Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2016 Exécuté par priver (administrateur) sur PENTIUM4 (07-05-2016 14:19:13) Exécuté depuis C:\Documents and Settings\priver\Bureau Profils chargés: priver (Profils disponibles: priver) Platform: Microsoft Windows XP Professionnel Service Pack 3 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (S3 Graphics, Inc.) C:\WINDOWS\system32\VTTimer.exe (S3 Graphics Co., Ltd.) C:\WINDOWS\system32\S3Trayp.exe (BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe (BitTorrent Inc.) C:\Documents and Settings\priver\Application Data\uTorrent\updates\3.4.6_42094\utorrentie.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [VTTimer] => C:\WINDOWS\system32\VTTimer.exe [53248 2006-09-21] (S3 Graphics, Inc.) HKLM\...\Run: [S3Trayp] => C:\WINDOWS\system32\S3trayp.exe [176128 2007-06-11] (S3 Graphics Co., Ltd.) HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [uTorrent] => C:\Documents and Settings\priver\Application Data\uTorrent\uTorrent.exe [1959424 2016-04-08] (BitTorrent Inc.) HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation) HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Common Files Manager] => C:\Program Files\Windows Common Files\Commgr.exe HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [WindowMessenger] => C:\RECYCLER\X-1-5-21-1960408961-725345543-839522115-1003\WinSysApp.exe HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [Windows Alerter] => C:\Program Files\Windows Alerter\WinAlert.exe HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-03-13] (Tonec Inc.) HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {759adccd-ac5d-11e5-80a6-001bb9b527fa} - F:\RECYCLER\MuOdRdG.exe HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {916b19e1-cb47-11e5-80ef-001bb9b527fa} - E:\مكتبة-طالب-العلم-الرقمية.exe HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\MountPoints2: {a47b447d-810b-11dc-a17b-806d6172696f} - E:\setup.exe HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation) Startup: C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage\ 30 ( 59 60 ) - .mp4.lnk [2015-02-14] ShortcutTarget: 30 ( 59 60 ) - .mp4.lnk -> C:\Documents and Settings\All Users\Application Data\{ffbd0fce-b2ab-ac9b-ffbd-d0fceb2a3f3a}\ 30 ( 59 60 ) - .mp4.exe (Pas de fichier) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.dz/ HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par 01net.com HKU\S-1-5-21-1708537768-484763869-1606980848-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.01net.com/telecharger/ hxxp://www.01men.com/ URLSearchHook: [S-1-5-21-1708537768-484763869-1606980848-1003] ATTENTION => URLSearchHook par défaut est absent SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1708537768-484763869-1606980848-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\SYSTEM\OLE DB\MSDAIPP.DLL [2010-02-28] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default FF NewTab: about:newtab FF DefaultSearchEngine: Search Provided by Yahoo FF SelectedSearchEngine: Search Provided by Yahoo FF Homepage: hxxp://www.google.dz/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-06] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\priver\Application Data\Mozilla\Firefox\Profiles\ob5lwmzm.default\searchplugins\Search Provided by Yahoo.xml [2016-04-18] FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-03-10] FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1708537768-484763869-1606980848-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5 FF Extension: IDM CC - C:\Documents and Settings\priver\Application Data\IDM\idmmzcc5 [2016-05-07] [non signé] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.dz/ CHR Profile: C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-07] CHR Extension: (Google Docs) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Google Drive) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Search and Replace) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bldchfkhmnkoimaciljpilanilmbnofo [2015-07-26] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (YouTube) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (Recherche Google) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (Google Wallet) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Gmail) - C:\Documents and Settings\priver\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] [UpdateUrl: hxxp://mynamedomain.koko/00] <==== ATTENTION CHR Extension: (EaxstraCuoupon) - C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo\ [] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11] ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG) S3 ose; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; C:\Program Files\Fichiers communs\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 FET5X86V; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [43520 2008-12-04] (VIA Technologies, Inc. ) [Fichier non signé] S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. ) R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [138864 2016-01-28] (Tonec Inc.) R3 S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [714240 2007-07-11] (S3 Graphics Co., Ltd.) [Fichier non signé] U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2016-04-23] () R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-01] (VIA Technologies, Inc.) R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [208384 2007-10-16] (VIA Technologies, Inc.) S0 43865634; system32\drivers\96851762.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-07 14:16 - 2016-05-07 14:19 - 00013791 _____ C:\Documents and Settings\priver\Bureau\FRST.txt 2016-05-07 14:02 - 2016-05-07 14:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\TEMP 2016-05-07 14:01 - 2013-10-05 14:36 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco 2016-05-07 13:56 - 2016-05-07 14:00 - 18943645 _____ C:\Documents and Settings\priver\Mes documents\Active File Recovery Professional 10.0.6.By_Sco.rar 2016-05-07 13:13 - 2016-05-07 13:42 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-05-07 10:24 - 2016-05-07 10:24 - 00000000 ____H C:\Documents and Settings\All Users\Application Data\cm-lock 2016-05-07 02:15 - 2016-05-07 10:24 - 00000000 ____D C:\Program Files\Convar 2016-05-06 22:56 - 2016-05-06 22:56 - 00000696 _____ C:\Documents and Settings\priver\Bureau\Internet Download Manager.lnk 2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Internet Download Manager 2016-05-06 22:56 - 2016-05-06 22:56 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Download Manager 2016-05-06 22:55 - 2016-04-10 00:54 - 06832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe 2016-05-06 22:55 - 2016-04-10 00:52 - 00000363 _____ C:\Program Files\serial.txt 2016-05-06 22:55 - 2016-03-13 09:36 - 03919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe 2016-05-06 22:54 - 2016-05-06 22:54 - 08107937 _____ C:\Program Files\IDM 6.25 build 14.rar 2016-05-06 01:59 - 2016-05-06 01:59 - 00001819 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome.lnk 2016-05-06 01:59 - 2016-05-06 01:59 - 00001813 _____ C:\Documents and Settings\All Users\Bureau\Google Chrome.lnk 2016-05-06 01:54 - 2016-05-06 01:54 - 00000736 _____ C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk 2016-05-06 01:54 - 2016-05-06 01:54 - 00000730 _____ C:\Documents and Settings\All Users\Bureau\امينة.lnk 2016-05-06 01:54 - 2016-05-06 01:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-05-06 01:50 - 2016-05-07 13:55 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-06 01:50 - 2016-05-07 10:24 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ C:\Program Files\Firefox Setup 43.0.1.exe 2016-05-05 18:35 - 2016-05-05 18:37 - 06871040 _____ C:\Program Files\GUT34.tmp 2016-05-05 18:35 - 2016-05-05 18:35 - 00000000 ____D C:\Program Files\GUM33.tmp 2016-05-05 18:34 - 2016-05-05 18:34 - 00987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe 2016-05-05 18:33 - 2016-05-05 18:33 - 04727984 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\priver\Bureau\tdsskiller.exe 2016-05-05 18:30 - 2016-05-05 18:31 - 00010115 _____ C:\WINDOWS\setuplog.txt 2016-05-05 17:59 - 2016-05-07 14:19 - 00000000 ____D C:\FRST 2016-05-05 17:57 - 2016-05-05 17:58 - 01728000 _____ (Farbar) C:\Documents and Settings\priver\Bureau\FRST.exe 2016-05-05 01:34 - 2016-05-05 01:34 - 00000000 ____D C:\WINDOWS\pss 2016-05-04 03:13 - 2016-05-04 03:13 - 00000000 ____D C:\Shamelah_Library 2016-05-03 02:12 - 2016-05-03 02:12 - 02359350 _____ C:\Documents and Settings\priver\Mes documents\Sans titre.bmp 2016-05-03 01:40 - 2016-05-03 01:40 - 00000895 _____ C:\Documents and Settings\All Users\Bureau\EaseUS Data Recovery Wizard 8.6.lnk 2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Program Files\EaseUS 2016-05-03 01:40 - 2016-05-03 01:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\EaseUS Data Recovery Wizard 8.6 2016-05-03 01:40 - 2014-12-18 11:09 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0 2016-05-03 01:32 - 2016-05-03 01:32 - 00000104 _____ C:\Documents and Settings\priver\Bureau\Poste de travail.lnk 2016-05-03 01:26 - 2016-05-03 01:29 - 10500298 _____ C:\Documents and Settings\priver\Mes documents\EaseUS.Data.Recovery.Wizard_8.6.0_3.zip 2016-05-01 01:34 - 2016-05-01 01:34 - 00090112 _____ C:\WINDOWS\Minidump\Mini050116-01.dmp 2016-04-20 07:15 - 2016-04-23 01:40 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2016-04-20 07:15 - 2016-04-20 07:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller 2016-04-18 04:43 - 2016-04-18 04:43 - 00000376 __RSH C:\Documents and Settings\All Users\ntuser.pol 2016-04-18 04:43 - 2016-04-18 04:43 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-04-18 04:01 - 2016-04-18 04:01 - 00002088 _____ C:\Documents and Settings\priver\Bureau\Hetman Partition Recovery.lnk 2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Program Files\Hetman Software 2016-04-18 04:01 - 2016-04-18 04:01 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Hetman Software 2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Program Files\CodeMeter 2016-04-18 03:42 - 2016-04-18 03:42 - 00000000 ____D C:\Documents and Settings\priver\Menu Démarrer\Programmes\Recover My Files v5 2016-04-18 03:42 - 2012-07-19 15:18 - 00666024 _____ (WIBU-SYSTEMS AG) C:\WINDOWS\system32\WibuCm32.dll 2016-04-17 02:43 - 2016-04-17 02:43 - 00005120 _____ C:\Documents and Settings\priver\Application Data\GiftBag.db 2016-04-17 02:41 - 2016-04-17 02:41 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Tencent 2016-04-17 02:29 - 2016-05-07 13:30 - 00001496 _____ C:\WINDOWS\Tasks\Sosition Reports.job 2016-04-17 02:29 - 2016-04-17 02:31 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Application Data\3810282D-6C19-47B0-8283-5C6C29A7E108 2016-04-17 01:36 - 2016-05-05 17:41 - 00000000 ____D C:\Program Files\ZHPFix 2016-04-17 00:36 - 2016-04-17 02:06 - 00000000 ____D C:\Documents and Settings\priver\Application Data\ZHP 2016-04-17 00:36 - 2016-04-17 00:36 - 00000802 _____ C:\Documents and Settings\priver\Bureau\ZHPDiag.lnk 2016-04-15 22:21 - 2008-11-13 10:25 - 00137024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinet.ocx 2016-04-15 22:21 - 2005-06-10 13:22 - 00450560 _____ (Sky Software) C:\WINDOWS\system32\filevw61.ocx 2016-04-15 22:21 - 2005-06-10 13:22 - 00352256 _____ (Sky Software) C:\WINDOWS\system32\shcmb61.ocx 2016-04-15 22:21 - 2005-06-10 13:21 - 00417792 _____ (Sky Software) C:\WINDOWS\system32\fldrvw61.ocx 2016-04-15 22:21 - 2005-04-15 19:58 - 01351392 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.ocx 2016-04-15 22:21 - 2005-04-13 03:00 - 00331784 _____ (VBGold Software) C:\WINDOWS\system32\aresize.ocx 2016-04-15 22:21 - 2004-10-02 09:36 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\system32\richtx32.ocx 2016-04-15 22:21 - 1999-09-28 21:42 - 01050896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet35.dll 2016-04-15 22:21 - 1998-06-18 10:33 - 00089360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vb5db.dll 2016-04-15 22:21 - 1998-05-18 00:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbar332.dll 2016-04-15 22:21 - 1998-04-24 18:40 - 00407312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrepl35.dll 2016-04-15 22:21 - 1998-04-24 18:40 - 00252176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd2x35.dll 2016-04-15 22:21 - 1998-04-24 18:40 - 00123664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjint35.dll 2016-04-15 22:21 - 1998-04-24 18:40 - 00024848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjter35.dll 2016-04-15 22:21 - 1997-07-19 19:00 - 00227600 _____ (Microsoft) C:\WINDOWS\system32\msflxgrd.ocx 2016-04-15 03:33 - 2016-04-18 03:44 - 00000000 ____D C:\Program Files\CCleaner 2016-04-12 15:08 - 2016-05-07 01:07 - 00133120 ___SH C:\Documents and Settings\priver\Mes documents\Thumbs.db 2016-04-12 14:34 - 2016-04-12 14:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PC1Data 2016-04-12 14:34 - 2016-04-12 14:34 - 04454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe 2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled 2016-04-12 02:47 - 2016-04-12 02:47 - 00000000 ____D C:\Program Files\Fichiers communs\IObit 2016-04-12 02:36 - 2016-04-12 02:47 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ProductData 2016-04-12 02:35 - 2016-04-12 02:48 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IObit 2016-04-12 02:35 - 2016-04-12 02:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\IObit ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Local Settings\Temp 2016-05-07 14:19 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver\Bureau 2016-05-07 14:15 - 2014-10-15 20:55 - 00000000 ____D C:\Documents and Settings\priver\Application Data\uTorrent 2016-05-07 14:11 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer\Programmes 2016-05-07 14:01 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents 2016-05-07 13:58 - 2014-10-09 19:16 - 00000000 ____D C:\Documents and Settings\priver\Application Data\vlc 2016-05-07 10:24 - 2007-10-23 02:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-07 03:38 - 2007-10-23 02:30 - 00000184 ___SH C:\Documents and Settings\priver\ntuser.ini 2016-05-07 03:38 - 2007-10-23 02:30 - 00000000 ____D C:\Documents and Settings\priver 2016-05-07 03:38 - 2007-10-23 02:26 - 00032564 _____ C:\WINDOWS\SchedLgU.Txt 2016-05-07 02:42 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes 2016-05-07 01:26 - 2007-10-23 02:30 - 00000000 __SHD C:\Documents and Settings\priver\Local Settings\Historique 2016-05-07 01:26 - 2007-10-23 02:23 - 00000000 ___HD C:\Documents and Settings\NetworkService\Local Settings\Historique 2016-05-07 00:57 - 2007-10-23 03:11 - 00000000 ____D C:\Documents and Settings\priver\Application Data\DMCache 2016-05-06 23:21 - 2007-10-23 04:09 - 00000000 ____D C:\Documents and Settings\All Users\Bureau 2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-05-06 22:56 - 2015-08-21 01:57 - 00000000 ____D C:\Documents and Settings\priver\Application Data\IDM 2016-05-06 22:48 - 2002-09-07 00:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-05-06 01:59 - 2015-05-16 09:29 - 00000000 ____D C:\Program Files\Google 2016-05-05 23:17 - 2007-10-23 03:12 - 00002271 _____ C:\Documents and Settings\All Users\Bureau\Skype.lnk 2016-05-05 22:12 - 2007-10-23 03:21 - 00002515 _____ C:\Documents and Settings\priver\Bureau\Microsoft Excel 2010.lnk 2016-05-05 19:02 - 2007-10-23 03:21 - 00002561 _____ C:\Documents and Settings\priver\Bureau\Microsoft Word 2010.lnk 2016-05-05 18:33 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Favoris 2016-05-05 18:00 - 2007-10-23 04:09 - 00000000 __SHD C:\Documents and Settings\Default User\Local Settings\Historique 2016-05-05 18:00 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer\Programmes\Démarrage 2016-05-05 18:00 - 2007-10-23 02:26 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Historique 2016-05-05 17:28 - 2007-10-23 04:01 - 00000000 ___HD C:\WINDOWS\inf 2016-05-05 17:28 - 2007-10-23 02:14 - 00000000 ____D C:\Program Files\MSN 2016-05-04 12:26 - 2015-04-06 23:41 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Téléchargements 2016-05-03 01:06 - 2007-10-23 04:10 - 00000000 ____D C:\Program Files\Fichiers communs 2016-04-27 00:58 - 2014-10-11 07:39 - 00015360 ____C C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-19 01:39 - 2007-10-23 04:07 - 00000000 ____D C:\Documents and Settings\All Users 2016-04-17 16:01 - 2007-10-23 02:26 - 00000184 __SHC C:\Documents and Settings\LocalService\ntuser.ini 2016-04-17 12:41 - 2014-10-09 18:12 - 00084536 ____C C:\Documents and Settings\priver\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2016-04-17 10:34 - 2007-10-23 04:07 - 00325912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-17 02:49 - 2007-10-23 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Démarrer 2016-04-17 02:30 - 2007-10-23 02:30 - 00000000 ___RD C:\Documents and Settings\priver\Menu Démarrer 2016-04-16 15:02 - 2007-10-23 02:46 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt 2016-04-16 13:59 - 2007-10-23 02:38 - 00000000 ____D C:\Program Files\FreeTime 2016-04-16 09:47 - 2015-06-21 00:56 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Ma musique 2016-04-15 22:45 - 2015-07-26 13:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\hkobgidnbdabbcghenamilbflajbipfo 2016-04-15 22:21 - 2014-10-15 20:46 - 00000000 ____D C:\Documents and Settings\priver\Application Data\shamela 2016-04-15 03:37 - 2014-12-18 11:25 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-15 02:54 - 2014-12-08 22:23 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\قرآن 2016-04-12 15:01 - 2015-10-03 23:41 - 00000000 ___RD C:\Documents and Settings\priver\Mes documents\Mes images 2016-04-12 14:39 - 2015-02-20 23:31 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Mes vidéos 2016-04-12 14:39 - 2014-12-30 02:12 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Temp 2016-04-12 14:39 - 2014-11-04 08:32 - 00000000 ____D C:\Documents and Settings\priver\Mes documents\Any Audio Converter 2016-04-12 14:39 - 2007-10-23 04:07 - 00000000 ___HD C:\Documents and Settings\Default User 2016-04-12 02:48 - 2007-10-23 02:30 - 00000000 ___HD C:\Documents and Settings\priver\Modèles ==================== Fichiers à la racine de certains dossiers ======= 2016-05-05 18:34 - 2016-05-05 18:34 - 0987728 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe 2016-05-05 23:27 - 2016-05-05 23:27 - 45811976 _____ () C:\Program Files\Firefox Setup 43.0.1.exe 2016-05-05 18:35 - 2016-05-05 18:37 - 6871040 _____ () C:\Program Files\GUT34.tmp 2016-05-06 22:54 - 2016-05-06 22:54 - 8107937 _____ () C:\Program Files\IDM 6.25 build 14.rar 2016-05-06 22:55 - 2016-03-13 09:36 - 3919928 _____ (Tonec Inc.) C:\Program Files\IDMan.exe 2016-05-06 22:55 - 2016-04-10 00:54 - 6832568 _____ (Tonec Inc.) C:\Program Files\idman625build14.exe 2016-05-06 22:55 - 2016-04-10 00:52 - 0000363 _____ () C:\Program Files\serial.txt 2016-04-17 02:43 - 2016-04-17 02:43 - 0005120 _____ () C:\Documents and Settings\priver\Application Data\GiftBag.db 2014-10-11 07:39 - 2016-04-27 00:58 - 0015360 ____C () C:\Documents and Settings\priver\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-05-07 10:24 - 2016-05-07 10:24 - 0000000 ____H () C:\Documents and Settings\All Users\Application Data\cm-lock 2016-04-12 14:34 - 2016-04-12 14:34 - 4454296 _____ ((c) PC Cleaners Inc) C:\Documents and Settings\All Users\Application Data\pclunst.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe [2010-11-11 00:44] - [2010-11-11 00:44] - 2566144 ____A (Microsoft Corporation) 99D471D9BD7A68F9617A5637B0183A55 C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== Fin de FRST.txt ============================