cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by g3n-h@ckm@n (administrator) on G3N-HCKMN-PC on 28-04-2015 19:25:38
Running from C:\Users\g3n-h@ckm@n\Desktop
Loaded Profiles: g3n-h@ckm@n (Available profiles: g3n-h@ckm@n)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Oracle Corporation) C:\Windows\System32\VBoxService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Oracle Corporation) C:\Windows\System32\VBoxTray.exe
(Info soft) C:\Users\g3n-h@ckm@n\AppData\Roaming\drivers\winupgro.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VBoxTray] => C:\Windows\system32\VBoxTray.exe [1537608 2015-02-12] (Oracle Corporation)
HKU\S-1-5-21-2345046614-25744674-3356666314-1000\...\Run: [drvsyskit] => C:\Users\g3n-h@ckm@n\AppData\Roaming\drivers\winupgro.exe [860672 2011-10-17] (Info soft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2345046614-25744674-3356666314-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 VBoxService; C:\Windows\System32\VBoxService.exe [1778616 2015-02-12] (Oracle Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 VBoxGuest; C:\Windows\System32\DRIVERS\VBoxGuest.sys [152288 2015-02-12] (Oracle Corporation)
R3 VBoxMouse; C:\Windows\System32\DRIVERS\VBoxMouse.sys [120840 2015-02-12] (Oracle Corporation)
R1 VBoxSF; C:\Windows\System32\drivers\VBoxSF.sys [294440 2015-02-12] (Oracle Corporation)
R3 VBoxVideo; C:\Windows\System32\DRIVERS\VBoxVideo.sys [145584 2015-02-12] (Oracle Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-28 19:25 - 2015-04-28 19:27 - 00003698 _____ () C:\Users\g3n-h@ckm@n\Desktop\FRST.txt
2015-04-28 19:25 - 2015-04-28 19:25 - 02100736 _____ (Farbar) C:\Users\g3n-h@ckm@n\Desktop\FRST64.exe
2015-04-28 19:25 - 2015-04-28 19:25 - 00000000 ____D () C:\FRST
2015-04-28 14:32 - 2015-04-28 14:32 - 00009315 ____R () C:\Users\g3n-h@ckm@n\Desktop\Pre_Scan_28_04_2015_14_32_20.txt
2015-04-28 14:32 - 2015-04-28 14:32 - 00009315 ____R () C:\Pre_Scan_28_04_2015_14_32_20.txt
2015-04-28 14:32 - 2015-04-28 14:32 - 00000988 _____ () C:\Users\g3n-h@ckm@n\Desktop\Internet Explorer.lnk
2015-04-28 14:24 - 2015-04-28 14:32 - 00000000 ____D () C:\Pre_Scan
2015-04-28 14:24 - 2015-04-28 14:24 - 00001526 _____ () C:\Users\g3n-h@ckm@n\Desktop\Pre_Scan_Restore.lnk
2015-04-28 14:24 - 2015-04-28 14:24 - 00001154 _____ () C:\Users\g3n-h@ckm@n\Desktop\Pre_Scan_Donate.lnk
2015-04-28 14:23 - 2015-04-28 14:23 - 03315712 _____ (SosVirus) C:\Users\g3n-h@ckm@n\Desktop\Pre_Scan.exe
2015-04-28 14:14 - 2015-04-28 14:14 - 00000000 ____D () C:\Users\g3n-h@ckm@n\Desktop\bagle
2015-04-28 14:14 - 2015-04-28 14:11 - 00797523 _____ () C:\Users\g3n-h@ckm@n\Desktop\bagle.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-28 14:35 - 2011-04-12 11:16 - 00695004 _____ () C:\Windows\system32\perfh00C.dat
2015-04-28 14:35 - 2011-04-12 11:16 - 00127684 _____ () C:\Windows\system32\perfc00C.dat
2015-04-28 14:35 - 2009-07-14 07:13 - 01524562 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 14:32 - 2009-07-14 06:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-28 14:32 - 2009-07-14 06:45 - 00016848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-28 14:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-28 14:31 - 2009-07-14 06:51 - 00022031 _____ () C:\Windows\setupact.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-02 12:37

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité