Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
Exécuté par Admin (administrateur) sur ADMIN-PC (23-03-2017 19:08:31)
Exécuté depuis E:\logicieles
Profils chargés: Admin (Profils disponibles: Admin)
Platform: Microsoft Windows 7 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Daniel White) C:\Program Files\SunsetScreen\SunsetScreen.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7862816 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\...\Run: [Ad-Aware Search Companion] => C:\Program Files\Lavasoft\Web Companion\Application\BrowserDock.exe
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\...\Run: [adaware browser dock] => C:\Program Files\Lavasoft\Web Companion\Application\BrowserDock.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2017-03-11]
ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (Pas de fichier)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79FE7497-44FF-4C7D-BC34-29BAC44B59BB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaie
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-85213751-3370129170-3191285278-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://maktoob.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaie&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: e8dj347b.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e8dj347b.default [2017-03-23]
FF NewTab: Mozilla\Firefox\Profiles\e8dj347b.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaff
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\e8dj347b.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\e8dj347b.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\e8dj347b.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaff
FF Session Restore: Mozilla\Firefox\Profiles\e8dj347b.default -> est activé.
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e8dj347b.default\searchplugins\yahoo-lavasoft.xml [2017-02-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-07-18] ()
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-03-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-18]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2166040 2017-02-21] (ESET)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2013-06-28] (Atheros Communications, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206472 2017-02-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [156288 2017-02-21] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [122496 2017-02-21] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [162952 2017-02-21] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52872 2017-02-21] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71304 2017-02-21] (ESET)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-23 19:06 - 2017-03-23 19:08 - 00000000 ____D C:\FRST
2017-03-23 18:29 - 2017-03-23 18:29 - 02712064 _____ C:\Users\Admin\Downloads\ZHPDiag3.exe
2017-03-23 18:29 - 2017-03-23 18:29 - 00000820 _____ C:\Users\Admin\Desktop\ZHPDiag.lnk
2017-03-23 17:28 - 2017-03-23 17:28 - 00000000 ____H C:\ProgramData\cm-lock
2017-03-20 18:41 - 2011-06-25 17:10 - 00000000 ____D C:\Users\Admin\Documents\جامع الردود
2017-03-20 18:15 - 2017-03-20 18:17 - 20713278 ____R C:\Users\Admin\Documents\جامع-الردود19-1.rar
2017-03-18 15:56 - 2017-03-18 15:57 - 00650371 _____ C:\Users\Admin\Downloads\Messenger.htm
2017-03-18 15:56 - 2017-03-18 15:57 - 00000000 ____D C:\Users\Admin\Downloads\Messenger_fichiers
2017-03-17 22:26 - 2017-03-17 22:26 - 06080309 _____ C:\Users\Admin\Downloads\91499.pdf
2017-03-17 10:19 - 2017-03-19 17:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-15 00:22 - 2017-03-15 00:24 - 19819461 _____ C:\Users\Admin\Downloads\القراءة الذكية.pdf
2017-03-14 19:33 - 2017-03-14 19:33 - 00001326 _____ C:\Users\Admin\Desktop\chrome - Raccourci.lnk
2017-03-14 17:34 - 2017-03-14 17:34 - 00245157 _____ C:\Users\Admin\Downloads\husni.pdf
2017-03-14 17:33 - 2017-03-14 17:33 - 00141408 _____ C:\Users\Admin\Downloads\ared0205.pdf
2017-03-13 18:57 - 2017-03-13 18:57 - 00000008 _____ C:\Users\Admin\Documents\كود.txt
2017-03-11 12:29 - 2017-03-11 12:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2017-03-11 12:19 - 2017-03-11 12:19 - 01513192 _____ (AVM Software Inc.) C:\Users\Admin\Downloads\pal_install_fr_u46981537_a355_r2765_p179.exe
2017-03-10 22:02 - 2017-03-10 22:02 - 00000000 ____D C:\كيفية المناظرة مع الشيعة والرد عليهم
2017-03-08 21:36 - 2017-03-08 21:37 - 01129376 _____ (Google Inc.) C:\Users\Admin\Downloads\ChromeSetup.exe
2017-03-07 15:45 - 2017-03-07 15:45 - 06095620 _____ C:\Users\Admin\Downloads\التمويل-الإسلامي-كبديل-للتمويل-الوضعي-في-ظل-الأزمة-المالية-العالمية-2008...أبو-طير-محمود...بودالي-حمزة.pdf
2017-03-06 22:51 - 2017-03-06 22:54 - 10025883 _____ C:\Users\Admin\Downloads\المعايير الشرعية للبنوك الإسلامية.pdf
2017-03-06 22:40 - 2017-03-06 22:41 - 00661870 _____ C:\Users\Admin\Downloads\24-2-Belwafi-1.pdf
2017-03-06 20:08 - 2017-03-06 20:08 - 00000011 _____ C:\Users\Admin\Documents\sara.txt
2017-03-05 22:44 - 2017-03-05 22:44 - 00001154 _____ C:\Users\Admin\Desktop\Recover My Files v5.lnk
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Program Files\GetData
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Program Files\CodeMeter
2017-03-05 22:44 - 2012-07-19 15:18 - 00666024 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuCm32.dll
2017-03-05 22:42 - 2017-03-05 22:42 - 46561646 _____ C:\Users\Admin\Downloads\sTARTIMES.COM RecoverMyFiles By eLKHALKI.rar
2017-03-05 22:40 - 2017-03-05 22:40 - 12766360 _____ C:\Users\Admin\Downloads\sTARTIMES.COM RecoverMyFiles _ By eLKHALKI.rar
2017-03-05 00:22 - 2017-03-05 00:26 - 07424012 _____ C:\Users\Admin\Downloads\هل نرى الله فى الآخرة حوار الاخ ناصر السنة مع المعتزلي أهل العدلmp3.mp3.part
2017-03-05 00:17 - 2017-03-05 00:19 - 22868224 _____ C:\Users\Admin\Downloads\takhinen-rebuttal.rm
2017-03-03 19:31 - 2017-03-23 19:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2017-03-03 19:31 - 2017-03-23 18:54 - 00000830 _____ C:\Users\Admin\Desktop\ZHPCleaner.lnk
2017-03-03 19:30 - 2017-03-03 19:30 - 00000671 _____ C:\Users\Admin\Desktop\المقامات.lnk
2017-03-03 18:30 - 2017-03-03 18:30 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2017-03-03 18:29 - 2017-03-03 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Link
2017-03-03 18:29 - 2017-03-03 18:29 - 00000000 ____D C:\Program Files\Smart Link
2017-03-03 18:29 - 1999-12-07 12:00 - 00431376 _____ (Microsoft Corporation) C:\Windows\system32\temp.001
2017-03-03 18:29 - 1999-12-07 12:00 - 00003856 _____ (Microsoft Corporation) C:\Windows\system32\temp.000
2017-03-03 11:30 - 2017-03-03 11:30 - 00000000 ___RD C:\Users\Admin\Documents\Notes
2017-03-02 22:52 - 2017-03-02 22:52 - 00000973 _____ C:\Users\Admin\Desktop\SunsetScreen.lnk
2017-03-02 22:52 - 2017-03-02 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SunsetScreen
2017-03-02 22:52 - 2017-03-02 22:52 - 00000000 ____D C:\Program Files\SunsetScreen
2017-03-01 16:12 - 2017-03-01 16:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-03-01 13:08 - 2017-03-01 23:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SunsetScreen_prefs
2017-02-28 20:32 - 2017-03-22 19:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Nitro PDF
2017-02-28 20:28 - 2017-02-28 20:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2017-02-28 20:28 - 2017-02-28 20:28 - 00001921 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FileOpen
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\ProgramData\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\ProgramData\FileOpen
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Program Files\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Program Files\Common Files\Nitro
2017-02-28 20:28 - 2013-07-26 06:48 - 00027152 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2017-02-28 20:28 - 2013-07-26 06:48 - 00018448 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2017-02-28 20:27 - 2017-02-28 20:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Downloaded Installations
2017-02-28 20:24 - 2017-02-28 20:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\YCanPDF
2017-02-27 12:30 - 2017-03-01 21:30 - 00000000 ____D C:\ProgramData\TEMP
2017-02-26 23:04 - 2017-02-26 23:04 - 00000697 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\الموسوعة الشعرية.lnk
2017-02-26 22:35 - 2017-02-26 22:35 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-26 22:34 - 2017-02-26 22:34 - 00000000 ____D C:\Users\Admin\Documents\Praetorians
2017-02-26 22:34 - 2017-02-26 22:34 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-02-25 17:11 - 2017-02-25 17:11 - 00000000 ____D C:\ProgramData\adaware
2017-02-25 17:09 - 2017-02-25 17:09 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2017-02-25 17:09 - 2017-02-25 17:09 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2017-02-25 15:39 - 2017-02-25 15:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Soda PDF Desktop
2017-02-25 15:37 - 2017-02-25 17:16 - 121378176 _____ C:\Users\Admin\Downloads\Arabic.Syntax.iso.part
2017-02-25 15:17 - 2017-02-26 21:53 - 00000000 ____D C:\ProgramData\Soda PDF Desktop
2017-02-25 14:39 - 2011-02-10 13:36 - 00096256 _____ (Forum 233) C:\Users\Admin\Desktop\Ichraf.exe
2017-02-24 23:38 - 2017-03-01 13:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2017-02-24 22:26 - 2017-02-27 23:00 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2017-02-24 14:55 - 2017-02-24 14:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PixelPlanet
2017-02-24 14:51 - 2017-02-24 14:58 - 00000000 ____D C:\Program Files\Common Files\XPressUpdate
2017-02-24 14:51 - 2017-02-24 14:51 - 00000000 ____D C:\ProgramData\PixelPlanet
2017-02-24 14:51 - 2017-02-24 14:51 - 00000000 ____D C:\Program Files\Common Files\PixelPlanet
2017-02-24 14:50 - 2017-02-24 14:52 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2017-02-24 11:35 - 2017-02-25 14:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Forum_233
2017-02-24 11:26 - 2017-02-27 23:35 - 00188048 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 22:21 - 2017-03-17 15:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2017-02-23 22:08 - 2017-03-22 17:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\shamela
2017-02-23 22:08 - 2017-02-23 22:08 - 00001522 _____ C:\Users\Admin\Desktop\المكتبة الشاملة.lnk
2017-02-23 22:03 - 2017-02-23 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2017-02-22 22:09 - 2017-02-22 22:09 - 00162211 _____ C:\Users\Admin\Downloads\dz021ar.pdf
2017-02-22 21:52 - 2017-02-26 23:04 - 00000673 _____ C:\Users\Admin\Desktop\الموسوعة الشعرية.lnk
2017-02-22 21:52 - 2017-02-22 21:52 - 00000697 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\ÇáãæÓæÚÉ ÇáÔÚÑíÉ.lnk
2017-02-22 18:42 - 2017-02-22 18:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Media Player Classic
2017-02-22 00:27 - 2017-02-23 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2017-02-22 00:27 - 2017-02-22 00:27 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2017-02-22 00:07 - 2017-03-08 12:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2017-02-22 00:05 - 2017-02-22 00:05 - 00000891 _____ C:\Users\Public\Desktop\Media Player Classic - Home Cinema.lnk
2017-02-22 00:05 - 2017-02-22 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2017-02-22 00:05 - 2017-02-22 00:05 - 00000000 ____D C:\Program Files\MPC HomeCinema
2017-02-21 23:32 - 2017-02-22 11:38 - 00000000 ____D C:\ProgramData\Adobe
2017-02-21 23:32 - 2017-02-21 23:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2017-02-21 23:32 - 2017-02-21 23:32 - 00001944 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2017-02-21 23:32 - 2017-02-21 23:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-21 23:32 - 2017-02-21 23:32 - 00000000 ____D C:\Program Files\Adobe
2017-02-21 23:20 - 2017-02-21 23:20 - 00076773 _____ C:\Users\Admin\Downloads\dz022ar.pdf
2017-02-21 23:07 - 2017-02-21 23:07 - 00477616 _____ C:\Users\Admin\Downloads\MF1220-BATLI.pdf
2017-02-21 22:50 - 2017-03-23 19:02 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-02-21 22:50 - 2017-02-23 17:27 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2017-02-21 22:50 - 2017-02-21 22:50 - 00001111 _____ C:\Users\Admin\Desktop\firefox - Raccourci.lnk
2017-02-21 22:50 - 2017-02-21 22:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2017-02-21 22:49 - 2017-02-21 22:49 - 00015216 _____ C:\Windows\system32\results.xml
2017-02-21 22:47 - 2009-08-27 07:27 - 00398848 _____ (Intel(R) Corporation) C:\Windows\system32\TVWizudlg.exe
2017-02-21 22:47 - 2009-08-27 07:26 - 00140288 _____ () C:\Windows\system32\igfxtvcx.dll
2017-02-21 22:47 - 2009-08-27 07:23 - 00121232 _____ C:\Windows\system32\IScrNB.bmp
2017-02-21 22:16 - 2017-02-21 22:16 - 00122496 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2017-02-21 21:42 - 2017-03-20 00:01 - 00000120 _____ C:\Users\Admin\Documents\est.txt
2017-02-21 21:33 - 2017-03-06 22:25 - 00000000 ___SD C:\Users\Admin\AppData\LocalLow\Temp
2017-02-21 21:31 - 2017-02-21 21:31 - 00000000 ____D C:\Users\Admin\AppData\Local\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00002027 _____ C:\Users\Public\Desktop\ESET Protection des transactions bancaires.lnk
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\ProgramData\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\Program Files\ESET
2017-02-21 21:27 - 2013-03-04 08:35 - 00643656 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-02-21 21:27 - 2013-03-04 08:35 - 00101448 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-02-21 21:27 - 2013-03-04 08:35 - 00085064 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-02-21 21:26 - 2017-02-21 21:27 - 00000000 ____D C:\Program Files\Realtek
2017-02-21 21:26 - 2017-02-21 21:26 - 00000000 ____D C:\Windows\system32\RTCOM
2017-02-21 21:26 - 2009-10-28 11:55 - 02796064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 01528864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 00551456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-02-21 21:26 - 2009-10-28 11:55 - 00338464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 00055328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2017-02-21 21:26 - 2009-10-28 04:39 - 02785568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-02-21 21:26 - 2009-10-15 12:40 - 00281600 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00347648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00164864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00059392 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-02-21 21:26 - 2009-05-04 06:56 - 00306176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-21 21:26 - 2009-04-16 11:05 - 01784352 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-02-21 21:26 - 2009-04-16 03:14 - 00142848 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-02-21 21:26 - 2009-03-31 07:07 - 00125952 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-02-21 21:26 - 2009-03-08 22:32 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-02-21 21:26 - 2009-03-08 22:30 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-02-21 21:26 - 2008-05-19 11:25 - 01933312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-02-21 21:26 - 2008-04-30 01:48 - 00167936 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-02-21 21:26 - 2007-07-30 11:26 - 00126976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-02-21 21:26 - 2007-07-25 02:33 - 00135168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-02-21 21:26 - 2007-05-17 04:26 - 00185776 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-02-21 21:26 - 2006-12-13 03:30 - 00339968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-02-21 21:25 - 2017-02-21 21:26 - 00000000 ___HD C:\Program Files\Temp
2017-02-21 21:25 - 2009-09-02 05:14 - 08194584 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00672792 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00174104 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00151064 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2017-02-21 21:25 - 2009-08-27 01:23 - 00044880 _____ C:\Windows\system32\iglhxs32.vp
2017-02-21 21:25 - 2009-08-27 01:09 - 00155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1883.dll
2017-02-21 21:25 - 2009-08-27 01:00 - 05946368 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-02-21 21:25 - 2009-08-27 01:00 - 04233728 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2017-02-21 21:25 - 2009-08-27 00:57 - 00982220 _____ C:\Windows\system32\igkrng500.bin
2017-02-21 21:25 - 2009-08-27 00:57 - 00439300 _____ C:\Windows\system32\igcompkrng500.bin
2017-02-21 21:25 - 2009-08-27 00:57 - 00092216 _____ C:\Windows\system32\igfcg500m.bin
2017-02-21 21:25 - 2009-08-27 00:54 - 00549888 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2017-02-21 21:25 - 2009-08-27 00:41 - 03839488 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll
2017-02-21 21:25 - 2009-08-27 00:40 - 06042112 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-02-21 21:25 - 2009-08-27 00:29 - 00310784 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00304640 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00299520 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00294912 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00289280 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00287744 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00280576 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00280064 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00277504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00262656 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00179712 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00178176 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-02-21 21:25 - 2009-08-27 00:26 - 00257536 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00199680 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00119296 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-02-21 21:25 - 2009-08-27 00:26 - 00059392 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 05702656 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00275968 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-02-21 21:25 - 2009-08-27 00:25 - 00217088 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00094720 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-02-21 21:25 - 2009-08-27 00:18 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-02-21 21:25 - 2009-08-27 00:18 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-02-21 21:25 - 2009-08-27 00:18 - 00060254 _____ C:\Windows\system32\iglhxg32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00060226 _____ C:\Windows\system32\iglhxc32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00060015 _____ C:\Windows\system32\iglhxo32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2017-02-21 21:25 - 2009-08-18 10:16 - 00831488 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-02-21 21:24 - 2017-02-21 22:47 - 00000000 ____D C:\Windows\system32\Lang
2017-02-21 21:24 - 2009-08-27 00:57 - 00134592 _____ C:\Windows\system32\igfcg500.bin
2017-02-21 21:23 - 2017-02-21 22:47 - 00000000 ____D C:\Program Files\Intel
2017-02-21 21:23 - 2008-05-01 16:35 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-02-21 20:21 - 2016-10-26 16:29 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-02-21 19:52 - 2017-02-21 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Windows\PCHEALTH
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Works
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-02-21 19:49 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-21 19:49 - 2017-02-21 19:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2017-02-21 19:49 - 2017-02-21 19:49 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-02-21 19:43 - 2017-03-21 21:25 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2017-02-21 19:43 - 2017-02-21 19:43 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-21 19:42 - 2017-03-17 17:55 - 01524562 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 19:42 - 2017-02-21 21:27 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-21 19:42 - 2017-02-21 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2017-02-21 19:42 - 2013-06-28 14:49 - 01570304 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys
2017-02-21 19:42 - 2013-06-28 14:49 - 01570304 _____ (Atheros Communications, Inc.) C:\Windows\system32\athur.sys
2017-02-21 19:42 - 2013-06-28 14:49 - 00007514 _____ C:\Windows\system32\athurext.cat
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\ProgramData\TP-LINK
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Program Files\WinRAR
2017-02-21 19:38 - 2017-02-21 19:38 - 00001429 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-21 19:37 - 2017-03-10 22:02 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2017-02-21 19:37 - 2017-03-08 17:21 - 00000000 ____D C:\Users\Admin
2017-02-21 19:37 - 2017-02-21 19:37 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Mes documents
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Voisinage réseau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Voisinage d'impression
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Mes documents
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Favoris
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Bureau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Program Files\Fichiers communs
2017-02-21 19:37 - 2009-07-14 10:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Media Center Programs
2017-02-21 19:25 - 2017-02-21 19:25 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-02-21 19:25 - 2017-02-21 19:25 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-02-21 19:21 - 2017-02-21 19:37 - 00000000 ____D C:\Windows\Panther
2017-02-21 19:20 - 2017-02-21 19:20 - 00000000 ____D C:\Users\Public\Desktop\Extra
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-23 18:35 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-23 18:35 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-23 17:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-22 17:58 - 2015-07-16 19:28 - 00000000 ____D C:\shamela
2017-03-17 17:55 - 2009-07-14 09:39 - 00684756 _____ C:\Windows\system32\perfh00C.dat
2017-03-17 17:55 - 2009-07-14 09:39 - 00126872 _____ C:\Windows\system32\perfc00C.dat
2017-03-17 17:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-03-04 18:18 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2017-03-03 11:33 - 2009-07-14 10:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-03-01 13:13 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86)
2017-02-28 17:24 - 2009-07-14 05:33 - 00795280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-21 22:16 - 2016-06-23 14:31 - 00206472 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00162952 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00156288 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00071304 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00052872 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2017-02-21 19:51 - 2009-07-14 10:01 - 00000000 ____D C:\Windows\ShellNew
2017-02-21 19:51 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\MSBuild
2017-02-21 19:51 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-21 19:49 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-21 19:49 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2017-02-21 19:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2017-02-21 19:37 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Windows NT
2017-02-21 19:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sysprep
2017-02-21 19:23 - 2009-07-14 10:01 - 00000000 ____D C:\Windows\CSC
2017-02-21 19:21 - 2009-07-14 05:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-02-21 19:20 - 2009-07-14 05:34 - 00000000 ____D C:\Windows\Setup
2017-02-21 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\oobe
==================== Fichiers à la racine de certains dossiers =======
2017-03-23 17:28 - 2017-03-23 17:28 - 0000000 ____H () C:\ProgramData\cm-lock
Certains fichiers dans TEMP:
====================
2006-10-28 02:58 - 2006-10-28 02:58 - 0145184 ____R (Microsoft Corporation) C:\Users\Admin\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-14 19:28
==================== Fin de FRST.txt ============================
Exécuté par Admin (administrateur) sur ADMIN-PC (23-03-2017 19:08:31)
Exécuté depuis E:\logicieles
Profils chargés: Admin (Profils disponibles: Admin)
Platform: Microsoft Windows 7 Professionnel (X86) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Daniel White) C:\Program Files\SunsetScreen\SunsetScreen.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7862816 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\...\Run: [Ad-Aware Search Companion] => C:\Program Files\Lavasoft\Web Companion\Application\BrowserDock.exe
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\...\Run: [adaware browser dock] => C:\Program Files\Lavasoft\Web Companion\Application\BrowserDock.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2017-03-11]
ShortcutTarget: PalTalk.lnk -> C:\Program Files\Paltalk Messenger\paltalk.exe (Pas de fichier)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{79FE7497-44FF-4C7D-BC34-29BAC44B59BB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaie
HKU\S-1-5-21-85213751-3370129170-3191285278-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-85213751-3370129170-3191285278-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://maktoob.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaie&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: e8dj347b.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e8dj347b.default [2017-03-23]
FF NewTab: Mozilla\Firefox\Profiles\e8dj347b.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaff
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\e8dj347b.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\e8dj347b.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\e8dj347b.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10041_spdf_opdfs_all_b_pdftoword_170225__yaff
FF Session Restore: Mozilla\Firefox\Profiles\e8dj347b.default -> est activé.
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\e8dj347b.default\searchplugins\yahoo-lavasoft.xml [2017-02-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2009-07-18] ()
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2017-03-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-18]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2166040 2017-02-21] (ESET)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-07-26] (Nitro PDF Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2013-06-28] (Atheros Communications, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206472 2017-02-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [156288 2017-02-21] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [122496 2017-02-21] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [162952 2017-02-21] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52872 2017-02-21] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71304 2017-02-21] (ESET)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-23 19:06 - 2017-03-23 19:08 - 00000000 ____D C:\FRST
2017-03-23 18:29 - 2017-03-23 18:29 - 02712064 _____ C:\Users\Admin\Downloads\ZHPDiag3.exe
2017-03-23 18:29 - 2017-03-23 18:29 - 00000820 _____ C:\Users\Admin\Desktop\ZHPDiag.lnk
2017-03-23 17:28 - 2017-03-23 17:28 - 00000000 ____H C:\ProgramData\cm-lock
2017-03-20 18:41 - 2011-06-25 17:10 - 00000000 ____D C:\Users\Admin\Documents\جامع الردود
2017-03-20 18:15 - 2017-03-20 18:17 - 20713278 ____R C:\Users\Admin\Documents\جامع-الردود19-1.rar
2017-03-18 15:56 - 2017-03-18 15:57 - 00650371 _____ C:\Users\Admin\Downloads\Messenger.htm
2017-03-18 15:56 - 2017-03-18 15:57 - 00000000 ____D C:\Users\Admin\Downloads\Messenger_fichiers
2017-03-17 22:26 - 2017-03-17 22:26 - 06080309 _____ C:\Users\Admin\Downloads\91499.pdf
2017-03-17 10:19 - 2017-03-19 17:43 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-15 00:22 - 2017-03-15 00:24 - 19819461 _____ C:\Users\Admin\Downloads\القراءة الذكية.pdf
2017-03-14 19:33 - 2017-03-14 19:33 - 00001326 _____ C:\Users\Admin\Desktop\chrome - Raccourci.lnk
2017-03-14 17:34 - 2017-03-14 17:34 - 00245157 _____ C:\Users\Admin\Downloads\husni.pdf
2017-03-14 17:33 - 2017-03-14 17:33 - 00141408 _____ C:\Users\Admin\Downloads\ared0205.pdf
2017-03-13 18:57 - 2017-03-13 18:57 - 00000008 _____ C:\Users\Admin\Documents\كود.txt
2017-03-11 12:29 - 2017-03-11 12:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2017-03-11 12:19 - 2017-03-11 12:19 - 01513192 _____ (AVM Software Inc.) C:\Users\Admin\Downloads\pal_install_fr_u46981537_a355_r2765_p179.exe
2017-03-10 22:02 - 2017-03-10 22:02 - 00000000 ____D C:\كيفية المناظرة مع الشيعة والرد عليهم
2017-03-08 21:36 - 2017-03-08 21:37 - 01129376 _____ (Google Inc.) C:\Users\Admin\Downloads\ChromeSetup.exe
2017-03-07 15:45 - 2017-03-07 15:45 - 06095620 _____ C:\Users\Admin\Downloads\التمويل-الإسلامي-كبديل-للتمويل-الوضعي-في-ظل-الأزمة-المالية-العالمية-2008...أبو-طير-محمود...بودالي-حمزة.pdf
2017-03-06 22:51 - 2017-03-06 22:54 - 10025883 _____ C:\Users\Admin\Downloads\المعايير الشرعية للبنوك الإسلامية.pdf
2017-03-06 22:40 - 2017-03-06 22:41 - 00661870 _____ C:\Users\Admin\Downloads\24-2-Belwafi-1.pdf
2017-03-06 20:08 - 2017-03-06 20:08 - 00000011 _____ C:\Users\Admin\Documents\sara.txt
2017-03-05 22:44 - 2017-03-05 22:44 - 00001154 _____ C:\Users\Admin\Desktop\Recover My Files v5.lnk
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Program Files\GetData
2017-03-05 22:44 - 2017-03-05 22:44 - 00000000 ____D C:\Program Files\CodeMeter
2017-03-05 22:44 - 2012-07-19 15:18 - 00666024 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuCm32.dll
2017-03-05 22:42 - 2017-03-05 22:42 - 46561646 _____ C:\Users\Admin\Downloads\sTARTIMES.COM RecoverMyFiles By eLKHALKI.rar
2017-03-05 22:40 - 2017-03-05 22:40 - 12766360 _____ C:\Users\Admin\Downloads\sTARTIMES.COM RecoverMyFiles _ By eLKHALKI.rar
2017-03-05 00:22 - 2017-03-05 00:26 - 07424012 _____ C:\Users\Admin\Downloads\هل نرى الله فى الآخرة حوار الاخ ناصر السنة مع المعتزلي أهل العدلmp3.mp3.part
2017-03-05 00:17 - 2017-03-05 00:19 - 22868224 _____ C:\Users\Admin\Downloads\takhinen-rebuttal.rm
2017-03-03 19:31 - 2017-03-23 19:01 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ZHP
2017-03-03 19:31 - 2017-03-23 18:54 - 00000830 _____ C:\Users\Admin\Desktop\ZHPCleaner.lnk
2017-03-03 19:30 - 2017-03-03 19:30 - 00000671 _____ C:\Users\Admin\Desktop\المقامات.lnk
2017-03-03 18:30 - 2017-03-03 18:30 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2017-03-03 18:29 - 2017-03-03 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Link
2017-03-03 18:29 - 2017-03-03 18:29 - 00000000 ____D C:\Program Files\Smart Link
2017-03-03 18:29 - 1999-12-07 12:00 - 00431376 _____ (Microsoft Corporation) C:\Windows\system32\temp.001
2017-03-03 18:29 - 1999-12-07 12:00 - 00003856 _____ (Microsoft Corporation) C:\Windows\system32\temp.000
2017-03-03 11:30 - 2017-03-03 11:30 - 00000000 ___RD C:\Users\Admin\Documents\Notes
2017-03-02 22:52 - 2017-03-02 22:52 - 00000973 _____ C:\Users\Admin\Desktop\SunsetScreen.lnk
2017-03-02 22:52 - 2017-03-02 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SunsetScreen
2017-03-02 22:52 - 2017-03-02 22:52 - 00000000 ____D C:\Program Files\SunsetScreen
2017-03-01 16:12 - 2017-03-01 16:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2017-03-01 13:08 - 2017-03-01 23:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SunsetScreen_prefs
2017-02-28 20:32 - 2017-03-22 19:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Nitro PDF
2017-02-28 20:28 - 2017-02-28 20:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
2017-02-28 20:28 - 2017-02-28 20:28 - 00001921 _____ C:\Users\Public\Desktop\Nitro Reader.lnk
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FileOpen
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\ProgramData\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\ProgramData\FileOpen
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Program Files\Nitro
2017-02-28 20:28 - 2017-02-28 20:28 - 00000000 ____D C:\Program Files\Common Files\Nitro
2017-02-28 20:28 - 2013-07-26 06:48 - 00027152 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll
2017-02-28 20:28 - 2013-07-26 06:48 - 00018448 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll
2017-02-28 20:27 - 2017-02-28 20:27 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Downloaded Installations
2017-02-28 20:24 - 2017-02-28 20:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\YCanPDF
2017-02-27 12:30 - 2017-03-01 21:30 - 00000000 ____D C:\ProgramData\TEMP
2017-02-26 23:04 - 2017-02-26 23:04 - 00000697 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\الموسوعة الشعرية.lnk
2017-02-26 22:35 - 2017-02-26 22:35 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-02-26 22:34 - 2017-02-26 22:34 - 00000000 ____D C:\Users\Admin\Documents\Praetorians
2017-02-26 22:34 - 2017-02-26 22:34 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-02-25 17:11 - 2017-02-25 17:11 - 00000000 ____D C:\ProgramData\adaware
2017-02-25 17:09 - 2017-02-25 17:09 - 00345360 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll
2017-02-25 17:09 - 2017-02-25 17:09 - 00002888 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2017-02-25 15:39 - 2017-02-25 15:54 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Soda PDF Desktop
2017-02-25 15:37 - 2017-02-25 17:16 - 121378176 _____ C:\Users\Admin\Downloads\Arabic.Syntax.iso.part
2017-02-25 15:17 - 2017-02-26 21:53 - 00000000 ____D C:\ProgramData\Soda PDF Desktop
2017-02-25 14:39 - 2011-02-10 13:36 - 00096256 _____ (Forum 233) C:\Users\Admin\Desktop\Ichraf.exe
2017-02-24 23:38 - 2017-03-01 13:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2017-02-24 22:26 - 2017-02-27 23:00 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2017-02-24 14:55 - 2017-02-24 14:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PixelPlanet
2017-02-24 14:51 - 2017-02-24 14:58 - 00000000 ____D C:\Program Files\Common Files\XPressUpdate
2017-02-24 14:51 - 2017-02-24 14:51 - 00000000 ____D C:\ProgramData\PixelPlanet
2017-02-24 14:51 - 2017-02-24 14:51 - 00000000 ____D C:\Program Files\Common Files\PixelPlanet
2017-02-24 14:50 - 2017-02-24 14:52 - 00000000 ____D C:\Users\Admin\AppData\Local\Downloaded Installations
2017-02-24 11:35 - 2017-02-25 14:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Forum_233
2017-02-24 11:26 - 2017-02-27 23:35 - 00188048 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-23 22:21 - 2017-03-17 15:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2017-02-23 22:08 - 2017-03-22 17:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\shamela
2017-02-23 22:08 - 2017-02-23 22:08 - 00001522 _____ C:\Users\Admin\Desktop\المكتبة الشاملة.lnk
2017-02-23 22:03 - 2017-02-23 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2017-02-22 22:09 - 2017-02-22 22:09 - 00162211 _____ C:\Users\Admin\Downloads\dz021ar.pdf
2017-02-22 21:52 - 2017-02-26 23:04 - 00000673 _____ C:\Users\Admin\Desktop\الموسوعة الشعرية.lnk
2017-02-22 21:52 - 2017-02-22 21:52 - 00000697 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\ÇáãæÓæÚÉ ÇáÔÚÑíÉ.lnk
2017-02-22 18:42 - 2017-02-22 18:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Media Player Classic
2017-02-22 00:27 - 2017-02-23 22:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2017-02-22 00:27 - 2017-02-22 00:27 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2017-02-22 00:07 - 2017-03-08 12:57 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2017-02-22 00:05 - 2017-02-22 00:05 - 00000891 _____ C:\Users\Public\Desktop\Media Player Classic - Home Cinema.lnk
2017-02-22 00:05 - 2017-02-22 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema
2017-02-22 00:05 - 2017-02-22 00:05 - 00000000 ____D C:\Program Files\MPC HomeCinema
2017-02-21 23:32 - 2017-02-22 11:38 - 00000000 ____D C:\ProgramData\Adobe
2017-02-21 23:32 - 2017-02-21 23:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2017-02-21 23:32 - 2017-02-21 23:32 - 00001944 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2017-02-21 23:32 - 2017-02-21 23:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-21 23:32 - 2017-02-21 23:32 - 00000000 ____D C:\Program Files\Adobe
2017-02-21 23:20 - 2017-02-21 23:20 - 00076773 _____ C:\Users\Admin\Downloads\dz022ar.pdf
2017-02-21 23:07 - 2017-02-21 23:07 - 00477616 _____ C:\Users\Admin\Downloads\MF1220-BATLI.pdf
2017-02-21 22:50 - 2017-03-23 19:02 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2017-02-21 22:50 - 2017-02-23 17:27 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2017-02-21 22:50 - 2017-02-21 22:50 - 00001111 _____ C:\Users\Admin\Desktop\firefox - Raccourci.lnk
2017-02-21 22:50 - 2017-02-21 22:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2017-02-21 22:49 - 2017-02-21 22:49 - 00015216 _____ C:\Windows\system32\results.xml
2017-02-21 22:47 - 2009-08-27 07:27 - 00398848 _____ (Intel(R) Corporation) C:\Windows\system32\TVWizudlg.exe
2017-02-21 22:47 - 2009-08-27 07:26 - 00140288 _____ () C:\Windows\system32\igfxtvcx.dll
2017-02-21 22:47 - 2009-08-27 07:23 - 00121232 _____ C:\Windows\system32\IScrNB.bmp
2017-02-21 22:16 - 2017-02-21 22:16 - 00122496 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2017-02-21 21:42 - 2017-03-20 00:01 - 00000120 _____ C:\Users\Admin\Documents\est.txt
2017-02-21 21:33 - 2017-03-06 22:25 - 00000000 ___SD C:\Users\Admin\AppData\LocalLow\Temp
2017-02-21 21:31 - 2017-02-21 21:31 - 00000000 ____D C:\Users\Admin\AppData\Local\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00002027 _____ C:\Users\Public\Desktop\ESET Protection des transactions bancaires.lnk
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\ProgramData\ESET
2017-02-21 21:29 - 2017-02-21 21:29 - 00000000 ____D C:\Program Files\ESET
2017-02-21 21:27 - 2013-03-04 08:35 - 00643656 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2017-02-21 21:27 - 2013-03-04 08:35 - 00101448 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2017-02-21 21:27 - 2013-03-04 08:35 - 00085064 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2017-02-21 21:26 - 2017-02-21 21:27 - 00000000 ____D C:\Program Files\Realtek
2017-02-21 21:26 - 2017-02-21 21:26 - 00000000 ____D C:\Windows\system32\RTCOM
2017-02-21 21:26 - 2009-10-28 11:55 - 02796064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 01528864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 00551456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2017-02-21 21:26 - 2009-10-28 11:55 - 00338464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2017-02-21 21:26 - 2009-10-28 11:55 - 00055328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2017-02-21 21:26 - 2009-10-28 04:39 - 02785568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2017-02-21 21:26 - 2009-10-15 12:40 - 00281600 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00347648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00164864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2017-02-21 21:26 - 2009-07-02 12:28 - 00059392 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2017-02-21 21:26 - 2009-05-04 06:56 - 00306176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-02-21 21:26 - 2009-04-16 11:05 - 01784352 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2017-02-21 21:26 - 2009-04-16 03:14 - 00142848 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2017-02-21 21:26 - 2009-03-31 07:07 - 00125952 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2017-02-21 21:26 - 2009-03-08 22:32 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2017-02-21 21:26 - 2009-03-08 22:30 - 00290304 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2017-02-21 21:26 - 2008-05-19 11:25 - 01933312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2017-02-21 21:26 - 2008-04-30 01:48 - 00167936 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2017-02-21 21:26 - 2007-07-30 11:26 - 00126976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2017-02-21 21:26 - 2007-07-25 02:33 - 00135168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2017-02-21 21:26 - 2007-05-17 04:26 - 00185776 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2017-02-21 21:26 - 2006-12-13 03:30 - 00339968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2017-02-21 21:25 - 2017-02-21 21:26 - 00000000 ___HD C:\Program Files\Temp
2017-02-21 21:25 - 2009-09-02 05:14 - 08194584 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00672792 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00174104 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00151064 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2017-02-21 21:25 - 2009-09-02 05:14 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2017-02-21 21:25 - 2009-08-27 01:23 - 00044880 _____ C:\Windows\system32\iglhxs32.vp
2017-02-21 21:25 - 2009-08-27 01:09 - 00155648 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1883.dll
2017-02-21 21:25 - 2009-08-27 01:00 - 05946368 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2017-02-21 21:25 - 2009-08-27 01:00 - 04233728 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2017-02-21 21:25 - 2009-08-27 00:57 - 00982220 _____ C:\Windows\system32\igkrng500.bin
2017-02-21 21:25 - 2009-08-27 00:57 - 00439300 _____ C:\Windows\system32\igcompkrng500.bin
2017-02-21 21:25 - 2009-08-27 00:57 - 00092216 _____ C:\Windows\system32\igfcg500m.bin
2017-02-21 21:25 - 2009-08-27 00:54 - 00549888 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll
2017-02-21 21:25 - 2009-08-27 00:41 - 03839488 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll
2017-02-21 21:25 - 2009-08-27 00:40 - 06042112 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
2017-02-21 21:25 - 2009-08-27 00:29 - 00310784 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00304640 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00299520 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00294912 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00289280 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00287744 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00280576 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00280064 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00277504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00262656 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00179712 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2017-02-21 21:25 - 2009-08-27 00:29 - 00178176 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2017-02-21 21:25 - 2009-08-27 00:26 - 00257536 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00199680 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00119296 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2017-02-21 21:25 - 2009-08-27 00:26 - 00059392 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll
2017-02-21 21:25 - 2009-08-27 00:26 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 05702656 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00275968 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2017-02-21 21:25 - 2009-08-27 00:25 - 00217088 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00094720 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2017-02-21 21:25 - 2009-08-27 00:25 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2017-02-21 21:25 - 2009-08-27 00:18 - 01921265 _____ C:\Windows\system32\iglhxa32.cpa
2017-02-21 21:25 - 2009-08-27 00:18 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-02-21 21:25 - 2009-08-27 00:18 - 00060254 _____ C:\Windows\system32\iglhxg32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00060226 _____ C:\Windows\system32\iglhxc32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00060015 _____ C:\Windows\system32\iglhxo32.vp
2017-02-21 21:25 - 2009-08-27 00:18 - 00001090 _____ C:\Windows\system32\iglhxa32.vp
2017-02-21 21:25 - 2009-08-18 10:16 - 00831488 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-02-21 21:24 - 2017-02-21 22:47 - 00000000 ____D C:\Windows\system32\Lang
2017-02-21 21:24 - 2009-08-27 00:57 - 00134592 _____ C:\Windows\system32\igfcg500.bin
2017-02-21 21:23 - 2017-02-21 22:47 - 00000000 ____D C:\Program Files\Intel
2017-02-21 21:23 - 2008-05-01 16:35 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2017-02-21 20:21 - 2016-10-26 16:29 - 00407720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-02-21 19:52 - 2017-02-21 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Windows\PCHEALTH
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Works
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2017-02-21 19:51 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-02-21 19:49 - 2017-02-21 19:51 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-21 19:49 - 2017-02-21 19:49 - 00000000 ____D C:\Users\Admin\AppData\Local\Microsoft Help
2017-02-21 19:49 - 2017-02-21 19:49 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-02-21 19:43 - 2017-03-21 21:25 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2017-02-21 19:43 - 2017-02-21 19:43 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-21 19:42 - 2017-03-17 17:55 - 01524562 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 19:42 - 2017-02-21 21:27 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-21 19:42 - 2017-02-21 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2017-02-21 19:42 - 2013-06-28 14:49 - 01570304 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys
2017-02-21 19:42 - 2013-06-28 14:49 - 01570304 _____ (Atheros Communications, Inc.) C:\Windows\system32\athur.sys
2017-02-21 19:42 - 2013-06-28 14:49 - 00007514 _____ C:\Windows\system32\athurext.cat
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\ProgramData\TP-LINK
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-21 19:41 - 2017-02-21 19:41 - 00000000 ____D C:\Program Files\WinRAR
2017-02-21 19:38 - 2017-02-21 19:38 - 00001429 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-02-21 19:37 - 2017-03-10 22:02 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2017-02-21 19:37 - 2017-03-08 17:21 - 00000000 ____D C:\Users\Admin
2017-02-21 19:37 - 2017-02-21 19:37 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Public\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Mes documents
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Voisinage réseau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Voisinage d'impression
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Mes documents
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Mes vidéos
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Mes images
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\Documents\Ma musique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Historique
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Modèles
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Menu Démarrer
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Favoris
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\ProgramData\Bureau
2017-02-21 19:37 - 2017-02-21 19:37 - 00000000 _SHDL C:\Program Files\Fichiers communs
2017-02-21 19:37 - 2009-07-14 10:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Media Center Programs
2017-02-21 19:25 - 2017-02-21 19:25 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-02-21 19:25 - 2017-02-21 19:25 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-02-21 19:21 - 2017-02-21 19:37 - 00000000 ____D C:\Windows\Panther
2017-02-21 19:20 - 2017-02-21 19:20 - 00000000 ____D C:\Users\Public\Desktop\Extra
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-03-23 18:35 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-23 18:35 - 2009-07-14 05:34 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-23 17:28 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-22 17:58 - 2015-07-16 19:28 - 00000000 ____D C:\shamela
2017-03-17 17:55 - 2009-07-14 09:39 - 00684756 _____ C:\Windows\system32\perfh00C.dat
2017-03-17 17:55 - 2009-07-14 09:39 - 00126872 _____ C:\Windows\system32\perfc00C.dat
2017-03-17 17:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-03-04 18:18 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2017-03-03 11:33 - 2009-07-14 10:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-03-01 13:13 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86)
2017-02-28 17:24 - 2009-07-14 05:33 - 00795280 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-21 22:16 - 2016-06-23 14:31 - 00206472 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00162952 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00156288 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00071304 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2017-02-21 22:16 - 2016-06-23 14:31 - 00052872 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys
2017-02-21 19:51 - 2009-07-14 10:01 - 00000000 ____D C:\Windows\ShellNew
2017-02-21 19:51 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\MSBuild
2017-02-21 19:51 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-21 19:49 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-21 19:49 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2017-02-21 19:38 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2017-02-21 19:37 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Windows NT
2017-02-21 19:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sysprep
2017-02-21 19:23 - 2009-07-14 10:01 - 00000000 ____D C:\Windows\CSC
2017-02-21 19:21 - 2009-07-14 05:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-02-21 19:20 - 2009-07-14 05:34 - 00000000 ____D C:\Windows\Setup
2017-02-21 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\oobe
==================== Fichiers à la racine de certains dossiers =======
2017-03-23 17:28 - 2017-03-23 17:28 - 0000000 ____H () C:\ProgramData\cm-lock
Certains fichiers dans TEMP:
====================
2006-10-28 02:58 - 2006-10-28 02:58 - 0145184 ____R (Microsoft Corporation) C:\Users\Admin\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-03-14 19:28
==================== Fin de FRST.txt ============================