cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-07-2016 01
Ran by Yondaime (administrator) on YONDAIME-PC (10-07-2016 19:25:41)
Running from C:\Users\Yondaime\Desktop
Loaded Profiles: Yondaime (Available Profiles: Yondaime)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: "C:\Program Files\Toolrain\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(VMware, Inc.) C:\Windows\System32\vmnat.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(VMware, Inc.) C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(© 2015 Microsoft Corporation) C:\Users\Yondaime\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157992 2015-07-11] (Apple Inc.)
HKLM\...\Run: [vmware-tray.exe] => C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [399736 2015-07-13] (BitTorrent, Inc.)
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [BingSvc] => C:\Users\Yondaime\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{4F9086ED-4D18-40F9-9E30-967D0DBC3481}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4099662633-3521346365-417894702-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-4099662633-3521346365-417894702-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDMIEHlprObj Class -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-20] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-20] (Oracle Corporation)

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-20] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Yondaime\AppData\Roaming\IDM\idmmzcc3
FF Extension: IDM CC - C:\Users\Yondaime\AppData\Roaming\IDM\idmmzcc3 [2015-07-12] [not signed]
FF HKU\S-1-5-21-4099662633-3521346365-417894702-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Yondaime\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Yondaime\AppData\Roaming\IDM\idmmzcc5 [2016-07-10] [not signed]

Chrome:
=======
CHR HomePage: ChromeDefaultData -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-gb
CHR Session Restore: ChromeDefaultData -> is enabled.
CHR Profile: C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Salty Game Music Player) - C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\leooadmebmmjogbfhdcbfldndllfkhpg [2015-10-10]
CHR Extension: (IDM Integration Module) - C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Yondaime\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-04-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144 2013-11-27] (WIBU-SYSTEMS AG)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096 2013-10-18] (VMware, Inc.)
R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [358480 2013-10-18] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [725696 2015-07-30] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [437328 2013-10-18] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\Windows\system32\mspmsnsv.dll [52224 2002-11-26] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [44664 2015-07-30] (VMware, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-07-28] (REALiX(tm))
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2009-02-10] (EZB Systems, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-03-13] (Duplex Secure Ltd.)
R3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [17104 2013-10-18] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37456 2013-10-18] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26192 2013-10-18] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\Drivers\VMparport.sys [24272 2013-10-18] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [65488 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.)
U3 ah033fof; C:\Windows\system32\Drivers\ah033fof.sys [0 ] (LSI Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\Users\Yondaime\AppData\Local\Temp\catchme.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-10 19:25 - 2016-07-10 19:25 - 00012581 _____ C:\Users\Yondaime\Desktop\FRST.txt
2016-07-10 19:25 - 2016-07-10 19:25 - 00000000 ____D C:\FRST
2016-07-10 19:22 - 2016-07-10 19:22 - 01741312 _____ (Farbar) C:\Users\Yondaime\Desktop\FRST.exe
2016-07-10 18:10 - 2016-07-10 18:10 - 00000000 ____H C:\ProgramData\cm-lock
2016-07-10 02:52 - 2016-07-10 02:52 - 00987728 _____ (Google Inc.) C:\Users\Yondaime\Downloads\ChromeSetup.exe
2016-07-10 02:49 - 2014-05-14 16:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-10 02:49 - 2014-05-14 16:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-10 02:49 - 2014-05-14 16:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-10 02:49 - 2014-05-14 16:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-10 02:49 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-10 02:49 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-10 02:32 - 2016-07-10 19:19 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-10 02:32 - 2016-07-10 02:32 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-10 02:32 - 2016-07-10 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-10 02:32 - 2016-07-10 02:32 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-07-10 02:32 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-10 02:32 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-10 02:32 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-10 02:30 - 2016-07-10 02:31 - 22851472 _____ (Malwarebytes ) C:\Users\Yondaime\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-07-08 04:50 - 2016-07-08 04:50 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-07-08 04:50 - 2016-07-08 04:50 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\Babylon
2016-07-08 04:50 - 2016-07-08 04:50 - 00000000 ____D C:\Users\Yondaime\AppData\Local\Babylon
2016-07-08 04:50 - 2016-07-08 04:50 - 00000000 ____D C:\ProgramData\Babylon
2016-07-08 04:50 - 2016-07-08 04:50 - 00000000 ____D C:\Program Files\Unlocker
2016-07-08 04:21 - 2016-07-08 04:21 - 00147756 _____ C:\Windows\ntbtlog.txt
2016-07-07 00:35 - 2016-07-10 18:57 - 00000000 ____D C:\Users\Yondaime\Desktop\naruto
2016-07-06 16:18 - 2016-07-06 16:18 - 00000000 ____D C:\Users\Yondaime\AppData\Local\ActiveState
2016-07-06 15:46 - 2016-07-06 18:04 - 00000000 ____D C:\Program Files\URUSoft
2016-07-06 15:46 - 2016-07-06 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
2016-07-06 14:00 - 2016-07-06 14:00 - 00016833 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t1086706.torrent
2016-07-06 14:00 - 2016-07-06 14:00 - 00016833 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t1086706 (1).torrent
2016-07-06 14:00 - 2016-07-06 14:00 - 00015222 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t1086716.torrent
2016-07-06 13:43 - 2016-07-06 13:43 - 00016563 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t3366653.torrent
2016-07-06 13:01 - 2016-07-06 13:01 - 00020393 _____ C:\Users\Yondaime\Downloads\[160706] 劇場版「BORUTO -NARUTO THE MOVIE-」Soundtrack Selection [320K+BK].torrent
2016-07-02 22:18 - 2016-07-03 02:37 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\ProductData
2016-07-02 22:18 - 2016-07-02 22:18 - 00000000 ____D C:\ProgramData\ProductData
2016-06-30 23:51 - 2016-06-30 23:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-30 23:49 - 2016-06-30 23:50 - 22851472 _____ (Malwarebytes ) C:\Users\Yondaime\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-30 23:21 - 2016-07-10 18:10 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-06-30 23:04 - 2016-07-02 22:01 - 00000000 ____D C:\AdwCleaner
2016-06-30 23:02 - 2016-06-30 23:02 - 03712064 _____ C:\Users\Yondaime\Desktop\adwcleaner_5.201.exe
2016-06-30 22:57 - 2016-06-30 22:57 - 01610816 _____ (Malwarebytes) C:\Users\Yondaime\Desktop\JRT.exe
2016-06-30 22:39 - 2016-07-10 18:57 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\ZHP
2016-06-30 22:39 - 2016-07-10 02:19 - 00000826 _____ C:\Users\Yondaime\Desktop\ZHPDiag.lnk
2016-06-30 22:39 - 2016-07-08 00:09 - 02224640 _____ C:\Users\Yondaime\ZHPDiag3.exe
2016-06-30 20:04 - 2016-06-30 20:04 - 00000000 ____D C:\ProgramData\Toolrain
2016-06-30 19:54 - 2016-06-30 20:04 - 00000000 ____D C:\Qoobox
2016-06-30 19:54 - 2016-06-30 20:03 - 00000000 ____D C:\Windows\erdnt
2016-06-30 19:54 - 2011-06-26 06:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-30 19:54 - 2010-11-07 17:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-30 19:54 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-30 19:54 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-30 19:54 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-30 19:54 - 2000-08-31 00:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-30 19:54 - 2000-08-31 00:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-30 19:54 - 2000-08-31 00:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-29 14:47 - 2016-06-29 23:10 - 00000000 ____D C:\Users\Yondaime\AppData\LocalLow\Adblock Plus for IE
2016-06-29 14:22 - 2016-06-29 14:22 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-29 13:22 - 2016-06-29 13:22 - 00000000 ____D C:\Users\Yondaime\AppData\Local\Toolrain
2016-06-29 13:21 - 2016-07-10 02:22 - 00000774 _____ C:\Users\Public\Documents\report.dat
2016-06-29 13:21 - 2016-06-29 13:21 - 00000000 ____D C:\Program Files\Toolrain
2016-06-27 18:38 - 2016-06-27 18:38 - 00013061 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t4326256.torrent
2016-06-27 13:23 - 2016-06-27 13:23 - 00000072 _____ C:\Windows\system32\EN_99575.html
2016-06-27 13:23 - 2016-06-27 13:23 - 00000072 _____ C:\Windows\system32\EN_99310.html
2016-06-27 13:23 - 2016-06-27 13:23 - 00000072 _____ C:\Windows\system32\EN_135143.html
2016-06-27 13:23 - 2016-06-27 13:23 - 00000072 _____ C:\Windows\system32\EN_121727.html
2016-06-27 13:23 - 2016-06-27 13:23 - 00000072 _____ C:\Windows\system32\EN_121462.html
2016-06-27 13:22 - 2016-06-27 13:22 - 04403499 _____ (Update) C:\Windows\system32\en9.exe
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\us_65707.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_95035.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_94739.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_83226.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_82602.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_70933.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_70652.html
2016-06-27 13:22 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_66269.html
2016-06-27 01:40 - 2016-06-27 01:40 - 00000763 _____ C:\Users\Yondaime\Downloads\tv_channels_vRRaxGAB3B (1).m3u
2016-06-23 23:14 - 2016-06-23 23:14 - 00002098 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-23 23:14 - 2016-06-23 23:14 - 00000000 ____D C:\Windows\IObit
2016-06-23 23:14 - 2016-06-23 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-23 14:36 - 2016-06-23 14:36 - 00000072 _____ C:\Windows\system32\EN_149776.html
2016-06-23 14:36 - 2016-06-23 14:36 - 00000072 _____ C:\Windows\system32\EN_130744.html
2016-06-23 14:36 - 2016-06-23 14:36 - 00000072 _____ C:\Windows\system32\EN_130510.html
2016-06-23 14:35 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_83507.html
2016-06-23 14:35 - 2016-06-27 13:22 - 00000072 _____ C:\Windows\system32\EN_82867.html
2016-06-23 14:35 - 2016-06-27 13:22 - 00000000 ____D C:\Windows\system32\_TSpm
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\us_62166.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_98343.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_98093.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_83195.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_82524.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_64880.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_106735.html
2016-06-23 14:35 - 2016-06-23 14:35 - 00000072 _____ C:\Windows\system32\EN_106455.html
2016-06-22 22:04 - 2016-06-22 22:04 - 00028128 _____ C:\Users\Yondaime\Downloads\[www.arabp2p.com]_-_مسلسل القناع الاخضر مدبلج بالعربية.torrent
2016-06-21 03:11 - 2016-07-10 02:39 - 00000974 _____ C:\Users\Yondaime\Desktop\New Text Document.txt
2016-06-20 21:47 - 2016-06-20 21:47 - 00061356 _____ C:\Users\Yondaime\Downloads\[www.arabp2p.com]_-_Tiger Mask - النمر المقنع كامل مدبلج الى العربية بدون حذف - جودة الديفيدي الأصلية DVD uncut (1).torrent
2016-06-19 17:50 - 2016-06-19 17:50 - 00228031 _____ C:\Users\Yondaime\Downloads\[rutracker.org].t4511411.torrent
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_93444.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_93194.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_89138.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_88811.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_88483.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_88156.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_131930.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_116095.html
2016-06-15 16:12 - 2016-06-15 16:12 - 00000072 _____ C:\Windows\system32\EN_115815.html
2016-06-15 16:11 - 2016-06-15 16:11 - 00000072 _____ C:\Windows\system32\us_67517.html
2016-06-15 16:11 - 2016-06-15 16:11 - 00000072 _____ C:\Windows\system32\EN_75114.html
2016-06-15 16:11 - 2016-06-15 16:11 - 00000072 _____ C:\Windows\system32\EN_74864.html
2016-06-15 16:11 - 2016-06-15 16:11 - 00000072 _____ C:\Windows\system32\EN_70356.html
2016-06-13 03:24 - 2016-06-13 03:55 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\COWON
2016-06-13 02:06 - 2016-06-13 02:06 - 00033464 _____ C:\Users\Yondaime\Downloads\[www.arabp2p.com]_-_Get.a.Job.2016.1080p.BluRay.H264.AAC-RARBG.torrent
2016-06-11 23:29 - 2016-06-11 23:29 - 71847744 _____ C:\Users\Yondaime\Downloads\NPJB00411_DOA5LR_Costumes_by_Tamiki_Wakaki_DLC_FIX.pkg
2016-06-11 02:15 - 2016-06-11 02:15 - 00061356 _____ C:\Users\Yondaime\Downloads\[www.arabp2p.com]_-_Tiger Mask - النمر المقنع كامل مدبلج الى العربية بدون حذف - جودة الديفيدي الأصلية DVD uncut.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-10 19:25 - 2015-07-13 22:10 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\uTorrent
2016-07-10 19:19 - 2015-07-20 01:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-10 18:54 - 2015-07-12 01:57 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 18:18 - 2010-11-20 21:01 - 00785930 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-10 18:18 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\inf
2016-07-10 18:17 - 2009-07-14 04:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-10 18:17 - 2009-07-14 04:34 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-10 18:10 - 2015-10-17 15:48 - 00000000 ____D C:\ProgramData\VMware
2016-07-10 18:10 - 2015-10-11 15:33 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-10 18:10 - 2015-07-12 01:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 18:10 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-10 06:13 - 2015-07-12 03:16 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\DMCache
2016-07-10 04:55 - 2015-07-28 02:33 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\MPC-HC
2016-07-10 02:54 - 2015-07-12 01:58 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-10 02:54 - 2015-07-12 01:58 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-10 02:50 - 2015-07-12 01:57 - 00000000 ____D C:\Users\Yondaime\AppData\Local\Google
2016-07-10 02:44 - 2015-07-12 03:16 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\IDM
2016-07-10 00:35 - 2015-10-10 22:39 - 00000000 ____D C:\Users\Yondaime\Documents\Camtasia Studio
2016-07-10 00:19 - 2015-07-20 01:15 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-08 00:09 - 2015-07-12 01:40 - 00000000 ____D C:\Users\Yondaime
2016-07-07 15:11 - 2015-10-11 15:04 - 00000000 ____D C:\Users\Yondaime\AppData\Local\CrashDumps
2016-07-07 14:52 - 2015-07-21 23:48 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\vlc
2016-07-07 00:45 - 2016-01-28 21:34 - 00000000 ___SD C:\Users\Yondaime\Documents\My Playstation Themes
2016-07-06 18:04 - 2015-08-20 18:01 - 00000000 ____D C:\Perl
2016-07-06 15:25 - 2015-07-20 00:27 - 00000000 ____D C:\Program Files\Opera
2016-07-05 23:08 - 2015-09-17 23:23 - 00000000 ___HD C:\New folder
2016-07-01 00:11 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\tracing
2016-06-30 23:03 - 2015-07-28 01:56 - 00000000 ____D C:\Users\Yondaime\AppData\Roaming\IObit
2016-06-30 23:03 - 2015-07-28 01:56 - 00000000 ____D C:\ProgramData\IObit
2016-06-30 23:03 - 2015-07-28 01:56 - 00000000 ____D C:\Program Files\IObit
2016-06-30 20:03 - 2009-07-14 02:04 - 00000215 _____ C:\Windows\system.ini
2016-06-30 20:01 - 2009-07-14 02:03 - 31719424 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-06-30 20:01 - 2009-07-14 02:03 - 14680064 _____ C:\Windows\system32\config\SYSTEM.bak
2016-06-30 20:01 - 2009-07-14 02:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-06-30 20:01 - 2009-07-14 02:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-06-30 20:01 - 2009-07-14 02:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2016-06-29 13:23 - 2009-07-14 04:53 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-21 12:13 - 2015-07-12 01:56 - 00400552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-16 23:19 - 2015-07-20 01:15 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-16 23:19 - 2015-07-20 01:15 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-15 16:11 - 2016-05-25 15:02 - 00000000 ____D C:\Windows\system32\_tWm
2016-06-13 03:55 - 2015-09-05 22:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2015-04-19 12:20 - 2015-04-19 12:20 - 0005872 _____ () C:\Users\Yondaime\AppData\Roaming\336aRjZreT
2016-07-10 18:10 - 2016-07-10 18:10 - 0000000 ____H () C:\ProgramData\cm-lock
2015-08-03 00:11 - 2015-08-03 00:58 - 0005957 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Yondaime\ZHPDiag3.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-07 22:06

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité