cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by ninja (administrator) on PACARDBELL on 15-07-2015 14:58:50
Running from C:\Users\ninja\Desktop
Loaded Profiles: ninja (Available Profiles: ninja)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [650648 2012-07-04] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1292446459-3909301494-1491828545-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\Wi-Fi Modem\Wi-Fi Modem
HKU\S-1-5-21-1292446459-3909301494-1491828545-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1292446459-3909301494-1491828545-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
Startup: C:\Users\ninja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-25]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-02] (Avast Software s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-13] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-02] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-13] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{604E20FE-AA79-44AC-A8C2-8FE7A68D21F1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D1546998-9F94-4A3A-976A-8C408EF82D18}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\ninja\AppData\Roaming\Mozilla\Firefox\Profiles\08aezg49.default
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-13] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-1292446459-3909301494-1491828545-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ninja\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Extension: FlashGot - C:\Users\ninja\AppData\Roaming\Mozilla\Firefox\Profiles\08aezg49.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-10-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-08]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\ninja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\ninja\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-18]
CHR Extension: (Avast Online Security) - C:\Users\ninja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ninja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Google Wallet) - C:\Users\ninja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-02]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [116776 2013-12-03] (AVAST Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.)
S1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [447888 2013-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-28] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [111696 2014-04-04] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 14:58 - 2015-07-15 14:59 - 00014721 _____ C:\Users\ninja\Desktop\FRST.txt
2015-07-15 14:58 - 2015-07-15 14:58 - 00000000 ____D C:\FRST
2015-07-15 14:56 - 2015-07-15 14:56 - 02133504 _____ (Farbar) C:\Users\ninja\Desktop\FRST64.exe
2015-07-15 14:31 - 2015-07-15 14:36 - 00007482 _____ C:\Users\ninja\Desktop\ZHPCleaner.txt
2015-07-15 14:17 - 2015-07-15 14:36 - 00000000 ____D C:\Users\ninja\AppData\Roaming\ZHP
2015-07-15 14:16 - 2015-07-15 14:16 - 01846272 _____ C:\Users\ninja\Downloads\ZHPCleaner.exe
2015-07-15 14:16 - 2015-07-15 14:16 - 01846272 _____ C:\Users\ninja\Downloads\ZHPCleaner (1).exe
2015-07-15 14:16 - 2015-07-15 14:16 - 01846272 _____ C:\Users\ninja\Desktop\ZHPCleaner (1).exe
2015-07-14 23:42 - 2015-07-14 23:42 - 02248704 _____ C:\Users\ninja\Downloads\adwcleaner_4.208.exe
2015-07-14 23:18 - 2015-07-15 08:10 - 00000231 _____ C:\WINDOWS\setupact.log
2015-07-14 23:18 - 2015-07-14 23:18 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-14 23:17 - 2015-07-15 14:55 - 00276095 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-14 23:17 - 2015-07-14 23:48 - 00203234 _____ C:\WINDOWS\PFRO.log
2015-07-14 22:24 - 2015-07-14 22:24 - 00003144 _____ C:\WINDOWS\System32\Tasks\{1EFF4229-1BA6-4A3C-A039-D76C1F4DEAAC}
2015-07-14 22:16 - 2015-07-14 22:16 - 00000000 _____ C:\WINDOWS\prleth.sys
2015-07-14 22:16 - 2015-07-14 22:16 - 00000000 _____ C:\WINDOWS\hgfs.sys
2015-07-11 11:38 - 2015-07-14 23:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 08:45 - 2015-07-01 08:45 - 00002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-28 20:29 - 2015-06-28 20:30 - 75340347 _____ C:\Users\ninja\Desktop\EPISODE_SIMSALA_GRIMM_Hansel_et_Gretel_medium.mp4
2015-06-28 20:20 - 2015-06-28 20:22 - 76501429 _____ C:\Users\ninja\Desktop\EPISODE_SIMSALA_GRIMM_Jack_et_le_haricot_magique_medium.mp4
2015-06-23 18:17 - 2015-06-23 18:17 - 00001978 _____ C:\Users\ninja\Desktop\Evaluations Diagnostiques FAR GS.lnk
2015-06-23 18:17 - 2015-06-23 18:17 - 00000000 ____D C:\Users\ninja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evaluations Diagnostiques FAR GS
2015-06-23 18:17 - 2015-06-23 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evaluations Diagnostiques FAR GS
2015-06-23 18:17 - 2015-06-23 18:17 - 00000000 ____D C:\Program Files (x86)\EvalFarGS
2015-06-22 22:33 - 2015-06-22 22:33 - 00230182 _____ C:\Users\ninja\Documents\cc_20150622_223310.reg
2015-06-22 22:29 - 2015-06-22 22:29 - 00000000 ____D C:\Users\ninja\Desktop\Entretien_PC
2015-06-22 22:18 - 2015-06-22 22:18 - 00002794 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-22 22:18 - 2015-06-22 22:18 - 00000000 ____D C:\Program Files\CCleaner
2015-06-17 17:07 - 2015-06-17 17:07 - 00000000 ____D C:\Users\ninja\AppData\Local\GWX
2015-06-15 15:07 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-15 15:07 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-15 15:07 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-15 14:48 - 2013-01-30 11:58 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-15 14:39 - 2014-12-23 11:26 - 00003944 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4045EDB0-1658-4926-9345-FAAF77F01082}
2015-07-15 08:15 - 2012-12-12 01:59 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1292446459-3909301494-1491828545-1001
2015-07-15 08:11 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-15 08:11 - 2013-01-30 11:58 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 23:51 - 2014-01-29 23:44 - 00000000 ____D C:\AdwCleaner
2015-07-14 23:48 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-14 23:47 - 2014-12-22 22:00 - 00001027 _____ C:\Users\ninja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-14 23:47 - 2013-01-30 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 23:17 - 2014-04-21 19:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 22:34 - 2015-06-10 12:05 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-14 21:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-14 21:07 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-10 22:31 - 2014-12-22 20:05 - 00000000 ____D C:\Users\ninja
2015-07-08 11:06 - 2014-09-24 17:26 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-08 11:06 - 2014-09-24 16:41 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-07-08 11:06 - 2014-09-24 16:41 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-07-06 23:24 - 2015-04-25 11:43 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2015-04-25 11:43 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-04 12:17 - 2014-03-29 15:36 - 00000000 ____D C:\Users\ninja\AppData\Roaming\Skype
2015-07-01 08:44 - 2013-01-30 11:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-01 08:43 - 2013-01-30 11:58 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-01 08:43 - 2013-01-30 11:58 - 00003824 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-28 10:00 - 2013-04-08 21:47 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-28 09:54 - 2013-04-08 21:47 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-23 18:30 - 2013-04-06 17:42 - 00000000 ____D C:\Users\ninja\Documents\Christine
2015-06-22 22:39 - 2012-08-04 06:19 - 00000000 ____D C:\ProgramData\Nero
2015-06-22 22:32 - 2014-04-04 23:45 - 00000000 ____D C:\Users\ninja\AppData\Roaming\uTorrent
2015-06-22 22:27 - 2014-12-22 19:47 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-22 22:27 - 2012-12-13 16:09 - 00000000 ____D C:\Users\ninja\AppData\Local\CrashDumps
2015-06-22 22:01 - 2013-10-22 09:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2015-06-18 17:04 - 2014-12-23 11:26 - 00000000 __SHD C:\Users\ninja\AppData\Local\EmieUserList
2015-06-18 17:04 - 2014-12-23 11:26 - 00000000 __SHD C:\Users\ninja\AppData\Local\EmieSiteList
2015-06-18 17:04 - 2014-12-23 11:26 - 00000000 __SHD C:\Users\ninja\AppData\Local\EmieBrowserModeList
2015-06-18 15:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-17 14:45 - 2013-07-24 22:58 - 00000000 ____D C:\Users\ninja\AppData\Roaming\.minecraft
2015-06-17 09:46 - 2013-08-22 16:44 - 00511856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-17 09:41 - 2015-04-04 19:35 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-17 09:41 - 2015-04-04 19:35 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-17 09:41 - 2014-12-31 13:13 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-17 09:41 - 2014-09-24 20:10 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-17 09:41 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-17 09:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-16 19:30 - 2013-09-08 18:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-16 19:03 - 2012-12-16 12:06 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some files in TEMP:
====================
C:\Users\ninja\AppData\Local\Temp\Quarantine.exe
C:\Users\ninja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-11 11:04

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité