Historique
2016-05-07 01:26 - 2007-10-23 02:23 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2016-05-07 00:57 - 2007-10-23 03:11 - 00000000 ____D C:\Documents and Settings\priver\Application Data\DMCache
2016-05-06 23:21 - 2007-10-23 04:09 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IDM
2016-05-06 22:48 - 2002-09-07 00:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-06 01:59 - 2015-05-16 09:29 - 00000000 ____D C:\Program Files\Google
2016-05-05 23:17 - 2007-10-23 03:12 - 00002271 _____ C:\Documents and Settings\All Users\Bureau\Skype.lnk
2016-05-05 22:12 - 2007-10-23 03:21 - 00002515 _____ C:\Documents and Settings\priver\Bureau\Microsoft Excel 2010.lnk
2016-05-05 19:02 - 2007-10-23 03:21 - 00002561 _____ C:\Documents and Settings\priver\Bureau\Microsoft Word 2010.lnk
2016-05-05 18:33 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Favoris
2016-05-05 18:00 - 2007-10-23 04:09 - 00000000 __SHD C:\Documents and Settings\Default User\Local Settings\Historique
2016-05-05 18:00 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage
2016-05-05 18:00 - 2007-10-23 02:26 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2016-05-05 17:28 - 2007-10-23 04:01 - 00000000 ___HD C:\WINDOWS\inf
2016-05-05 17:28 - 2007-10-23 02:14 - 00000000 ____D C:\Program Files\MSN
2016-05-04 12:26 - 2015-04-06 23:41 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Téléchargements
2016-05-03 01:06 - 2007-10-23 04:10 - 00000000 ____D C:\Program Files\Fichiers communs
2016-04-27 00:58 - 2014-10-11 07:39 - 00015360 ____C C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-19 01:39 - 2007-10-23 04:07 - 00000000 ____D C:\Documents and Settings\All Users
2016-04-17 16:01 - 2007-10-23 02:26 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2016-04-17 12:41 - 2014-10-09 18:12 - 00084536 ____C C:\Documents and Settings\priver\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-04-17 10:34 - 2007-10-23 04:07 - 00325912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-17 02:49 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer
2016-04-17 02:30 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer
2016-04-16 15:02 - 2007-10-23 02:46 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2016-04-16 13:59 - 2007-10-23 02:38 - 00000000 ____D C:\Program Files\FreeTime
2016-04-16 09:47 - 2015-06-21 00:56 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Ma musique
2016-04-15 22:45 - 2015-07-26 13:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo
2016-04-15 22:21 - 2014-10-15 20:46 - 00000000 ____D C:\Documents and Settings\priver\Application Data\shamela
2016-04-15 03:37 - 2014-12-18 11:25 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-15 02:54 - 2014-12-08 22:23 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\قرآن
2016-04-12 15:01 - 2015-10-03 23:41 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Mes images
2016-04-12 14:39 - 2015-02-20 23:31 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Mes vidéos
2016-04-12 14:39 - 2014-12-30 02:12 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Temp
2016-04-12 14:39 - 2014-11-04 08:32 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Any Audio Converter
2016-04-12 14:39 - 2007-10-23 04:07 - 00000000 ___HD C:\Documents and Settings\Default User
2016-04-12 02:48 - 2007-10-23 02:30 - 00000000 ___HD C:\Documents and Settings\priver\Modèles
==================== Fichiers à la racine de certains dossiers =======
2016-05-05 18:34 - 2016-05-05 18:34 - 0987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ () C:\Program Files\Firefox Setup 43.0.1.exe
2016-05-05 18:35 - 2016-05-05 18:37 - 6871040 _____ () C:\Program Files\GUT34.tmp
2016-05-06 22:54 - 2016-05-06 22:54 - 8107937 _____ () C:\Program Files\IDM 6.25 build 14.rar
2016-05-06 22:55 - 2016-03-13 09:36 - 3919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe
2016-05-06 22:55 - 2016-04-10 00:54 - 6832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe
2016-05-06 22:55 - 2016-04-10 00:52 - 0000363 _____ () C:\Program Files\serial.txt
2016-04-17 02:43 - 2016-04-17 02:43 - 0005120 _____ () C:\Documents and Settings\priver\Application Data\GiftBag.db
2014-10-11 07:39 - 2016-04-27 00:58 - 0015360 ____C () C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-07 10:24 - 2016-05-07 10:24 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\cm-lock
2016-04-12 14:34 - 2016-04-12 14:34 - 4454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe
[2010-11-11 00:44] - [2010-11-11 00:44] - 2566144 ____A (Microsoft Corporation) 99D471D9BD7A68F9617A5637B0183A55
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================
Exécuté par priver (administrateur) sur PENTIUM4 (07-05-2016 14:19:13)
Exécuté depuis C:\Documents and Settings\priver\Bureau
Profils chargés: priver (Profils disponibles: priver)
Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe
(S3 Graphics Co., Ltd.) C:\WINDOWS\system32\S3Trayp.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe
(BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2006-09-21] (S3 Graphics, Inc.)
HKLM\...\Run: [S3Trayp] => C:\WINDOWS\system32\S3trayp.exe [176128 2007-06-11] (S3 Graphics Co., Ltd.)
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [uTorrent] => C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Common Files Manager] => C:\Program Files\Windows Common Files\Commgr.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [WindowMessenger] => C:\RECYCLER\X-1-5-21-1960408961-725345543-839522115-1003\WinSysApp.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Alerter] => C:\Program Files\Windows Alerter\WinAlert.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-03-13] (Tonec Inc.)
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {759adccd-ac5d-11e5-80a6-001bb9b527fa} - F:\RECYCLER\MuOdRdG.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {916b19e1-cb47-11e5-80ef-001bb9b527fa} - E:\مكتبة-طالب-العلم-الرقمية.exe
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {a47b447d-810b-11dc-a17b-806d6172696f} - E:\setup.exe
HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage\ 30 ( 59 60 ) - .mp4.lnk [2015-02-14]
ShortcutTarget: 30 ( 59 60 ) - .mp4.lnk -> C:\Documents and Settings\All Users\Application Data\{ffbd0fce-b2ab-ac9b-ffbd-d0fceb2a3f3a}\ 30 ( 59 60 ) - .mp4.exe (Pas de fichier)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.dz/
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par 01net.com
HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.01net.com/telecharger/
hxxp://www.01men.com/
URLSearchHook: [S-1-5-21-1708537768-484763869-1606980848-1003] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1708537768-484763869-1606980848-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Search Provided by Yahoo
FF SelectedSearchEngine: Search Provided by Yahoo
FF Homepage: hxxp://www.google.dz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default\searchplugins\Search Provided by Yahoo.xml [2016-04-18]
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-03-10]
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5 [2016-05-07] [non signé]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.dz/
CHR Profile: C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-07]
CHR Extension: (Google Docs) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Search and Replace) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2015-07-26] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (YouTube) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (Recherche Google) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION
CHR Extension: (EaxstraCuoupon) - C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo\ []
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
==================== Services (Avec liste blanche) ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 FET5X86V; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [43520 2008-12-04] (VIA Technologies, Inc. ) [Fichier non signé]
S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [138864 2016-01-28] (Tonec Inc.)
R3 S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [714240 2007-07-11] (S3 Graphics Co., Ltd.) [Fichier non signé]
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2016-04-23] ()
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-01] (VIA Technologies, Inc.)
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [208384 2007-10-16] (VIA Technologies, Inc.)
S0 43865634; system32\drivers\96851762.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-07 14:16 - 2016-05-07 14:19 - 00013791 _____ C:\Documents and Settings\priver\Bureau\FRST.txt
2016-05-07 14:02 - 2016-05-07 14:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP
2016-05-07 14:01 - 2013-10-05 14:36 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco
2016-05-07 13:56 - 2016-05-07 14:00 - 18943645 _____ C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco.rar
2016-05-07 13:13 - 2016-05-07 13:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-07 10:24 - 2016-05-07 10:24 - 00000000 ____H C:\Documents and Settings\All Users\Application Data\cm-lock
2016-05-07 02:15 - 2016-05-07 10:24 - 00000000 ____D C:\Program Files\Convar
2016-05-06 22:56 - 2016-05-06 22:56 - 00000696 _____ C:\Documents and Settings\priver\Bureau\Internet Download Manager.lnk
2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Internet Download Manager
2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager
2016-05-06 22:55 - 2016-04-10 00:54 - 06832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe
2016-05-06 22:55 - 2016-04-10 00:52 - 00000363 _____ C:\Program Files\serial.txt
2016-05-06 22:55 - 2016-03-13 09:36 - 03919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe
2016-05-06 22:54 - 2016-05-06 22:54 - 08107937 _____ C:\Program Files\IDM 6.25 build 14.rar
2016-05-06 01:59 - 2016-05-06 01:59 - 00001819 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk
2016-05-06 01:59 - 2016-05-06 01:59 - 00001813 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000736 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000730 _____ C:\Documents and Settings\All Users\Bureau\امينة.lnk
2016-05-06 01:54 - 2016-05-06 01:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-06 01:50 - 2016-05-07 13:55 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-06 01:50 - 2016-05-07 10:24 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ C:\Program Files\Firefox Setup 43.0.1.exe
2016-05-05 18:35 - 2016-05-05 18:37 - 06871040 _____ C:\Program Files\GUT34.tmp
2016-05-05 18:35 - 2016-05-05 18:35 - 00000000 ____D C:\Program Files\GUM33.tmp
2016-05-05 18:34 - 2016-05-05 18:34 - 00987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2016-05-05 18:33 - 2016-05-05 18:33 - 04727984 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\priver\Bureau\tdsskiller.exe
2016-05-05 18:30 - 2016-05-05 18:31 - 00010115 _____ C:\WINDOWS\setuplog.txt
2016-05-05 17:59 - 2016-05-07 14:19 - 00000000 ____D C:\FRST
2016-05-05 17:57 - 2016-05-05 17:58 - 01728000 _____ (Farbar) C:\Documents and Settings\priver\Bureau\FRST.exe
2016-05-05 01:34 - 2016-05-05 01:34 - 00000000 ____D C:\WINDOWS\pss
2016-05-04 03:13 - 2016-05-04 03:13 - 00000000 ____D C:\Shamelah_Library
2016-05-03 02:12 - 2016-05-03 02:12 - 02359350 _____ C:\Documents and Settings\priver\Mes documents\Sans titre.bmp
2016-05-03 01:40 - 2016-05-03 01:40 - 00000895 _____ C:\Documents and Settings\All Users\Bureau\EaseUS Data Recovery Wizard 8.6.lnk
2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Program Files\EaseUS
2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EaseUS Data Recovery Wizard 8.6
2016-05-03 01:40 - 2014-12-18 11:09 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0
2016-05-03 01:32 - 2016-05-03 01:32 - 00000104 _____ C:\Documents and Settings\priver\Bureau\Poste de travail.lnk
2016-05-03 01:26 - 2016-05-03 01:29 - 10500298 _____ C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0_3.zip
2016-05-01 01:34 - 2016-05-01 01:34 - 00090112 _____ C:\WINDOWS\Minidump\Mini050116-01.dmp
2016-04-20 07:15 - 2016-04-23 01:40 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-20 07:15 - 2016-04-20 07:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller
2016-04-18 04:43 - 2016-04-18 04:43 - 00000376 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-04-18 04:43 - 2016-04-18 04:43 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-18 04:01 - 2016-04-18 04:01 - 00002088 _____ C:\Documents and Settings\priver\Bureau\Hetman Partition Recovery.lnk
2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Program Files\Hetman Software
2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Hetman Software
2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Program Files\CodeMeter
2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Recover My Files v5
2016-04-18 03:42 - 2012-07-19 15:18 - 00666024 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WibuCm32.dll
2016-04-17 02:43 - 2016-04-17 02:43 - 00005120 _____ C:\Documents and Settings\priver\Application Data\GiftBag.db
2016-04-17 02:41 - 2016-04-17 02:41 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Tencent
2016-04-17 02:29 - 2016-05-07 13:30 - 00001496 _____ C:\WINDOWS\Tasks\Sosition Reports.job
2016-04-17 02:29 - 2016-04-17 02:31 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Application Data\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-17 01:36 - 2016-05-05 17:41 - 00000000 ____D C:\Program Files\ZHPFix
2016-04-17 00:36 - 2016-04-17 02:06 - 00000000 ____D C:\Documents and Settings\priver\Application Data\ZHP
2016-04-17 00:36 - 2016-04-17 00:36 - 00000802 _____ C:\Documents and Settings\priver\Bureau\ZHPDiag.lnk
2016-04-15 22:21 - 2008-11-13 10:25 - 00137024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinet.ocx
2016-04-15 22:21 - 2005-06-10 13:22 - 00450560 _____ (Sky Software) C:\WINDOWS\system32\filevw61.ocx
2016-04-15 22:21 - 2005-06-10 13:22 - 00352256 _____ (Sky Software) C:\WINDOWS\system32\shcmb61.ocx
2016-04-15 22:21 - 2005-06-10 13:21 - 00417792 _____ (Sky Software) C:\WINDOWS\system32\fldrvw61.ocx
2016-04-15 22:21 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx
2016-04-15 22:21 - 2005-04-13 03:00 - 00331784 _____ (VBGold Software) C:\WINDOWS\system32\aresize.ocx
2016-04-15 22:21 - 2004-10-02 09:36 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\system32\richtx32.ocx
2016-04-15 22:21 - 1999-09-28 21:42 - 01050896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet35.dll
2016-04-15 22:21 - 1998-06-18 10:33 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vb5db.dll
2016-04-15 22:21 - 1998-05-18 00:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbar332.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00407312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrepl35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00123664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint35.dll
2016-04-15 22:21 - 1998-04-24 18:40 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjter35.dll
2016-04-15 22:21 - 1997-07-19 19:00 - 00227600 _____ (Microsoft) C:\WINDOWS\system32\msflxgrd.ocx
2016-04-15 03:33 - 2016-04-18 03:44 - 00000000 ____D C:\Program Files\CCleaner
2016-04-12 15:08 - 2016-05-07 01:07 - 00133120 ___SH C:\Documents and Settings\priver\Mes documents\Thumbs.db
2016-04-12 14:34 - 2016-04-12 14:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PC1Data
2016-04-12 14:34 - 2016-04-12 14:34 - 04454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe
2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\Program Files\Fichiers communs\IObit
2016-04-12 02:36 - 2016-04-12 02:47 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData
2016-04-12 02:35 - 2016-04-12 02:48 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IObit
2016-04-12 02:35 - 2016-04-12 02:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Temp
2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Bureau
2016-05-07 14:15 - 2014-10-15 20:55 - 00000000 ____D C:\Documents and Settings\priver\Application Data\uTorrent
2016-05-07 14:11 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes
2016-05-07 14:01 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents
2016-05-07 13:58 - 2014-10-09 19:16 - 00000000 ____D C:\Documents and Settings\priver\Application Data\vlc
2016-05-07 10:24 - 2007-10-23 02:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-07 03:38 - 2007-10-23 02:30 - 00000184 ___SH C:\Documents and Settings\priver\ntuser.ini
2016-05-07 03:38 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver
2016-05-07 03:38 - 2007-10-23 02:26 - 00032564 _____ C:\WINDOWS\SchedLgU.Txt
2016-05-07 02:42 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes
2016-05-07 01:26 - 2007-10-23 02:30 - 00000000 __SHD C:\Documents and Settings\priver\Local Settings\Historique
2016-05-07 01:26 - 2007-10-23 02:23 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique
2016-05-07 00:57 - 2007-10-23 03:11 - 00000000 ____D C:\Documents and Settings\priver\Application Data\DMCache
2016-05-06 23:21 - 2007-10-23 04:09 - 00000000 ____D C:\Documents and Settings\All Users\Bureau
2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IDM
2016-05-06 22:48 - 2002-09-07 00:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-05-06 01:59 - 2015-05-16 09:29 - 00000000 ____D C:\Program Files\Google
2016-05-05 23:17 - 2007-10-23 03:12 - 00002271 _____ C:\Documents and Settings\All Users\Bureau\Skype.lnk
2016-05-05 22:12 - 2007-10-23 03:21 - 00002515 _____ C:\Documents and Settings\priver\Bureau\Microsoft Excel 2010.lnk
2016-05-05 19:02 - 2007-10-23 03:21 - 00002561 _____ C:\Documents and Settings\priver\Bureau\Microsoft Word 2010.lnk
2016-05-05 18:33 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Favoris
2016-05-05 18:00 - 2007-10-23 04:09 - 00000000 __SHD C:\Documents and Settings\Default User\Local Settings\Historique
2016-05-05 18:00 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage
2016-05-05 18:00 - 2007-10-23 02:26 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique
2016-05-05 17:28 - 2007-10-23 04:01 - 00000000 ___HD C:\WINDOWS\inf
2016-05-05 17:28 - 2007-10-23 02:14 - 00000000 ____D C:\Program Files\MSN
2016-05-04 12:26 - 2015-04-06 23:41 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Téléchargements
2016-05-03 01:06 - 2007-10-23 04:10 - 00000000 ____D C:\Program Files\Fichiers communs
2016-04-27 00:58 - 2014-10-11 07:39 - 00015360 ____C C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-19 01:39 - 2007-10-23 04:07 - 00000000 ____D C:\Documents and Settings\All Users
2016-04-17 16:01 - 2007-10-23 02:26 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini
2016-04-17 12:41 - 2014-10-09 18:12 - 00084536 ____C C:\Documents and Settings\priver\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-04-17 10:34 - 2007-10-23 04:07 - 00325912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-17 02:49 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer
2016-04-17 02:30 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer
2016-04-16 15:02 - 2007-10-23 02:46 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2016-04-16 13:59 - 2007-10-23 02:38 - 00000000 ____D C:\Program Files\FreeTime
2016-04-16 09:47 - 2015-06-21 00:56 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Ma musique
2016-04-15 22:45 - 2015-07-26 13:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo
2016-04-15 22:21 - 2014-10-15 20:46 - 00000000 ____D C:\Documents and Settings\priver\Application Data\shamela
2016-04-15 03:37 - 2014-12-18 11:25 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-15 02:54 - 2014-12-08 22:23 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\قرآن
2016-04-12 15:01 - 2015-10-03 23:41 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Mes images
2016-04-12 14:39 - 2015-02-20 23:31 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Mes vidéos
2016-04-12 14:39 - 2014-12-30 02:12 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Temp
2016-04-12 14:39 - 2014-11-04 08:32 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Any Audio Converter
2016-04-12 14:39 - 2007-10-23 04:07 - 00000000 ___HD C:\Documents and Settings\Default User
2016-04-12 02:48 - 2007-10-23 02:30 - 00000000 ___HD C:\Documents and Settings\priver\Modèles
==================== Fichiers à la racine de certains dossiers =======
2016-05-05 18:34 - 2016-05-05 18:34 - 0987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ () C:\Program Files\Firefox Setup 43.0.1.exe
2016-05-05 18:35 - 2016-05-05 18:37 - 6871040 _____ () C:\Program Files\GUT34.tmp
2016-05-06 22:54 - 2016-05-06 22:54 - 8107937 _____ () C:\Program Files\IDM 6.25 build 14.rar
2016-05-06 22:55 - 2016-03-13 09:36 - 3919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe
2016-05-06 22:55 - 2016-04-10 00:54 - 6832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe
2016-05-06 22:55 - 2016-04-10 00:52 - 0000363 _____ () C:\Program Files\serial.txt
2016-04-17 02:43 - 2016-04-17 02:43 - 0005120 _____ () C:\Documents and Settings\priver\Application Data\GiftBag.db
2014-10-11 07:39 - 2016-04-27 00:58 - 0015360 ____C () C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-07 10:24 - 2016-05-07 10:24 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\cm-lock
2016-04-12 14:34 - 2016-04-12 14:34 - 4454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe
==================== Bamital & volsnap =================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\explorer.exe
[2010-11-11 00:44] - [2010-11-11 00:44] - 2566144 ____A (Microsoft Corporation) 99D471D9BD7A68F9617A5637B0183A55
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
==================== Fin de FRST.txt ============================