Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
Avatar du membre
par thomtoine
#17542
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
Ran by Francois (administrator) on SEVEN-FRANCOIS on 18-11-2013 14:23:45
Running from C:\Users\Francois\Downloads
Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\Windows\system32\services.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\RaMaint.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard, Inc.) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Authentication\Hp.SkyRoom.Windows.RgsPlugin.Authentication.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Lens\Hp.SkyRoom.Windows.RgsPlugin.Lens.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\plugins\ice\Hp.SkyRoom.Windows.RgsPlugin.Licensing\Hp.SkyRoom.Windows.RgsPlugin.Licensing.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsender_gui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
() C:\Program Files\La Chaîne Météo\La Chaîne Météo.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
() C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Safari\Safari.exe
(Apple Inc.) C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
(Google Inc.) C:\Users\Francois\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Francois\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Francois\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Francois\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7596576 2009-07-02] (Realtek Semiconductor)
HKLM\...\Run: [picon] - C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [796696 2009-07-24] (Intel Corporation)
HKLM\...\Run: [File Sanitizer] - C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe [11268096 2010-05-06] (Hewlett-Packard)
HKLM\...\Run: [acevents] - C:\Program Files\ActivIdentity\ActivClient\acevents.exe [153640 2009-06-03] (ActivIdentity)
HKLM\...\Run: [accrdsub] - C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [400936 2009-06-03] (ActivIdentity)
HKLM\...\Run: [OfficeScanNT Monitor] - C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe [959824 2010-08-28] (Trend Micro Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [HPUsageTrackingLEDM] - C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2010-09-17] (LogMeIn, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [Google Update] - C:\Users\Francois\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-18] (Google Inc.)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
MountPoints2: {3d336a73-18ce-11e0-9971-002324137c5f} - F:\SISetup.exe
MountPoints2: {bec4d150-18a9-11e0-99f9-002324137c5f} - "F:\WD SmartWare.exe" autoplay=true
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Francois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\La Chaîne Météo.lnk
ShortcutTarget: La Chaîne Météo.lnk -> C:\Program Files\La Chaîne Météo\La Chaîne Météo.exe ()
Startup: C:\Users\Francois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d‚écran et lancement.lnk
ShortcutTarget: OneNote 2010 - Capture d‚écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://aartemis.com/?type=hp&ts=1384762 ... J9FZ707535
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.aartemis.com/web/?type=ds&ts ... Z707535&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://aartemis.com/?type=hp&ts=1384762 ... J9FZ707535
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.aartemis.com/web/?type=ds&ts ... Z707535&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe https://aartemis.com/?type=sc&ts=1384762 ... J9FZ707535
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {1871549F-30CE-4A8F-A421-CDE322D14035} URL = https://www.bing.com/search?q={searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {ACED870A-C5D0-4992-BE24-68D0EA5CE8FD} URL = https://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312330&CUI=UN10996905162751164&UM=2
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={FCB7AC60-0EAA-4064-B4BB-F6DB1DA5E1B4}&mid=8c2b54129dda47d08ebdd16a62f795ac-8170d2904f00a1b816feca2a2c58043eb01c93a9&lang=fr&ds=od011&pr=sa&d=2012-06-01 10:55:33&v=11.1.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {ACED870A-C5D0-4992-BE24-68D0EA5CE8FD} URL = https://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312330&CUI=UN10996905162751164&UM=2
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\Client Server Security Agent\bho\1006\TmIEPlg.dll (Trend Micro Inc.)
BHO: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: No Name - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} https://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} https://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} https://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} https://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} https://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\Client Server Security Agent\bho\1006\TmIEPlg.dll (Trend Micro Inc.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{BFE4BB22-D16C-4616-8ADF-3C7CADF2FC0F}: [NameServer]192.168.10.1,192.168.10.4

========================== Services (Whitelisted) =================

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2010-04-22] (DigitalPersona, Inc.)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [362040 2010-04-28] (Hewlett-Packard Ltd)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-03-16] (Hewlett-Packard Development Company, L.P)
R2 Hp.Skyroom.Windows.Service; C:\Program Files\Hewlett-Packard\HP SkyRoom\Hp.Skyroom.Windows.Service.exe [124472 2010-03-03] (Hewlett-Packard)
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [298496 2010-05-06] (Hewlett-Packard)
R2 ntrtscan; C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe [1316176 2010-07-28] (Trend Micro Inc.)
R2 rgsender; c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\rgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345424 2010-07-05] ()
R2 tmlisten; C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe [1358160 2010-07-28] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe [497008 2009-07-15] (Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe [689416 2009-07-15] (Trend Micro Inc.)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-07-24] (Intel Corporation)
S2 wuauserv; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S4 rupeiecan; [x]

==================== Drivers (Whitelisted) ====================

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2010-03-08] (Hewlett-Packard Development Company L.P.)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [40088 2010-02-01] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [110520 2010-02-01] ()
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [51800 2010-02-01] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [13256 2010-02-01] (McAfee, Inc.)
R3 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [67664 2010-06-15] ()
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [177232 2010-06-15] ()
R3 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [57424 2010-06-15] ()
R2 TmFilter; C:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys [249424 2010-10-20] (Trend Micro Inc.)
R1 tmlwf; C:\Windows\System32\DRIVERS\tmlwf.sys [146448 2009-07-15] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys [36432 2010-10-20] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [89872 2009-07-15] (Trend Micro Inc.)
S2 tmwfp; C:\Windows\System32\DRIVERS\tmwfp.sys [283152 2009-07-15] (Trend Micro Inc.)
R2 VSApiNt; C:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys [1331384 2010-10-20] (Trend Micro Inc.)
S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-18 14:23 - 2013-11-18 14:24 - 00017297 _____ C:\Users\Francois\Downloads\FRST.txt
2013-11-18 14:23 - 2013-11-18 14:23 - 01090935 _____ (Farbar) C:\Users\Francois\Downloads\FRST.exe
2013-11-18 14:23 - 2013-11-18 14:23 - 00000000 ____D C:\FRST
2013-11-18 13:14 - 2013-11-18 13:14 - 00000000 ____D C:\Users\Francois\AppData\Roaming\0C1I1L1R1J0M1P0I1G
2013-11-18 13:13 - 2013-11-18 13:14 - 00000000 _____ C:\end
2013-11-18 13:12 - 2013-11-18 13:12 - 00607776 _____ C:\Users\Francois\Downloads\Setup.vuupc.exe
2013-11-18 12:54 - 2013-11-18 12:54 - 00026112 _____ C:\Users\Francois\Documents\ormes.xls
2013-11-18 11:01 - 2013-11-18 11:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Francois\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 11:01 - 2013-11-18 11:01 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 11:01 - 2013-11-18 11:01 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-18 11:01 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-18 10:33 - 2013-11-18 12:56 - 00000112 _____ C:\Windows\setupact.log
2013-11-18 10:33 - 2013-11-18 10:33 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 10:32 - 2013-11-18 12:56 - 00024848 _____ C:\Windows\PFRO.log
2013-11-18 10:32 - 2013-11-18 10:32 - 00486376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-18 10:28 - 2013-11-18 10:28 - 00133456 _____ C:\Users\Francois\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 10:20 - 2013-11-18 10:21 - 00003317 _____ C:\Windows\wininit.ini
2013-11-18 09:36 - 2013-11-18 09:36 - 04379048 _____ (Piriform Ltd) C:\Users\Francois\Downloads\ccsetup407.exe
2013-11-18 09:24 - 2013-11-18 09:24 - 00000000 ____D C:\8cd533be8f9227eda802b5ff3f
2013-11-18 09:23 - 2013-11-18 09:32 - 00000000 ____D C:\Users\Francois\AppData\Local\Lollipop
2013-11-18 09:23 - 2013-11-18 09:23 - 00000000 __RSH C:\MSDOS.SYS
2013-11-18 09:23 - 2013-11-18 09:23 - 00000000 __RSH C:\IO.SYS
2013-11-18 09:19 - 2013-11-18 09:22 - 150252521 _____ C:\Users\Francois\Downloads\Man.Of.Steel.2013.TRUEFRENCH.avi
2013-11-18 09:08 - 2013-11-18 09:08 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 09:07 - 2013-11-18 09:08 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-18 09:07 - 2013-11-18 09:08 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 09:07 - 2013-11-18 09:07 - 00000000 ____D C:\Program Files\iPod
2013-11-15 15:56 - 2013-11-15 16:56 - 185258188 _____ C:\Users\Francois\Downloads\Decizif-eckm4nkuzsougk-1nDD.rar
2013-11-15 15:50 - 2013-11-15 17:05 - 229059688 _____ C:\Users\Francois\Downloads\zumba.fitness.dance.party.autumn.2013.rar
2013-11-15 15:14 - 2013-11-15 17:16 - 376116900 _____ C:\Users\Francois\Downloads\Decizif-2kiv4d3wni8tmcln-1nDD.rar
2013-11-15 14:44 - 2013-11-15 15:03 - 105133349 _____ C:\Users\Francois\Downloads\CollMeti-_Destina_Sol_-__2011_-_stef.rar
2013-11-15 12:39 - 2013-11-15 12:51 - 47571800 _____ C:\Users\Francois\Downloads\W9 Hits 2014 2CD MP3 320.rar
2013-11-15 11:05 - 2013-11-03 22:17 - 00000000 ____D C:\Users\Francois\Stromae - Racine
2013-11-15 10:40 - 2013-11-15 11:00 - 110446684 _____ C:\Users\Francois\Downloads\S.Racine.Carree.rar
2013-11-15 10:24 - 2013-11-15 10:59 - 106615332 _____ C:\Users\Francois\Downloads\18E_Jes_Mat_Wa-Ma_@_13-09-13.rar
2013-11-14 11:31 - 2013-11-14 12:35 - 376399610 _____ C:\Users\Francois\Downloads\Virgin Radio la Playlist Pop Music MP3.rar
2013-11-14 10:24 - 2013-11-14 10:44 - 115436643 _____ C:\Users\Francois\Downloads\RTL2 - le son Pop Rock - Volume 2.zip
2013-11-14 10:21 - 2013-11-14 11:30 - 184953291 _____ C:\Users\Francois\Downloads\Age.Tendre.Et.Tetes.De.Bois.Magie.Annees6O.rar
2013-11-13 15:40 - 2013-11-13 17:25 - 617217429 _____ C:\Users\Francois\Downloads\CallMusic-Disco.rar
2013-11-13 12:49 - 2013-11-13 15:03 - 480719332 _____ C:\Users\Francois\Downloads\Super.Funk.Hits.rar
2013-11-13 12:24 - 2013-11-13 14:20 - 683502336 _____ C:\Users\Francois\Downloads\mega 80-dic100-wawa-mania.rar
2013-11-13 11:07 - 2013-11-13 16:00 - 899762991 _____ C:\Users\Francois\Downloads\StArs...8o...L_...COmpilation...elbogossdu14.zip
2013-11-13 10:52 - 2013-11-13 11:29 - 443038109 _____ C:\Users\Francois\Downloads\Les.50.Plus.Grands.Tubes.Fete.zip
2013-11-13 10:31 - 2013-11-13 11:58 - 510535202 _____ C:\Users\Francois\Downloads\Les.50.Plus.Grands.Tubes.Disco.Funk.rar
2013-11-07 18:37 - 2013-11-07 18:40 - 00000000 ____D C:\Users\Francois\Documents\Outlook
2013-11-07 17:27 - 2013-11-07 17:27 - 00000000 ____D C:\Users\Francois\Documents\My Data Files
2013-11-07 17:24 - 2013-11-07 17:25 - 17637552 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Francois\Downloads\data-recovery_full935.exe
2013-11-05 10:27 - 2013-11-05 10:26 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-05 10:24 - 2013-11-05 10:24 - 00915368 _____ (Oracle Corporation) C:\Users\Francois\Downloads\chromeinstall-7u45.exe
2013-11-05 10:14 - 2013-11-05 10:27 - 00000000 ____D C:\ProgramData\Oracle
2013-11-05 10:14 - 2013-11-05 10:14 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-29 11:57 - 2013-10-29 11:57 - 00029500 _____ C:\Users\Francois\Documents\2 Amphithéàtres.htm
2013-10-29 11:57 - 2013-10-29 11:57 - 00000162 ____H C:\Users\Francois\Documents\~$Amphithéàtres.htm
2013-10-29 11:57 - 2013-10-29 11:57 - 00000000 ____D C:\Users\Francois\Documents\2 Amphithéàtres_fichiers
2013-10-28 18:28 - 2013-10-28 18:28 - 00016780 _____ C:\Users\Francois\Documents\Implantation et BE - Forum Sciences Po Entreprises 2013.xlsx
2013-10-25 09:33 - 2013-11-15 18:03 - 00000000 ____D C:\Users\Francois\Estimatifs
2013-10-24 14:11 - 2013-11-18 12:54 - 00000000 ____D C:\ProgramData\Conduit
2013-10-24 14:10 - 2013-10-24 14:10 - 00000000 ____D C:\Users\Francois\AppData\Roaming\Mozilla
2013-10-24 14:09 - 2013-10-24 14:16 - 00000000 ____D C:\Users\Francois\AppData\Roaming\PerformerSoft
2013-10-24 14:09 - 2013-10-24 14:11 - 00000000 ____D C:\Program Files\Conduit
2013-10-24 14:09 - 2013-10-24 14:09 - 00000000 ____D C:\Users\Francois\AppData\Local\NativeMessaging
2013-10-24 14:09 - 2013-10-24 14:09 - 00000000 ____D C:\Users\Francois\AppData\Local\CRE
2013-10-24 13:50 - 2013-11-08 15:50 - 00000000 ____D C:\Users\Francois\Plans de masse dwg et pdf

==================== One Month Modified Files and Folders =======

2013-11-18 14:24 - 2013-11-18 14:23 - 00017297 _____ C:\Users\Francois\Downloads\FRST.txt
2013-11-18 14:23 - 2013-11-18 14:23 - 01090935 _____ (Farbar) C:\Users\Francois\Downloads\FRST.exe
2013-11-18 14:23 - 2013-11-18 14:23 - 00000000 ____D C:\FRST
2013-11-18 14:15 - 2012-01-23 10:25 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-18 14:13 - 2011-01-05 12:25 - 00000000 ____D C:\Users\Francois\Documents\Fichiers Outlook
2013-11-18 14:08 - 2011-09-19 12:31 - 01788080 _____ C:\Windows\WindowsUpdate.log
2013-11-18 14:06 - 2012-09-10 11:35 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA.job
2013-11-18 13:14 - 2013-11-18 13:14 - 00000000 ____D C:\Users\Francois\AppData\Roaming\0C1I1L1R1J0M1P0I1G
2013-11-18 13:14 - 2013-11-18 13:13 - 00000000 _____ C:\end
2013-11-18 13:12 - 2013-11-18 13:12 - 00607776 _____ C:\Users\Francois\Downloads\Setup.vuupc.exe
2013-11-18 13:03 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-18 13:03 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-18 13:00 - 2009-07-25 13:54 - 01702776 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 12:58 - 2011-01-05 10:01 - 00015235 _____ C:\Windows\cfgall.ini
2013-11-18 12:58 - 2011-01-05 10:00 - 00000031 _____ C:\tmuninst.ini
2013-11-18 12:57 - 2011-01-05 10:00 - 08445032 _____ C:\Windows\system32\TmInstall.log
2013-11-18 12:56 - 2013-11-18 10:33 - 00000112 _____ C:\Windows\setupact.log
2013-11-18 12:56 - 2013-11-18 10:32 - 00024848 _____ C:\Windows\PFRO.log
2013-11-18 12:56 - 2012-01-23 10:25 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-18 12:56 - 2010-09-30 16:01 - 00000000 ____D C:\ProgramData\HPQLOG
2013-11-18 12:56 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-18 12:56 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas
2013-11-18 12:54 - 2013-11-18 12:54 - 00026112 _____ C:\Users\Francois\Documents\ormes.xls
2013-11-18 12:54 - 2013-10-24 14:11 - 00000000 ____D C:\ProgramData\Conduit
2013-11-18 11:01 - 2013-11-18 11:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Francois\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-18 11:01 - 2013-11-18 11:01 - 00001073 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-18 11:01 - 2013-11-18 11:01 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-18 10:39 - 2011-01-05 14:31 - 00000000 ____D C:\Users\Francois\AppData\Local\Adobe
2013-11-18 10:33 - 2013-11-18 10:33 - 00000000 _____ C:\Windows\setuperr.log
2013-11-18 10:32 - 2013-11-18 10:32 - 00486376 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-18 10:32 - 2012-01-23 10:25 - 00000000 ____D C:\Program Files\Google
2013-11-18 10:30 - 2012-06-29 16:22 - 00102400 _____ C:\Windows\RegBootClean.exe
2013-11-18 10:28 - 2013-11-18 10:28 - 00133456 _____ C:\Users\Francois\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-18 10:21 - 2013-11-18 10:20 - 00003317 _____ C:\Windows\wininit.ini
2013-11-18 10:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-18 09:58 - 2011-01-05 14:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-18 09:52 - 2011-01-05 17:52 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-18 09:36 - 2013-11-18 09:36 - 04379048 _____ (Piriform Ltd) C:\Users\Francois\Downloads\ccsetup407.exe
2013-11-18 09:36 - 2011-01-05 14:02 - 00000971 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-18 09:36 - 2011-01-05 14:01 - 00000000 ____D C:\Program Files\CCleaner
2013-11-18 09:34 - 2012-12-10 16:15 - 00000000 ____D C:\Program Files\Wondershare
2013-11-18 09:34 - 2011-01-05 10:22 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-18 09:32 - 2013-11-18 09:23 - 00000000 ____D C:\Users\Francois\AppData\Local\Lollipop
2013-11-18 09:31 - 2012-01-23 10:25 - 00000000 ____D C:\Users\Francois\AppData\Local\Google
2013-11-18 09:24 - 2013-11-18 09:24 - 00000000 ____D C:\8cd533be8f9227eda802b5ff3f
2013-11-18 09:23 - 2013-11-18 09:23 - 00000000 __RSH C:\MSDOS.SYS
2013-11-18 09:23 - 2013-11-18 09:23 - 00000000 __RSH C:\IO.SYS
2013-11-18 09:23 - 2012-09-10 11:36 - 00002521 _____ C:\Users\Francois\Desktop\Google Chrome.lnk
2013-11-18 09:23 - 2011-01-05 10:16 - 00001595 _____ C:\Users\Francois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-18 09:22 - 2013-11-18 09:19 - 150252521 _____ C:\Users\Francois\Downloads\Man.Of.Steel.2013.TRUEFRENCH.avi
2013-11-18 09:08 - 2013-11-18 09:08 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-18 09:08 - 2013-11-18 09:07 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-18 09:08 - 2013-11-18 09:07 - 00000000 ____D C:\Program Files\iTunes
2013-11-18 09:07 - 2013-11-18 09:07 - 00000000 ____D C:\Program Files\iPod
2013-11-18 09:07 - 2011-01-05 12:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-18 09:06 - 2012-09-10 11:35 - 00001038 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core.job
2013-11-15 18:03 - 2013-10-25 09:33 - 00000000 ____D C:\Users\Francois\Estimatifs
2013-11-15 17:56 - 2011-01-05 12:27 - 00000000 ____D C:\Users\Francois\Excel
2013-11-15 17:16 - 2013-11-15 15:14 - 376116900 _____ C:\Users\Francois\Downloads\Decizif-2kiv4d3wni8tmcln-1nDD.rar
2013-11-15 17:05 - 2013-11-15 15:50 - 229059688 _____ C:\Users\Francois\Downloads\zumba.fitness.dance.party.autumn.2013.rar
2013-11-15 16:56 - 2013-11-15 15:56 - 185258188 _____ C:\Users\Francois\Downloads\Decizif-eckm4nkuzsougk-1nDD.rar
2013-11-15 15:03 - 2013-11-15 14:44 - 105133349 _____ C:\Users\Francois\Downloads\CollMeti-_Destina_Sol_-__2011_-_stef.rar
2013-11-15 14:29 - 2013-04-26 09:34 - 00000000 ____D C:\Users\Francois\Fa
2013-11-15 12:51 - 2013-11-15 12:39 - 47571800 _____ C:\Users\Francois\Downloads\W9 Hits 2014 2CD MP3 320.rar
2013-11-15 11:05 - 2011-01-05 10:15 - 00000000 ____D C:\Users\Francois
2013-11-15 11:00 - 2013-11-15 10:40 - 110446684 _____ C:\Users\Francois\Downloads\S.Racine.Carree.rar
2013-11-15 10:59 - 2013-11-15 10:24 - 106615332 _____ C:\Users\Francois\Downloads\18E_Jes_Mat_Wa-Ma_@_13-09-13.rar
2013-11-14 12:35 - 2013-11-14 11:31 - 376399610 _____ C:\Users\Francois\Downloads\Virgin Radio la Playlist Pop Music MP3.rar
2013-11-14 11:30 - 2013-11-14 10:21 - 184953291 _____ C:\Users\Francois\Downloads\Age.Tendre.Et.Tetes.De.Bois.Magie.Annees6O.rar
2013-11-14 10:44 - 2013-11-14 10:24 - 115436643 _____ C:\Users\Francois\Downloads\RTL2 - le son Pop Rock - Volume 2.zip
2013-11-13 17:25 - 2013-11-13 15:40 - 617217429 _____ C:\Users\Francois\Downloads\CallMusic-Disco.rar
2013-11-13 16:00 - 2013-11-13 11:07 - 899762991 _____ C:\Users\Francois\Downloads\StArs...8o...L_...COmpilation...elbogossdu14.zip
2013-11-13 15:12 - 2011-11-18 16:20 - 00000000 ____D C:\Users\Francois\Plans
2013-11-13 15:03 - 2013-11-13 12:49 - 480719332 _____ C:\Users\Francois\Downloads\Super.Funk.Hits.rar
2013-11-13 14:20 - 2013-11-13 12:24 - 683502336 _____ C:\Users\Francois\Downloads\mega 80-dic100-wawa-mania.rar
2013-11-13 11:58 - 2013-11-13 10:31 - 510535202 _____ C:\Users\Francois\Downloads\Les.50.Plus.Grands.Tubes.Disco.Funk.rar
2013-11-13 11:29 - 2013-11-13 10:52 - 443038109 _____ C:\Users\Francois\Downloads\Les.50.Plus.Grands.Tubes.Fete.zip
2013-11-08 15:50 - 2013-10-24 13:50 - 00000000 ____D C:\Users\Francois\Plans de masse dwg et pdf
2013-11-08 15:38 - 2013-07-05 13:29 - 00000000 ____D C:\Users\Francois\Récapitulatifs
2013-11-07 18:40 - 2013-11-07 18:37 - 00000000 ____D C:\Users\Francois\Documents\Outlook
2013-11-07 17:27 - 2013-11-07 17:27 - 00000000 ____D C:\Users\Francois\Documents\My Data Files
2013-11-07 17:25 - 2013-11-07 17:24 - 17637552 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Francois\Downloads\data-recovery_full935.exe
2013-11-06 17:28 - 2012-12-18 10:18 - 00000000 ____D C:\Users\Francois\Docs 2013
2013-11-06 11:13 - 2013-07-05 13:29 - 00000000 ____D C:\Users\Francois\TABLEAUX DE CONVERSION
2013-11-05 10:27 - 2013-11-05 10:14 - 00000000 ____D C:\ProgramData\Oracle
2013-11-05 10:26 - 2013-11-05 10:27 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-05 10:26 - 2013-11-05 10:26 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-05 10:24 - 2013-11-05 10:24 - 00915368 _____ (Oracle Corporation) C:\Users\Francois\Downloads\chromeinstall-7u45.exe
2013-11-05 10:14 - 2013-11-05 10:14 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-05 09:56 - 2011-01-05 17:52 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2013-11-05 09:56 - 2011-01-05 17:52 - 00085832 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2013-11-05 09:56 - 2011-01-05 17:52 - 00031560 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2013-11-05 09:56 - 2011-01-05 17:51 - 00000000 ____D C:\Program Files\LogMeIn
2013-11-03 22:17 - 2013-11-15 11:05 - 00000000 ____D C:\Users\Francois\Stromae - Racine
2013-10-29 12:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-10-29 11:57 - 2013-10-29 11:57 - 00029500 _____ C:\Users\Francois\Documents\2 Amphithéàtres.htm
2013-10-29 11:57 - 2013-10-29 11:57 - 00000162 ____H C:\Users\Francois\Documents\~$Amphithéàtres.htm
2013-10-29 11:57 - 2013-10-29 11:57 - 00000000 ____D C:\Users\Francois\Documents\2 Amphithéàtres_fichiers
2013-10-29 09:09 - 2012-02-06 12:44 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-29 09:07 - 2009-07-14 05:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-28 18:28 - 2013-10-28 18:28 - 00016780 _____ C:\Users\Francois\Documents\Implantation et BE - Forum Sciences Po Entreprises 2013.xlsx
2013-10-25 15:34 - 2010-09-30 15:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-24 14:16 - 2013-10-24 14:09 - 00000000 ____D C:\Users\Francois\AppData\Roaming\PerformerSoft
2013-10-24 14:16 - 2012-12-21 15:33 - 00000000 ____D C:\Ptp
2013-10-24 14:11 - 2013-10-24 14:09 - 00000000 ____D C:\Program Files\Conduit
2013-10-24 14:10 - 2013-10-24 14:10 - 00000000 ____D C:\Users\Francois\AppData\Roaming\Mozilla
2013-10-24 14:09 - 2013-10-24 14:09 - 00000000 ____D C:\Users\Francois\AppData\Local\NativeMessaging
2013-10-24 14:09 - 2013-10-24 14:09 - 00000000 ____D C:\Users\Francois\AppData\Local\CRE
2013-10-24 08:23 - 2011-01-05 17:52 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2013-10-24 08:23 - 2011-01-05 17:52 - 00085832 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll.000.bak

ZeroAccess:
C:\Windows\Installer\{9675067c-18d2-e78f-771d-7080743f6b11}

ZeroAccess:
C:\Users\Francois\AppData\Local\{9675067c-18d2-e78f-771d-7080743f6b11}

Some content of TEMP:
====================
C:\Users\Francois\AppData\Local\Temp\Player_Setup.exe
C:\Users\MDC-W7\AppData\Local\Temp\HPQSi.exe
C:\Users\MDC-W7\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-14 00:11] - [2009-07-14 02:14] - 0259072 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION!

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 13:37

==================== End Of Log ============================


==================== Security Center ========================

AV: Trend Micro Client/Server Security Agent (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Anti-spyware de Trend Micro Client/Server Security Agent (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall (Enabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
FW: Trend Micro Personal Firewall (Disabled) {50C2E989-60CF-0845-AFD3-290B7D301E79}

==================== Installed Programs ======================

ActivClient x86 (Version: 6.2)
Adobe AIR (Version: 3.9.0.1030)
Adobe Download Assistant (Version: 1.2.3)
Adobe Reader XI (11.0.05) - Français (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Belarc Advisor 7.2
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.07)
Complément Messenger (Version: 15.4.3502.0922)
Contrôle ActiveX Windows Live Mesh pour connexions à  distance (Version: 15.4.5722.2)
Correctif pour Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (Version: 1)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Device Access Manager for HP ProtectTools (Version: 5.0.1.8)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0)
Easy Word Recovery (Version: 2.0)
Feedback Tool (Version: 1.1.0)
Feedback Tool (Version: 1.2.0)
File Sanitizer For HP ProtectTools (Version: 5.0.1.4)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Chrome (HKCU Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
Google Earth (Version: 7.1.1.1888)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP LaserJet Professional P1100-P1560-P1600 Series
HP ProtectTools Security Manager (Version: 5.08.717)
HP SkyRoom (Version: 1.1.6.5201.)
HP Support Assistant (Version: 6.1.12.1)
hppLaserJetService (Version: 001.001.0.0)
hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
hppusgP1100P1560P1600Series (Version: 1.0.0.1)
HPSSupply (Version: 2.1.1.0000)
iCloud (Version: 3.0.2.163)
Intel(R) Graphics Media Accelerator Driver
iPhoneSMSExport
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java Card Security for HP ProtectTools (Version: 5.0.4.1)
Java(TM) 6 Update 20 (Version: 6.0.200)
Java(TM) 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
La Chaîne Météo (Version: 1.6)
LogMeIn (Version: 4.1.1578)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Famille et Petite Entreprise 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.8)
Microsoft Office Word MUI (French) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - FRA (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - FRA (Version: 9.0.30729)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
Movies2iPhone 1.28 for Windows (Version: 1.28 for Windows)
MSVCRT (Version: 15.4.2862.0708)
Privacy Manager for HP ProtectTools (Version: 5.10.796)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5886)
Reconstitution suite a un Vol (Version: 5.1.0.19)
Remote Graphics Receiver (Version: 5.3.2)
Remote Graphics Sender (Version: 5.3.2)
Safari (Version: 5.34.57.2)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
TeamViewer 8 (Version: 8.0.22298)
Technologie d&#130;administration active Intel®
Theft Recovery (Version: 5.1.0.19)
Trend Micro Client/Server Security Agent (Version: 16.0.4177)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VuuPC Packages
Vuze_Remote Toolbar
Windows Live (Version: 15.4.3502.0922)
Windows Live (Version: 15.4.3555.0308)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.00 (32 bits) (Version: 4.00.0)
WinZip 15.0 (Version: 15.0.9411)

==================== Restore Points =========================

12-11-2013 12:45:06 Point de contrôle planifié
18-11-2013 08:23:42 Uniblue SpeedUpMyPC installation
18-11-2013 08:23:43 Uniblue SpeedUpMyPC installation
18-11-2013 08:34:28 Supprimé Microsoft Research AutoCollage 2008 version 1.1

==================== Hosts content: ==========================

2009-07-14 03:04 - 2013-11-18 10:26 - 00450660 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 https://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 https://www.008k.com
127.0.0.1 008k.com
127.0.0.1 https://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 https://www.032439.com
127.0.0.1 032439.com
127.0.0.1 https://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 https://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 https://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 https://www.100888290cs.com
127.0.0.1 https://www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 https://www.10sek.com
127.0.0.1 https://www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 https://www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 https://www.123haustiereundmehr.com
127.0.0.1 https://www.123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {2BC8B20D-EDA3-4D5A-8F7B-E29DA0F48897} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {3132951C-B39C-4D43-912C-41B2BDDBDA67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {362D8214-6643-4759-8F21-89693F97786D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {43CCD523-0AC1-4FD7-8D5C-85036A4ECC89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
Task: {630F5DC9-A0FB-46A7-BCFE-DFAED064A861} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core => C:\Users\Francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {84B21444-4CF2-40E4-8168-B73BCBEC1E4D} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {9B2E07E5-1E48-4A21-86B6-82AA9A9911DA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9C4A5D7D-7735-452B-868F-AD4D5F73CCC4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {9EC3FF5D-3CDB-4C54-91F8-72F9A88D3F53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {AF856F04-EDEA-4C2D-9F17-F22750389F6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EBD74ABE-E2DE-42DC-A6C8-1ED86DC9605B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA => C:\Users\Francois\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {F3B815EE-05F4-443F-9ED0-3E73E847E49B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {F3B95E0F-2166-4A0D-BC70-04EB5DB70CC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {FB874641-CAD8-4DF5-9F4B-B0188CBD3943} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core.job => C:\Users\Francois\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA.job => C:\Users\Francois\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-04-28 09:39 - 2010-04-28 09:39 - 00329272 _____ () C:\Windows\system32\flcdlmsg.dll
2010-09-30 16:03 - 2009-07-24 11:10 - 02199552 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\QtCore4.dll
2010-09-30 16:03 - 2009-07-24 11:10 - 08024064 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\QtGui4.dll
2010-09-30 16:03 - 2008-01-09 10:08 - 01245184 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\ice32.dll
2010-09-30 16:03 - 2008-01-09 10:10 - 00159744 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\iceutil32.dll
2010-09-30 16:03 - 2008-01-09 10:06 - 00065536 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\bzip2.dll
2010-09-30 16:03 - 2008-01-09 10:10 - 00167936 ____R () c:\Program Files\Hewlett-Packard\HP SkyRoom\remote graphics sender\IceSSL32.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-12-21 01:15 - 2010-12-21 01:15 - 01041248 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 00087912 _____ () C:\Program Files\Safari\Apple Application Support\zlib1.dll
2012-03-07 19:15 - 2012-03-07 19:15 - 01242472 _____ () C:\Program Files\Safari\Apple Application Support\libxml2.dll
2013-11-15 10:10 - 2013-11-14 12:28 - 00702416 _____ () C:\Users\Francois\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 10:10 - 2013-11-14 12:28 - 00099792 _____ () C:\Users\Francois\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 10:10 - 2013-11-14 12:29 - 04055504 _____ () C:\Users\Francois\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 10:10 - 2013-11-14 12:29 - 00399312 _____ () C:\Users\Francois\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 10:10 - 2013-11-14 12:28 - 01619408 _____ () C:\Users\Francois\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:24051EFF
AlternateDataStreams: C:\Users\Francois\Excel:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\ADDITIF.doc:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\ADDITIF.doc:AFP_RESOURCE
AlternateDataStreams: C:\Users\Francois\Documents\Capacités MC.pdf:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\Capacités MC.pdf:AFP_RESOURCE
AlternateDataStreams: C:\Users\Francois\Documents\logiciels:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\Mes sources de données:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\parametre IP.doc:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\parametre IP.doc:AFP_RESOURCE
AlternateDataStreams: C:\Users\Francois\Documents\Plan Fauteuils GA.doc:AFP_AFPINFO
AlternateDataStreams: C:\Users\Francois\Documents\Plan Fauteuils GA.doc:AFP_RESOURCE

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Souris compatible PS/2
Description: Souris compatible PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Clavier standard PS/2
Description: Clavier standard PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Claviers standard)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2013 01:49:57 PM) (Source: SideBySide) (User: )
Description: La création du contexte d&#130;activation a échoué pour  assemblyIdentity1 ». Erreur dans le fichier de manifeste ou de stratégie  assemblyIdentity2 » à  la ligne assemblyIdentity3.
La valeur  * » de l&#130;attribut  language » de l&#130;élément  assemblyIdentity » n&#130;est pas valide.

Error: (11/18/2013 01:47:09 PM) (Source: SideBySide) (User: )
Description: La création du contexte d&#130;activation a échoué pour  Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 ».
Assembly dépendant Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable.
Utilisez sxstrace.exe pour un diagnostic détaillé.

Error: (11/18/2013 11:42:38 AM) (Source: Application Error) (User: )
Description: Nom de l&#130;application défaillante Safari.exe, version : 5.34.57.2, horodatage : 0x4f982b5e
Nom du module défaillant : ntdll.dll, version : 6.1.7601.17725, horodatage : 0x4ec49b60
Code d&#130;exception : 0xc0000374
Décalage d&#130;erreur : 0x000c380b
ID du processus défaillant : 0xce8
Heure de début de l&#130;application défaillante : 0xSafari.exe0
Chemin d&#130;accès de l&#130;application défaillante : Safari.exe1
Chemin d&#130;accès du module défaillant: Safari.exe2
ID de rapport : Safari.exe3


System errors:
=============
Error: (11/18/2013 02:06:15 PM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/18/2013 00:57:54 PM) (Source: Service Control Manager) (User: )
Description: Pare-feu personnel Trend Micro Client/Server Security AgentTrend Micro WFP Callout Driver%%2

Error: (11/18/2013 00:57:54 PM) (Source: Service Control Manager) (User: )
Description: Trend Micro WFP Callout Driver%%2

Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: Pare-feu personnel Trend Micro Client/Server Security AgentTrend Micro WFP Callout Driver%%2

Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: Trend Micro WFP Callout Driver%%2

Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
Description: Trend Micro WFP Callout Driver%%2

Error: (11/18/2013 00:57:03 PM) (Source: Service Control Manager) (User: )
Description: Windows Update%%2

Error: (11/18/2013 00:57:03 PM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/18/2013 00:56:32 PM) (Source: Service Control Manager) (User: )
Description: Windows Update%%2

Error: (11/18/2013 00:56:21 PM) (Source: Service Control Manager) (User: )
Description: SBSD Security Center ServiceSecurity Center%%1079


Microsoft Office Sessions:
=========================
Error: (11/18/2013 01:49:57 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (11/18/2013 01:47:09 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\hewlett-packard\hp skyroom\remote graphics receiver\hprpusb\64-bit\DPInst.exe

Error: (11/18/2013 11:42:38 AM) (Source: Application Error)(User: )
Description: Safari.exe5.34.57.24f982b5entdll.dll6.1.7601.177254ec49b60c0000374000c380bce801cee44a8091af38C:\Program Files\Safari\Safari.exeC:\Windows\SYSTEM32\ntdll.dll2450146b-503e-11e3-8a87-002324137c5f


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 3543.25 MB
Available physical RAM: 1595.27 MB
Total Pagefile: 7084.78 MB
Available Pagefile: 4963.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1867.04 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:288.42 GB) (Free:221.71 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:7.66 GB) (Free:0.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 5205B86A)
Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=288 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Avatar du membre
par g3n-h@ckm@n
#17545
Bonjour et bienvenue sur SOSVirus :D
  • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
  • Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
    1. Choisis l'option Scanner
    2. Choisis l'option Nettoyer
  • Accepte l'avertissement en cliquant sur OK

    Image
  • Accepte les avertissements/informations en cliquant sur OK
  • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC
PC bloqué sur une image

salut à vous peut-être tester avec u[…]

[RESOLU] Virus sur pc

Merci à vous pour l'aide :)

Mimisuitou N' installez pas de cracks sur votre […]

virus ou pas

Re, Démarrez en mode sans echec, et lance[…]