cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-06-2016
Ran by adam (administrator) on ADAM-VAIO (12-06-2016 11:21:02)
Running from C:\Users\adam\Desktop
Loaded Profiles: adam (Available Profiles: adam)
Platform: Windows 7 Home Premium (X64) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Adblock Pro Team) C:\Program Files\Adblock Pro\abpmain.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Robert Misiak) C:\Program Files (x86)\ChronosXP\ChronosXP.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Faronics Corporation) C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [adblock pro] => C:\Program Files\Adblock Pro\abpmain.exe [602112 2010-06-30] (Adblock Pro Team)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
Winlogon\Notify\DfLogon: LogonDll.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.)
HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\Run: [ChronosXP] => C:\Program Files (x86)\ChronosXP\ChronosXP.exe [599040 2009-04-12] (Robert Misiak)
HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\MountPoints2: {462e1294-49ef-11e5-91d1-c44619b4705a} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\MountPoints2: {a4803c66-3c49-11e4-8c54-c44619b4705a} - E:\LG_PC_Programs.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-05-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk /k:C *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131054094815536768&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2800183623-575756498-154981772-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> {3B3C9D35-9BB0-436E-94DC-70C33EC11BC7} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> {438FD3B4-F8DC-4029-94DF-E207575B533B} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2800183623-575756498-154981772-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-05-23] (Sun Microsystems, Inc.)
BHO: Adblock Pro -> {F385C231-605B-4d8f-ACA9-DBFF765BBE17} -> C:\Program Files\Adblock Pro\AdblockPro.dll [2010-07-01] (Adblock Pro Team)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Windows Live Aplicación auxiliar de inicio de sesión -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2014-05-23] (Sun Microsystems, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-05-06] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-05-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-05-06] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-05-06] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\adam\AppData\Roaming\Mozilla\Firefox\Profiles\5y32pq5i.default
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2006-12-13] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\MediaDICO-fr.xml [2006-09-06]
FF Extension: IDM CC - C:\Users\adam\AppData\Roaming\IDM\idmmzcc5 [2016-06-12] [not signed]
FF Extension: Talkback - C:\Program Files (x86)\Mozilla Firefox\extensions\talkback@mozilla.org [2014-08-19] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\adam\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\adam\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-2800183623-575756498-154981772-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2006-12-05]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2006-12-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2006-12-05]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2006-12-05]

Chrome:
=======
CHR Profile: C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentaciones de Google) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-10]
CHR Extension: (Google Docs) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-10]
CHR Extension: (Google Drive) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-10]
CHR Extension: (YouTube) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-10]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-10]
CHR Extension: (Skype) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-10]
CHR Extension: (IDM Integration Module) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-10]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10]
CHR Extension: (Gmail) - C:\Users\adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-10]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-02-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DFServ; C:\Program Files (x86)\Faronics\Deep Freeze\Install C-0\DFServ.exe [1073664 2010-05-20] (Faronics Corporation) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2015-02-04] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [864000 2010-09-27] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 DeepFrz; C:\Windows\System32\Drivers\DeepFrz.sys [227352 2010-05-20] (Faronics Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2016-04-15] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-06-10] ()
S3 catchme; \??\C:\Users\adam\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 11:21 - 2016-06-12 11:21 - 00019694 _____ C:\Users\adam\Desktop\FRST.txt
2016-06-12 11:08 - 2016-06-12 11:08 - 00108470 _____ C:\Users\adam\Desktop\ZHPDiag.txt
2016-06-12 11:04 - 2016-06-12 11:08 - 00000000 ____D C:\Users\adam\AppData\Roaming\ZHP
2016-06-12 11:04 - 2016-06-12 11:04 - 00000820 _____ C:\Users\adam\Desktop\ZHPDiag.lnk
2016-06-12 11:04 - 2016-06-12 11:03 - 02213888 _____ C:\Users\adam\Desktop\ZHPDiag3.exe
2016-06-12 11:03 - 2016-06-12 11:03 - 02213888 _____ C:\Users\adam\Downloads\ZHPDiag3.exe
2016-06-12 10:56 - 2016-06-12 10:57 - 00008993 _____ C:\Users\adam\Desktop\Fixlog.txt
2016-06-12 03:00 - 2016-06-12 11:21 - 00000000 ____D C:\FRST
2016-06-12 02:58 - 2016-06-12 02:58 - 02385408 _____ (Farbar) C:\Users\adam\Desktop\FRST64.exe
2016-06-11 13:26 - 2016-06-11 13:26 - 08367364 _____ C:\Users\adam\Desktop\الأدلة الأورموس.rar
2016-06-11 06:29 - 2016-06-11 06:29 - 00416829 _____ C:\Users\adam\Desktop\التطعيمات هل هى فعلا امنة وفعالة؟.pdf
2016-06-11 01:52 - 2016-06-07 21:58 - 00036864 _____ C:\Users\adam\Desktop\برنامج حساب الاحرف الفعلية الطبائعية للشيخ سعيد سلام.exe
2016-06-10 16:01 - 2016-06-10 16:35 - 1477363712 ____R C:\Users\adam\Downloads\[ www.CpasBien.pw ] X-Men.Days.of.Future.Past.2014.ROGUE.CUT.FRENCH.BDRiP.XviD-ZT.avi
2016-06-10 16:01 - 2016-06-10 16:01 - 00113411 _____ C:\Users\adam\Downloads\[kat.cr]x.men.days.of.future.past.2014.rogue.cut.french.bdrip.xvid.zt.avi.torrent
2016-06-10 16:00 - 2016-06-10 16:00 - 00056895 _____ C:\Users\adam\Downloads\[kat.cr]teenage.mutant.ninja.turtles.2014.french.bdrip.xvid.glups.torrent
2016-06-10 16:00 - 2016-06-10 16:00 - 00000000 ____D C:\Users\adam\Downloads\[www.Cpasbien.pe] Teenage.Mutant.Ninja.Turtles.2014.FRENCH.BDRip.XviD-GLUPS
2016-06-10 07:01 - 2016-06-10 07:01 - 00000000 ____D C:\ProgramData\IDM
2016-06-10 06:27 - 2016-06-10 07:00 - 00000000 ____D C:\zoek_backup
2016-06-09 17:36 - 2016-06-10 19:07 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-09 15:29 - 2016-06-09 15:47 - 728587268 ____R C:\Users\adam\Downloads\[ www.CpasBien.cm ] Kill.Command.2016.FRENCH.BDRip.XviD-EXTREME.avi
2016-06-09 15:29 - 2016-06-09 15:29 - 00058208 _____ C:\Users\adam\Downloads\identify-kill-command-french-dvdrip-2016.torrent
2016-06-09 15:28 - 2016-06-09 15:31 - 1522614634 _____ C:\Users\adam\Downloads\[ www.CpasBien.cm ] Never.Back.Down.No.Surrender.2016.FRENCH.WEBRiP.XViD.AC3-GODSPACE.avi
2016-06-09 15:27 - 2016-06-09 15:27 - 00118812 _____ C:\Users\adam\Downloads\never-back-down-no-surrender-french-webrip-2016.torrent
2016-06-09 15:25 - 2016-06-09 15:41 - 728758332 ____R C:\Users\adam\Downloads\[ www.CpasBien.cm ] London.Has.Fallen.2016.FRENCH.BDRip.XviD-EXTREME.avi
2016-06-09 15:24 - 2016-06-09 15:24 - 00058213 _____ C:\Users\adam\Downloads\la-chute-de-londres-french-dvdrip-2016.torrent
2016-06-09 15:24 - 2016-06-09 15:24 - 00058213 _____ C:\Users\adam\Downloads\la-chute-de-londres-french-dvdrip-2016 (1).torrent
2016-06-09 13:56 - 2016-06-09 13:56 - 00003544 ____N C:\bootsqm.dat
2016-06-04 09:00 - 2016-05-23 01:13 - 00000000 ____D C:\Users\adam\Desktop\مخطوط الفوائد الاثريه المغربيه رقم1
2016-05-27 23:32 - 2016-05-27 23:32 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-27 23:32 - 2016-05-27 23:32 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-27 23:32 - 2016-05-27 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-27 23:32 - 2016-05-27 23:32 - 00000000 ____D C:\Program Files\CCleaner
2016-05-15 21:34 - 2016-05-15 21:59 - 754026004 ____R C:\Users\adam\Downloads\[ www.CpasBien.cm ] Risen.2016.FRENCH.BDRip.XViD-eVe.avi
2016-05-15 21:34 - 2016-05-15 21:34 - 00060137 _____ C:\Users\adam\Downloads\la-resurrection-du-christ-french-dvdrip-2016.torrent
2016-05-15 21:32 - 2016-05-15 22:00 - 729041196 _____ C:\Users\adam\Downloads\[ www.CpasBien.cm ] The.Trust.2016.FRENCH.BDRip.XviD-EXTREME.avi
2016-05-15 21:32 - 2016-05-15 21:32 - 00058245 _____ C:\Users\adam\Downloads\the-trust-french-dvdrip-2016.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 11:18 - 2014-05-24 15:24 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{032604FB-659B-4B42-BC43-6FA46EADF1AB}
2016-06-12 11:15 - 2014-05-23 22:59 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-12 11:09 - 2009-07-14 06:45 - 00019808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-12 11:09 - 2009-07-14 06:45 - 00019808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-12 11:04 - 2014-05-23 23:33 - 00734600 _____ C:\Windows\system32\perfh00A.dat
2016-06-12 11:04 - 2014-05-23 23:33 - 00156710 _____ C:\Windows\system32\perfc00A.dat
2016-06-12 11:04 - 2009-07-14 07:13 - 01669262 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 11:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 11:00 - 2016-03-08 19:05 - 00000000 ____D C:\Users\adam\AppData\Roaming\IDM
2016-06-12 10:59 - 2014-05-23 22:59 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-12 10:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 10:57 - 2015-08-20 13:54 - 00000000 ____D C:\Users\adam\AppData\LocalLow\Temp
2016-06-12 10:57 - 2014-05-24 15:22 - 00000000 ____D C:\Users\adam
2016-06-12 10:56 - 2015-07-25 18:09 - 00000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-12 07:49 - 2015-07-12 16:02 - 00000000 ____D C:\Users\adam\AppData\Roaming\DMCache
2016-06-12 00:10 - 2015-07-25 18:09 - 00000918 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-11 13:46 - 2016-03-21 21:13 - 00000000 ____D C:\Users\adam\Desktop\2016
2016-06-10 22:12 - 2009-07-14 04:34 - 00000219 _____ C:\Windows\system.ini
2016-06-10 06:48 - 2014-08-19 20:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 17:22 - 2014-05-23 22:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-09 16:12 - 2014-05-23 23:12 - 00000000 ____D C:\Temp
2016-06-09 15:09 - 2015-07-12 16:26 - 00000000 ____D C:\Users\adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
2016-06-09 15:08 - 2014-05-24 15:37 - 00000000 ____D C:\Users\adam\AppData\Local\Google
2016-06-09 15:08 - 2014-05-23 22:59 - 00000000 ____D C:\ProgramData\Google
2016-06-09 15:07 - 2014-05-23 22:55 - 00000000 ____D C:\ProgramData\McAfee
2016-06-09 15:06 - 2016-01-10 22:38 - 00000000 ____D C:\Program Files (x86)\Opera
2016-06-09 06:24 - 2014-05-28 21:57 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-09 06:24 - 2014-05-23 22:59 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-05 22:38 - 2014-05-24 18:46 - 00000000 ____D C:\Users\adam\AppData\Roaming\Skype
2016-06-02 23:28 - 2009-07-14 07:08 - 00032516 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-27 23:36 - 2016-04-17 17:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-27 23:34 - 2014-05-28 21:46 - 00000000 ____D C:\Windows\Minidump
2016-05-27 23:34 - 2010-07-12 22:26 - 00000000 ____D C:\Windows\Panther
2016-05-23 18:56 - 2014-05-25 11:36 - 00290816 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2016-05-13 21:56 - 2015-07-25 18:09 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 21:56 - 2015-07-25 18:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 21:56 - 2015-07-25 18:09 - 00003912 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-13 21:56 - 2015-07-25 18:09 - 00003776 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 14:52 - 2014-08-19 20:44 - 00000000 ____D C:\Users\adam\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2016-01-09 19:18 - 2016-01-09 19:18 - 0000218 _____ () C:\Users\adam\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-08 06:37

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité