cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2015
Ran by SYSTEM on MININT-PERP33 (08-08-2015 18:23:01)
Running from X:\Users\Default\Desktop
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-01] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Jean-Claude\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-03-14] ()
HKU\Jean-Claude\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\Jean-Claude\...\Run: [Google Update] => C:\Users\Jean-Claude\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-15] (Google Inc.)
HKU\Jean-Claude\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1001\User: Group Policy Restriction detected <======= ATTENTION

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976 2015-07-14] (Adobe Systems Incorporated)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-09] (Acer Incorporated)
S3 EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [174160 2012-07-11] (Egis Technology Inc. )
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-02] (Microsoft Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-20] (WildTangent)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [265808 2014-12-22] (WildTangent, Inc.)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-06-08] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-06-08] (Google Inc.)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
S2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2820424 2014-10-15] (CybelSoft)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [148136 2015-07-08] (Mozilla Foundation)
S2 NAUpdate; C:\Program Files (x86)\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-09] (Microsoft Corporation)
S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-21] (Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [2987520 2014-10-28] (Microsoft Corporation)
S2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [131072 2014-10-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [26112 2014-10-28] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1668096 2014-10-28] (Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
S1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-09-24] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [4083600 2012-07-10] (Realtek Semiconductor Corp.)
S3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation)
S3 ma-config_amd64; C:\Program Files\ma-config.com\Drivers\ma-config_amd64.sys [17568 2014-02-24] (CybelSoft)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-21] (Malwarebytes Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
S1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [22648 2012-11-22] (Egis Technology Inc.)
S1 mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [20520 2012-11-22] (Egis Technology Inc.)
S1 mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [62776 2012-11-22] (Egis Technology Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [921920 2014-10-15] (Microsoft Corporation)
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [315536 2012-06-14] (Realtek Semiconductor Corp.)
S3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [874712 2014-08-25] (Realtek )
S3 vpci; C:\Windows\System32\drivers\vpci.sys [69952 2014-10-06] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-09-24] (Microsoft Corporation)
S3 WUDFSensorLP; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)
S3 mouclass; \SystemRoot\System32\drivers\mouclass.sys [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-07 15:08 - 2015-08-07 15:08 - 00193342 _____ C:\OTL.Txt
2015-08-01 19:46 - 2015-08-01 19:46 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2015-08-01 17:22 - 2015-08-07 12:57 - 00000000 ____D C:\FRST
2015-07-28 00:33 - 2015-07-25 06:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-07-25 19:53 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll
2015-07-20 10:51 - 2015-07-14 07:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-07-20 10:51 - 2015-07-14 07:13 - 00044032 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-07-18 04:54 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-07-18 04:45 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-07-18 04:44 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-07-18 04:44 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-07-18 04:41 - 2015-06-15 15:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-07-18 04:41 - 2015-06-15 15:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-07-18 04:41 - 2015-06-15 15:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-07-18 04:41 - 2015-06-15 15:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-07-18 04:41 - 2015-06-15 15:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2015-07-18 04:41 - 2015-06-15 14:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-07-18 04:41 - 2015-06-15 14:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-07-18 04:41 - 2015-06-15 14:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2015-07-18 04:41 - 2015-06-15 14:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-07-18 04:41 - 2015-06-15 14:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-07-18 04:41 - 2015-06-15 14:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-07-18 04:41 - 2015-06-15 14:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-07-18 04:41 - 2015-06-15 14:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-07-18 04:41 - 2015-06-15 14:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2015-07-18 04:41 - 2015-06-15 14:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-07-18 04:41 - 2015-06-15 13:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-07-18 04:24 - 2015-07-01 15:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-07-17 10:01 - 2015-07-17 10:01 - 00001448 _____ C:\Users\Jean-Claude\Desktop\ROBLOX Player.lnk
2015-07-17 09:37 - 2015-07-17 09:37 - 00279288 _____ C:\Windows\Minidump\071715-39046-01.dmp
2015-07-17 04:06 - 2015-06-29 15:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-07-17 04:06 - 2015-06-29 08:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-07-16 09:34 - 2015-07-09 12:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-07-16 09:34 - 2015-07-09 11:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-07-16 09:34 - 2015-07-09 09:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-07-16 09:34 - 2015-07-09 08:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-07-16 09:34 - 2015-07-09 08:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-07-16 09:34 - 2015-07-09 08:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-07-16 09:34 - 2015-07-09 08:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-07-16 09:33 - 2015-06-27 22:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-07-16 09:33 - 2015-06-26 20:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-07-16 09:33 - 2015-06-26 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2015-07-16 09:33 - 2015-06-26 19:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-07-16 09:33 - 2015-06-26 19:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-07-16 09:33 - 2015-06-24 19:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-07-16 09:33 - 2015-04-29 16:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2015-07-16 09:32 - 2015-06-15 15:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-16 09:32 - 2015-06-15 15:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-16 09:32 - 2015-06-15 13:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-16 09:32 - 2015-05-30 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\werdiagcontroller.dll
2015-07-16 09:32 - 2015-05-30 12:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2015-07-16 09:32 - 2015-05-30 12:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2015-07-16 09:32 - 2015-05-07 10:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-07-16 09:32 - 2015-05-07 10:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2015-07-16 09:32 - 2015-05-07 08:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2015-07-16 09:32 - 2015-05-02 17:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-07-16 09:32 - 2015-04-24 19:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2015-07-16 09:30 - 2015-05-03 08:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 09:30 - 2015-05-03 07:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2015-07-15 06:50 - 2015-06-15 22:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-15 06:50 - 2015-06-10 20:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-15 06:50 - 2015-05-11 09:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\System32\fhcpl.dll
2015-07-15 06:50 - 2015-05-07 09:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-07-15 06:50 - 2015-04-28 06:13 - 00513480 _____ C:\Windows\System32\locale.nls
2015-07-15 06:50 - 2015-04-23 08:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2015-07-15 06:49 - 2015-05-12 06:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2015-07-15 06:49 - 2015-05-03 08:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2015-07-15 06:49 - 2015-05-01 16:33 - 00410739 _____ C:\Windows\System32\ApnDatabase.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-04 14:10 - 2014-05-22 11:22 - 00000000 ____D C:\Users\Jean-Claude\Documents\Animaux
2015-08-01 04:23 - 2015-02-05 07:49 - 02060711 _____ C:\Windows\WindowsUpdate.log
2015-08-01 04:10 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\sru
2015-07-31 11:17 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-31 11:05 - 2015-02-07 04:28 - 00011256 _____ C:\Windows\setupact.log
2015-07-28 11:03 - 2012-07-26 00:59 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Lolin
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Jean-Claude
2015-07-27 10:56 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\SysWOW64
2015-07-27 10:33 - 2014-11-05 10:50 - 00000000 ____D C:\Users\Jean-Claude\Local Settings\Application Data\Temp
2015-07-27 10:33 - 2012-11-22 05:58 - 00000000 ____D C:\ProgramData\Temp
2015-07-27 09:31 - 2013-12-01 09:45 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\.minecraft
2015-07-27 07:13 - 2015-01-15 07:09 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\Raptr
2015-07-25 08:35 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-25 06:18 - 2015-04-05 01:00 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-23 22:29 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-07-22 04:24 - 2014-11-05 11:33 - 00000000 ____D C:\Users\Jean-Claude\OneDrive
2015-07-20 14:18 - 2013-08-22 07:44 - 00484144 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-20 14:17 - 2013-08-22 06:25 - 01310720 ___SH C:\Windows\System32\config\BBI
2015-07-17 09:48 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\WinStore
2015-07-17 09:37 - 2015-07-06 05:22 - 460775991 _____ C:\Windows\MEMORY.DMP
2015-07-17 09:37 - 2014-12-11 15:12 - 00000000 ____D C:\Windows\System32\appraiser
2015-07-17 09:37 - 2014-09-24 11:10 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\fr-FR
2015-07-16 09:46 - 2013-09-04 12:45 - 00000000 ____D C:\Windows\System32\MRT
2015-07-16 09:09 - 2013-08-22 06:36 - 00000000 ___RD C:\Program Files (x86)
2015-07-15 10:44 - 2014-12-14 08:25 - 00000000 ____D C:\Users\Jean-Claude\Local Settings\Application Data\Deployment
2015-07-15 10:44 - 2014-12-14 08:25 - 00000000 ____D C:\Users\Jean-Claude\AppData\Local\Deployment
2015-07-12 13:29 - 2015-02-07 04:28 - 00096896 _____ C:\Windows\PFRO.log

Some files in TEMP:
====================
C:\Users\Jean-Claude\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Lolin\AppData\Local\Temp\drm_dyndata_7380014.dll


==================== Known DLLs (Whitelisted) ============

C:\Windows\System32\_Wow64cpu.dll IS MISSING <==== ATTENTION
C:\Windows\System32\_Wow64win.dll IS MISSING <==== ATTENTION
C:\Windows\System32\_Wow64.dll IS MISSING <==== ATTENTION

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe
[2015-03-10 11:07] - [2015-01-27 16:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88

C:\Windows\System32\winlogon.exe
[2015-03-11 15:16] - [2014-10-28 18:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2015-03-11 15:12] - [2014-10-28 18:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\System32\svchost.exe
[2015-03-11 15:10] - [2014-10-28 21:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47

C:\Windows\System32\services.exe
[2015-05-13 03:27] - [2015-04-08 15:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45

C:\Windows\System32\User32.dll
[2015-03-11 15:21] - [2014-10-28 21:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5

C:\Windows\System32\userinit.exe
[2015-03-11 15:07] - [2014-10-28 18:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\System32\rpcss.dll
[2015-03-11 15:20] - [2014-10-28 18:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2014-09-24 08:44] - [2014-09-24 08:44] - 0310080 ___AC (Microsoft Corporation) 64CA2B4A49A8EAF495E435623ECCE7DB


==================== Restore Points =========================

Restore point made on: 2015-07-10 08:47:14
Restore point made on: 2015-07-15 07:09:28
Restore point made on: 2015-07-18 13:55:32
Restore point made on: 2015-07-25 19:49:53

==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 3799.96 MB
Available physical RAM: 2575.17 MB
Total Virtual: 3799.96 MB
Available Virtual: 1193.05 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:1.5 GB) (Free:1.46 GB) NTFS
Drive c: (Acer) (Fixed) (Total:922.76 GB) (Free:729.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:924.01 GB) (Free:861.76 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.24 GB) (Free:0.24 GB) NTFS
Drive y: (WIN8PESE) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2015-07-31 11:16

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité