cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by Olivier (administrator) on PC-DE-OLIVIER on 14-07-2015 20:31:39
Running from D:\Users\Olivier\Downloads
Loaded Profiles: Olivier (Available Profiles: Olivier & UpdatusUser)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Olivier\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Akamai Technologies, Inc.) C:\Users\Olivier\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [NBKeyScan] => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Olivier\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\MountPoints2: {5a698a0b-281d-11e2-86dc-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\MountPoints2: {834093a9-28e1-11e2-a7f7-001d6086ba89} - "F:\WD SmartWare.exe" autoplay=true
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-944711067-4177839601-1950922940-1000] => http=127.0.0.1:9880
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-944711067-4177839601-1950922940-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
URLSearchHook: HKLM - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-944711067-4177839601-1950922940-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_5_0_3.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{108AC4EF-969A-48D1-8F79-C6EB42ED6B34}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4AEB53ED-70AE-42E3-8053-FA39696FA5A6}: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-18] (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-944711067-4177839601-1950922940-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-04-18] (Pando Networks)
FF Extension: Widget context - C:\Users\Olivier\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-05-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-03]
FF HKLM\...\Firefox\Extensions: [{3C2C21F7-FDB6-4b10-B605-FA4A281E3016}] - C:\Program Files\shopper-z\Firefox
FF HKU\S-1-5-21-944711067-4177839601-1950922940-1000\...\Firefox\Extensions: [{12477a84-2e51-4281-acac-68f2ca244f23}] - C:\Users\Olivier\AppData\Roaming\Mozilla\Extensions\{12477a84-2e51-4281-acac-68f2ca244f23}
FF Extension: Monitor - C:\Users\Olivier\AppData\Roaming\Mozilla\Extensions\{12477a84-2e51-4281-acac-68f2ca244f23} [2014-05-01]

Chrome:
=======
CHR Profile: C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14]
CHR Extension: (Google Docs) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14]
CHR Extension: (YouTube) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (Google Search) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (W3schools this!) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb [2015-07-14]
CHR Extension: (Google Sheets) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14]
CHR Extension: (Reloadie) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-07-14]
CHR Extension: (Yahoo!) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkbfjcbkhnmiignagpkiijohkcdkffb [2015-07-14]
CHR Extension: (Clear Local Storage) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfnkhcooecjmgnbcigmnhealjobfoapd [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR Extension: (Linkie) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhcengeacabehdkdhbdcigfolmmakof [2015-07-14]
CHR Extension: (Gmail) - C:\Users\Olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR HKLM\...\Chrome\Extension: [gfkbfjcbkhnmiignagpkiijohkcdkffb] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S4 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R3 RTL8187; C:\Windows\System32\DRIVERS\RTL8187.sys [335872 2008-06-27] (Realtek Semiconductor Corporation )
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [80424 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [19240 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [15400 2007-10-03] (Silicon Image, Inc)
S3 catchme; \??\C:\Users\Olivier\AppData\Local\Temp\catchmejteo.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 fkgsdbnz; \??\C:\Windows\system32\drivers\fkgsdbnz.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RegFltrX86; \??\C:\Users\Olivier\AppData\Local\DesktopSyntaxWin32\RegFltrX86.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
S1 wsfd_vt_1_10_0_20; system32\drivers\wsfd_vt_1_10_0_20.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 20:31 - 2015-07-14 20:31 - 00000000 ____D C:\FRST
2015-07-14 20:12 - 2015-07-14 20:12 - 00001969 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 20:12 - 2015-07-14 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 20:08 - 2015-07-14 20:12 - 00000000 ____D C:\Users\Olivier\AppData\Local\Google
2015-07-14 17:58 - 2015-07-14 17:58 - 00000949 _____ C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-14 17:58 - 2015-07-14 17:58 - 00000000 ____D C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-14 17:58 - 2015-06-23 13:27 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-14 11:18 - 2015-05-27 00:03 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-13 22:55 - 2015-07-13 22:56 - 00000000 ____D C:\Users\Olivier\AppData\Local\Akamai
2015-07-13 22:55 - 2015-07-13 22:55 - 00000000 ____D C:\AeriaGames
2015-07-13 21:31 - 2015-07-13 21:32 - 00000000 ____D C:\Program Files\ZHPFix
2015-07-13 21:31 - 2015-07-13 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-07-13 10:50 - 2015-07-13 12:05 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-13 10:50 - 2015-07-13 10:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-13 10:50 - 2015-07-13 10:50 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-13 10:50 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-13 10:50 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-13 10:50 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-13 10:12 - 2015-07-14 19:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-13 10:12 - 2015-07-13 10:12 - 00374304 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-12 23:55 - 2015-07-14 19:22 - 00006734 _____ C:\Windows\system32\PerfStringBackup.TMP
2015-07-12 23:28 - 2015-07-12 23:47 - 00000000 ____D C:\AdwCleaner
2015-07-12 23:17 - 2015-07-12 23:44 - 00089365 _____ C:\ProgramData\2MCUQO67.dat
2015-07-12 22:20 - 2015-07-12 22:20 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsu424F.tmp
2015-07-12 22:18 - 2015-07-12 22:18 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsy2BB9.tmp
2015-07-12 19:27 - 2015-07-13 21:42 - 00000000 ____D C:\Users\Olivier\AppData\Roaming\ZHP
2015-07-12 19:20 - 2015-07-12 19:20 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nstB38B.tmp
2015-07-12 19:20 - 2015-07-12 19:20 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso8A92.tmp
2015-07-12 18:12 - 2015-07-12 18:11 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nswAD9F.tmp
2015-07-12 18:07 - 2015-07-12 18:07 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsk7B5C.tmp
2015-07-12 17:33 - 2015-07-12 17:33 - 00000040 _____ C:\Users\Olivier\AppData\Local\recently-fix.db
2015-07-12 17:32 - 2015-07-12 17:32 - 00719521 _____ C:\Windows\unins001.exe
2015-07-12 17:32 - 2015-07-12 17:32 - 00000773 _____ C:\Windows\unins001.dat
2015-07-12 17:32 - 2015-07-12 17:32 - 00000000 ____D C:\ProgramData\atjs
2015-07-12 17:32 - 2015-07-12 17:32 - 00000000 _____ C:\Users\Olivier\AppData\Local\.w852.db
2015-07-12 14:26 - 2015-07-12 14:27 - 00000000 __SHD C:\Program Files\Oabistities
2015-07-12 14:26 - 2015-07-12 14:26 - 00000000 _____ C:\places.sqlite
2015-07-12 14:11 - 2015-07-12 14:11 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsf8593.tmp
2015-07-12 13:56 - 2015-07-12 13:56 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso4D88.tmp
2015-07-11 22:21 - 2015-07-11 22:21 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsy4B86.tmp
2015-07-11 22:17 - 2015-07-11 22:17 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsm6C6B.tmp
2015-07-10 21:34 - 2015-07-10 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-10 21:32 - 2015-07-10 21:32 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso633A.tmp
2015-07-10 21:31 - 2015-07-12 23:05 - 00000000 ____D C:\ProgramData\abc
2015-07-10 21:24 - 2015-07-10 21:24 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsq4290.tmp
2015-07-10 21:22 - 2015-07-10 21:22 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nskE79.tmp
2015-07-10 20:57 - 2015-07-13 11:17 - 00000000 ___HD C:\ProgramData\bdi
2015-07-10 20:54 - 2015-07-10 20:54 - 00631808 _____ C:\Windows\bdi.dat
2015-07-10 20:44 - 2015-07-10 20:44 - 00000000 ____D C:\Users\Olivier\AppData\Local\Aeria Games
2015-07-10 20:43 - 2015-07-10 20:43 - 00000000 ____D C:\ProgramData\Aeria Games
2015-07-10 18:34 - 2015-07-10 20:56 - 00000000 ____D C:\Program Files\Aeria Games
2015-07-10 18:34 - 2015-07-10 18:34 - 00000000 ____D C:\Users\Olivier\AppData\Roaming\Aeria Games & Entertainment
2015-07-10 18:34 - 2015-07-10 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-07-10 10:55 - 2014-04-26 22:04 - 00008846 _____ C:\Windows\system32\Drivers\etc\hosts.20150710-105515.backup
2015-07-10 10:16 - 2015-07-10 10:16 - 00000000 ____D C:\Users\Olivier\AppData\Local\Adobe
2015-07-10 09:40 - 2015-07-10 09:41 - 00139304 _____ C:\Windows\Minidump\Mini071015-01.dmp
2015-07-10 09:00 - 2015-07-10 09:00 - 00613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsvF73C.tmp
2015-07-10 00:02 - 2015-07-12 21:38 - 00006101 _____ C:\Windows\wininit.ini
2015-07-09 21:24 - 2015-07-10 10:15 - 00000680 _____ C:\Users\Olivier\AppData\Local\d3d9caps.dat
2015-07-09 21:00 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-09 21:00 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-09 21:00 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-09 21:00 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-09 21:00 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-09 21:00 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-09 21:00 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-09 21:00 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-09 21:00 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-09 21:00 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-09 21:00 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-09 21:00 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-09 21:00 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-09 21:00 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-09 21:00 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-09 21:00 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-09 15:20 - 2015-07-09 15:20 - 00000000 ____D C:\download
2015-07-09 13:52 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-09 13:51 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-09 13:51 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-09 13:51 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-09 13:51 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-21 11:45 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-21 11:43 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-21 11:41 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-17 15:38 - 2015-06-17 15:38 - 00000000 _____ C:\Windows\prleth.sys
2015-06-17 15:38 - 2015-06-17 15:38 - 00000000 _____ C:\Windows\hgfs.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 20:12 - 2013-01-14 23:00 - 00000000 ____D C:\Program Files\Google
2015-07-14 19:34 - 2012-11-06 16:41 - 00000000 ____D C:\Users\Olivier\AppData\Roaming\vlc
2015-07-14 19:33 - 2013-01-14 23:00 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 19:21 - 2008-01-21 03:35 - 01752458 _____ C:\Windows\WindowsUpdate.log
2015-07-14 19:16 - 2015-05-28 17:28 - 00000512 _____ C:\Windows\Tasks\summer_sports_helper_service.job
2015-07-14 19:16 - 2013-01-14 23:00 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 19:16 - 2012-11-06 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-14 19:16 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-14 19:16 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 19:16 - 2006-11-02 14:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 19:15 - 2006-11-02 15:01 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-14 11:25 - 2013-07-28 09:38 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 11:10 - 2013-01-03 12:14 - 00212382 _____ C:\Windows\PFRO.log
2015-07-13 21:34 - 2015-02-15 13:52 - 00000000 ____D C:\Windows\system32\apiitsMonitor
2015-07-12 23:46 - 2012-11-25 18:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-12 23:46 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\tracing
2015-07-12 23:45 - 2014-06-09 13:27 - 00000003 _____ C:\Users\Olivier\AppData\Local\proxy.log
2015-07-12 23:43 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider.dll
2015-07-12 22:43 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712234332.dll
2015-07-12 21:00 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712224259.dll
2015-07-12 19:44 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712210042.dll
2015-07-12 18:37 - 2015-02-19 19:05 - 00000290 __RSH C:\ProgramData\ntuser.pol
2015-07-12 18:29 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712194455.dll
2015-07-12 14:19 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712182920.dll
2015-07-11 23:14 - 2012-11-06 16:30 - 00000000 ____D C:\Users\Olivier
2015-07-11 22:18 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150712141912.dll
2015-07-10 23:42 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150711221849.dll
2015-07-10 22:42 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710234237.dll
2015-07-10 21:42 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710224219.dll
2015-07-10 21:23 - 2013-01-03 11:17 - 00000000 ____D C:\Program Files\Adobe
2015-07-10 19:27 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710214201.dll
2015-07-10 18:56 - 2013-10-30 19:46 - 00000000 ____D C:\Windows\system32\directx
2015-07-10 18:34 - 2014-04-18 16:16 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2015-07-10 18:13 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710192738.dll
2015-07-10 17:12 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710181344.dll
2015-07-10 15:53 - 2015-05-31 11:58 - 00127517 _____ C:\Windows\Provider20150710171250.dll
2015-07-10 11:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-10 11:29 - 2014-07-02 15:52 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2015-07-10 11:15 - 2012-11-06 16:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-10 09:40 - 2013-01-30 19:58 - 00000000 ____D C:\Windows\Minidump
2015-07-10 09:40 - 2013-01-30 19:57 - 282390087 _____ C:\Windows\MEMORY.DMP
2015-07-10 09:20 - 2015-05-31 11:58 - 00228352 _____ (drms media group) C:\Windows\Provider20150710154323.dll
2015-07-10 08:43 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-07-09 17:44 - 2013-12-11 15:56 - 00359594 _____ C:\Windows\DirectX.log
2015-07-09 14:56 - 2015-05-30 15:26 - 00000000 ____D C:\Program Files\Opera
2015-07-09 14:29 - 2013-12-20 14:27 - 00000226 _____ C:\Users\Olivier\AppData\Roaming\WB.CFG
2015-07-09 14:28 - 2006-11-02 12:23 - 00000321 _____ C:\Windows\win.ini
2015-07-09 14:26 - 2015-05-21 18:10 - 00000000 ____D C:\ProgramData\Rusneafiufp
2015-07-09 14:26 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR

==================== Files in the root of some directories =======

2012-11-06 21:50 - 2012-11-09 14:51 - 0138904 _____ () C:\Users\Olivier\AppData\Roaming\PnkBstrK.sys
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Olivier\AppData\Roaming\tUkfwR0KDmbxkza
2013-12-20 14:27 - 2015-07-09 14:29 - 0000226 _____ () C:\Users\Olivier\AppData\Roaming\WB.CFG
2015-07-12 17:32 - 2015-07-12 17:32 - 0000000 _____ () C:\Users\Olivier\AppData\Local\.w852.db
2015-07-09 21:24 - 2015-07-10 10:15 - 0000680 _____ () C:\Users\Olivier\AppData\Local\d3d9caps.dat
2015-04-18 13:55 - 2015-04-18 13:55 - 0002048 _____ () C:\Users\Olivier\AppData\Local\DBB.sqlite
2015-04-18 08:57 - 2015-05-28 17:27 - 0006144 _____ () C:\Users\Olivier\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-31 12:00 - 2015-05-31 12:00 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsd217.tmp
2015-05-31 11:35 - 2015-05-31 11:35 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nseA9D7.tmp
2015-07-12 14:11 - 2015-07-12 14:11 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsf8593.tmp
2015-05-30 15:56 - 2015-05-30 15:56 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nshA74E.tmp
2015-07-12 18:07 - 2015-07-12 18:07 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsk7B5C.tmp
2015-07-10 21:22 - 2015-07-10 21:22 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nskE79.tmp
2015-07-11 22:17 - 2015-07-11 22:17 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsm6C6B.tmp
2015-07-12 13:56 - 2015-07-12 13:56 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso4D88.tmp
2015-07-10 21:32 - 2015-07-10 21:32 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso633A.tmp
2015-05-31 21:32 - 2015-05-31 21:32 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso7914.tmp
2015-07-12 19:20 - 2015-07-12 19:20 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nso8A92.tmp
2015-06-01 21:43 - 2015-06-01 21:43 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsoC0D4.tmp
2015-07-10 21:24 - 2015-07-10 21:24 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsq4290.tmp
2015-07-12 19:20 - 2015-07-12 19:20 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nstB38B.tmp
2015-07-12 22:20 - 2015-07-12 22:20 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsu424F.tmp
2015-05-30 15:50 - 2015-05-30 15:50 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsv60F6.tmp
2015-07-10 09:00 - 2015-07-10 09:00 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsvF73C.tmp
2015-07-12 18:12 - 2015-07-12 18:11 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nswAD9F.tmp
2015-07-12 22:18 - 2015-07-12 22:18 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsy2BB9.tmp
2015-07-11 22:21 - 2015-07-11 22:21 - 0613255 _____ (CMI Limited) C:\Users\Olivier\AppData\Local\nsy4B86.tmp
2014-06-09 13:27 - 2015-07-12 23:45 - 0000003 _____ () C:\Users\Olivier\AppData\Local\proxy.log
2015-07-12 17:33 - 2015-07-12 17:33 - 0000040 _____ () C:\Users\Olivier\AppData\Local\recently-fix.db
2015-07-12 23:17 - 2015-07-12 23:44 - 0089365 _____ () C:\ProgramData\2MCUQO67.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-14 19:22

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité