Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2015
Ran by SYSTEM on MININT-PEXF12 (01-08-2015 17:22:39)
Running from X:\Users\Default\Desktop
Platform: WIN_8 (X64) Language: English (United States)
Boot Mode: Recovery
ATTENTION: Could not load system hive.
ERROR: The configuration registry database is corrupt.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
ATTENTION: Software hive is not loaded.
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1001\User: Group Policy Restriction detected <======= ATTENTION
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-01 17:22 - 2015-08-01 17:22 - 00000000 ____D C:\FRST
2015-07-28 00:33 - 2015-07-25 06:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-07-25 19:53 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll
2015-07-20 10:51 - 2015-07-14 07:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-07-20 10:51 - 2015-07-14 07:13 - 00044032 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-07-18 04:54 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-07-18 04:45 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-07-18 04:44 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-07-18 04:44 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-07-18 04:41 - 2015-06-15 15:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-07-18 04:41 - 2015-06-15 15:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-07-18 04:41 - 2015-06-15 15:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-07-18 04:41 - 2015-06-15 15:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-07-18 04:41 - 2015-06-15 15:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2015-07-18 04:41 - 2015-06-15 14:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-07-18 04:41 - 2015-06-15 14:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-07-18 04:41 - 2015-06-15 14:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2015-07-18 04:41 - 2015-06-15 14:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-07-18 04:41 - 2015-06-15 14:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-07-18 04:41 - 2015-06-15 14:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-07-18 04:41 - 2015-06-15 14:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-07-18 04:41 - 2015-06-15 14:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-07-18 04:41 - 2015-06-15 14:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2015-07-18 04:41 - 2015-06-15 14:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-07-18 04:41 - 2015-06-15 13:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-07-18 04:24 - 2015-07-01 15:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-07-17 10:01 - 2015-07-17 10:01 - 00001448 _____ C:\Users\Jean-Claude\Desktop\ROBLOX Player.lnk
2015-07-17 09:37 - 2015-07-17 09:37 - 00279288 _____ C:\Windows\Minidump\071715-39046-01.dmp
2015-07-17 04:06 - 2015-06-29 15:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-07-17 04:06 - 2015-06-29 08:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-07-16 09:34 - 2015-07-09 12:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-07-16 09:34 - 2015-07-09 11:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-07-16 09:34 - 2015-07-09 09:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-07-16 09:34 - 2015-07-09 08:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-07-16 09:34 - 2015-07-09 08:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-07-16 09:34 - 2015-07-09 08:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-07-16 09:34 - 2015-07-09 08:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-07-16 09:33 - 2015-06-27 22:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-07-16 09:33 - 2015-06-26 20:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-07-16 09:33 - 2015-06-26 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2015-07-16 09:33 - 2015-06-26 19:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-07-16 09:33 - 2015-06-26 19:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-07-16 09:33 - 2015-06-24 19:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-07-16 09:33 - 2015-04-29 16:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2015-07-16 09:32 - 2015-06-15 15:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-16 09:32 - 2015-06-15 15:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-16 09:32 - 2015-06-15 13:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-16 09:32 - 2015-05-30 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\werdiagcontroller.dll
2015-07-16 09:32 - 2015-05-30 12:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2015-07-16 09:32 - 2015-05-30 12:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2015-07-16 09:32 - 2015-05-07 10:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-07-16 09:32 - 2015-05-07 10:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2015-07-16 09:32 - 2015-05-07 08:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2015-07-16 09:32 - 2015-05-02 17:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-07-16 09:32 - 2015-04-24 19:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2015-07-16 09:30 - 2015-05-03 08:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 09:30 - 2015-05-03 07:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2015-07-15 06:50 - 2015-06-15 22:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-15 06:50 - 2015-06-10 20:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-15 06:50 - 2015-05-11 09:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\System32\fhcpl.dll
2015-07-15 06:50 - 2015-05-07 09:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-07-15 06:50 - 2015-04-28 06:13 - 00513480 _____ C:\Windows\System32\locale.nls
2015-07-15 06:50 - 2015-04-23 08:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2015-07-15 06:49 - 2015-05-12 06:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2015-07-15 06:49 - 2015-05-03 08:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2015-07-15 06:49 - 2015-05-01 16:33 - 00410739 _____ C:\Windows\System32\ApnDatabase.xml
2015-07-06 05:22 - 2015-07-17 09:37 - 460775991 _____ C:\Windows\MEMORY.DMP
2015-07-06 05:22 - 2015-07-06 05:23 - 00279288 _____ C:\Windows\Minidump\070615-22546-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-01 04:23 - 2015-02-05 07:49 - 02060711 _____ C:\Windows\WindowsUpdate.log
2015-08-01 04:10 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\sru
2015-07-31 11:17 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-31 11:05 - 2015-02-07 04:28 - 00011256 _____ C:\Windows\setupact.log
2015-07-28 11:03 - 2012-07-26 00:59 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Lolin
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Jean-Claude
2015-07-27 10:56 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\SysWOW64
2015-07-27 10:33 - 2012-11-22 05:58 - 00000000 ____D C:\ProgramData\Temp
2015-07-27 09:31 - 2013-12-01 09:45 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\.minecraft
2015-07-27 07:13 - 2015-01-15 07:09 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\Raptr
2015-07-25 08:35 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-25 06:18 - 2015-04-05 01:00 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-23 22:29 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-07-22 04:24 - 2014-11-05 11:33 - 00000000 ____D C:\Users\Jean-Claude\OneDrive
2015-07-20 14:18 - 2013-08-22 07:44 - 00484144 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-20 14:17 - 2013-08-22 06:25 - 01310720 ___SH C:\Windows\System32\config\BBI
2015-07-17 09:48 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\WinStore
2015-07-17 09:37 - 2014-12-11 15:12 - 00000000 ____D C:\Windows\System32\appraiser
2015-07-17 09:37 - 2014-09-24 11:10 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\fr-FR
2015-07-16 09:46 - 2013-09-04 12:45 - 00000000 ____D C:\Windows\System32\MRT
2015-07-16 09:09 - 2013-08-22 06:36 - 00000000 ___RD C:\Program Files (x86)
2015-07-15 10:44 - 2014-12-14 08:25 - 00000000 ____D C:\Users\Jean-Claude\AppData\Local\Deployment
2015-07-12 13:29 - 2015-02-07 04:28 - 00096896 _____ C:\Windows\PFRO.log
2015-07-06 05:22 - 2015-03-25 05:02 - 00000000 ____D C:\Windows\Minidump
2015-07-05 03:08 - 2014-10-01 11:56 - 00300704 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2015-07-02 23:43 - 2013-05-24 00:22 - 130333168 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
Some files in TEMP:
====================
C:\Users\Jean-Claude\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Lolin\AppData\Local\Temp\drm_dyndata_7380014.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe
[2015-03-10 11:07] - [2015-01-27 16:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88
C:\Windows\System32\winlogon.exe
[2015-03-11 15:16] - [2014-10-28 18:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437
C:\Windows\System32\wininit.exe
[2015-03-11 15:12] - [2014-10-28 18:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380
C:\Windows\System32\svchost.exe
[2015-03-11 15:10] - [2014-10-28 21:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47
C:\Windows\System32\services.exe
[2015-05-13 03:27] - [2015-04-08 15:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45
C:\Windows\System32\User32.dll
[2015-03-11 15:21] - [2014-10-28 21:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5
C:\Windows\System32\userinit.exe
[2015-03-11 15:07] - [2014-10-28 18:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F
C:\Windows\System32\rpcss.dll
[2015-03-11 15:20] - [2014-10-28 18:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2014-09-24 08:44] - [2014-09-24 08:44] - 0310080 ___AC (Microsoft Corporation) 64CA2B4A49A8EAF495E435623ECCE7DB
==================== Restore Points =========================
Restore point made on: 2015-07-10 08:47:14
Restore point made on: 2015-07-15 07:09:28
Restore point made on: 2015-07-18 13:55:32
Restore point made on: 2015-07-25 19:49:53
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 3800.02 MB
Available physical RAM: 2923.38 MB
Total Virtual: 3800.02 MB
Available Virtual: 1421.5 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:1.5 GB) (Free:1.46 GB) NTFS
Drive c: (Acer) (Fixed) (Total:922.76 GB) (Free:729.1 GB) NTFS
Drive d: (DATA) (Fixed) (Total:924.01 GB) (Free:861.76 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:14.46 GB) (Free:13.68 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.24 GB) (Free:0.24 GB) NTFS
Drive y: (WIN8PESE) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)
LastRegBack: 2015-07-31 11:16
==================== End of log ============================
Ran by SYSTEM on MININT-PEXF12 (01-08-2015 17:22:39)
Running from X:\Users\Default\Desktop
Platform: WIN_8 (X64) Language: English (United States)
Boot Mode: Recovery
ATTENTION: Could not load system hive.
ERROR: The configuration registry database is corrupt.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
ATTENTION: Software hive is not loaded.
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3053974345-2293372465-1268832192-1001\User: Group Policy Restriction detected <======= ATTENTION
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-01 17:22 - 2015-08-01 17:22 - 00000000 ____D C:\FRST
2015-07-28 00:33 - 2015-07-25 06:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-07-25 19:53 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\System32\aspnet_counters.dll
2015-07-20 10:51 - 2015-07-14 07:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-07-20 10:51 - 2015-07-14 07:13 - 00044032 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-07-18 04:54 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-07-18 04:45 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-07-18 04:44 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-07-18 04:44 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-07-18 04:41 - 2015-06-15 15:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-07-18 04:41 - 2015-06-15 15:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-07-18 04:41 - 2015-06-15 15:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-07-18 04:41 - 2015-06-15 15:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-07-18 04:41 - 2015-06-15 15:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2015-07-18 04:41 - 2015-06-15 14:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-07-18 04:41 - 2015-06-15 14:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-07-18 04:41 - 2015-06-15 14:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2015-07-18 04:41 - 2015-06-15 14:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-07-18 04:41 - 2015-06-15 14:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2015-07-18 04:41 - 2015-06-15 14:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-07-18 04:41 - 2015-06-15 14:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-07-18 04:41 - 2015-06-15 14:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-07-18 04:41 - 2015-06-15 14:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2015-07-18 04:41 - 2015-06-15 14:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-07-18 04:41 - 2015-06-15 13:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-07-18 04:24 - 2015-07-01 15:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-07-17 10:01 - 2015-07-17 10:01 - 00001448 _____ C:\Users\Jean-Claude\Desktop\ROBLOX Player.lnk
2015-07-17 09:37 - 2015-07-17 09:37 - 00279288 _____ C:\Windows\Minidump\071715-39046-01.dmp
2015-07-17 04:06 - 2015-06-29 15:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-07-17 04:06 - 2015-06-29 08:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-07-17 04:06 - 2015-06-29 08:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-07-17 04:06 - 2015-06-26 16:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-07-16 09:34 - 2015-07-09 12:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-07-16 09:34 - 2015-07-09 11:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-07-16 09:34 - 2015-07-09 09:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-07-16 09:34 - 2015-07-09 08:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-07-16 09:34 - 2015-07-09 08:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2015-07-16 09:34 - 2015-07-09 08:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-07-16 09:34 - 2015-07-09 08:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-07-16 09:34 - 2015-07-09 08:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-07-16 09:34 - 2015-06-26 20:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-07-16 09:33 - 2015-06-27 22:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-07-16 09:33 - 2015-06-27 22:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-07-16 09:33 - 2015-06-26 20:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-07-16 09:33 - 2015-06-26 20:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-07-16 09:33 - 2015-06-26 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2015-07-16 09:33 - 2015-06-26 19:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-07-16 09:33 - 2015-06-26 19:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-07-16 09:33 - 2015-06-24 19:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-07-16 09:33 - 2015-04-29 16:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2015-07-16 09:32 - 2015-06-15 15:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2015-07-16 09:32 - 2015-06-15 15:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2015-07-16 09:32 - 2015-06-15 13:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2015-07-16 09:32 - 2015-05-30 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\werdiagcontroller.dll
2015-07-16 09:32 - 2015-05-30 12:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2015-07-16 09:32 - 2015-05-30 12:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2015-07-16 09:32 - 2015-05-07 10:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-07-16 09:32 - 2015-05-07 10:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2015-07-16 09:32 - 2015-05-07 08:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2015-07-16 09:32 - 2015-05-02 17:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2015-07-16 09:32 - 2015-04-24 19:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2015-07-16 09:30 - 2015-05-03 08:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 09:30 - 2015-05-03 07:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2015-07-15 06:50 - 2015-06-15 22:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2015-07-15 06:50 - 2015-06-10 20:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2015-07-15 06:50 - 2015-05-11 09:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\System32\fhcpl.dll
2015-07-15 06:50 - 2015-05-07 09:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-07-15 06:50 - 2015-04-28 06:13 - 00513480 _____ C:\Windows\System32\locale.nls
2015-07-15 06:50 - 2015-04-23 08:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2015-07-15 06:49 - 2015-05-12 06:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2015-07-15 06:49 - 2015-05-03 08:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2015-07-15 06:49 - 2015-05-01 16:33 - 00410739 _____ C:\Windows\System32\ApnDatabase.xml
2015-07-06 05:22 - 2015-07-17 09:37 - 460775991 _____ C:\Windows\MEMORY.DMP
2015-07-06 05:22 - 2015-07-06 05:23 - 00279288 _____ C:\Windows\Minidump\070615-22546-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-01 04:23 - 2015-02-05 07:49 - 02060711 _____ C:\Windows\WindowsUpdate.log
2015-08-01 04:10 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\sru
2015-07-31 11:17 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-31 11:05 - 2015-02-07 04:28 - 00011256 _____ C:\Windows\setupact.log
2015-07-28 11:03 - 2012-07-26 00:59 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Lolin
2015-07-27 12:04 - 2014-11-05 10:50 - 00000000 ____D C:\users\Jean-Claude
2015-07-27 10:56 - 2013-08-22 06:36 - 00000000 ____D C:\Windows\SysWOW64
2015-07-27 10:33 - 2012-11-22 05:58 - 00000000 ____D C:\ProgramData\Temp
2015-07-27 09:31 - 2013-12-01 09:45 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\.minecraft
2015-07-27 07:13 - 2015-01-15 07:09 - 00000000 ____D C:\Users\Jean-Claude\AppData\Roaming\Raptr
2015-07-25 08:35 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-25 06:18 - 2015-04-05 01:00 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-23 22:29 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-07-22 04:24 - 2014-11-05 11:33 - 00000000 ____D C:\Users\Jean-Claude\OneDrive
2015-07-20 14:18 - 2013-08-22 07:44 - 00484144 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-20 14:17 - 2013-08-22 06:25 - 01310720 ___SH C:\Windows\System32\config\BBI
2015-07-17 09:48 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\WinStore
2015-07-17 09:37 - 2014-12-11 15:12 - 00000000 ____D C:\Windows\System32\appraiser
2015-07-17 09:37 - 2014-09-24 11:10 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-17 09:37 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\System32\fr-FR
2015-07-16 09:46 - 2013-09-04 12:45 - 00000000 ____D C:\Windows\System32\MRT
2015-07-16 09:09 - 2013-08-22 06:36 - 00000000 ___RD C:\Program Files (x86)
2015-07-15 10:44 - 2014-12-14 08:25 - 00000000 ____D C:\Users\Jean-Claude\AppData\Local\Deployment
2015-07-12 13:29 - 2015-02-07 04:28 - 00096896 _____ C:\Windows\PFRO.log
2015-07-06 05:22 - 2015-03-25 05:02 - 00000000 ____D C:\Windows\Minidump
2015-07-05 03:08 - 2014-10-01 11:56 - 00300704 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2015-07-02 23:43 - 2013-05-24 00:22 - 130333168 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
Some files in TEMP:
====================
C:\Users\Jean-Claude\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Lolin\AppData\Local\Temp\drm_dyndata_7380014.dll
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe
[2015-03-10 11:07] - [2015-01-27 16:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88
C:\Windows\System32\winlogon.exe
[2015-03-11 15:16] - [2014-10-28 18:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437
C:\Windows\System32\wininit.exe
[2015-03-11 15:12] - [2014-10-28 18:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380
C:\Windows\System32\svchost.exe
[2015-03-11 15:10] - [2014-10-28 21:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47
C:\Windows\System32\services.exe
[2015-05-13 03:27] - [2015-04-08 15:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45
C:\Windows\System32\User32.dll
[2015-03-11 15:21] - [2014-10-28 21:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5
C:\Windows\System32\userinit.exe
[2015-03-11 15:07] - [2014-10-28 18:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F
C:\Windows\System32\rpcss.dll
[2015-03-11 15:20] - [2014-10-28 18:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00
ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2014-09-24 08:44] - [2014-09-24 08:44] - 0310080 ___AC (Microsoft Corporation) 64CA2B4A49A8EAF495E435623ECCE7DB
==================== Restore Points =========================
Restore point made on: 2015-07-10 08:47:14
Restore point made on: 2015-07-15 07:09:28
Restore point made on: 2015-07-18 13:55:32
Restore point made on: 2015-07-25 19:49:53
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 3800.02 MB
Available physical RAM: 2923.38 MB
Total Virtual: 3800.02 MB
Available Virtual: 1421.5 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:1.5 GB) (Free:1.46 GB) NTFS
Drive c: (Acer) (Fixed) (Total:922.76 GB) (Free:729.1 GB) NTFS
Drive d: (DATA) (Fixed) (Total:924.01 GB) (Free:861.76 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:14.46 GB) (Free:13.68 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.24 GB) (Free:0.24 GB) NTFS
Drive y: (WIN8PESE) (CDROM) (Total:0.42 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)
LastRegBack: 2015-07-31 11:16
==================== End of log ============================