Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par rapsut
#15978
bonsoir
lien sos upload
SosUpload.b2e616fc22d93eb7fb732e34a7999a92.txt
SosUpload.ecd7e5a483faef398439d8abfff9f9ea.txt
merci pour votre aide
Avatar du membre
par H.A.W.X
#15981
Bonsoir et bienvenue ! :)

Nous allons t'aider à  supprimer Aartemis ainsi que ses acolytes qui se sont installés ;)

On va faire les choses dans l'ordre, cela ne devrait pas être très long ! Par contre les liens de tes rapports ne mène nul part il faudrait que tu refasse stp ;)

1.
  • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
    1. Choisi l'option Scanner
    2. Choisi l'option Nettoyer
  • Accepte l'avertissement en cliquant sur OK

    Image
  • Acceptes les avertissements/informations en cliquant sur OK
  • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC
2.
  • Télécharge Shortcut_Module (de g3n-h@ckm@n) sur ton bureau.
  • Lance Shortcut_Module, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista

    Note : Patiente le temps du scan

    Image
  • Copie et colle le rapport qui va s'ouvrir sur le forum.
3.
  • Télécharge MalwareBytes
  • Procède à  l'installation de celui çi Décocher "Activer l'essai gratuit de Malwarebytes Anti-Malware PRO"
  • Sélectionne Examen Rapide
  • Clic sur Rechercher
  • Supprime tout les éléments trouvés !
  • Poste le rapport sur le forum
Image

4.

Si tu lance IE depuis un raccourcis alors vérifie ceci :)
  • Clic droit sur ce raccourcis
  • Clic sur Propriétés
  • Vérifie qu'il n'y ai pas un argument (voir l'image ci dessous)

    Image
A toute à  l'heure :)
Avatar du membre
par rapsut
#15988
RE
bien ,merci de m'avoir répondu je remet les lien
SosUpload.b2e616fc22d93eb7fb732e34a7999a92.txt
SosUpload.ecd7e5a483faef398439d8abfff9f9ea.txt
Amicalement JAS
Avatar du membre
par rapsut
#15990
RE
resulat shortcup
Code: Tout sélectionner
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module 27.09.2013 - g3n-h@ckm@n

21:16:32 - 10/11/2013

Disinfected : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\jas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk : C:\Program Files\Google\Chrome\Application\chrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
Avatar du membre
par rapsut
#15992
Re
le rapport ADW cleaner
Code: Tout sélectionner
# AdwCleaner v3.011 - Rapport créé le 10/11/2013 à  21:21:15
# Mis à  jour le 03/11/2013 par Xplode
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
# Nom d'utilisateur : jas - JAS-PC
# Exécuté depuis : C:\Users\jas\Downloads\adwcleaner (3).exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v30.0.1599.101

[ Fichier : C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1648 octets] - [18/09/2013 07:00:36]
AdwCleaner[R1].txt - [6190 octets] - [10/11/2013 19:22:55]
AdwCleaner[R2].txt - [1160 octets] - [10/11/2013 19:33:11]
AdwCleaner[R3].txt - [1158 octets] - [10/11/2013 20:57:44]
AdwCleaner[R4].txt - [1278 octets] - [10/11/2013 21:20:34]
AdwCleaner[S0].txt - [1585 octets] - [18/09/2013 07:00:55]
AdwCleaner[S1].txt - [5907 octets] - [10/11/2013 19:23:39]
AdwCleaner[S2].txt - [1223 octets] - [10/11/2013 19:33:36]
AdwCleaner[S3].txt - [1220 octets] - [10/11/2013 20:58:06]
AdwCleaner[S4].txt - [1200 octets] - [10/11/2013 21:21:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1260 octets] ##########
Avatar du membre
par H.A.W.X
#15994
Bonsoir :)

Ok pour le moment ça me vas continue à  faire ce que je t'ai dis mais copie/colle le contenue des rapports de FRST stp car il y a un soucis avec tes liens ;)
Avatar du membre
par rapsut
#15995
AH OK
Code: Tout sélectionner
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by jas at 2013-11-10 19:47:10
Running from C:\Users\jas\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.1.30017)
32 Bit HP CIO Components Installer (Version: 7.1.8)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Photoshop CS (Version: CS)
Adobe Reader XI (11.0.05) - Français (Version: 11.0.05)
avast! Free Antivirus (Version: 9.0.2007)
Bing Bar (Version: 7.2.241.0)
Bluetooth Win7 Suite (Version: 7.2.0.40)
CCleaner (remove only)
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
CloneDVD2
Counter-Strike 1.6
CTK DB Tool 1.2.5
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Free Coinche
Galerie de photos Windows Live (Version: 15.4.3502.0922)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (Version: 30.0.1599.101)
Google Update Helper (Version: 1.3.21.165)
Google Earth (Version: 7.1.1.1888)
HP Photosmart B010 All-In-One Driver 14.0 Rel. 7 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPDiagnosticAlert (Version: 1.00.0000)
Intel(R) Management Engine Components (Version: 7.0.0.1144)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 3 (Version: 1.6.0.30)
Junk Mail filter update (Version: 15.4.3502.0922)
KeePass Password Safe 1.11 (Version: 1.11)
Linksys EasyLink Advisor
Linksys EasyLink Advisor (Version: 3.11.9139.94)
Logiciel d'archivage WinRAR
Logitech Vid HD (Version: 7.2 (7259))
Logitech Webcam Software (Version: 12.10.1113)
Magic DVD Ripper V8.0.0 10th
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Professionnel Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mises à  jour NVIDIA 9.3.16 (Version: 9.3.16)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
Module linguistique Microsoft .NET Framework 4 Extended FRA (Version: 4.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyHeritage Family Tree Builder (Version: 7.0.0.7126)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Logiciel système PhysX 9.12.1031 (Version: 9.12.1031)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA Pilote 3D Vision 320.18 (Version: 320.18)
NVIDIA Pilote audio HD : 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Pilote du contrôleur 3D Vision 320.18 (Version: 320.18)
NVIDIA Pilote graphique 320.18 (Version: 320.18)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2018)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
Oxemis Video Library (Version: 2.01.0001)
Panneau de configuration NVIDIA 320.18 (Version: 320.18)
PS_AIO_07_B010_SW_Min (Version: 140.0.224.000)
Pure Networks Platform (Version: 11.1.9051.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6235)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Samsung Kies (Version: 2.6.0.13091_9)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scan (Version: 140.0.80.000)
SHIELD Streaming (Version: 1.6.34)
TomTom HOME (Version: 2.9.7)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Toolbox (Version: 140.0.428.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
UsbFix By El Desaparecido
Video Downloader version 2.0 (Version: 2.0)
VLC media player 2.0.8 (Version: 2.0.8)
WebEx Support Manager for Internet Explorer (Version: 6.5.47)
Windows Live (Version: 15.4.3502.0922)
Windows Live (Version: 15.4.3555.0308)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 11.1 (Version: 11.1.7466)
YouSendIt Express (Version: 2.11.2)

==================== Restore Points =========================

10-11-2013 08:26:16 Point de contrôle planifié

==================== Hosts content: ==========================

2009-07-14 03:04 - 2013-08-13 20:09 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02BF7C57-E89B-4504-8CBA-A490D1DE4107} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5E0CDAEC-EC53-4A6C-A755-7D9DCDA15B8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-07] (Google Inc.)
Task: {A207A09E-E13A-4502-9CC5-963348966732} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-07] (Google Inc.)
Task: {AD419206-BDA7-4959-B376-083EE17AA84B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-07] (AVAST Software)
Task: {EC2B7EB7-45C9-473C-9296-227B8B784074} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-01 19:35 - 2010-03-15 10:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2008-12-12 17:11 - 2008-12-12 17:11 - 00148480 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2013-11-07 15:48 - 2013-11-07 15:48 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 01924608 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\bee88fd68a7fbf826e5b13f7d8d90aca\Kies.UI.ni.dll
2013-09-15 17:30 - 2013-09-15 17:30 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\40e1d3d166754a0ee95587d5d7304414\Kies.MVVM.ni.dll
2013-09-15 17:30 - 2013-09-15 17:30 - 00080896 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ZipStore\3a2ea444aa16a449759bd64ef15ee047\ZipStore.ni.dll
2013-09-15 17:30 - 2013-09-15 17:30 - 00189952 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7932879d1006f45d6c5837c365ecbcf6\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 00362496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\b072044f4139d59fe42fef3e9b0bcd4d\DevicePhoto.ni.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 00296960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\742f94cc8e12d6f5d6f3067c379f5830\DeviceVideo.ni.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 00612352 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\cfa2577a9e9acc5fe958f312a59a1c81\DevicePodcast.ni.dll
2013-09-15 17:31 - 2013-09-15 17:31 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\c001433d3ccb98bd9c3744d8d288d1c5\DummyStorePlugin.ni.dll
2013-09-15 17:31 - 2013-09-15 17:31 - 14972928 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\a0be2c714964d75270c37bd0e57182ee\Kies.Theme.ni.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 00582144 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a87a3ef65dabe86f36798af6830b7bdc\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-09-15 17:30 - 2013-09-15 17:30 - 00046592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\129affa1c25fe7751026f37ac4441abe\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-10-12 02:09 - 2013-10-12 02:09 - 01002496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\0a14014a110371a0911719ec4fd24fb2\DeviceCommonLib.ni.dll
2013-09-15 17:31 - 2013-09-15 17:31 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6c2268d21092027249488bb1b5b0b75f\ASF_cSharpAPI.ni.dll
2013-10-19 16:29 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-19 16:29 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-19 16:29 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-19 16:29 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-19 16:29 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 07:20:06 PM) (Source: Application Error) (User: )
Description: Windows ne peut pas accéder au fichier C:\Windows\System32\ListSvc.dll pour une des raisons suivantes :
un problème s‚est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les
pilotes de stockage installés sur cet ordinateur, ou le disque est manquant.
Windows a fermé le programme Processus hôte pour les services Windows en raison de cette erreur.

Programme : Processus hôte pour les services Windows
Fichier : C:\Windows\System32\ListSvc.dll

La valeur de l‚erreur est affichée dans la section Données supplémentaires.
Action utilisateur
1. Ouvrez à  nouveau le fichier.
Cette situation peut résulter d‚un problème temporaire qui se corrigera de lui-même à  la prochaine exécution du programme.
2.
Si le fichier est toujours inaccessible et
- Il se trouve sur le réseau :
votre administrateur réseau devrait vérifier qu‚il n‚y a aucun problème avec le réseau et que le serveur peut être contacté.
- Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l‚ordinateur.
3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. à€ l‚invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
4. Si le problème persiste, restaurez le fichier à  partir d‚une copie de sauvegarde.
5. Déterminez si d‚autres fichiers du même disque peuvent être ouverts. Si ce n‚est pas le cas, le disque est peut-être endommagé. S‚il s‚agit d‚un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur
pour obtenir une assistance supplémentaire.

Données supplémentaires
Valeur de l‚erreur : C0000185
Type du disque : 3

Error: (11/10/2013 07:20:06 PM) (Source: Application Error) (User: )
Description: Nom de l‚application défaillante svchost.exe_HomeGroupListener, version : 6.1.7600.16385, horodatage : 0x4a5bc100
Nom du module défaillant : listsvc.dll, version : 6.1.7601.17514, horodatage : 0x4ce7b85c
Code d‚exception : 0xc0000006
Décalage d‚erreur : 0x0001d922
ID du processus défaillant : 0x47c
Heure de début de l‚application défaillante : 0xsvchost.exe_HomeGroupListener0
Chemin d‚accès de l‚application défaillante : svchost.exe_HomeGroupListener1
Chemin d‚accès du module défaillant: svchost.exe_HomeGroupListener2
ID de rapport : svchost.exe_HomeGroupListener3

Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]


System errors:
=============
Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.

Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort2.


Microsoft Office Sessions:
=========================
Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 07:20:06 PM) (Source: Application Error)(User: )
Description: C:\Windows\System32\ListSvc.dllProcessus hôte pour les services WindowsC00001853

Error: (11/10/2013 07:20:06 PM) (Source: Application Error)(User: )
Description: svchost.exe_HomeGroupListener6.1.7600.163854a5bc100listsvc.dll6.1.7601.175144ce7b85cc00000060001d92247c01cede412d263d29C:\Windows\System32\svchost.exec:\windows\system32\listsvc.dllb9091b36-4a34-11e3-8937-f46d044ef55f

Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]


CodeIntegrity Errors:
===================================
Date: 2013-11-09 07:17:19.363
Description: Le module d‚intégrité du code ne peut pas vérifier l‚intégrité image du fichier \Device\HarddiskVolume2\Windows\System32\sfc_os.dll car le jeu de hachages d‚images par page n‚a pas été trouvé sur le système.


==================== Memory info ===========================

Percentage of memory in use: 47%
Total physical RAM: 3056.84 MB
Available physical RAM: 1616.54 MB
Total Pagefile: 6111.98 MB
Available Pagefile: 4190.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:183.22 GB) NTFS
Drive e: (USB DISK) (Removable) (Total:29.82 GB) (Free:28.98 GB) NTFS
Drive f: (ext2) (Fixed) (Total:153.38 GB) (Free:53.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: C4C710B1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 153 GB) (Disk ID: DD5C4BA2)
Partition 1: (Not Active) - (Size=153 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Avatar du membre
par rapsut
#15999
RE
rapport Mbam
Code: Tout sélectionner
Malwarebytes Anti-Malware 1.75.0.1300
https://www.malwarebytes.org

Version de la base de données: v2013.11.10.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16721
jas :: JAS-PC [administrateur]

10/11/2013 21:32:33
mbam-log-2013-11-10 (21-32-33).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 270211
Temps écoulé: 12 minute(s), 14 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 3
C:\Users\jas\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.22.0 (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.

Fichier(s) détecté(s): 11
C:\$Recycle.Bin\S-1-5-21-1565210137-3146814292-896495932-1000\$RMYJ8PC.exe (PUP.Optional.UpdateStar.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\utt6559.tmp.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nsaF4D2.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nsk9D9B.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nsq4DA6.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nsuF2DD.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nsz9FCD.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\MircosoftStudio\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\DM\SPIdentifier.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\AppData\Local\Temp\nszA20B.tmp\SPtool.dll (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\jas\Downloads\7-zip (1).exe (PUP.Optional.UpdateStar.A) -> Mis en quarantaine et supprimé avec succès.

(fin)
Avatar du membre
par H.A.W.X
#16000
Bonsoir,

Je sais que cela n'est pas forcément évident les manipulations de son pas courantes mais il faut que tu sois attentif à  ce que tu fais ;)

Tu l'avais coller deux fois le même rapport.

J'attends le contenue du rapport FRST.txt stp

A tout de suite ;)

PS : Sinon pour le reste tu as tout bon ! ;)
Avatar du membre
par rapsut
#16005
Re
désolé voila la bon
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by jas (administrator) on JAS-PC on 10-11-2013 19:45:43
Running from C:\Users\jas\Desktop
Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
() C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Oracle Corporation) C:\Windows\system32\java.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9808488 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM\...\Run: [NUSB3MON] - C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [nmctxth] - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Family Tree Builder Update] - C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532864 2013-10-13] (MyHeritage)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-07] (AVAST Software)
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [ultracopier] - "C:\Program Files\Supercopier\supercopier.exe"
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU\...\Run: [Update Service] - C:\Program Files\Common Files\Teknum Systems\update.exe [19456 2013-06-23] (Teknum Systems AS)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://aartemis.com/?type=hp&ts=1384105 ... 4249942499
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF686B300FE97CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
HKCU\Software\Microsoft\Internet Explorer\Main,Default_search_url = https://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = https://aartemis.com/?type=hp&ts=1384105 ... 4249942499
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.aartemis.com/web/?type=ds&ts ... 9942499&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://aartemis.com/?type=hp&ts=1384105 ... 4249942499
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://aartemis.com/?type=hp&ts=1384105 ... 4249942499
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.aartemis.com/web/?type=ds&ts ... 9942499&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = https://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe https://aartemis.com/?type=sc&ts=1384105 ... 4249942499
SearchScopes: HKLM - DefaultScope value is missing.
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} https://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} https://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} https://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

Chrome:
=======
CHR HomePage: hxxp://www.google-chrome.fr/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Google Wallet) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\jas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe https://aartemis.com/?type=sc&ts=1384105 ... 4249942499

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-06-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-07] (AVAST Software)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [87712 2010-08-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [642856 2008-12-12] (Cisco Systems, Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14650144 2013-10-18] (NVIDIA Corporation)
R2 LinksysUpdater; "C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe" -s "C:\Program Files\Linksys\Linksys Updater\conf\wrapper.conf"

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-11-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-11-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-11-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-11-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-11-07] ()
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-10-27] (Atheros)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [47144 2010-10-27] (Windows (R) Win 7 DDK provider)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [260968 2010-10-27] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-10-27] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-10-27] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [51560 2010-10-27] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-10-27] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [242024 2010-10-27] (Atheros)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [238248 2010-09-21] (Intel Corporation)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [9728 2004-06-08] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [3968 2004-06-08] (Elaborate Bytes AG)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [24880 2008-12-12] (Cisco Systems, Inc.)
U5 AtherosSvc; C:\Program Files\Bluetooth Suite\adminservice.exe [56480 2010-10-27] (Atheros Commnucations)
U3 Idcsvdpobksv; No ImagePath
S3 Pcouffin; System32\Drivers\Pcouffin.sys [x]
U5 purendis; C:\Windows\System32\DRIVERS\purendis.sys [26416 2008-12-12] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 ____D C:\FRST
2013-11-10 19:42 - 2013-11-10 19:42 - 01090275 _____ (Farbar) C:\Users\jas\Desktop\FRST.exe
2013-11-10 19:32 - 2013-11-10 19:32 - 01073262 _____ C:\Users\jas\Downloads\adwcleaner (2).exe
2013-11-10 19:22 - 2013-11-10 19:22 - 01073262 _____ C:\Users\jas\Downloads\adwcleaner (3).exe
2013-11-10 18:57 - 2013-11-10 18:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jas\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-11-10 08:56 - 2013-11-10 08:56 - 00000000 ____D C:\Users\jas\AppData\Local\{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
2013-11-09 19:02 - 2013-11-09 19:02 - 00028523 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
2013-11-09 19:01 - 2013-11-09 19:01 - 00028523 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
2013-11-09 16:53 - 2013-11-09 19:47 - 733247488 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
2013-11-09 07:20 - 2013-11-09 07:20 - 00000000 ____D C:\Users\jas\AppData\Local\{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
2013-11-08 18:58 - 2013-11-08 18:59 - 00000000 ____D C:\Users\jas\AppData\Local\{5206A44D-3316-4AE0-9E31-41882BA9BE44}
2013-11-08 06:58 - 2013-11-08 06:58 - 00000000 ____D C:\Users\jas\AppData\Local\{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
2013-11-07 19:51 - 2013-11-07 19:51 - 00000000 ____D C:\Users\jas\AppData\Roaming\AVAST Software
2013-11-07 19:50 - 2013-11-07 19:50 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-11-07 11:35 - 2013-11-07 12:12 - 00000000 ____D C:\Users\jas\AppData\Roaming\MyHeritage
2013-11-07 11:35 - 2013-11-07 12:10 - 00000000 ____D C:\Users\jas\Documents\MyHeritage
2013-11-07 11:35 - 2013-11-07 11:40 - 00000000 ____D C:\ProgramData\MyHeritage
2013-11-07 11:35 - 2013-11-07 11:35 - 00001039 _____ C:\Users\jas\Desktop\MyHeritage Family Tree Builder.lnk
2013-11-07 11:35 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-11-07 11:35 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2013-11-07 11:35 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\Windows\system32\HexUniRTFBox.ocx
2013-11-07 11:35 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\Windows\system32\PDFDocScout.DLL
2013-11-07 11:35 - 2004-12-07 11:11 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-11-07 11:35 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\Windows\system32\ijl15.dll
2013-11-07 11:35 - 2002-03-07 01:19 - 00454656 _____ () C:\Windows\system32\PaintX.dll
2013-11-07 11:35 - 2000-05-22 17:58 - 00608448 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2013-11-07 11:35 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\system32\msmapi32.ocx
2013-11-07 11:34 - 2013-11-07 11:34 - 00000000 ____D C:\Program Files\MyHeritage
2013-11-07 10:52 - 2013-11-07 10:54 - 36976408 _____ C:\Users\jas\Downloads\family_tree_builder_7126.exe
2013-11-07 08:14 - 2013-11-07 08:14 - 00000000 ____D C:\Users\jas\AppData\Local\{15B57D3E-43D3-492D-B2AA-8841703E839B}
2013-11-06 18:56 - 2013-11-06 18:56 - 00000000 ____D C:\Users\jas\AppData\Local\{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
2013-11-06 06:56 - 2013-11-06 06:56 - 00000000 ____D C:\Users\jas\AppData\Local\{727A2663-8B6A-4415-B637-707CA89D9BB4}
2013-11-05 08:37 - 2013-11-05 08:37 - 00000000 ____D C:\Users\jas\AppData\Local\{56499710-2952-4FA0-9120-C744ECE1662F}
2013-11-04 20:04 - 2013-11-04 20:04 - 00000000 ____D C:\Users\jas\AppData\Local\{5F562531-B68F-4847-AD86-DDBB891A5F6C}
2013-11-04 08:04 - 2013-11-04 08:04 - 00000000 ____D C:\Users\jas\AppData\Local\{5427FFA4-7B50-4012-87AC-04A452B02429}
2013-11-03 20:03 - 2013-11-03 20:03 - 00000000 ____D C:\Users\jas\AppData\Local\{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
2013-11-03 08:03 - 2013-11-03 08:03 - 00000000 ____D C:\Users\jas\AppData\Local\{262E305E-C24F-4FDF-AB3E-AB613A922D99}
2013-11-02 19:50 - 2013-11-02 19:50 - 00000000 ____D C:\Users\jas\AppData\Local\{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
2013-11-02 07:49 - 2013-11-02 07:49 - 00000000 ____D C:\Users\jas\AppData\Local\{F411F597-18EB-4E7C-815B-473BC1CA74B5}
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\Users\jas\AppData\Local\{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
2013-10-31 20:46 - 2013-10-31 20:46 - 00000000 ____D C:\Users\jas\AppData\Local\{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
2013-10-31 08:45 - 2013-10-31 08:46 - 00000000 ____D C:\Users\jas\AppData\Local\{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
2013-10-30 20:27 - 2013-10-30 20:28 - 00000000 ____D C:\Users\jas\AppData\Local\{06E1E7F1-7FC7-442C-85D8-A95930C20086}
2013-10-30 08:12 - 2013-10-30 08:12 - 00000000 ____D C:\Users\jas\AppData\Local\{0EC7399D-44DA-4440-9845-00031EA2FFB0}
2013-10-29 08:32 - 2013-10-29 08:32 - 00000000 ____D C:\Users\jas\AppData\Local\{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
2013-10-28 20:26 - 2013-10-28 20:27 - 00000000 ____D C:\Users\jas\AppData\Local\{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
2013-10-28 18:47 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-10-28 18:46 - 2013-09-28 00:01 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-10-28 18:46 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-10-28 08:24 - 2013-10-28 08:24 - 00000000 ____D C:\Users\jas\AppData\Local\{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
2013-10-27 07:28 - 2013-10-27 07:29 - 00000000 ____D C:\Users\jas\AppData\Local\{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
2013-10-26 19:28 - 2013-10-26 19:28 - 00000000 ____D C:\Users\jas\AppData\Local\{090B7702-3082-4050-82FF-58F3F99A351F}
2013-10-26 07:27 - 2013-10-26 07:28 - 00000000 ____D C:\Users\jas\AppData\Local\{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
2013-10-25 18:47 - 2013-10-25 18:47 - 00000000 ____D C:\Users\jas\AppData\Local\{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
2013-10-25 06:46 - 2013-10-25 06:47 - 00000000 ____D C:\Users\jas\AppData\Local\{AB86A48F-88E0-4270-A479-F67EDCDE558F}
2013-10-24 18:46 - 2013-10-24 18:46 - 00000000 ____D C:\Users\jas\AppData\Local\{D92853F3-358E-4C73-8428-FB9230F947CF}
2013-10-24 06:46 - 2013-10-24 06:46 - 00000000 ____D C:\Users\jas\AppData\Local\{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
2013-10-23 17:57 - 2013-10-23 17:57 - 00000000 ____D C:\Users\jas\AppData\Local\{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
2013-10-23 05:57 - 2013-10-23 05:57 - 00000000 ____D C:\Users\jas\AppData\Local\{2B8523F8-9857-47D2-AD52-060695EA9E54}
2013-10-22 17:45 - 2013-10-22 17:46 - 00000000 ____D C:\Users\jas\AppData\Local\{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
2013-10-21 19:47 - 2013-10-21 19:47 - 00000000 ____D C:\Users\jas\AppData\Local\{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
2013-10-21 07:47 - 2013-10-21 07:47 - 00000000 ____D C:\Users\jas\AppData\Local\{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
2013-10-20 08:18 - 2013-10-20 08:18 - 00000000 ____D C:\Users\jas\AppData\Local\{A5907C90-DA31-4EEC-B172-709C66CC2E28}
2013-10-19 19:39 - 2013-10-19 19:39 - 00000000 ____D C:\Users\jas\AppData\Local\{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
2013-10-19 06:59 - 2013-10-19 06:59 - 00000000 ____D C:\Users\jas\AppData\Local\{799D6292-FCC5-400E-B837-55FE13CC8135}
2013-10-18 07:45 - 2013-10-18 07:46 - 00000000 ____D C:\Users\jas\AppData\Local\{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
2013-10-17 21:00 - 2013-10-17 21:01 - 00160968 _____ C:\Windows\Minidump\101713-17503-01.dmp
2013-10-17 19:45 - 2013-10-17 19:45 - 00000000 ____D C:\Users\jas\AppData\Local\{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
2013-10-17 07:23 - 2013-10-17 07:23 - 00000000 ____D C:\Users\jas\AppData\Local\{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
2013-10-16 19:54 - 2013-10-16 19:54 - 00000000 ____D C:\Users\jas\AppData\Local\{45B154E7-4548-45F8-B5F0-274B41956AE9}
2013-10-16 07:26 - 2013-10-16 07:26 - 00000000 ____D C:\Users\jas\AppData\Local\{C383251E-2BE7-443D-A906-12BECC510AEC}
2013-10-15 19:21 - 2013-10-15 19:21 - 00000000 ____D C:\Users\jas\AppData\Local\{271BE547-2774-4259-B597-121E5A1B3AAC}
2013-10-15 07:09 - 2013-10-15 07:09 - 00000000 ____D C:\Users\jas\AppData\Local\{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
2013-10-14 18:35 - 2013-10-14 18:35 - 00000000 ____D C:\Users\jas\AppData\Local\{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
2013-10-14 17:18 - 2013-10-14 17:19 - 00161920 _____ C:\Windows\Minidump\101413-150416-01.dmp
2013-10-14 10:47 - 2013-10-14 15:17 - 00000000 ____D C:\Nouveau dossier
2013-10-14 06:34 - 2013-10-14 06:34 - 00000000 ____D C:\Users\jas\AppData\Local\{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
2013-10-13 18:34 - 2013-10-13 18:34 - 00000000 ____D C:\Users\jas\AppData\Local\{21F05535-B31D-4342-99A6-DF0BD43DF983}
2013-10-13 15:05 - 2013-10-13 15:05 - 00930848 _____ (MyHeritage) C:\Windows\system32\FTBSaver.scr
2013-10-13 06:33 - 2013-10-13 06:34 - 00000000 ____D C:\Users\jas\AppData\Local\{A17F5054-6159-4944-9E5E-74C041174366}
2013-10-12 07:09 - 2013-10-12 07:09 - 00000000 ____D C:\Users\jas\AppData\Local\{D8372A0A-038F-4EF2-B029-2A0C8C973134}
2013-10-12 02:32 - 2013-10-12 02:32 - 00000000 __SHD C:\found.002
2013-10-12 02:04 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-12 02:04 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-12 02:04 - 2013-09-23 00:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-12 02:04 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-12 02:04 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-12 02:04 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-12 02:04 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 19:09 - 2013-10-11 19:09 - 00000000 ____D C:\Users\jas\AppData\Local\{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
2013-10-11 07:16 - 2013-09-14 01:48 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-11 07:16 - 2013-09-08 03:07 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-11 07:16 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-11 07:16 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-10-11 07:16 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-11 07:16 - 2013-08-29 02:50 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-11 07:16 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-11 07:16 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-11 07:16 - 2013-08-28 02:04 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 07:16 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-11 07:16 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 07:16 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 07:16 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-11 07:16 - 2013-07-12 11:07 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-11 07:16 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-11 07:16 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-11 07:16 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 07:16 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-11 07:16 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 07:16 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-11 07:16 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 07:16 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 07:16 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-11 07:16 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-11 07:16 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-11 07:16 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 07:16 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 07:08 - 2013-10-11 07:09 - 00000000 ____D C:\Users\jas\AppData\Local\{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

==================== One Month Modified Files and Folders =======

2013-11-10 19:44 - 2013-11-10 19:44 - 00000000 ____D C:\FRST
2013-11-10 19:42 - 2013-11-10 19:42 - 01090275 _____ (Farbar) C:\Users\jas\Desktop\FRST.exe
2013-11-10 19:42 - 2009-07-14 05:34 - 00015696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:42 - 2009-07-14 05:34 - 00015696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:40 - 2013-06-01 17:37 - 01381557 _____ C:\Windows\WindowsUpdate.log
2013-11-10 19:35 - 2013-06-07 19:37 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 19:34 - 2013-06-01 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-10 19:34 - 2013-06-01 20:04 - 00188250 _____ C:\Windows\PFRO.log
2013-11-10 19:34 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 19:34 - 2009-07-14 05:39 - 00080502 _____ C:\Windows\setupact.log
2013-11-10 19:33 - 2013-09-18 07:00 - 00000000 ____D C:\AdwCleaner
2013-11-10 19:32 - 2013-11-10 19:32 - 01073262 _____ C:\Users\jas\Downloads\adwcleaner (2).exe
2013-11-10 19:26 - 2013-06-07 19:37 - 00001050 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 19:22 - 2013-11-10 19:22 - 01073262 _____ C:\Users\jas\Downloads\adwcleaner (3).exe
2013-11-10 19:17 - 2013-08-13 20:12 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-10 19:16 - 2013-06-01 20:56 - 00000000 ____D C:\Program Files\Free Coinche
2013-11-10 19:13 - 2013-07-22 08:34 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 18:58 - 2013-11-10 18:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jas\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-11-10 18:53 - 2013-06-23 10:54 - 00000000 ____D C:\Program Files\HandyBits
2013-11-10 18:51 - 2013-09-18 06:57 - 00002291 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-10 18:51 - 2013-06-01 17:43 - 00001631 _____ C:\Users\jas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-10 15:49 - 2013-06-02 08:32 - 00000000 ____D C:\Users\UpdatusUser.jas-PC
2013-11-10 08:56 - 2013-11-10 08:56 - 00000000 ____D C:\Users\jas\AppData\Local\{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
2013-11-10 08:55 - 2013-06-10 08:33 - 00000000 ____D C:\Users\jas\AppData\Local\CrashDumps
2013-11-09 19:47 - 2013-11-09 16:53 - 733247488 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
2013-11-09 19:47 - 2013-06-05 20:40 - 00000000 ____D C:\Users\jas\AppData\Roaming\uTorrent
2013-11-09 19:02 - 2013-11-09 19:02 - 00028523 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
2013-11-09 19:01 - 2013-11-09 19:01 - 00028523 _____ C:\Users\jas\Downloads\Horton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
2013-11-09 19:00 - 2013-06-02 18:55 - 00000000 ____D C:\Users\jas\AppData\Roaming\vlc
2013-11-09 18:49 - 2013-06-01 17:45 - 01668334 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-09 07:20 - 2013-11-09 07:20 - 00000000 ____D C:\Users\jas\AppData\Local\{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
2013-11-09 07:16 - 2009-07-14 05:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-08 18:59 - 2013-11-08 18:58 - 00000000 ____D C:\Users\jas\AppData\Local\{5206A44D-3316-4AE0-9E31-41882BA9BE44}
2013-11-08 10:47 - 2013-06-17 08:35 - 00000000 ____D C:\Program Files\TomTom HOME 2
2013-11-08 10:47 - 2013-06-17 08:33 - 00000000 ____D C:\Users\jas\AppData\Local\Downloaded Installations
2013-11-08 06:58 - 2013-11-08 06:58 - 00000000 ____D C:\Users\jas\AppData\Local\{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
2013-11-07 19:51 - 2013-11-07 19:51 - 00000000 ____D C:\Users\jas\AppData\Roaming\AVAST Software
2013-11-07 19:51 - 2013-06-01 18:59 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2013-11-07 19:50 - 2013-11-07 19:50 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2013-11-07 15:48 - 2013-07-10 15:27 - 00002007 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-07 15:48 - 2013-06-01 18:59 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-07 15:48 - 2013-06-01 18:59 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-07 15:48 - 2013-06-01 18:59 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-07 15:48 - 2013-06-01 18:59 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-07 15:45 - 2013-06-01 18:58 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-07 15:44 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-11-07 12:12 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\AppData\Roaming\MyHeritage
2013-11-07 12:10 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\Documents\MyHeritage
2013-11-07 11:40 - 2013-11-07 11:35 - 00000000 ____D C:\ProgramData\MyHeritage
2013-11-07 11:35 - 2013-11-07 11:35 - 00001039 _____ C:\Users\jas\Desktop\MyHeritage Family Tree Builder.lnk
2013-11-07 11:35 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-11-07 11:35 - 2013-11-07 11:35 - 00000000 ____D C:\Users\jas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2013-11-07 11:34 - 2013-11-07 11:34 - 00000000 ____D C:\Program Files\MyHeritage
2013-11-07 10:54 - 2013-11-07 10:52 - 36976408 _____ C:\Users\jas\Downloads\family_tree_builder_7126.exe
2013-11-07 08:14 - 2013-11-07 08:14 - 00000000 ____D C:\Users\jas\AppData\Local\{15B57D3E-43D3-492D-B2AA-8841703E839B}
2013-11-06 18:56 - 2013-11-06 18:56 - 00000000 ____D C:\Users\jas\AppData\Local\{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
2013-11-06 06:56 - 2013-11-06 06:56 - 00000000 ____D C:\Users\jas\AppData\Local\{727A2663-8B6A-4415-B637-707CA89D9BB4}
2013-11-05 08:37 - 2013-11-05 08:37 - 00000000 ____D C:\Users\jas\AppData\Local\{56499710-2952-4FA0-9120-C744ECE1662F}
2013-11-04 20:04 - 2013-11-04 20:04 - 00000000 ____D C:\Users\jas\AppData\Local\{5F562531-B68F-4847-AD86-DDBB891A5F6C}
2013-11-04 08:04 - 2013-11-04 08:04 - 00000000 ____D C:\Users\jas\AppData\Local\{5427FFA4-7B50-4012-87AC-04A452B02429}
2013-11-03 20:03 - 2013-11-03 20:03 - 00000000 ____D C:\Users\jas\AppData\Local\{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
2013-11-03 08:03 - 2013-11-03 08:03 - 00000000 ____D C:\Users\jas\AppData\Local\{262E305E-C24F-4FDF-AB3E-AB613A922D99}
2013-11-02 19:50 - 2013-11-02 19:50 - 00000000 ____D C:\Users\jas\AppData\Local\{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
2013-11-02 07:49 - 2013-11-02 07:49 - 00000000 ____D C:\Users\jas\AppData\Local\{F411F597-18EB-4E7C-815B-473BC1CA74B5}
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\Users\jas\AppData\Local\{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
2013-10-31 20:46 - 2013-10-31 20:46 - 00000000 ____D C:\Users\jas\AppData\Local\{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
2013-10-31 08:46 - 2013-10-31 08:45 - 00000000 ____D C:\Users\jas\AppData\Local\{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
2013-10-30 20:28 - 2013-10-30 20:27 - 00000000 ____D C:\Users\jas\AppData\Local\{06E1E7F1-7FC7-442C-85D8-A95930C20086}
2013-10-30 08:12 - 2013-10-30 08:12 - 00000000 ____D C:\Users\jas\AppData\Local\{0EC7399D-44DA-4440-9845-00031EA2FFB0}
2013-10-29 08:32 - 2013-10-29 08:32 - 00000000 ____D C:\Users\jas\AppData\Local\{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
2013-10-28 20:27 - 2013-10-28 20:26 - 00000000 ____D C:\Users\jas\AppData\Local\{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
2013-10-28 18:47 - 2013-06-01 21:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-10-28 18:47 - 2013-06-01 21:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-28 08:24 - 2013-10-28 08:24 - 00000000 ____D C:\Users\jas\AppData\Local\{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
2013-10-27 07:29 - 2013-10-27 07:28 - 00000000 ____D C:\Users\jas\AppData\Local\{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
2013-10-26 19:28 - 2013-10-26 19:28 - 00000000 ____D C:\Users\jas\AppData\Local\{090B7702-3082-4050-82FF-58F3F99A351F}
2013-10-26 07:28 - 2013-10-26 07:27 - 00000000 ____D C:\Users\jas\AppData\Local\{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
2013-10-25 18:47 - 2013-10-25 18:47 - 00000000 ____D C:\Users\jas\AppData\Local\{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
2013-10-25 06:47 - 2013-10-25 06:46 - 00000000 ____D C:\Users\jas\AppData\Local\{AB86A48F-88E0-4270-A479-F67EDCDE558F}
2013-10-24 18:46 - 2013-10-24 18:46 - 00000000 ____D C:\Users\jas\AppData\Local\{D92853F3-358E-4C73-8428-FB9230F947CF}
2013-10-24 06:46 - 2013-10-24 06:46 - 00000000 ____D C:\Users\jas\AppData\Local\{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
2013-10-23 17:57 - 2013-10-23 17:57 - 00000000 ____D C:\Users\jas\AppData\Local\{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
2013-10-23 05:57 - 2013-10-23 05:57 - 00000000 ____D C:\Users\jas\AppData\Local\{2B8523F8-9857-47D2-AD52-060695EA9E54}
2013-10-22 17:46 - 2013-10-22 17:45 - 00000000 ____D C:\Users\jas\AppData\Local\{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
2013-10-21 19:47 - 2013-10-21 19:47 - 00000000 ____D C:\Users\jas\AppData\Local\{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
2013-10-21 07:47 - 2013-10-21 07:47 - 00000000 ____D C:\Users\jas\AppData\Local\{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
2013-10-20 08:18 - 2013-10-20 08:18 - 00000000 ____D C:\Users\jas\AppData\Local\{A5907C90-DA31-4EEC-B172-709C66CC2E28}
2013-10-19 19:39 - 2013-10-19 19:39 - 00000000 ____D C:\Users\jas\AppData\Local\{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
2013-10-19 06:59 - 2013-10-19 06:59 - 00000000 ____D C:\Users\jas\AppData\Local\{799D6292-FCC5-400E-B837-55FE13CC8135}
2013-10-18 07:46 - 2013-10-18 07:45 - 00000000 ____D C:\Users\jas\AppData\Local\{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
2013-10-18 02:36 - 2013-10-28 18:47 - 00955168 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-10-17 21:01 - 2013-10-17 21:00 - 00160968 _____ C:\Windows\Minidump\101713-17503-01.dmp
2013-10-17 21:00 - 2013-06-03 07:20 - 253343240 _____ C:\Windows\MEMORY.DMP
2013-10-17 21:00 - 2013-06-03 07:20 - 00000000 ____D C:\Windows\Minidump
2013-10-17 19:45 - 2013-10-17 19:45 - 00000000 ____D C:\Users\jas\AppData\Local\{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
2013-10-17 07:23 - 2013-10-17 07:23 - 00000000 ____D C:\Users\jas\AppData\Local\{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
2013-10-16 19:54 - 2013-10-16 19:54 - 00000000 ____D C:\Users\jas\AppData\Local\{45B154E7-4548-45F8-B5F0-274B41956AE9}
2013-10-16 08:43 - 2013-06-01 20:54 - 00000000 ____D C:\Users\jas\Desktop\logiciel
2013-10-16 07:26 - 2013-10-16 07:26 - 00000000 ____D C:\Users\jas\AppData\Local\{C383251E-2BE7-443D-A906-12BECC510AEC}
2013-10-15 19:21 - 2013-10-15 19:21 - 00000000 ____D C:\Users\jas\AppData\Local\{271BE547-2774-4259-B597-121E5A1B3AAC}
2013-10-15 07:09 - 2013-10-15 07:09 - 00000000 ____D C:\Users\jas\AppData\Local\{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
2013-10-14 18:35 - 2013-10-14 18:35 - 00000000 ____D C:\Users\jas\AppData\Local\{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
2013-10-14 17:19 - 2013-10-14 17:18 - 00161920 _____ C:\Windows\Minidump\101413-150416-01.dmp
2013-10-14 15:17 - 2013-10-14 10:47 - 00000000 ____D C:\Nouveau dossier
2013-10-14 15:14 - 2013-06-04 20:59 - 00000000 ____D C:\Users\jas\AppData\Roaming\Adobe
2013-10-14 15:14 - 2013-06-04 20:59 - 00000000 ____D C:\ProgramData\Adobe
2013-10-14 10:46 - 2013-06-01 17:43 - 00000000 ____D C:\Users\jas\AppData\Local\VirtualStore
2013-10-14 06:34 - 2013-10-14 06:34 - 00000000 ____D C:\Users\jas\AppData\Local\{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
2013-10-13 18:34 - 2013-10-13 18:34 - 00000000 ____D C:\Users\jas\AppData\Local\{21F05535-B31D-4342-99A6-DF0BD43DF983}
2013-10-13 15:05 - 2013-10-13 15:05 - 00930848 _____ (MyHeritage) C:\Windows\system32\FTBSaver.scr
2013-10-13 06:34 - 2013-10-13 06:33 - 00000000 ____D C:\Users\jas\AppData\Local\{A17F5054-6159-4944-9E5E-74C041174366}
2013-10-12 07:09 - 2013-10-12 07:09 - 00000000 ____D C:\Users\jas\AppData\Local\{D8372A0A-038F-4EF2-B029-2A0C8C973134}
2013-10-12 03:14 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-10-12 02:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-12 02:37 - 2009-07-14 05:33 - 00408616 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 02:36 - 2013-06-06 18:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-12 02:32 - 2013-10-12 02:32 - 00000000 __SHD C:\found.002
2013-10-12 02:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-10-12 02:10 - 2013-06-01 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 02:09 - 2013-08-15 11:11 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 02:06 - 2013-06-05 10:38 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-11 19:09 - 2013-10-11 19:09 - 00000000 ____D C:\Users\jas\AppData\Local\{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
2013-10-11 07:09 - 2013-10-11 07:08 - 00000000 ____D C:\Users\jas\AppData\Local\{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

Some content of TEMP:
====================
C:\Users\jas\AppData\Local\Temp\nsaF4D2.exe
C:\Users\jas\AppData\Local\Temp\nsk9D9B.exe
C:\Users\jas\AppData\Local\Temp\nsq4DA6.exe
C:\Users\jas\AppData\Local\Temp\nsuF2DD.exe
C:\Users\jas\AppData\Local\Temp\nsz9FCD.exe
C:\Users\jas\AppData\Local\Temp\Quarantine.exe
C:\Users\jas\AppData\Local\Temp\utt6559.tmp.exe
C:\Users\jas\AppData\Local\Temp\uttB3A7.tmp.exe
C:\Users\jas\AppData\Local\Temp\vlc-2.0.8-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 09:19

==================== End Of Log ============================
navigateur qui plante

Bonjour, Pour commencer, nous allons éta[…]

PC bloqué sur une image

salut à vous peut-être tester avec u[…]

[RESOLU] Virus sur pc

Merci à vous pour l'aide :)

Mimisuitou N' installez pas de cracks sur votre […]