cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by Danielle (administrator) on DANY on 03-03-2015 18:23:27
Running from C:\Users\Danielle\Desktop
Loaded Profiles: Danielle (Available profiles: UpdatusUser & Danielle)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-10-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-10-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4145342318-3558495740-3454462980-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-4145342318-3558495740-3454462980-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4145342318-3558495740-3454462980-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.free.fr/
HKU\S-1-5-21-4145342318-3558495740-3454462980-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4145342318-3558495740-3454462980-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4145342318-3558495740-3454462980-1002 -> {5E663EFA-0FEF-4EFB-B211-226853B66E84} URL = https://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=201117&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4145342318-3558495740-3454462980-1002 -> {F8B8045D-8C74-4C59-B30C-30FE318DA026} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://free.fr/
CHR StartupUrls: Default -> "hxxp://portail.free.fr/", "hxxp://mafreebox.freebox.fr/", "https://fr.yahoo.com/?fr=hp-avast&type=avastbcl", "hxxp://free.fr/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-05]
CHR Extension: (Google Drive) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-24]
CHR Extension: (YouTube) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Google Search) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (Google Wallet) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Gmail) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
S3 ssudserd; \SystemRoot\system32\DRIVERS\ssudserd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 18:23 - 2015-03-03 18:23 - 00014051 _____ () C:\Users\Danielle\Desktop\FRST.txt
2015-03-03 18:23 - 2015-03-03 18:23 - 00000000 ____D () C:\FRST
2015-03-03 18:19 - 2015-03-03 18:19 - 02092544 _____ (Farbar) C:\Users\Danielle\Desktop\FRST64.exe
2015-03-03 13:33 - 2015-03-03 16:00 - 00000000 ____D () C:\AdwCleaner
2015-03-03 13:33 - 2015-03-03 13:33 - 02126848 _____ () C:\Users\Danielle\Desktop\adwcleaner_4.111.exe
2015-03-03 11:34 - 2015-03-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 11:33 - 2015-03-03 17:38 - 00001082 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-03 11:33 - 2015-03-03 16:01 - 00001078 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-03 11:33 - 2015-03-03 11:33 - 00004054 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-03 11:33 - 2015-03-03 11:33 - 00003818 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-03 11:33 - 2015-03-03 11:33 - 00000000 ____D () C:\Users\Danielle\AppData\Local\Deployment
2015-03-03 11:33 - 2015-03-03 11:33 - 00000000 ____D () C:\Users\Danielle\AppData\Local\Apps\2.0
2015-03-03 10:53 - 2015-03-03 10:53 - 00336671 _____ () C:\Users\Danielle\Downloads\favoris_03_03_2015.html
2015-03-02 22:28 - 2015-03-02 22:28 - 00002348 _____ () C:\Users\Danielle\Downloads\AdwCleaner[R1].txt
2015-03-02 21:15 - 2015-03-02 21:15 - 00085631 _____ () C:\Users\Danielle\Desktop\ZHPDiag.txt
2015-03-02 20:46 - 2015-03-02 20:46 - 00000000 ____D () C:\Users\Danielle\AppData\Local\CrashDumps
2015-03-02 19:51 - 2015-03-02 20:04 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-03-02 19:51 - 2015-03-02 20:02 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-02 18:03 - 2015-03-02 21:14 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-03-02 18:00 - 2015-03-02 21:13 - 00000000 ____D () C:\Users\Danielle\AppData\Roaming\ZHP
2015-03-02 18:00 - 2015-03-02 18:00 - 00002018 _____ () C:\Users\Danielle\Desktop\ZHPFix.lnk
2015-03-02 18:00 - 2015-03-02 18:00 - 00001887 _____ () C:\Users\Danielle\Desktop\ZHPDiag.lnk
2015-03-02 18:00 - 2015-03-02 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-03-02 18:00 - 2015-03-02 18:00 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2015-03-02 17:55 - 2015-03-02 17:55 - 06876249 _____ (Nicolas Coolman ) C:\Users\Danielle\Desktop\ZHPDiag2.exe
2015-02-27 18:48 - 2015-02-27 18:48 - 00001200 _____ () C:\Users\Danielle\Desktop\Auslogics DiskDefrag.lnk
2015-02-27 18:48 - 2015-02-27 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-02-27 18:48 - 2015-02-27 18:48 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2015-02-27 18:46 - 2015-02-27 18:46 - 06691480 _____ (Auslogics Labs Pty Ltd ) C:\Users\Danielle\Downloads\disk-defrag-setup.exe
2015-02-25 13:39 - 2015-03-02 14:35 - 00026068 _____ () C:\Users\Danielle\Desktop\SFTGC.txt
2015-02-25 13:36 - 2015-02-25 13:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-25 13:35 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-02-25 13:35 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-02-15 16:33 - 2015-02-15 16:33 - 00002778 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-02-14 14:14 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-02-13 19:12 - 2015-02-13 19:13 - 00001514 _____ () C:\Users\Danielle\Documents\problèmes de wifi.txt
2015-02-13 19:00 - 2015-02-13 19:00 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Tâches de l’Observateur d’événements
2015-02-12 16:00 - 2015-02-12 16:00 - 00000779 _____ () C:\Users\Public\Desktop\Speccy.lnk
2015-02-12 16:00 - 2015-02-12 16:00 - 00000000 ____D () C:\Program Files\Speccy
2015-02-12 15:59 - 2015-02-12 15:59 - 05135288 _____ (Piriform Ltd) C:\Users\Danielle\Downloads\speccysetup128.exe
2015-02-12 11:59 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-12 11:59 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-11 11:52 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 11:52 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 11:52 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-02-11 11:52 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 11:52 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 11:52 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 11:52 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 11:52 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-02-11 11:52 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 11:52 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-02-11 11:52 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 11:52 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 11:52 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-02-11 11:51 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-02-11 11:51 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-02-11 11:51 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-02-11 11:51 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-02-11 11:51 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-02-11 11:51 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-02-11 11:51 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-02-11 11:51 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-11 11:51 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-11 11:51 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-11 11:51 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 11:51 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-11 11:51 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 11:51 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-02-11 11:51 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 11:51 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-11 11:51 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 11:51 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 11:51 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-11 11:51 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 11:51 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-11 11:51 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-11 11:51 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-11 11:51 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-11 11:51 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-11 11:51 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 11:51 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-11 11:51 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 11:51 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 11:51 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-02-11 11:51 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-11 11:51 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 11:51 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 11:51 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 11:51 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 11:51 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 11:51 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-11 11:51 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-11 11:51 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 11:51 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 11:51 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 11:51 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-02-11 11:51 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-02-11 11:51 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 11:51 - 2014-12-09 00:12 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-02-09 19:11 - 2015-02-10 18:24 - 00000000 ____D () C:\Users\Danielle\AppData\Local\Lenovo
2015-02-09 19:10 - 2015-02-11 13:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-02-09 19:10 - 2015-02-09 19:10 - 02356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2015-02-09 17:06 - 2015-02-14 15:40 - 00007605 _____ () C:\Users\Danielle\AppData\Local\resmon.resmoncfg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 18:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-03 16:21 - 2014-12-20 19:20 - 01335228 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-03 16:02 - 2014-06-05 03:59 - 00000000 __RDO () C:\Users\Danielle\OneDrive
2015-03-03 16:01 - 2014-12-20 21:10 - 00009715 _____ () C:\WINDOWS\setupact.log
2015-03-03 16:01 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-03 16:01 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-03 12:24 - 2014-06-04 15:22 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4145342318-3558495740-3454462980-1002
2015-03-03 11:52 - 2014-12-21 16:18 - 00314802 _____ () C:\WINDOWS\PFRO.log
2015-03-03 11:33 - 2014-06-05 10:45 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-02 23:04 - 2014-06-18 13:15 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 16:46 - 2014-06-05 03:37 - 00000000 ____D () C:\Users\Danielle
2015-02-28 18:47 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-02-26 20:31 - 2014-03-18 11:02 - 01827432 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-26 20:31 - 2014-03-18 10:26 - 00813388 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-02-26 20:31 - 2014-03-18 10:26 - 00159948 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-02-26 15:38 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-25 13:36 - 2014-06-05 16:08 - 00000805 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-25 13:35 - 2014-06-05 16:08 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-24 18:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-23 17:51 - 2014-09-05 17:35 - 00060928 _____ () C:\Users\Danielle\Documents\Devis DS3.Pour maintenace & PR-Riric.xls
2015-02-23 17:51 - 2014-06-13 21:55 - 00016384 _____ () C:\Users\Danielle\Documents\DS3 suivi 5000 Km pour RAZ infos.xls
2015-02-23 17:35 - 2014-06-21 14:21 - 00000000 ____D () C:\Users\Danielle\Documents\Adresses pour -Télechargement de LOGICIELS
2015-02-15 17:41 - 2014-09-15 15:30 - 00001215 _____ () C:\Users\Danielle\Documents\Notes TXT-box -Wifi.txt
2015-02-14 15:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\registration
2015-02-14 14:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-14 14:08 - 2014-06-05 10:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-13 16:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-12 17:57 - 2014-06-05 04:01 - 00003952 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AE4FFFEE-6A30-4D36-8051-2C168E5A0409}
2015-02-11 14:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-11 13:46 - 2014-08-08 11:51 - 00426232 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-11 13:42 - 2014-06-04 17:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 13:40 - 2014-06-04 17:50 - 116773704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-11 13:39 - 2014-12-10 18:01 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-11 13:39 - 2014-07-10 17:49 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-10 20:35 - 2014-06-13 21:31 - 00150528 _____ () C:\Users\Danielle\Documents\Adress1.xls
2015-02-09 19:13 - 2013-10-17 07:59 - 00000000 ____D () C:\ProgramData\Lenovo
2015-02-09 19:13 - 2013-10-17 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-02-09 19:13 - 2013-10-17 07:41 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-02-09 19:12 - 2013-10-17 07:42 - 00000000 ____D () C:\Program Files\Lenovo
2015-02-06 22:00 - 2014-06-15 10:45 - 00108032 _____ () C:\Users\Danielle\Documents\EAU.xls
2015-02-06 21:53 - 2014-06-13 21:36 - 00021504 _____ () C:\Users\Danielle\Documents\ACHATS DIVERS.xls
2015-02-06 21:49 - 2014-06-18 16:45 - 00000000 ____D () C:\Users\Danielle\Documents\FICHIERS - PDF fichiers-
2015-02-03 20:31 - 2014-12-10 18:02 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-12-10 18:02 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-07-14 15:04 - 2014-07-14 15:04 - 0004096 ____H () C:\Users\Danielle\AppData\Local\keyfile3.drm
2015-02-09 17:06 - 2015-02-14 15:40 - 0007605 _____ () C:\Users\Danielle\AppData\Local\resmon.resmoncfg
2013-10-17 07:40 - 2013-10-17 07:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Danielle\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Danielle\AppData\Local\Temp\Quarantine.exe
C:\Users\Danielle\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-02 14:31

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité