Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2017 Exécuté par Otam (administrateur) sur IAN (20-04-2017 12:03:34) Exécuté depuis C:\Documents and Settings\Otam\Bureau Profils chargés: Otam (Profils disponibles: Otam & Administrateur) Platform: Microsoft Windows XP Édition familiale Service Pack 3 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe (Apple Inc.) C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE () C:\WINDOWS\ATK0100\HControl.exe () C:\Program Files\Wireless Console 2\wcourier.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe (ATK) C:\Program Files\ASUS\Splendid\ACMON.exe (Motorola Inc.) C:\WINDOWS\sm56hlpr.exe (Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Native Instruments GmbH) C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe (NVIDIA Corporation) C:\WINDOWS\System32\nvsvc32.exe (ASUSTeK) C:\WINDOWS\System32\ACEngSvr.exe (HP) C:\WINDOWS\System32\HPZipm12.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe () C:\WINDOWS\ATK0100\ATKOSD.exe (Acronis) C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Macrovision Corporation) C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (iMobie Inc.) C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe (Microsoft Corporation) C:\WINDOWS\System32\RUNDLL32.EXE (RME) C:\WINDOWS\System32\fireface.exe (RME) C:\WINDOWS\System32\firefacemix.exe (SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.exe (The Document Foundation) C:\Program Files\LibreOffice 5\program\soffice.bin (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (Microsoft Corporation) C:\WINDOWS\System32\wscntfy.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AuditMode] => C:\sysprep\factory.exe -logon HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16206848 2006-05-04] (Realtek Semiconductor Corp.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [110592 2006-04-17] () HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [987136 2005-10-17] () HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation) HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation) HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [53248 2006-05-16] (ASUSTeK Computer INC.) HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [17920 2006-02-21] (ATK) HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2006-03-30] (Motorola Inc.) HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5140360 2009-11-12] (Acronis) HKLM\...\Run: [Service Scheduler2 Acronis] => C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [362088 2009-11-12] (Acronis) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.) HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM\...\Run: [SilentCleanService] => C:\Program Files\iMobie\PhoneClean\SilentCleanServer.exe [495080 2016-10-20] (iMobie Inc.) HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [FirefaceTray] => C:\WINDOWS\system32\fireface.exe [64000 2010-12-17] (RME) HKLM\...\Run: [FirefaceMixTray] => C:\WINDOWS\system32\firefacemix.exe [1054208 2010-12-17] (RME) HKLM\...\Run: [QuickTime Task] => "C:\Program Files\QuickTime\qttask.exe" -atboottime HKLM\...\Run: [UnlockerAssistant] => "C:\Program Files\Unlocker\UnlockerAssistant.exe" HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM) HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7348440 2017-03-03] (Piriform Ltd) HKU\S-1-5-21-3552450095-722642494-2735697518-1005\...\MountPoints2: {f22a3622-42c8-11e2-a964-001302dd141c} - F:\RunClubSanDisk.exe ShellIconOverlayIdentifiers: [Fichiers hors connexion] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-13] (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk [2016-08-24] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.) Startup: C:\Documents and Settings\Otam\Menu Démarrer\Programmes\Démarrage\LibreOffice 5.0.lnk [2016-05-17] ShortcutTarget: LibreOffice 5.0.lnk -> C:\Program Files\LibreOffice 5\program\quickstart.exe () ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{0F253B95-1B6B-4F73-B3D1-488511FB9708}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{BBCD1530-664D-46EE-AE9B-5024B715B7E9}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-3552450095-722642494-2735697518-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-3552450095-722642494-2735697518-1005 -> {C0849B4B-320C-4628-B7D9-438F8E2A1EDC} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1400596399640 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll [2008-04-13] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 0daqfz4e.default-1353426251546 FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default [2012-11-19] FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3333004&octid=EB_ORIGINAL_CTID&ISID=E64A13D6-A846-48B7-8BE1-8960BCC1D543&SearchSource=55&CUI=&UM=8&UP=SPA6750B4D-A3C1-4C46-989B-54A3B4286F80&D=082715&SSPV= FF NewTab: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default -> about:newtab FF Extension: (Search and New Tab by Yahoo) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\a3dzxh9z.default\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-06-22] FF ProfilePath: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 [2012-11-20] FF Homepage: C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546 -> google.com FF Extension: (Firefox Hotfix) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-03] FF Extension: (Adblock Plus) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] FF Extension: (Video DownloadHelper) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-02-15] FF Extension: (Xmarks) - C:\Documents and Settings\Otam\Application Data\Mozilla\Firefox\Profiles\0daqfz4e.default-1353426251546\Extensions\foxmarks@kei.com [2017-02-15] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-03-15] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-01] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-15] (Google Inc.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-27] (VideoLAN) FF Plugin HKU\S-1-5-21-3552450095-722642494-2735697518-1005: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-03-06] (Tracker Software Products (Canada) Ltd.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09] Chrome: ======= CHR HomePage: Default -> hxxps://fr.search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=435714 CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.google.fr/" CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default [2012-12-19] CHR Extension: (Recherche Google) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-19] CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-19] CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-19] CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-17] CHR Extension: (FVD Video Downloader) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-01-17] CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-18] CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-20] CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-20] CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-20] CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Guest Profile [2015-01-17] CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\System Profile [2016-02-16] CHR Profile: C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1 [2016-05-06] CHR Extension: (Google Docs) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-06] CHR Extension: (Google Drive) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-06] CHR Extension: (Gmail) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-06] CHR Extension: (YouTube) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-06] CHR Extension: (Google Sheets) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-06] CHR Extension: (Google Docs hors connexion) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-06] CHR Extension: (Google Slides) - C:\Documents and Settings\Otam\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-06] CHR HKLM\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AcrSch2Svc; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [661128 2009-11-12] (Acronis) R2 afcdpsrv; C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [2480048 2012-11-22] (Acronis) S2 AntiRansom; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom.exe [693720 2016-07-19] (AO Kaspersky Lab) R2 Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60720 2015-09-02] (Apple Inc.) S3 CoordinatorServiceHost; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [89192 2012-06-09] (Dassault Systèmes SolidWorks Corp.) S2 DrvCovEx; C:\WINDOWS\System32\DrvCovEx.exe [45056 2015-09-15] () [Fichier non signé] R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [Fichier non signé] S3 FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-09-08] (Flexera Software, Inc.) S3 HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [81920 2005-05-20] (Hewlett-Packard Company) S3 HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [73728 2004-10-16] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé] S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) R2 NIHardwareService; C:\Program Files\Fichiers communs\Native Instruments\Hardware\NIHardwareService.exe [3857408 2011-04-07] (Native Instruments GmbH) [Fichier non signé] R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [Fichier non signé] S3 Remote Solver for Flow Simulation 2012; C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [95368 2012-04-09] (Mentor Graphics Corporation) [Fichier non signé] R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [Fichier non signé] S3 SolidWorks Licensing Service; C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-09-08] (SolidWorks) [Fichier non signé] S2 MA_CMIDI_InstallerService; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [X] S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.334\McCHSvc.exe" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2012-11-19] (Meetinghouse Data Communications) [Fichier non signé] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2012-11-25] () [Fichier non signé] S3 fireface; C:\WINDOWS\System32\drivers\fireface.sys [88832 2010-12-17] (RME) [Fichier non signé] S3 firefaceu; C:\WINDOWS\System32\drivers\fireface_usb.sys [83584 2012-08-27] (RME) [Fichier non signé] S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [25440 2016-03-04] (ThreatTrack Security) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-13] (HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-13] (HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-13] (HP) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [165296 2016-06-02] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [153936 2016-06-26] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [109904 2016-06-28] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [791888 2016-06-26] (AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41392 2016-05-31] (AO Kaspersky Lab) R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [82352 2016-05-17] (AO Kaspersky Lab) S3 lvupdtio; C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [10752 2005-05-20] () [Fichier non signé] S3 MA_CMIDI; C:\WINDOWS\System32\drivers\ma_cmidi.sys [21888 2006-08-16] (M-Audio) [Fichier non signé] R1 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [148256 2017-04-16] (Malwarebytes) R3 mpfilt; C:\WINDOWS\system32\drivers\mpfilt.sys [10588 2009-01-09] () [Fichier non signé] S3 mpszfilt; C:\WINDOWS\System32\DRIVERS\mpszfilt.sys [10752 2015-09-15] (Generic) [Fichier non signé] R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [Fichier non signé] S3 SeratoUsb; C:\WINDOWS\System32\Drivers\SeratoUsb.sys [29952 2013-07-09] (Cristalink Ltd) [Fichier non signé] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [642560 2012-11-25] () [Fichier non signé] R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1116544 2006-08-09] () R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [7808 2006-08-09] () R0 tdrpman258; C:\WINDOWS\System32\DRIVERS\tdrpm258.sys [911680 2012-11-22] (Acronis) S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation) S4 IntelIde; pas de ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-20 12:03 - 2017-04-20 12:03 - 00026232 _____ C:\Documents and Settings\Otam\Bureau\FRST.txt 2017-04-20 12:03 - 2017-04-20 12:03 - 00000000 ____D C:\FRST 2017-04-20 12:01 - 2017-04-20 12:01 - 01766912 _____ (Farbar) C:\Documents and Settings\Otam\Bureau\FRST.exe 2017-04-20 10:08 - 2017-04-20 10:08 - 01740631 _____ C:\Documents and Settings\Otam\Bureau\7978-6-evaluation.pptx 2017-04-20 10:01 - 2017-04-20 10:01 - 00167486 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004_1.txt 2017-04-20 09:52 - 2017-04-20 09:52 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-20-09-52-21.txt 2017-04-20 09:48 - 2017-04-20 09:48 - 00167184 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2004.txt 2017-04-20 09:42 - 2017-04-20 09:42 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFix[R1].txt 2017-04-20 09:41 - 2017-04-20 09:41 - 00001416 _____ C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk 2017-04-20 09:41 - 2017-04-20 09:41 - 00001291 _____ C:\Documents and Settings\Otam\Bureau\ZHPFixReport.txt 2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Program Files\ZHPFix 2017-04-20 09:41 - 2017-04-20 09:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP 2017-04-20 09:35 - 2017-04-20 09:35 - 03521617 _____ (Nicolas Coolman ) C:\Documents and Settings\Otam\Bureau\zhpfix_2015.10.19.9.exe 2017-04-19 22:48 - 2017-04-19 22:48 - 00167067 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag2.txt 2017-04-19 16:23 - 2017-04-19 16:23 - 00166997 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag1.txt 2017-04-19 16:14 - 2017-04-19 16:14 - 00021390 _____ C:\Documents and Settings\Otam\Bureau\scunia.odt 2017-04-19 16:14 - 2017-04-19 10:29 - 02105344 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag3.exe 2017-04-19 15:46 - 2017-04-19 15:47 - 00099029 _____ C:\Documents and Settings\Otam\Bureau\DU SECOND DEGRE.pdf 2017-04-19 15:37 - 2017-04-19 15:37 - 00103315 _____ C:\Documents and Settings\Otam\Bureau\du_second_degre-4.pdf 2017-04-19 15:18 - 2017-04-19 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-15-18-02.txt 2017-04-19 15:15 - 2017-04-19 15:15 - 00001871 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 2.txt 2017-04-19 15:01 - 2017-04-19 15:01 - 00002916 _____ C:\Documents and Settings\Otam\Bureau\AdwCleaner[C0].txt 2017-04-19 14:59 - 2017-04-19 14:59 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-59-29.txt 2017-04-19 14:50 - 2017-04-19 14:50 - 00011124 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner 1.txt 2017-04-19 14:49 - 2017-04-19 14:49 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-14-49-40.txt 2017-04-19 13:59 - 2017-04-19 15:15 - 00002055 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.txt 2017-04-19 13:45 - 2017-04-19 15:01 - 00000599 _____ C:\Documents and Settings\Otam\Bureau\ZHPCleaner.lnk 2017-04-19 13:45 - 2017-04-19 13:44 - 00296265 _____ C:\Documents and Settings\Otam\Bureau\projet brevet blanc 2.pdf 2017-04-19 13:12 - 2017-04-19 13:12 - 00480684 _____ C:\Documents and Settings\Otam\Bureau\Infection par Spora aide.pdf 2017-04-19 13:10 - 2017-04-19 13:10 - 02658304 _____ C:\Documents and Settings\Otam\Bureau\zhpcleaner_2016.12.24.222.exe 2017-04-19 13:09 - 2017-04-19 13:09 - 04089296 _____ C:\Documents and Settings\Otam\Bureau\adwcleaner_6.045.exe 2017-04-19 11:12 - 2017-04-19 11:12 - 00170799 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag_19042017.txt 2017-04-19 10:47 - 2017-04-20 10:00 - 00167483 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.txt 2017-04-19 10:29 - 2017-04-20 09:54 - 00000698 _____ C:\Documents and Settings\Otam\Bureau\ZHPDiag.lnk 2017-04-19 10:29 - 2017-04-19 10:29 - 00000000 ____D C:\Documents and Settings\Otam\Application Data\ZHP 2017-04-19 10:08 - 2017-04-19 10:08 - 00000638 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job 2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Program Files\Tracker Software 2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDF-XChange PDF Viewer 2017-04-19 10:08 - 2017-04-19 10:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Tracker Software 2017-04-19 09:56 - 2017-04-19 09:56 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-19-09-56-55.txt 2017-04-18 22:43 - 2017-04-18 22:43 - 00031803 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n.ggb 2017-04-18 22:25 - 2017-04-18 22:25 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-22-25-21.txt 2017-04-18 22:20 - 2017-04-18 22:20 - 00002076 _____ C:\Documents and Settings\All Users\Bureau\Kaspersky Anti-Ransomware Tool for Business.lnk 2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Program Files\Kaspersky Lab 2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Kaspersky Anti-Ransomware Tool for Business 2017-04-18 22:20 - 2017-04-18 22:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2017-04-18 22:20 - 2016-06-28 12:28 - 00109904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-04-18 22:20 - 2016-06-26 15:05 - 00791888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-04-18 22:20 - 2016-06-26 15:05 - 00153936 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-04-18 21:48 - 2017-04-18 21:51 - 00002676 _____ C:\RakhniDecryptor.1.17.17.0_18.04.2017_21.48.45_log.txt 2017-04-18 17:31 - 2017-04-18 17:38 - 00020168 _____ C:\Documents and Settings\Otam\Bureau\2 points sur cercle trigo.ggb 2017-04-18 16:19 - 2017-04-18 16:19 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-18-16-19-20.txt 2017-04-16 18:27 - 2017-04-16 18:27 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-27-24.txt 2017-04-16 18:02 - 2017-04-16 18:02 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-16-18-02-37.txt 2017-04-14 16:45 - 2017-04-14 16:45 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-16-45-49.txt 2017-04-14 16:45 - 2017-04-14 14:09 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-02.dmp 2017-04-14 14:09 - 2017-04-14 14:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-14-09-45.txt 2017-04-14 14:09 - 2017-04-14 13:53 - 00102400 _____ C:\WINDOWS\Minidump\Mini041417-01.dmp 2017-04-14 14:07 - 2017-04-14 14:07 - 00000000 __SHD C:\FOUND.041 2017-04-14 13:53 - 2017-04-14 13:53 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-13-53-54.txt 2017-04-14 13:49 - 2017-04-18 22:46 - 00097600 _____ C:\Documents and Settings\Otam\Bureau\multiplication par p modulo n 1.ggb 2017-04-14 12:32 - 2017-04-14 12:32 - 00029174 _____ C:\Documents and Settings\Otam\Bureau\w1.pdf 2017-04-14 12:26 - 2017-04-14 12:26 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-14-12-26-38.txt 2017-04-12 17:49 - 2017-04-16 19:05 - 00021075 _____ C:\Documents and Settings\Otam\Bureau\eval dpr YLeSerrec.ods 2017-04-11 08:43 - 2017-04-11 08:43 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-11-08-43-01.txt 2017-04-09 17:57 - 2017-04-09 17:57 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-17-57-56.txt 2017-04-09 17:19 - 2017-04-16 18:28 - 00148256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-04-09 17:18 - 2017-04-20 09:54 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-04-09 17:18 - 2017-04-18 17:32 - 00059904 _____ C:\WINDOWS\system32\Drivers\mbae.sys 2017-04-09 17:18 - 2017-04-09 17:18 - 00001619 _____ C:\Documents and Settings\All Users\Bureau\Malwarebytes.lnk 2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-09 17:18 - 2017-04-09 17:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Malwarebytes 2017-04-09 13:30 - 2017-04-09 13:30 - 00102849 _____ C:\Documents and Settings\Otam\Bureau\semainier 28 2016 2017.pdf 2017-04-09 13:09 - 2017-04-09 13:09 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-09-13-09-31.txt 2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html 2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html 2017-04-09 12:28 - 2017-04-09 12:28 - 00016670 _____ C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html 2017-04-09 12:27 - 2017-04-09 13:05 - 02073088 _____ C:\Documents and Settings\Otam\Application Data\3905113179 2017-04-06 15:18 - 2017-04-06 15:18 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-04-06-15-18-56.txt 2017-03-29 18:50 - 2017-03-29 18:50 - 00000636 _____ C:\Documents and Settings\Otam\Bureau\GeoGebra 5.0.lnk 2017-03-29 18:43 - 2017-03-29 18:43 - 00034263 _____ C:\Documents and Settings\Otam\Bureau\banc pyramide.ggb 2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCCleaner Pro 2017-03-29 11:39 - 2017-03-29 11:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AmSettingsLocal 2017-03-29 11:31 - 2017-03-29 11:31 - 00000066 _____ C:\WINDOWS\system32\DrvLog-2017-03-29-11-31-03.txt 2017-03-29 11:29 - 2017-03-29 11:29 - 00000000 __SHD C:\FOUND.040 2017-03-21 20:04 - 2017-03-21 20:04 - 00000586 _____ C:\Documents and Settings\All Users\Bureau\CCleaner.lnk ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-04-20 12:02 - 2012-12-19 19:42 - 00001056 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2017-04-20 11:26 - 2014-05-01 16:26 - 00000408 _____ C:\WINDOWS\Tasks\At1.job 2017-04-20 11:05 - 2012-11-19 22:00 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-04-20 09:54 - 2014-05-10 23:13 - 00220088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-20 09:52 - 2014-05-21 12:38 - 00000220 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job 2017-04-20 09:52 - 2012-12-19 19:42 - 00001052 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2017-04-20 09:52 - 2012-11-19 13:07 - 00051048 _____ C:\WINDOWS\system32\nvapps.xml 2017-04-20 09:51 - 2012-11-19 11:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-20 09:50 - 2016-10-02 09:40 - 00000012 _____ C:\WINDOWS\bthservsdp.dat 2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2017-04-20 09:50 - 2014-03-18 20:22 - 00256166 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3552450095-722642494-2735697518-1005-0.dat 2017-04-20 09:50 - 2012-11-19 11:43 - 00000284 ___SH C:\Documents and Settings\Otam\ntuser.ini 2017-04-20 09:50 - 2012-11-19 11:24 - 00032402 _____ C:\WINDOWS\SchedLgU.Txt 2017-04-20 09:15 - 2014-08-14 16:57 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2017-04-19 17:49 - 2016-11-24 11:26 - 00054156 ____H C:\WINDOWS\QTFont.qfn 2017-04-19 14:45 - 2016-11-24 11:26 - 00001409 _____ C:\WINDOWS\QTFont.for 2017-04-18 21:39 - 2004-09-20 17:49 - 00000216 __RSH C:\boot.ini 2017-04-18 21:39 - 2004-09-20 17:48 - 00000573 _____ C:\WINDOWS\win.ini 2017-04-18 21:39 - 2004-09-20 17:48 - 00000227 _____ C:\WINDOWS\system.ini 2017-04-18 21:12 - 2014-01-11 14:50 - 00355840 ___SH C:\Documents and Settings\Otam\Bureau\Thumbs.db 2017-04-18 16:19 - 2004-09-20 17:49 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl 2017-04-09 13:11 - 2014-05-21 12:38 - 00000214 _____ C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job 2017-04-05 16:17 - 2012-11-22 13:35 - 00028672 _____ C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-03-29 11:30 - 2012-11-19 11:15 - 00231984 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-03-25 15:17 - 2016-05-05 17:33 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job ==================== Fichiers à la racine de certains dossiers ======= 2012-11-24 11:08 - 2012-11-24 11:08 - 0000011 _____ () C:\Documents and Settings\Otam\Application Data\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC6.dll 2017-04-09 12:27 - 2017-04-09 13:05 - 2073088 _____ () C:\Documents and Settings\Otam\Application Data\3905113179 2017-04-09 12:28 - 2017-04-09 12:28 - 0016670 _____ () C:\Documents and Settings\Otam\Application Data\FR9CF-10RGR-FTRZK-ZTAZT-FRTAO-FFTFO-FYYYY.html 2012-11-22 13:35 - 2017-04-05 16:17 - 0028672 _____ () C:\Documents and Settings\Otam\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-11-19 18:16 - 2012-11-19 18:28 - 0000334 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log Fichiers à déplacer ou supprimer: ==================== C:\Windows\Tasks\At1.job ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement ==================== Fin de FRST.txt ============================