cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by baker (administrator) on PC on 27-03-2015 14:37:29
Running from C:\Users\baker\Desktop
Loaded Profiles: baker (Available profiles: baker)
Platform: Microsoft Windows 7 Édition Starter Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Policies\Explorer\Run: [Updates] => C:\system32\SystemProtection.exe [141824 2009-07-14] ( (Microsoft Corporation))
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: D - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {0ff5afb8-422c-11e3-8a9d-a6587df54b0b} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {17dd8f26-6fe0-11e3-a5c1-8c694ecc1d2a} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {1fadf7fb-43d0-11e3-a7f9-ac81129729d5} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {22117e21-b1e5-11e4-982b-101f744e3743} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {2847371f-6feb-11e3-a80a-f909093cda31} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {3d2609af-7d13-11e3-8a0a-ac81129729d5} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {3d260ccd-7d13-11e3-8a0a-9d9c73db6409} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {3fa6ab15-80e5-11e3-a86d-ac81129729d5} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {4309bc72-65a4-11e3-a2af-d8595a9c0d33} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {4309bcdb-65a4-11e3-a2af-d8595a9c0d33} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {44bcb532-479a-11e3-a5af-93aa79adb739} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {4a52612c-c80d-11e4-b764-101f744e3743} - F:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {4d6790dc-852a-11e3-bb2d-ac81129729d5} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {63356630-6f2a-11e3-aa40-ff9d4977242c} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {684af72f-7a8c-11e3-a721-dbfc8d7f133d} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {81fcf5f2-c9a9-11e4-8217-101f744e3743} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {8ddd2a90-7c61-11e3-afd5-aad811a9ae3e} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {afaf4b30-4e93-11e2-89d5-101f744e3743} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {b54195dc-8717-11e2-9557-101f744e3743} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {bf958871-d1d0-11e4-9671-101f744e3743} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {c1432582-42ba-11e3-ae75-9363da790932} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {c346be19-c7f7-11e4-abb6-101f744e3743} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {d668cbef-aecc-11e3-838f-101f744e3743} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {daf44319-8b1d-11e3-8667-e22bd5ebdea0} - D:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {e2ae0c96-42ce-11e3-ab3e-faf50b9c162b} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {e5d55f32-873c-11e3-95cc-8c6e925c6027} - E:\autorun.exe
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\...\MountPoints2: {f7cf0f08-4950-11e3-b4de-c165b0985c3b} - E:\autorun.exe
ShellIconOverlayIdentifiers: [snxPluginsShell] -> {F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-64059620-3433549647-2875831063-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-64059620-3433549647-2875831063-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-64059620-3433549647-2875831063-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File []
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File []
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Hosts: Hosts file not detected in the default directory
Tcpip\..\Interfaces\{5DF1170A-E911-42EA-93C6-3C31F82DC718}: [NameServer] 192.168.128.130
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.21.169\npGoogleUpdate3.dll [2015-03-26] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.0.9

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\baker\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [iijdejcjlbgbpkdjanfjanndnffpkfdl] - C:\Program Files\Alnaddy.com\alnaddyToolbar\1.5.25.2\alnaddyToolbar.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [17744 2010-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [50768 2010-09-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\Drivers\aswRdr.sys [23376 2010-09-07] (AVAST Software)
S1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [340048 2010-09-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [165584 2010-09-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [46672 2010-09-07] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-09-29] (AVG Technologies)
S3 cmusbser; C:\Windows\System32\DRIVERS\cmusbser.sys [103552 2008-08-29] (Mobile Connector) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-04-25] (Duplex Secure Ltd.)
S3 AgereSoftModem; system32\DRIVERS\AGRSM.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 flpydisk; \SystemRoot\system32\DRIVERS\flpydisk.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 14:37 - 2015-03-27 14:38 - 00011190 _____ () C:\Users\baker\Desktop\FRST.txt
2015-03-27 14:33 - 2015-03-27 14:33 - 00006050 _____ () C:\Windows\DPINST.LOG
2015-03-27 04:32 - 2015-03-27 04:32 - 00000330 _____ () C:\Windows\PFRO.log
2015-03-26 22:12 - 2015-03-26 20:28 - 01135104 _____ (Farbar) C:\Users\baker\Desktop\FRST.exe
2015-03-26 22:11 - 2015-03-26 22:11 - 00111056 _____ () C:\Users\baker\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-26 21:49 - 2015-03-27 14:24 - 00001050 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-26 21:49 - 2015-03-27 12:54 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-26 21:46 - 2015-03-27 14:37 - 00000000 ____D () C:\FRST
2015-03-25 22:48 - 2015-03-27 14:24 - 00000560 _____ () C:\Windows\setupact.log
2015-03-25 22:48 - 2015-03-25 22:48 - 00424056 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-25 22:48 - 2015-03-25 22:48 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-25 22:37 - 2015-03-25 22:37 - 00000020 _____ () C:\Windows\€óå
2015-03-25 21:15 - 2015-03-27 14:28 - 00036478 _____ () C:\Windows\WindowsUpdate.log
2015-03-25 19:49 - 2015-03-25 19:49 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-24 19:48 - 2015-03-24 19:48 - 00000156 _____ () C:\Windows\system32\kisknl.log
2015-03-24 14:16 - 2015-03-26 22:05 - 00000000 ____D () C:\ProgramData\kingsoft
2015-03-24 14:16 - 2015-03-24 14:16 - 00000000 __SHD () C:\KRECYCLE
2015-03-24 14:15 - 2015-03-24 14:15 - 00000000 ____D () C:\Program Files\kingsoft
2015-03-24 14:14 - 2015-03-24 14:14 - 14300584 _____ (Kingsoft Corporation) C:\Users\baker\Downloads\kav_setup.exe
2015-03-23 23:53 - 2015-03-23 23:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-23 19:06 - 2015-03-25 23:04 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-03-23 18:54 - 2015-03-26 21:54 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-03-23 18:54 - 2015-03-25 23:18 - 00000000 ____D () C:\Users\baker\AppData\Roaming\ZHP
2015-03-23 17:08 - 2015-03-25 22:50 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-23 17:08 - 2015-03-23 17:40 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-12 18:15 - 2015-03-14 09:26 - 00000000 ____D () C:\found.001
2015-03-11 17:41 - 2015-03-11 17:41 - 00000000 ____D () C:\Users\baker\AppData\Roaming\ProductData
2015-03-09 17:56 - 2015-03-09 17:56 - 00000000 ____D () C:\found.000
2015-02-28 22:12 - 2015-03-25 22:47 - 00000000 ____D () C:\AdwCleaner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 14:36 - 2012-06-22 07:28 - 01677484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 14:34 - 2013-03-18 18:34 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-27 14:30 - 2009-07-14 05:34 - 00017328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 14:30 - 2009-07-14 05:34 - 00017328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 14:25 - 2013-07-18 15:57 - 00016384 _____ () C:\Windows\system32\Ikeext.etl
2015-03-27 14:24 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 13:06 - 2012-07-01 14:40 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 12:37 - 2015-01-15 20:56 - 00000000 ____D () C:\Users\baker\AppData\Roaming\vlc
2015-03-26 21:50 - 2013-03-11 00:10 - 00000000 ____D () C:\Program Files\Google
2015-03-26 15:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-03-25 19:49 - 2013-04-14 19:24 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-24 21:42 - 2013-04-25 13:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-24 20:38 - 2013-10-31 13:58 - 00000000 ____D () C:\Users\baker
2015-03-24 03:13 - 2015-01-13 02:21 - 00007605 _____ () C:\Users\baker\AppData\Local\resmon.resmoncfg
2015-03-24 01:17 - 2015-01-28 23:03 - 00000000 ____D () C:\Program Files\ShortenMe googl URL shortener QR codes
2015-03-24 00:08 - 2013-10-31 16:45 - 00000000 ____D () C:\Users\baker\AppData\Roaming\IDM
2015-03-23 20:11 - 2013-04-16 20:46 - 00000000 ____D () C:\Program Files\Internet Download Manager
2015-03-23 20:08 - 2013-10-31 16:45 - 00000000 ____D () C:\Users\baker\AppData\Roaming\DMCache
2015-03-23 20:05 - 2013-03-18 16:44 - 00000000 ____D () C:\Windows\Minidump
2015-03-23 19:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2015-03-18 15:40 - 2015-02-16 01:12 - 00000000 ____D () C:\Users\baker\khadidja
2015-03-18 08:48 - 2012-07-01 21:35 - 00000000 ____D () C:\ProgramData\Skype
2015-03-18 08:47 - 2013-12-13 00:18 - 00000000 ____D () C:\Users\baker\AppData\Roaming\Skype
2015-03-17 10:16 - 2009-07-14 05:53 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-12 12:40 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-08 22:28 - 2013-12-21 13:33 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-03 23:18 - 2015-02-05 01:05 - 00000000 ____D () C:\FFOutput
2015-03-03 23:18 - 2012-06-22 15:53 - 00000000 ____D () C:\Intel
2015-03-03 19:55 - 2013-03-17 22:04 - 00000000 __SHD () C:\Kernel
2015-02-26 02:42 - 2013-11-06 10:28 - 00000000 ____D () C:\ProgramData\IObit
2015-02-26 02:42 - 2013-11-01 17:43 - 00000000 ____D () C:\Users\baker\AppData\Roaming\IObit
2015-02-26 02:42 - 2013-04-14 02:03 - 00000000 ____D () C:\1619ff0501469b5a69a43da71d4256
2015-02-26 02:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-02-26 02:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-02-26 02:41 - 2013-11-06 10:28 - 00000000 ____D () C:\Program Files\IObit
2015-02-26 02:41 - 2013-10-30 21:20 - 00000000 ____D () C:\ProgramData\Apple
2015-02-26 02:41 - 2013-04-25 13:43 - 00000000 ____D () C:\Program Files\Microsoft Office

==================== Files in the root of some directories =======

2014-02-12 23:03 - 2014-02-12 23:45 - 4096000 _____ () C:\Program Files\GUT24A4.tmp
2013-11-02 08:39 - 2013-11-02 16:03 - 4096000 _____ () C:\Program Files\GUT9D87.tmp
2014-02-12 22:59 - 2014-02-12 23:45 - 4096000 _____ () C:\Program Files\GUTAB30.tmp
2015-01-27 03:03 - 2015-01-27 03:03 - 4096000 _____ () C:\Program Files\GUTF3A2.tmp
2014-01-14 23:14 - 2014-01-14 23:33 - 0000100 _____ () C:\Users\baker\AppData\Roaming\Camdata.ini
2014-01-14 23:14 - 2014-01-14 23:33 - 0000408 _____ () C:\Users\baker\AppData\Roaming\CamLayout.ini
2014-01-14 23:14 - 2014-01-14 23:33 - 0000408 _____ () C:\Users\baker\AppData\Roaming\CamShapes.ini
2014-01-14 23:14 - 2014-01-14 23:33 - 0004546 _____ () C:\Users\baker\AppData\Roaming\CamStudio.cfg
2013-12-16 18:23 - 2013-12-16 18:23 - 0016746 _____ () C:\Users\baker\AppData\Roaming\UserTile.png
2014-01-14 23:12 - 2014-01-14 23:12 - 0000096 _____ () C:\Users\baker\AppData\Roaming\version2.xml
2015-02-07 03:28 - 2015-02-10 02:09 - 0097564 _____ () C:\Users\baker\AppData\Local\ars.cache
2015-02-07 03:29 - 2015-02-10 02:09 - 0231450 _____ () C:\Users\baker\AppData\Local\census.cache
2015-02-07 01:36 - 2015-02-07 01:36 - 0000036 _____ () C:\Users\baker\AppData\Local\housecall.guid.cache
2015-01-13 02:21 - 2015-03-24 03:13 - 0007605 _____ () C:\Users\baker\AppData\Local\resmon.resmoncfg
2015-02-07 17:24 - 2015-02-07 04:32 - 0000898 _____ () C:\ProgramData\ProgramData.lnk

Some content of TEMP:
====================
C:\Users\baker\AppData\Local\Temp\dllnt_dump.dll
C:\Users\baker\AppData\Local\Temp\Quarantine.exe
C:\Users\baker\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-25 03:47

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité