« previous next »
Pages: [1] 2

Author Topic: Lost user  (Read 19460 times)

0 Members and 3 Guests are viewing this topic.

August 27, 2015, 01:01:45 PM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Lost user
« on: August 27, 2015, 01:01:45 PM »
Hello !

I got Malwarebytes anti-malware home edition which told me there was a problem with C:\Windows\SysWOW64\rundll32.exe
As I found several different answers on the web I run Roguekiller and this is wha I got :

RogueKiller V10.10.2.0 [Aug 24 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9600) 64 bits version
Démarré en  : Mode normal
Utilisateur : Tenshi304 [Administrateur]
Démarré depuis : C:\Users\user\Desktop\Setup\RogueKiller.exe
Mode : Scan -- Date : 08/27/2015 12:38:41

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 30 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc000036b]) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPKT-22PK4T0 +++++
--- User ---
[MBR] 2b07301719add2e708d8f768dd01f646
[BSP] f7c36c548677d45865e45d136f44088c : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1697792 | Size: 693773 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1422544896 | Size: 452 MB
5 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1423470592 | Size: 350 MB
6 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1424187392 | Size: 20000 MB
User = LL1 ... OK
User = LL2 ... OK

So I would like to know if I can delete the registry entries or not ? And will it remedy at hte problem (?) with rundll32 ?
Thanks for any help !
Logged
Reply #1August 27, 2015, 04:45:05 PM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2809
  • Reputation:
    100
    • View Profile
Re: Lost user
« Reply #1 on: August 27, 2015, 04:45:05 PM »
Hi tenshi304,

Welcome to Adlice.com Forum.
Could you please copy/paste Malwarebytes report in your next reply ?

The report you posted was generated with the 32 bits version of RogueKiller.
Please download RogueKiller (64 bits version), redo a full scan and post the report obtained in your next reply.

Regards.
Logged
Reply #2August 27, 2015, 09:12:51 PM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #2 on: August 27, 2015, 09:12:51 PM »
Thanks !

Here is Malwarebytes report :

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 27/08/2015
Heure de l'analyse: 20:35
Fichier journal:
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.27.04
Base de données de rootkits: v2015.08.16.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Tenshi304

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 461171
Temps écoulé: 26 min, 51 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Avertir
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 0
(Aucun élément malveillant détecté)

Valeurs du registre: 0
(Aucun élément malveillant détecté)

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 0
(Aucun élément malveillant détecté)

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)
Logged
Reply #3August 27, 2015, 09:14:09 PM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #3 on: August 27, 2015, 09:14:09 PM »
And here is the new Rogue one :

RogueKiller V10.10.2.0 (x64) [Aug 24 2015] par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 8.1 (6.3.9600) 64 bits version
Démarré en  : Mode normal
Utilisateur : Tenshi304 [Administrateur]
Démarré depuis : C:\Users\user\Desktop\Setup\RogueKillerX64.exe
Mode : Scan -- Date : 08/27/2015 21:05:32

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 38 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Start Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com  -> Trouvé(e)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Search Page : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main | Default_Search_URL : https://safesearch.avira.com/#web/result?source=repair&q=  -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 0 ¤¤¤

¤¤¤ Fichier Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Non chargé [0x20]) ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPKT-22PK4T0 +++++
--- User ---
[MBR] 2b07301719add2e708d8f768dd01f646
[BSP] f7c36c548677d45865e45d136f44088c : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1697792 | Size: 693773 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1422544896 | Size: 452 MB
5 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1423470592 | Size: 350 MB
6 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1424187392 | Size: 20000 MB
User = LL1 ... OK
User = LL2 ... OK

Thanks !
Logged
Reply #4August 27, 2015, 09:22:09 PM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #4 on: August 27, 2015, 09:22:09 PM »
And here is the message that I got from Malwarebytes :

:( Site Web malveillant bloqué (Malicious bloqued website)
Domaine :
Adresse IP : 195.62.26.111
Port : 22370
Type : Inbound
Processus : C:\Windows\SysWOW64\rundll32.exe
Logged
Reply #5August 28, 2015, 01:15:58 AM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2809
  • Reputation:
    100
    • View Profile
Re: Lost user
« Reply #5 on: August 28, 2015, 01:15:58 AM »
Hi tenshi304,

The IP seems harmless. This is possibly a false positive.

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Regards.
Logged
Reply #6August 28, 2015, 10:31:18 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #6 on: August 28, 2015, 10:31:18 AM »
Thanks Curson !

Here what you asked : FRST.exe

Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
Exécuté par Tenshi304 (administrateur) sur TENSHIJR03 (28-08-2015 10:12:06)
Exécuté depuis C:\Users\user\Desktop
Profils chargés: Tenshi304 &  (Profils disponibles: Tenshi304 & Administrateur & Invité)
Platform: Windows 8.1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
Logged
Reply #7August 28, 2015, 10:34:05 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #7 on: August 28, 2015, 10:34:05 AM »
==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-03-07] (Dritek System Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1699936 2015-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\...\Run: [perutjmxh] => rundll32 "C:\Users\user\AppData\Roaming\SPInfr.dll",Ngtg
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1699936 2015-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [perutjmxh] => rundll32 "C:\Users\user\AppData\Roaming\SPInfr.dll",Ngtg
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1699936 2015-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [perutjmxh] => rundll32 "C:\Users\user\AppData\Roaming\SPInfr.dll",Ngtg
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1699936 2015-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [uTorrent] => C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [1699936 2015-08-21] (BitTorrent Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2013-01-31]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050 J610 series (réseau).lnk [2015-07-26]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3050 J610 series (réseau).lnk -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=repair&q=
SearchScopes: HKU\S-1-5-21-3742332393-2993258490-2235973863-1002 -> DefaultScope {8835C368-C15F-423C-9899-756E8F7FA568} URL =
SearchScopes: HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {8835C368-C15F-423C-9899-756E8F7FA568} URL =
SearchScopes: HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {8835C368-C15F-423C-9899-756E8F7FA568} URL =
SearchScopes: HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {8835C368-C15F-423C-9899-756E8F7FA568} URL =
SearchScopes: HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {8835C368-C15F-423C-9899-756E8F7FA568} URL =
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CB04AA74-FC01-4842-BFB3-3312BC13B91F}: [DhcpNameServer] 192.168.200.1
Tcpip\..\Interfaces\{FF99C907-90F2-41DB-83D3-2721A2CD5268}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FF99C907-90F2-41DB-83D3-2721A2CD5268}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\aa8q3m6g.default
FF DefaultSearchEngine: omniboxes
FF SelectedSearchEngine: omniboxes
FF Homepage: hxxp://www.google.fr/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-24] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\aa8q3m6g.default\Extensions\abs@avira.com [2015-08-21]
FF Extension: McAfee WebAdvisor - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\aa8q3m6g.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-08-25]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-07-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24376 2015-06-30] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-08-04] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-03-07] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

Logged
Reply #8August 28, 2015, 10:38:59 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #8 on: August 28, 2015, 10:38:59 AM »
===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-22] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-08-04] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-07] (Dritek System Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-08-27] ()

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-28 10:12 - 2015-08-28 10:12 - 00027253 _____ C:\Users\user\Desktop\FRST.txt
2015-08-28 10:11 - 2015-08-28 10:12 - 00000000 ____D C:\FRST
2015-08-28 10:11 - 2015-08-28 10:11 - 02186752 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-08-28 00:45 - 2015-08-28 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-27 12:27 - 2015-08-27 13:11 - 00000000 ____D C:\ProgramData\RogueKiller
2015-08-27 12:27 - 2015-08-27 12:27 - 00035064 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-27 11:53 - 2015-08-27 11:54 - 00000231 _____ C:\WINDOWS\setupact.log
2015-08-27 11:53 - 2015-08-27 11:53 - 00006030 _____ C:\WINDOWS\PFRO.log
2015-08-27 11:53 - 2015-08-27 11:53 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-27 11:26 - 2015-08-28 10:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-27 11:26 - 2015-08-27 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-27 11:26 - 2015-08-27 11:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 11:26 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-27 11:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-27 11:25 - 2015-08-27 11:26 - 00001122 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-27 11:25 - 2015-08-27 11:26 - 00000000 ____D C:\Users\user\AppData\Roaming\Malwarebytes
2015-08-27 11:25 - 2015-08-27 11:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-27 11:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-26 19:15 - 2015-08-27 10:49 - 00000000 ____D C:\ProgramData\update
2015-08-26 19:15 - 2015-08-26 19:15 - 00000124 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-08-26 19:10 - 2015-08-26 19:10 - 00477184 __RSH C:\Users\user\AppData\Roaming\SPInfr.dll
2015-08-26 19:04 - 2015-08-27 11:19 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
2015-08-26 18:41 - 2015-08-26 18:41 - 00000000 ____D C:\Users\user\AppData\Local\clear.fi
2015-08-26 17:27 - 2015-08-26 17:27 - 00000000 ____D C:\WINDOWS\LastGood
2015-08-26 17:27 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-26 17:27 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-26 17:26 - 2015-08-28 10:09 - 00000000 ____D C:\Users\user\AppData\Local\Deployment
2015-08-26 17:26 - 2015-08-26 17:26 - 00000000 ____D C:\Users\user\AppData\Local\Apps\2.0
2015-08-26 17:10 - 2015-08-26 17:10 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-26 17:10 - 2015-08-26 17:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-26 17:07 - 2015-08-26 17:07 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-08-26 17:00 - 2015-08-26 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-26 16:59 - 2015-08-26 17:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-08-26 16:59 - 2015-08-26 16:59 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-26 16:59 - 2015-08-26 16:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-08-26 16:55 - 2015-08-26 17:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-26 16:55 - 2015-08-26 16:55 - 00000000 ____D C:\Users\user\AppData\Local\Microsoft Help
2015-08-26 16:55 - 2015-08-26 16:55 - 00000000 ____D C:\Program Files\Microsoft Office
2015-08-26 06:59 - 2015-08-26 06:59 - 00001280 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD Realtek.lnk
2015-08-26 06:56 - 2015-08-26 06:56 - 00001276 _____ C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gestionnaire audio HD Realtek.lnk
2015-08-26 06:51 - 2015-08-26 06:51 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-26 06:50 - 2015-08-26 06:50 - 00000000 ____D C:\Program Files\Realtek
2015-08-26 06:50 - 2013-09-13 13:38 - 00646313 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-08-26 06:50 - 2013-09-13 12:54 - 03641688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-08-26 06:50 - 2013-09-13 08:23 - 32882688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-08-26 06:50 - 2013-09-12 13:23 - 00149208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-08-26 06:50 - 2013-09-12 12:03 - 02586840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2015-08-26 06:50 - 2013-09-09 09:32 - 05681192 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-08-26 06:50 - 2013-09-03 08:49 - 14151936 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-08-26 06:50 - 2013-09-03 08:49 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-08-26 06:50 - 2013-09-03 08:49 - 02036992 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-08-26 06:50 - 2013-09-03 08:48 - 01921792 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2015-08-26 06:50 - 2013-08-20 14:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-08-26 06:50 - 2013-08-14 10:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-08-26 06:50 - 2013-08-06 03:47 - 00947248 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-08-26 06:50 - 2013-08-02 14:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-08-26 06:50 - 2013-07-26 08:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-08-26 06:50 - 2013-04-24 11:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-08-26 06:50 - 2013-02-20 12:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-08-26 06:50 - 2012-11-14 05:41 - 00378000 _____ (Realtek Semiconductor) C:\WINDOWS\system32\RtkGuiCompLib.dll
2015-08-26 06:50 - 2012-08-31 13:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-08-26 06:50 - 2012-08-31 13:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-08-26 06:50 - 2012-08-31 13:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-08-26 06:50 - 2012-08-31 13:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-08-26 06:50 - 2012-08-31 13:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-08-26 06:50 - 2011-12-20 09:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-08-26 06:50 - 2011-11-22 10:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-08-26 06:50 - 2011-09-02 08:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-08-26 06:50 - 2011-09-02 08:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-08-26 06:50 - 2011-09-02 08:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-08-26 06:50 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-08-26 06:50 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-08-26 06:50 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-08-26 06:50 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-08-26 06:50 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-08-26 06:50 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-08-26 06:50 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-08-26 06:49 - 2013-09-03 08:47 - 01011968 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-08-26 06:49 - 2013-08-14 10:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-08-26 06:49 - 2013-08-07 11:41 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-08-26 06:49 - 2013-08-05 22:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-08-26 06:49 - 2013-08-05 22:56 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-08-26 06:49 - 2013-08-05 22:56 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-08-26 06:49 - 2013-08-05 22:56 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-08-26 06:49 - 2013-08-05 12:11 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-08-26 06:49 - 2013-06-05 15:42 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-08-26 06:49 - 2012-03-08 05:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-08-26 06:49 - 2011-05-31 03:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-08-26 06:49 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-08-26 00:56 - 2015-08-26 00:56 - 00000000 ____D C:\Users\Invité\AppData\Local\EgisTec IPS
2015-08-26 00:53 - 2015-08-26 00:53 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Avira
2015-08-26 00:50 - 2015-08-26 06:58 - 00000000 ____D C:\Users\Invité\AppData\Local\CrashDumps
2015-08-26 00:48 - 2015-08-26 00:48 - 00000000 ____D C:\Users\Invité\AppData\Roaming\Atheros
2015-08-26 00:47 - 2015-08-26 00:47 - 00000000 ____D C:\Users\Invité\AppData\Local\Packages
2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Users\Invité\AppData\Roaming\lm
2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Users\Invité\AppData\Local\VirtualStore
2015-08-26 00:46 - 2015-08-26 00:46 - 00000000 ____D C:\Users\Invité\AppData\Local\NVIDIA
2015-08-26 00:41 - 2015-08-26 00:41 - 00000020 ___SH C:\Users\Invité\ntuser.ini
2015-08-26 00:33 - 2015-08-26 00:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-26 00:30 - 2015-08-26 00:30 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-26 00:28 - 2015-08-26 00:28 - 00000000 ____D C:\Program Files\Broadcom
2015-08-26 00:22 - 2013-08-15 20:13 - 03859968 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-08-26 00:20 - 2013-09-06 07:00 - 00370504 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2015-08-26 00:09 - 2015-08-26 00:09 - 00004686 _____ C:\Users\user\AppData\Local\HWVendorDetection.log
2015-08-26 00:08 - 2013-09-04 01:53 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-08-26 00:08 - 2013-09-04 01:53 - 00099288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2015-08-25 18:48 - 2015-08-25 18:48 - 00000000 ____D C:\ProgramData\Atheros
2015-08-25 18:48 - 2013-07-30 06:36 - 00000712 ____N C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2015-08-25 18:48 - 2012-05-05 23:49 - 00000852 ____N C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2015-08-25 18:47 - 2015-08-25 18:47 - 00000000 ____D C:\Users\user\AppData\Roaming\Atheros
2015-08-25 18:32 - 2013-09-13 12:44 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-08-25 18:20 - 2015-08-25 18:22 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2015-08-25 18:20 - 2015-08-25 18:21 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-08-25 18:11 - 2015-08-25 18:11 - 00000000 ____D C:\Users\user\AppData\Local\Intel
2015-08-25 18:10 - 2015-08-25 18:10 - 00000000 ____D C:\Users\user\AppData\Local\NVIDIA Corporation
2015-08-25 18:10 - 2015-08-25 18:10 - 00000000 ____D C:\Users\user\AppData\Local\NVIDIA
2015-08-25 18:07 - 2015-08-25 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-25 18:07 - 2015-08-18 01:30 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-25 18:07 - 2015-08-18 01:30 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-25 18:07 - 2015-08-18 01:29 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-25 18:07 - 2015-08-18 01:29 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-08-25 18:07 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-08-25 18:06 - 2015-08-25 18:06 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-25 18:06 - 2015-08-25 18:06 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-25 18:06 - 2015-08-07 06:34 - 06883448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 03492144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-25 18:06 - 2015-08-07 06:34 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 00074872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-25 18:06 - 2015-08-03 12:12 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-25 18:02 - 2015-08-25 18:14 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2015-08-25 18:00 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 37819000 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
Logged
Reply #9August 28, 2015, 10:40:32 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #9 on: August 28, 2015, 10:40:32 AM »
2015-08-25 18:00 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-25 18:00 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 03106384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00033050 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-25 18:00 - 2015-08-07 13:06 - 00031352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2015-08-25 05:35 - 2015-08-25 05:35 - 00000000 ____D C:\Users\user\Downloads\Sherlock
2015-08-24 23:53 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-24 23:53 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-24 21:13 - 2015-08-24 21:17 - 106800825 _____ C:\Users\user\Downloads\Zone-Telechargement.com-Camelia Jordana.rar
2015-08-24 21:05 - 2015-08-24 21:05 - 00002646 _____ C:\Users\user\Desktop\µTorrent.lnk
2015-08-24 21:04 - 2015-08-28 10:12 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2015-08-24 21:02 - 2015-08-24 21:06 - 118653342 _____ C:\Users\user\Downloads\DALAPE.MaChO@zone-telechargement.com.rar
2015-08-21 10:07 - 2015-08-14 03:50 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-21 10:07 - 2015-08-14 03:50 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-21 09:57 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-21 09:57 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-21 09:46 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-08-21 09:46 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-21 09:46 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-08-21 09:46 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-08-21 09:46 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-08-21 09:46 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-21 09:46 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-21 09:46 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-08-21 09:46 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-21 09:46 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-21 09:46 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-08-21 09:46 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-08-21 09:45 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-21 09:45 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-21 09:45 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-21 09:45 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-21 09:45 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-21 09:45 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-21 09:45 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-21 09:45 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-21 09:45 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-21 09:45 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-21 09:45 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-21 09:45 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-21 09:45 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-21 09:45 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-21 09:45 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-21 09:45 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-21 09:45 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-21 09:45 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-21 09:45 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-21 09:45 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-21 09:45 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-21 09:45 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-21 09:45 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-21 09:45 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-21 09:45 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-21 09:45 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-21 09:45 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-21 09:45 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-21 09:45 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-21 09:45 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-21 09:45 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-21 09:45 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-21 09:45 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-21 09:45 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-21 09:45 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-21 09:45 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-21 09:45 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-21 09:45 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-21 09:45 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-21 09:45 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-21 09:45 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-21 09:45 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-21 09:45 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-21 09:45 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-21 09:45 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-21 09:45 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-21 09:45 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-21 09:45 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-21 09:45 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-21 09:45 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-21 09:45 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-21 09:45 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-21 09:45 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-21 09:45 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-21 09:45 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-21 09:45 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-21 09:45 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-21 09:44 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-21 09:44 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-21 09:44 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-21 09:44 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-21 09:44 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-21 09:44 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-21 09:44 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-21 09:44 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-21 09:44 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-21 09:44 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-21 09:44 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-21 09:44 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-21 09:44 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-21 09:44 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-21 09:44 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-21 09:44 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-21 09:44 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-21 09:44 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-21 09:44 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-21 09:44 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-21 09:44 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-21 09:44 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-21 09:44 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-21 09:44 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-21 09:44 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-21 09:44 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-21 09:44 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-21 09:39 - 2015-08-21 09:39 - 00000311 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groupe résidentiel.lnk
2015-08-21 09:38 - 2015-08-21 09:38 - 00000325 _____ C:\Users\user\Desktop\Outils de diagnostic d'imprimante HP.url
Logged
Reply #10August 28, 2015, 10:40:58 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #10 on: August 28, 2015, 10:40:58 AM »
==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-08-28 10:07 - 2015-07-26 00:16 - 00000000 ____D C:\Users\user\AppData\Roaming\HpUpdate
2015-08-28 10:03 - 2015-07-22 18:10 - 00000000 ___RD C:\Users\user\OneDrive
2015-08-28 10:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-28 00:45 - 2015-07-22 22:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-27 21:22 - 2013-03-13 20:59 - 00000000 ___RD C:\Users\user\Desktop\Setup
2015-08-27 13:36 - 2015-07-22 17:38 - 01118984 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-27 13:23 - 2015-07-22 12:13 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3742332393-2993258490-2235973863-1002
2015-08-27 12:45 - 2013-08-06 20:34 - 00001891 _____ C:\Users\user\Documents\FF.net.txt
2015-08-27 11:53 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-27 11:53 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-27 11:53 - 2013-03-07 19:52 - 00000000 ____D C:\WINDOWS\NAPP_Dism_Log
2015-08-27 11:51 - 2015-07-22 18:04 - 00001466 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-27 11:51 - 2015-07-22 12:42 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-27 11:19 - 2015-07-22 18:34 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-26 18:58 - 2013-04-01 22:00 - 00000000 ____D C:\Users\user\Documents\MyHeritage
2015-08-26 18:55 - 2014-01-15 19:04 - 00000000 ____D C:\Users\user\Documents\Officiels
2015-08-26 18:52 - 2013-03-13 21:07 - 00822784 _____ C:\Users\user\Documents\Livret A Poste.xlsx
2015-08-26 18:51 - 2015-03-11 01:47 - 00000000 ____D C:\Users\user\Documents\Recettes
2015-08-26 18:48 - 2013-10-05 00:03 - 00261632 _____ C:\Users\user\Documents\CE 2014 Dorothée.xlsx
2015-08-26 18:47 - 2014-10-22 15:49 - 00254464 _____ C:\Users\user\Documents\CE 2015 Dorothée.xlsx
2015-08-26 18:23 - 2013-08-22 16:44 - 00488840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-26 17:27 - 2015-07-22 17:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-26 17:18 - 2015-07-25 21:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-26 17:16 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2015-08-26 16:59 - 2014-11-21 00:27 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-26 16:58 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-26 12:12 - 2013-03-13 21:06 - 00000000 ____D C:\Users\user\Documents\Genealogie
2015-08-26 11:45 - 2015-07-25 21:24 - 00000000 ____D C:\Users\user\AppData\Roaming\MyHeritage
2015-08-26 11:27 - 2014-11-21 00:46 - 01824010 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-26 11:27 - 2014-11-21 00:03 - 00812350 _____ C:\WINDOWS\system32\perfh00C.dat
2015-08-26 11:27 - 2014-11-21 00:03 - 00159412 _____ C:\WINDOWS\system32\perfc00C.dat
2015-08-26 11:25 - 2015-07-22 19:00 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-26 11:25 - 2015-07-22 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-26 06:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-26 06:54 - 2015-07-22 17:45 - 00000000 ____D C:\Users\Invité
2015-08-26 06:54 - 2013-03-07 11:20 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-26 00:31 - 2015-07-22 17:40 - 00000000 ____D C:\Program Files\Elantech
2015-08-26 00:23 - 2013-03-07 11:25 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-08-25 18:29 - 2013-03-07 11:20 - 00000000 ____D C:\Dolby PCEE4
2015-08-25 18:07 - 2015-07-22 17:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-25 18:07 - 2015-07-22 17:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-25 18:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-08-25 18:06 - 2013-03-07 11:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-25 16:14 - 2015-07-10 19:02 - 00000000 ___HD C:\$Windows.~BT
2015-08-25 16:07 - 2013-08-28 20:03 - 00000000 ____D C:\Users\user\Documents\Factures
2015-08-25 05:37 - 2015-03-01 02:03 - 00000000 ____D C:\Users\user\Desktop\Lectures
2015-08-25 05:37 - 2013-06-28 18:50 - 00000000 ___RD C:\Users\user\Desktop\2014 - 2015
2015-08-25 05:35 - 2015-06-26 23:10 - 00000000 ____D C:\Users\user\Downloads\Mika - No Place In Heaven (Ver Francaise 2015) 320kbs
2015-08-25 05:35 - 2015-06-26 23:10 - 00000000 ____D C:\Users\user\Downloads\Mika - No Place In Heaven (Deluxe Edition) [Version Internationale] - By Oharty31
2015-08-25 05:34 - 2015-06-28 16:32 - 00000000 ____D C:\Users\user\Downloads\Torrent
2015-08-25 03:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-24 23:53 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-24 23:35 - 2015-07-01 14:11 - 00000000 ____D C:\Users\user\Downloads\Terminator Integrale
2015-08-24 23:13 - 2014-10-16 22:58 - 00000037 _____ C:\Users\user\Downloads\Blacklist 10 Papyrus 19.txt
2015-08-24 23:07 - 2015-07-20 18:45 - 00000000 ____D C:\Users\user\Downloads\Elementary S3
2015-08-21 10:06 - 2013-01-31 18:53 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-21 10:05 - 2015-07-22 22:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-21 10:05 - 2015-07-22 22:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-21 10:03 - 2015-07-23 03:26 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-21 10:03 - 2014-11-21 07:55 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-21 10:03 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 10:03 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 10:03 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 10:03 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-21 09:57 - 2015-07-22 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-21 09:55 - 2015-07-22 13:39 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-21 09:52 - 2015-07-22 13:39 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-21 09:50 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-21 09:50 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-21 09:41 - 2015-07-22 12:02 - 00000000 ____D C:\Users\user\AppData\Local\Packages
Logged
Reply #11August 28, 2015, 10:41:20 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #11 on: August 28, 2015, 10:41:20 AM »
==================== Fichiers à la racine de certains dossiers =======

2015-08-26 19:10 - 2015-08-26 19:10 - 0477184 __RSH () C:\Users\user\AppData\Roaming\SPInfr.dll
2015-08-26 00:09 - 2015-08-26 00:09 - 0004686 _____ () C:\Users\user\AppData\Local\HWVendorDetection.log
2015-07-26 00:15 - 2015-07-26 00:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-03-07 11:20 - 2013-03-07 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-26 19:15 - 2015-08-26 19:15 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Fichiers à déplacer ou supprimer:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Certains fichiers dans TEMP:
====================
C:\Users\Invité\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\dllnt_dump.dll
C:\Users\user\AppData\Local\Temp\mdi064.dll
C:\Users\user\AppData\Local\Temp\mdi164.dll
C:\Users\user\AppData\Local\Temp\mdi264.dll
C:\Users\user\AppData\Local\Temp\mdi364.dll
C:\Users\user\AppData\Local\Temp\mdi464.dll
C:\Users\user\AppData\Local\Temp\mdi564.dll
C:\Users\user\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-08-24 23:47

==================== Fin de FRST.txt ============================
Logged
Reply #12August 28, 2015, 10:45:34 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #12 on: August 28, 2015, 10:45:34 AM »
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:27-08-2015
Exécuté par Tenshi304 (2015-08-28 10:13:06)
Exécuté depuis C:\Users\user\Desktop
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-3742332393-2993258490-2235973863-500 - Administrator - Disabled) => C:\Users\Administrator
Invité (S-1-5-21-3742332393-2993258490-2235973863-501 - Limited - Enabled) => C:\Users\Invité
Tenshi304 (S-1-5-21-3742332393-2993258490-2235973863-1002 - Administrator - Enabled) => C:\Users\user

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

µTorrent (HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{b76c0d12-422c-44e3-9daa-9363451e24cd}) (Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.)
FanFictionDownloader version 0.8.11 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.8.11 - Raimond Eisele)
HP Support Solutions Framework (HKLM-x32\...\{A3149B3B-BE29-4C56-9FEE-DBF9C5A64BE7}) (Version: 12.0.26.54 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Logiciel de base du périphérique HP Deskjet 3050 J610 series (HKLM\...\{70F37BAB-4F01-4CE6-83D4-8DE1D3BF11CA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.4.1.195 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Mises à jour NVIDIA 2.5.13.6 (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 fr)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7143 - MyHeritage.com)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9013 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9013 - NTI Corporation) Hidden
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Pilote graphique 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Panneau de configuration NVIDIA 355.60 (Version: 355.60 - NVIDIA Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2005 Tools pour Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VSO Image Resizer 2.2.2.1 (HKLM-x32\...\{3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1) (Version: 2.2.2.1 - VSO-Software)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-3742332393-2993258490-2235973863-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Points de restauration =========================

25-08-2015 03:32:37 Point de contrôle planifié
26-08-2015 16:53:51 Installed Microsoft Office Professional 2007
27-08-2015 12:25:50 Avant roguekiller

==================== Hosts contenu: ===============================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {1C2A6527-5B62-4221-8113-A3606FB4462E} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {2D67EC68-13B8-4621-975B-6864B8D44642} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-21] (Microsoft Corporation)
Task: {3507F7A8-CB0B-472A-AE65-918343A05DAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {46B4AEF3-25B0-4C2E-9878-D0D9EFA6D931} - System32\Tasks\{F77A54DC-DFEF-41C2-8F71-9613DA9D979B} => pcalua.exe -a "C:\Program Files (x86)\Acer\clear.fi Media\clearfiSetup.exe" -c -uninstall
Task: {4A90C106-63EF-4723-BC03-A949355391DE} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {655C1067-0BD7-458A-B607-30B108D83C11} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {6686905B-E04F-456D-9F42-6DF4A432F736} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {9C09D306-8BAF-444D-89FC-AB7D5B85BF9F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {A2581F6A-D3AF-445F-8D5B-A9621700C318} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E75D8FF9-C98A-4580-8BED-73A7D35DF220} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {E7614165-BD8A-4BFB-9B29-9B40AB0F7CA0} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E9A5CDB1-0CAA-4706-827B-5F3BAE23A1AD} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Modules chargés (Avec liste blanche) ==============

2015-08-25 18:00 - 2015-08-07 13:06 - 00012080 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-25 18:06 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-22 12:40 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-06-22 04:12 - 2012-06-22 04:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-07-23 00:05 - 2015-07-23 00:05 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2012-08-23 01:04 - 2012-08-23 01:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-08-23 01:04 - 2012-08-23 01:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-11-03 02:38 - 2012-11-03 02:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-08-26 00:33 - 2013-09-04 01:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-25 18:07 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-25 18:00 - 2015-08-07 13:06 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-14 18:20 - 2015-07-14 18:20 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-08-26 17:26 - 2015-08-26 17:26 - 00035472 _____ () C:\Users\user\AppData\Local\assembly\dl3\NMAKH97N.809\XE53YTQA.V3M\25c71d2b\0094feb0_ac95cd01\WordAddIn.DLL

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Users\user\OneDrive:ms-properties
AlternateDataStreams: C:\Users\user\SkyDrive:ms-properties

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== EXE Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
Logged
Reply #13August 28, 2015, 10:47:03 AM

tenshi304

  • Newbie
  • Offline
  • *
  • 15
  • Reputation:
    0
    • View Profile
Re: Lost user
« Reply #13 on: August 28, 2015, 10:47:03 AM »
==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-3742332393-2993258490-2235973863-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la visionneuse de photos windows.jpg
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la visionneuse de photos windows.jpg
HKU\S-1-5-21-3742332393-2993258490-2235973863-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\papier peint de la visionneuse de photos windows.jpg
HKU\S-1-5-21-3742332393-2993258490-2235973863-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3742332393-2993258490-2235973863-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)


==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E9ADDDB8-0CB5-4660-87EA-C4D9BC3310EF}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{0FA3C346-5775-450C-B614-2AEA23A23C96}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{A9F14AF7-1988-4926-940B-371D47BDD4C4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{3D0F4022-C6D9-445A-9A1A-3DDBFDB6D85D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{211F8E2A-1D39-47DC-A2A7-7C22D8E63E57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{06112DB5-2A2D-49BF-BA23-D48BF2F2DE22}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{4B2E7B6E-DA31-42E8-9CC4-42BC828EC22A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{EF119B97-DF1D-48D0-8A60-A0426D8634A4}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{7C578423-76C9-4656-9D10-A1EFEEBE296A}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{E3E8C66C-CBC1-4A35-95F2-DFE8D762B828}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{8A1BD5F4-4ACC-4383-A965-26EF015C07DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB222895-8B39-4C80-89C5-56916A9D30D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B371A2C-6CFE-4171-BB3E-F8113693945F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{448958E6-2C94-4AAE-A94F-40D45C330B2E}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C5AB53C5-7190-48A9-887E-0E00035EDFB0}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{14D71D63-225D-4024-8E44-7C04017D66D3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B04692F7-DC14-46B9-8C1F-C5972F23A5D3}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8B09A11F-8AC9-42A0-A16E-4A963E349BD4}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{422FDAB6-E22D-4D90-A39C-06968FD2106B}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{53DF756E-E4E3-45A1-B4AF-F7E76506AFD4}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{858A188C-83B1-4C23-B4CE-845C36CE14A1}] => (Allow) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E449504B-B9D3-48AF-9F7C-8F983E0ABD64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{812837CF-97AC-4C21-A6F5-BF3746D94B1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8E16F47-48DB-48D4-9FF0-BFB2F8E4BA93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F079C3DB-D384-4AC9-9C1F-405C93771070}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F721BE11-835C-448C-94E5-4B934BBEBBBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5B6F4169-2CA8-42DD-B35F-7FB3EFDAF7CA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{91EEDADD-3ED0-4695-9CCB-687283FD582D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{858ACF1C-3480-4569-90EA-516AF4B21A83}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{8DEE9DB6-8D53-4F57-B736-75F06DBDE42A}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe

==================== Éléments en erreur du Gestionnaire de périphériques =============


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (08/27/2015 01:24:19 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Outlook

Error: (08/27/2015 01:24:19 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Outlook8

Error: (08/27/2015 11:34:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TENSHIJR03)
Description: Échec de l’activation de l’application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error: (08/27/2015 11:34:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme wwahost.exe version 6.3.9600.17415 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID de processus : c28

Heure de début : 01d0e0ab75fa9132

Heure de fin : 4294967295

Chemin d’accès de l’application : C:\WINDOWS\system32\wwahost.exe

ID de rapport : bda57788-4c9e-11e5-be7e-b888e30ea792

Nom complet du package défaillant : microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID de l’application relative au package défaillant : Microsoft.WindowsLive.Mail

Error: (08/27/2015 11:33:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: TENSHIJR03)
Description: L’application microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail n’a pas été lancée dans le délai qui lui était imparti.

Error: (08/26/2015 07:14:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante key.exe, version : 0.0.0.0, horodatage : 0x55db02ce
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x02a726a0
ID du processus défaillant : 0xd10
Heure de début de l’application défaillante : 0xkey.exe0
Chemin d’accès de l’application défaillante : key.exe1
Chemin d’accès du module défaillant: key.exe2
ID de rapport : key.exe3
Nom complet du package défaillant : key.exe4
ID de l’application relative au package défaillant : key.exe5

Error: (08/26/2015 07:14:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante key.exe, version : 0.0.0.0, horodatage : 0x55db02ce
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc00001a5
Décalage d’erreur : 0x02aa656b
ID du processus défaillant : 0xd10
Heure de début de l’application défaillante : 0xkey.exe0
Chemin d’accès de l’application défaillante : key.exe1
Chemin d’accès du module défaillant: key.exe2
ID de rapport : key.exe3
Nom complet du package défaillant : key.exe4
ID de l’application relative au package défaillant : key.exe5

Error: (08/26/2015 07:14:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante key.exe, version : 0.0.0.0, horodatage : 0x55db02ce
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x02ef26a0
ID du processus défaillant : 0xa10
Heure de début de l’application défaillante : 0xkey.exe0
Chemin d’accès de l’application défaillante : key.exe1
Chemin d’accès du module défaillant: key.exe2
ID de rapport : key.exe3
Nom complet du package défaillant : key.exe4
ID de l’application relative au package défaillant : key.exe5

Error: (08/26/2015 07:14:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante key.exe, version : 0.0.0.0, horodatage : 0x55db02ce
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc00001a5
Décalage d’erreur : 0x02f2656b
ID du processus défaillant : 0xa10
Heure de début de l’application défaillante : 0xkey.exe0
Chemin d’accès de l’application défaillante : key.exe1
Chemin d’accès du module défaillant: key.exe2
ID de rapport : key.exe3
Nom complet du package défaillant : key.exe4
ID de l’application relative au package défaillant : key.exe5

Error: (08/26/2015 07:09:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante key.exe, version : 0.0.0.0, horodatage : 0x55db02ce
Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000
Code d’exception : 0xc0000005
Décalage d’erreur : 0x011126a0
ID du processus défaillant : 0xfd0
Heure de début de l’application défaillante : 0xkey.exe0
Chemin d’accès de l’application défaillante : key.exe1
Chemin d’accès du module défaillant: key.exe2
ID de rapport : key.exe3
Nom complet du package défaillant : key.exe4
ID de l’application relative au package défaillant : key.exe5


Erreurs système:
=============
Error: (08/28/2015 03:58:25 AM) (Source: DCOM) (EventID: 10010) (User: TENSHIJR03)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (08/28/2015 03:48:27 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 03:48:27 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 03:21:04 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 03:21:04 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 02:56:08 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 02:56:08 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 02:55:37 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 02:55:37 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.

Error: (08/28/2015 02:40:08 AM) (Source: Schannel) (EventID: 4120) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 10. L’état d’erreur de Windows SChannel est 10.


Microsoft Office:
=========================

==================== Infos Mémoire ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Pourcentage de mémoire utilisée: 58%
Mémoire physique - RAM - totale: 3911.27 MB
Mémoire physique - RAM - disponible: 1622.43 MB
Mémoire virtuelle totale: 4999.27 MB
Mémoire virtuelle disponible: 2153.77 MB

==================== Lecteurs ================================

Drive c: (Acer) (Fixed) (Total:677.51 GB) (Free:298.77 GB) NTFS

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D28D4F27)

Partition: GPT.

==================== Fin de Addition.txt ============================
Logged
Reply #14August 31, 2015, 01:26:13 PM

Curson

  • Global Moderator
  • Hero Member
  • Offline
  • *****
  • 2809
  • Reputation:
    100
    • View Profile
Re: Lost user
« Reply #14 on: August 31, 2015, 01:26:13 PM »
Hi tenshi304,

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.

How is the computer running ?

Regards.
Logged
Pages: [1] 2
« previous next »