cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by David (administrator) on DAVID-PC on 08-04-2015 13:48:19
Running from C:\Users\David\Downloads
Loaded Profiles: David (Available profiles: David)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Akamai Technologies, Inc.) C:\Users\David\AppData\Local\Akamai\netsession_win.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dropbox, Inc.) C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-20] ()
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-04-26] ()
HKLM-x32\...\Run: [StopDefragment] => Install\StopDefragment.exe
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2442216023-2265285003-59390974-1002\...\Run: [Akamai NetSession Interface] => C:\Users\David\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2442216023-2265285003-59390974-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-2442216023-2265285003-59390974-1002\...\MountPoints2: {3ca58afa-ae2e-11e4-a5cf-20cf30735c0e} - D:\Installer.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-18] (Microsoft Corporation)
AppInit_DLLs-x32: C:/PROGRA~3/{834F6~1/191~1.1/fafi.dll => C:\ProgramData\{834F6B8C-D3CD-BA0A-624B-CA88B2C91906}\1.9.1.1\fafi.dll [964608 2015-02-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ARMA3_v36.lnk
ShortcutTarget: ARMA3_v36.lnk -> C:\ProgramData\{13891525-c283-f78b-1389-91525c285497}\ARMA3_v36.exe (No File)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dead Island Riptide-Black Box.lnk
ShortcutTarget: Dead Island Riptide-Black Box.lnk -> C:\ProgramData\{a7c7b86c-c6fd-8a6c-a7c7-7b86cc6fe1b3}\Dead Island Riptide-Black Box.exe (No File)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:55380;https=127.0.0.1:55380;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-2442216023-2265285003-59390974-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2442216023-2265285003-59390974-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\poqb7q1u.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-10-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-10-09] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Default -> DE555F260B34F0D3C32E57ED0F4E0BA471C68DB2D8E84B94261F07D89DF65A49
CHR DefaultSearchURL: Default -> B45AD7EBD1079AFEB84B01A1769A5A93AB0C99BD48DDCD2C21DE4A28430362FB
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-09]
CHR Extension: (Skype Click to Call) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-09]
CHR Extension: (Stylist) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2015-03-28]
CHR HKLM\...\Chrome\Extension: [Äÿ] - No Path Or update_url value
CHR HKU\S-1-5-21-2442216023-2265285003-59390974-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [Äÿ] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [Äÿ] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-20] ()
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 assd; C:\Windows\System32\Drivers\assd.sys [27264 2010-04-28] (ASUS Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 13:48 - 2015-04-08 13:50 - 00017323 _____ () C:\Users\David\Downloads\FRST.txt
2015-04-08 13:48 - 2015-04-08 13:48 - 00000000 ____D () C:\FRST
2015-04-08 13:47 - 2015-04-08 13:47 - 02095616 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2015-03-29 18:05 - 2015-03-29 18:05 - 02168320 _____ () C:\Users\David\Downloads\adwcleaner_4-113_fr_430277.exe
2015-03-28 20:37 - 2015-03-29 18:40 - 00000000 ____D () C:\AdwCleaner
2015-03-28 18:44 - 2015-03-28 18:44 - 00000000 ____D () C:\Users\David\AppData\Roaming\Mozilla
2015-03-28 18:44 - 2015-03-28 18:44 - 00000000 ____D () C:\Users\David\AppData\Local\Mozilla
2015-03-28 18:43 - 2015-03-31 18:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-28 18:43 - 2015-03-31 18:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-28 18:43 - 2015-03-28 18:43 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-28 18:43 - 2015-03-28 18:43 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-28 18:43 - 2015-03-28 18:43 - 00000000 ____D () C:\Users\David\AppData\Roaming\Google
2015-03-28 18:43 - 2015-03-28 18:43 - 00000000 ____D () C:\ProgramData\Mozilla
2015-03-28 14:41 - 2015-03-31 18:47 - 00000000 ____D () C:\ProgramData\16970894253490033571
2015-03-28 14:41 - 2015-03-28 14:41 - 00000000 ____D () C:\Program Files (x86)\Stylist
2015-03-28 14:40 - 2015-03-28 15:01 - 00000000 ____D () C:\ProgramData\{a7c7b86c-c6fd-8a6c-a7c7-7b86cc6fe1b3}
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-21 14:20 - 2015-03-21 14:20 - 00000000 ____D () C:\Users\David\Documents\WB Games
2015-03-21 11:37 - 2015-03-21 11:38 - 00000222 _____ () C:\Users\David\Desktop\Gotham City Impostors Free To Play.url
2015-03-20 22:05 - 2015-03-20 22:05 - 00000000 ____D () C:\Users\David\AppData\Local\Chromium
2015-03-20 20:55 - 2015-03-31 18:46 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2015-03-20 20:55 - 2015-03-20 14:25 - 03130440 _____ () C:\Windows\SysWOW64\pbsvc_blr.exe
2015-03-20 09:35 - 2015-03-20 22:12 - 00283032 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-03-20 09:35 - 2015-03-20 22:05 - 00000000 ____D () C:\Users\David\AppData\Local\PunkBuster
2015-03-20 09:34 - 2015-03-20 09:34 - 00000000 ____D () C:\Users\David\Documents\My Games
2015-03-20 09:24 - 2015-03-20 09:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-03-20 09:24 - 2015-03-20 09:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-03-20 00:16 - 2015-03-31 18:47 - 00000000 ____D () C:\2469730d62c981a6583fcda0a6
2015-03-19 19:52 - 2015-04-08 13:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-19 19:52 - 2015-03-19 19:52 - 01142128 _____ () C:\Users\David\Downloads\SteamSetup (1).exe
2015-03-19 19:52 - 2015-03-19 19:52 - 00000965 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-03-19 19:52 - 2015-03-19 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-17 23:46 - 2015-03-20 22:12 - 00283032 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-17 23:46 - 2015-03-20 22:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:46 - 2015-03-20 22:05 - 00283032 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-14 12:16 - 2015-03-14 12:17 - 492337277 _____ () C:\Users\David\Downloads\Fi0FA0A0014_pfr.rar
2015-03-13 18:58 - 2015-03-13 19:18 - 379534904 _____ (Microsoft Corporation) C:\Users\David\Downloads\officesuite2010sp1-kb2460049-x86-fullfile-en-us.exe
2015-03-09 21:12 - 2015-04-06 20:19 - 00000000 ____D () C:\Users\David\Documents\FIFA 14
2015-03-09 18:20 - 2015-03-09 20:09 - 00000000 ____D () C:\Users\David\Downloads\FIFA 14 ULTIMATE EDITION MULTI14-FULLUNLOCKED
2015-03-09 18:14 - 2015-03-09 18:14 - 29252279 _____ () C:\Users\David\Downloads\Crack FIFA 14 by CrackVideoGames.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-08 13:32 - 2014-10-09 19:19 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2015-04-08 13:30 - 2010-10-20 07:59 - 01305311 _____ () C:\Windows\WindowsUpdate.log
2015-04-08 13:24 - 2010-10-20 08:12 - 00001082 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-08 13:17 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-08 13:17 - 2009-07-14 06:45 - 00010032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-08 13:12 - 2014-10-29 15:40 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-08 13:10 - 2014-12-07 15:01 - 00000000 ___RD () C:\Users\David\Dropbox
2015-04-08 13:09 - 2014-12-07 14:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Dropbox
2015-04-08 13:06 - 2010-10-20 08:12 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-08 13:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-08 13:06 - 2009-07-14 06:51 - 00089795 _____ () C:\Windows\setupact.log
2015-03-31 18:47 - 2014-12-20 15:49 - 00000000 ____D () C:\Users\David\AppData\Local\Akamai
2015-03-31 18:47 - 2014-10-29 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-31 18:47 - 2010-10-20 08:34 - 00000000 ____D () C:\ProgramData\P4G
2015-03-31 18:46 - 2014-10-09 18:18 - 00000000 ____D () C:\Users\David
2015-03-31 18:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-03-31 18:30 - 2014-10-29 15:42 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-30 18:46 - 2009-08-04 13:22 - 00747894 _____ () C:\Windows\system32\perfh00C.dat
2015-03-30 18:46 - 2009-08-04 13:22 - 00150386 _____ () C:\Windows\system32\perfc00C.dat
2015-03-30 18:46 - 2009-07-14 07:13 - 01669584 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-28 21:27 - 2014-10-09 18:29 - 00002340 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-28 20:50 - 2010-10-20 08:36 - 00001282 _____ () C:\Windows\system32\ServiceFilter.ini
2015-03-28 20:49 - 2010-10-20 08:22 - 00238710 _____ () C:\Windows\PFRO.log
2015-03-28 20:49 - 2010-10-20 08:12 - 00000000 ____D () C:\Program Files\Google
2015-03-28 20:49 - 2010-10-20 08:12 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-28 18:43 - 2014-10-09 18:29 - 00000000 ____D () C:\Users\David\AppData\Local\Google
2015-03-28 15:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2015-03-28 15:11 - 2015-02-07 23:42 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-28 14:57 - 2010-10-20 08:36 - 00001986 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-03-28 14:57 - 2009-07-14 07:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-28 14:48 - 2014-12-20 18:38 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-03-28 14:41 - 2014-10-29 15:42 - 00000000 ____D () C:\ProgramData\AVG2015
2015-03-23 23:30 - 2015-02-22 13:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\MotioninJoy
2015-03-20 20:54 - 2014-10-09 18:22 - 00272277 _____ () C:\Windows\DirectX.log
2015-03-20 09:20 - 2014-12-24 16:08 - 01644590 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-19 21:31 - 2015-02-08 17:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-18 17:29 - 2015-01-19 20:52 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2015-03-18 08:58 - 2014-11-11 21:34 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2015-03-18 08:52 - 2014-12-24 14:43 - 00000000 ____D () C:\ProgramData\Origin
2015-03-18 08:35 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-11 11:57 - 2014-12-07 15:01 - 00001021 _____ () C:\Users\David\Desktop\Dropbox.lnk
2015-03-11 11:57 - 2014-12-07 14:59 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2014-12-14 17:01 - 2014-12-14 17:01 - 0000113 _____ () C:\Users\David\AppData\Roaming\D2Info0
2014-12-14 17:01 - 2014-12-14 17:24 - 0000008 _____ () C:\Users\David\AppData\Roaming\DofusAppId0_1
2014-12-20 18:35 - 2015-02-07 15:35 - 0000161 _____ () C:\Users\David\AppData\Roaming\WB.CFG
2014-12-22 12:35 - 2014-12-22 12:35 - 0000002 _____ () C:\Users\David\AppData\Local\DSI.DAT
2010-10-20 08:13 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2010-10-20 08:09 - 2010-10-20 08:10 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-10-20 08:09 - 2010-10-20 08:09 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\Ank45F1.tmp.exe
C:\Users\David\AppData\Local\Temp\Ank76D7.tmp.exe
C:\Users\David\AppData\Local\Temp\AnkCE47.tmp.exe
C:\Users\David\AppData\Local\Temp\atl80.dll
C:\Users\David\AppData\Local\Temp\BC00.exe
C:\Users\David\AppData\Local\Temp\BSI.exe
C:\Users\David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2vgpfd.dll
C:\Users\David\AppData\Local\Temp\mfc80.dll
C:\Users\David\AppData\Local\Temp\mfc80u.dll
C:\Users\David\AppData\Local\Temp\mfcm80.dll
C:\Users\David\AppData\Local\Temp\mfcm80u.dll
C:\Users\David\AppData\Local\Temp\msvcm80.dll
C:\Users\David\AppData\Local\Temp\msvcp80.dll
C:\Users\David\AppData\Local\Temp\msvcr80.dll
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\SkypeSetup.exe
C:\Users\David\AppData\Local\Temp\sqlite3.dll
C:\Users\David\AppData\Local\Temp\TmDbg32.dll
C:\Users\David\AppData\Local\Temp\TmDbg64.dll
C:\Users\David\AppData\Local\Temp\utt5164.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-13 18:39

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité