cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by boyer (administrator) on BOYER-PC on 06-06-2014 23:11:16
Running from C:\Users\boyer\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1244202647-1637106073-2610032509-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473464 2014-03-17] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9DFF9485886ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\boyer\AppData\Roaming\Mozilla\Firefox\Profiles\nh3eny4n.default
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: "name": "Mysearchdial"
CHR Extension: (Documents Google) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-13]
CHR Extension: (Google Drive) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-29]
CHR Extension: (YouTube) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19]
CHR Extension: (Recherche Google) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Gmail) - C:\Users\boyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19]

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-20] (Anchorfree Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 23:11 - 2014-06-06 23:11 - 00008654 _____ () C:\Users\boyer\Desktop\FRST.txt
2014-06-06 23:11 - 2014-06-06 23:11 - 00000000 ____D () C:\FRST
2014-06-06 23:09 - 2014-06-06 23:09 - 02072576 _____ (Farbar) C:\Users\boyer\Desktop\FRST64.exe
2014-06-06 18:23 - 2014-06-06 18:23 - 00083745 _____ () C:\Users\boyer\Desktop\2ZHPDiag.txt
2014-06-06 18:15 - 2014-06-06 18:15 - 00001397 _____ () C:\Users\boyer\Desktop\ZHPFix[R1].txt
2014-06-06 18:15 - 2014-06-06 18:14 - 00001397 _____ () C:\Users\boyer\Desktop\1ZHPFixReport.txt
2014-06-06 16:53 - 2014-06-06 16:53 - 00005542 _____ () C:\Users\boyer\Desktop\AdwCleaner[S0].txt
2014-06-06 16:50 - 2014-06-06 18:16 - 00001310 _____ () C:\Windows\PFRO.log
2014-06-06 16:48 - 2014-06-06 16:49 - 00000000 ____D () C:\AdwCleaner
2014-06-06 16:47 - 2014-06-06 16:48 - 01333465 _____ () C:\Users\boyer\Desktop\AdwCleaner-3.212.exe
2014-06-06 16:29 - 2014-06-06 16:29 - 00001504 _____ () C:\Users\boyer\Desktop\JRT.txt
2014-06-06 16:23 - 2014-06-06 16:23 - 01016261 _____ (Thisisu) C:\Users\boyer\Desktop\JRT.exe
2014-06-06 16:00 - 2014-06-06 23:06 - 00000392 _____ () C:\Windows\setupact.log
2014-06-06 16:00 - 2014-06-06 16:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-06 15:13 - 2014-06-06 18:22 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-06-06 15:09 - 2014-06-06 18:20 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\ZHP
2014-06-06 15:09 - 2014-06-06 15:09 - 00001951 _____ () C:\Users\boyer\Desktop\ZHPFix.lnk
2014-06-06 15:09 - 2014-06-06 15:09 - 00001824 _____ () C:\Users\boyer\Desktop\ZHPDiag.lnk
2014-06-06 15:09 - 2014-06-06 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-06-06 15:09 - 2014-06-06 15:09 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-06-06 15:07 - 2014-06-06 15:08 - 06853900 _____ (Nicolas Coolman ) C:\Users\boyer\Desktop\ZHPDiag2.exe
2014-06-06 14:17 - 2014-06-05 14:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys
2014-06-06 13:49 - 2014-06-06 13:58 - 00000000 ____D () C:\Users\boyer\Desktop\pour_tes_vieux_jours
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\OpenOffice
2014-05-26 16:42 - 2014-05-26 16:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-26 16:38 - 2014-05-26 16:38 - 143485940 _____ () C:\Users\boyer\Downloads\25829-673220-openoffice.exe
2014-05-26 16:33 - 2014-05-26 16:33 - 00807168 _____ () C:\Users\boyer\Desktop\installer_openoffice_French.exe
2014-05-25 20:48 - 2014-05-25 20:48 - 00002003 _____ () C:\Users\boyer\Desktop\img169.pdf - Raccourci.lnk
2014-05-25 20:45 - 2014-05-25 20:45 - 00013126 _____ () C:\Users\boyer\Desktop\rapport st junien.odt
2014-05-14 14:01 - 2014-06-04 12:18 - 00000000 ____D () C:\Users\boyer\AppData\Local\CrashDumps
2014-05-11 21:30 - 2014-05-11 21:30 - 00012287 _____ () C:\Users\boyer\Documents\bergerac.odt
2014-05-09 18:17 - 2014-05-09 18:20 - 00014807 _____ () C:\Users\boyer\Documents\lettre penne.odt

==================== One Month Modified Files and Folders =======

2014-06-06 23:11 - 2014-06-06 23:11 - 00008654 _____ () C:\Users\boyer\Desktop\FRST.txt
2014-06-06 23:11 - 2014-06-06 23:11 - 00000000 ____D () C:\FRST
2014-06-06 23:11 - 2012-11-14 18:06 - 00000000 ____D () C:\Users\boyer\AppData\Local\Temp
2014-06-06 23:09 - 2014-06-06 23:09 - 02072576 _____ (Farbar) C:\Users\boyer\Desktop\FRST64.exe
2014-06-06 23:09 - 2013-05-31 20:20 - 01434808 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 23:06 - 2014-06-06 16:00 - 00000392 _____ () C:\Windows\setupact.log
2014-06-06 23:06 - 2012-11-14 18:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-06 23:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 18:24 - 2009-07-14 06:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 18:24 - 2009-07-14 06:45 - 00023376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 18:23 - 2014-06-06 18:23 - 00083745 _____ () C:\Users\boyer\Desktop\2ZHPDiag.txt
2014-06-06 18:22 - 2014-06-06 15:13 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-06-06 18:20 - 2014-06-06 15:09 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\ZHP
2014-06-06 18:16 - 2014-06-06 16:50 - 00001310 _____ () C:\Windows\PFRO.log
2014-06-06 18:15 - 2014-06-06 18:15 - 00001397 _____ () C:\Users\boyer\Desktop\ZHPFix[R1].txt
2014-06-06 18:14 - 2014-06-06 18:15 - 00001397 _____ () C:\Users\boyer\Desktop\1ZHPFixReport.txt
2014-06-06 16:53 - 2014-06-06 16:53 - 00005542 _____ () C:\Users\boyer\Desktop\AdwCleaner[S0].txt
2014-06-06 16:49 - 2014-06-06 16:48 - 00000000 ____D () C:\AdwCleaner
2014-06-06 16:48 - 2014-06-06 16:47 - 01333465 _____ () C:\Users\boyer\Desktop\AdwCleaner-3.212.exe
2014-06-06 16:29 - 2014-06-06 16:29 - 00001504 _____ () C:\Users\boyer\Desktop\JRT.txt
2014-06-06 16:23 - 2014-06-06 16:23 - 01016261 _____ (Thisisu) C:\Users\boyer\Desktop\JRT.exe
2014-06-06 16:00 - 2014-06-06 16:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-06 15:09 - 2014-06-06 15:09 - 00001951 _____ () C:\Users\boyer\Desktop\ZHPFix.lnk
2014-06-06 15:09 - 2014-06-06 15:09 - 00001824 _____ () C:\Users\boyer\Desktop\ZHPDiag.lnk
2014-06-06 15:09 - 2014-06-06 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-06-06 15:09 - 2014-06-06 15:09 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-06-06 15:08 - 2014-06-06 15:07 - 06853900 _____ (Nicolas Coolman ) C:\Users\boyer\Desktop\ZHPDiag2.exe
2014-06-06 14:23 - 2009-07-14 04:34 - 00000527 _____ () C:\Windows\win.ini
2014-06-06 14:12 - 2013-04-09 15:40 - 00121072 _____ () C:\Users\boyer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 14:11 - 2012-11-15 13:11 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
2014-06-06 14:11 - 2012-11-14 18:06 - 00000000 ____D () C:\Users\boyer
2014-06-06 14:10 - 2014-04-28 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-06 14:10 - 2014-04-28 19:25 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-06 14:10 - 2014-03-31 10:07 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2014-06-06 14:10 - 2013-06-21 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-06-06 14:10 - 2013-03-25 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-06-06 14:10 - 2013-01-04 14:55 - 00000000 ____D () C:\Windows\pss
2014-06-06 14:10 - 2012-11-15 13:11 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-06-06 14:10 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-06 14:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-06-06 14:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-06 14:09 - 2012-11-17 12:21 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\Epson
2014-06-06 14:09 - 2012-11-15 19:50 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2014-06-06 14:09 - 2012-11-15 13:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-06 13:58 - 2014-06-06 13:49 - 00000000 ____D () C:\Users\boyer\Desktop\pour_tes_vieux_jours
2014-06-05 14:26 - 2014-06-06 14:17 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys
2014-06-04 12:18 - 2014-05-14 14:01 - 00000000 ____D () C:\Users\boyer\AppData\Local\CrashDumps
2014-05-27 09:41 - 2011-06-03 17:57 - 00014175 _____ () C:\Users\boyer\Documents\adresse importante et tel.odt
2014-05-26 16:43 - 2014-05-26 16:43 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\OpenOffice
2014-05-26 16:42 - 2014-05-26 16:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-26 16:38 - 2014-05-26 16:38 - 143485940 _____ () C:\Users\boyer\Downloads\25829-673220-openoffice.exe
2014-05-26 16:33 - 2014-05-26 16:33 - 00807168 _____ () C:\Users\boyer\Desktop\installer_openoffice_French.exe
2014-05-25 20:48 - 2014-05-25 20:48 - 00002003 _____ () C:\Users\boyer\Desktop\img169.pdf - Raccourci.lnk
2014-05-25 20:45 - 2014-05-25 20:45 - 00013126 _____ () C:\Users\boyer\Desktop\rapport st junien.odt
2014-05-24 10:45 - 2009-07-14 17:24 - 00700796 _____ () C:\Windows\system32\perfh00C.dat
2014-05-24 10:45 - 2009-07-14 17:24 - 00128340 _____ () C:\Windows\system32\perfc00C.dat
2014-05-24 10:45 - 2009-07-14 07:13 - 01538304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 19:21 - 2013-02-15 12:13 - 00000000 ____D () C:\Windows\Minidump
2014-05-20 16:26 - 2009-07-14 07:08 - 00032496 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-16 15:03 - 2012-11-16 19:20 - 00000000 ____D () C:\Users\boyer\AppData\Local\Microsoft Games
2014-05-16 15:02 - 2012-11-16 14:06 - 00000000 ____D () C:\Users\boyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-16 11:35 - 2012-11-15 13:45 - 00002057 _____ () C:\Windows\epplauncher.mif
2014-05-14 18:57 - 2012-11-15 13:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-14 18:47 - 2012-11-15 13:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 18:46 - 2013-07-15 10:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 18:45 - 2012-11-15 17:28 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 18:24 - 2014-04-28 19:25 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-14 13:48 - 2014-03-26 10:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 13:41 - 2012-11-14 18:39 - 00000000 ____D () C:\NVIDIA
2014-05-11 21:30 - 2014-05-11 21:30 - 00012287 _____ () C:\Users\boyer\Documents\bergerac.odt
2014-05-10 10:19 - 2013-12-20 18:52 - 00000000 ____D () C:\Users\boyer\Documents\photos
2014-05-09 18:20 - 2014-05-09 18:17 - 00014807 _____ () C:\Users\boyer\Documents\lettre penne.odt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-20 17:05

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité