supprimer aartemis.com 2013-11-18T13:29:31+00:00
  • Auteur
    Messages
  • thomtoine
    Post count: 0

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
    Ran by Francois (administrator) on SEVEN-FRANCOIS on 18-11-2013 14:23:45
    Running from C:UsersFrancoisDownloads
    Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: French Standard
    Internet Explorer Version 9
    Boot Mode: Normal

    ==================== Processes (Whitelisted) ===================

    () C:Windowssystem32services.exe
    (Hewlett-Packard) C:Program FilesHewlett-PackardFile SanitizerHPFSService.exe
    (McAfee, Inc.) C:Program FilesHewlett-PackardDrive EncryptionHpFkCrypt.exe
    (ActivIdentity) C:Program FilesCommon FilesActivIdentityac.sharedstore.exe
    (ActivIdentity) C:Program FilesActivIdentityActivClientacevents.exe
    (DigitalPersona, Inc.) C:Program FilesHewlett-PackardHP ProtectTools Security ManagerBinDpHostW.exe
    (Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
    (Hewlett-Packard Development Company, L.P) C:Program FilesHewlett-Packard2009 Password Filter for HP ProtectToolsPTChangeFilterService.exe
    (Hewlett-Packard) C:Program FilesHewlett-PackardHP SkyRoomHp.Skyroom.Windows.Service.exe
    (Hewlett-Packard Company) C:Program FilesHewlett-PackardSharedHPDrvMntSvc.exe
    (HP) C:Windowssystem32HPSIsvc.exe
    (LogMeIn, Inc.) C:Program FilesLogMeInx86LMIGuardianSvc.exe
    (LogMeIn, Inc.) C:Program FilesLogMeInx86RaMaint.exe
    (Intel Corporation) C:Program FilesIntelAMTLMS.exe
    (Trend Micro Inc.) C:Program FilesTrend MicroClient Server Security Agentntrtscan.exe
    (TeamViewer GmbH) C:Program FilesTeamViewerVersion8TeamViewer_Service.exe
    (Intel Corporation) C:Program FilesCommon FilesIntelPrivacy IconUNSUNS.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
    (LogMeIn, Inc.) C:Program FilesLogMeInx86LogMeIn.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
    (Hewlett-Packard, Inc.) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderrgsendersvc.exe
    (Trend Micro Inc.) C:Program FilesTrend MicroClient Server Security Agenttmlisten.exe
    (Hewlett-Packard) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderrgsender.exe
    (Hewlett-Packard Company) C:Program FilesHewlett-PackardSharedhpqWmiEx.exe
    (Hewlett-Packard) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderpluginsiceHp.SkyRoom.Windows.RgsPlugin.AuthenticationHp.SkyRoom.Windows.RgsPlugin.Authentication.exe
    (Hewlett-Packard) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderpluginsiceHp.SkyRoom.Windows.RgsPlugin.LensHp.SkyRoom.Windows.RgsPlugin.Lens.exe
    (Hewlett-Packard) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderpluginsiceHp.SkyRoom.Windows.RgsPlugin.LicensingHp.SkyRoom.Windows.RgsPlugin.Licensing.exe
    (DigitalPersona, Inc.) C:Program FilesHewlett-PackardHP ProtectTools Security ManagerBinDPAgent.exe
    (Hewlett-Packard) c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderrgsender_gui.exe
    (Google Inc.) C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe
    (Realtek Semiconductor) C:Program FilesRealtekAudioHDARtHDVCpl.exe
    (Intel Corporation) C:Program FilesCommon FilesIntelPrivacy IconPrivacyIconClient.exe
    (Hewlett-Packard) C:Program FilesHewlett-PackardFile Sanitizercoreshredder.exe
    (ActivIdentity) C:Program FilesActivIdentityActivClientacevents.exe
    (ActivIdentity) C:Program FilesActivIdentityActivClientaccrdsub.exe
    (Trend Micro Inc.) C:Program FilesTrend MicroClient Server Security AgentPccNTMon.exe
    (Intel Corporation) C:WindowsSystem32igfxtray.exe
    (Intel Corporation) C:WindowsSystem32hkcmd.exe
    (Intel Corporation) C:WindowsSystem32igfxpers.exe
    (LogMeIn, Inc.) C:Program FilesLogMeInx86LogMeInSystray.exe
    (Oracle Corporation) C:Program FilesCommon FilesJavaJava Updatejusched.exe
    (Apple Inc.) C:Program FilesiTunesiTunesHelper.exe
    (Safer-Networking Ltd.) C:Program FilesSpybot – Search & DestroyTeaTimer.exe
    () C:Program FilesLa Chaîne MétéoLa Chaîne Météo.exe
    (Microsoft Corporation) C:Program FilesMicrosoft OfficeOffice14ONENOTEM.EXE
    (Apple Inc.) C:Program FilesiPodbiniPodService.exe
    (Trend Micro Inc.) C:Program FilesTrend MicroClient Server Security AgentCNTAoSMgr.exe
    (Trend Micro Inc.) C:Program FilesTrend MicroClient Server Security AgentTmProxy.exe
    (TeamViewer GmbH) C:Program FilesTeamViewerVersion8TeamViewer.exe
    (Hewlett-Packard Company) C:Program FilesHewlett-PackardHP Support Frameworkhpsa_service.exe
    (TeamViewer GmbH) C:Program FilesTeamViewerVersion8tv_w32.exe
    () C:Program FilesTrend MicroBMTMBMSRV.exe
    (Adobe Systems Incorporated) C:Program FilesAdobeReader 11.0ReaderAcroRd32.exe
    (Adobe Systems Incorporated) C:Program FilesAdobeReader 11.0ReaderAcroRd32.exe
    (Microsoft Corporation) C:Program FilesMicrosoft OfficeOffice14OUTLOOK.EXE
    (Microsoft Corporation) C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE
    (Apple Inc.) C:Program FilesSafariSafari.exe
    (Apple Inc.) C:Program FilesSafariApple Application SupportWebKit2WebProcess.exe
    (Google Inc.) C:UsersFrancoisAppDataLocalGoogleChromeApplicationchrome.exe
    (Google Inc.) C:UsersFrancoisAppDataLocalGoogleChromeApplicationchrome.exe
    (Google Inc.) C:UsersFrancoisAppDataLocalGoogleChromeApplicationchrome.exe
    (Google Inc.) C:UsersFrancoisAppDataLocalGoogleChromeApplicationchrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM…Run: [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe [7596576 2009-07-02] (Realtek Semiconductor)
    HKLM…Run: [picon] – C:Program FilesCommon FilesIntelPrivacy IconPrivacyIconClient.exe [796696 2009-07-24] (Intel Corporation)
    HKLM…Run: [File Sanitizer] – C:Program FilesHewlett-PackardFile Sanitizercoreshredder.exe [11268096 2010-05-06] (Hewlett-Packard)
    HKLM…Run: [acevents] – C:Program FilesActivIdentityActivClientacevents.exe [153640 2009-06-03] (ActivIdentity)
    HKLM…Run: [accrdsub] – C:Program FilesActivIdentityActivClientaccrdsub.exe [400936 2009-06-03] (ActivIdentity)
    HKLM…Run: [OfficeScanNT Monitor] – C:Program FilesTrend MicroClient Server Security AgentPccNTMon.exe [959824 2010-08-28] (Trend Micro Inc.)
    HKLM…Run: [HotKeysCmds] – C:Windowssystem32hkcmd.exe [ ] ()
    HKLM…Run: [HPUsageTrackingLEDM] – C:Program FilesHPHP UT LEDMbinhppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
    HKLM…Run: [LogMeIn GUI] – C:Program FilesLogMeInx86LogMeInSystray.exe [63048 2010-09-17] (LogMeIn, Inc.)
    HKLM…Run: [APSDaemon] – C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM…Run: [Adobe ARM] – C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM…Run: [QuickTime Task] – C:Program FilesQuickTimeQTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM…Run: [SunJavaUpdateSched] – C:Program FilesCommon FilesJavaJava Updatejusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM…Run: [iTunesHelper] – C:Program FilesiTunesiTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM…Winlogon: [Userinit] C:Windowssystem32userinit.exe,C:Program FilesHewlett-PackardHP ProtectTools Security ManagerBinDPAgent.exe,
    WinlogonNotifyDeviceNP: C:Windowssystem32DeviceNP.dll (Hewlett-Packard Limited)
    HKCU…Run: [SpybotSD TeaTimer] – C:Program FilesSpybot – Search & DestroyTeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKCU…Run: [Google Update] – C:UsersFrancoisAppDataLocalGoogleUpdateGoogleUpdate.exe [116648 2012-07-18] (Google Inc.)
    HKCU…0c966feabec1InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
    MountPoints2: {3d336a73-18ce-11e0-9971-002324137c5f} – F:SISetup.exe
    MountPoints2: {bec4d150-18a9-11e0-99f9-002324137c5f} – “F:WD SmartWare.exe” autoplay=true
    Lsa: [Notification Packages] DPPassFilter scecli
    Startup: C:UsersFrancoisAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupLa Chaîne Météo.lnk
    ShortcutTarget: La Chaîne Météo.lnk -> C:Program FilesLa Chaîne MétéoLa Chaîne Météo.exe ()
    Startup: C:UsersFrancoisAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2010 – Capture d’écran et lancement.lnk
    ShortcutTarget: OneNote 2010 – Capture d’écran et lancement.lnk -> C:Program FilesMicrosoft OfficeOffice14ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
    HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384762983&from=tugs&uid=SAMSUNGXHD321HJ_S2GVJ9FZ707535” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384762983&from=tugs&uid=SAMSUNGXHD321HJ_S2GVJ9FZ707535&q=” onclick=”window.open(this.href);return false;{searchTerms}
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384762983&from=tugs&uid=SAMSUNGXHD321HJ_S2GVJ9FZ707535” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
    HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384762983&from=tugs&uid=SAMSUNGXHD321HJ_S2GVJ9FZ707535&q=” onclick=”window.open(this.href);return false;{searchTerms}
    StartMenuInternet: IEXPLORE.EXE – C:Program FilesInternet Exploreriexplore.exe http://aartemis.com/?type=sc&ts=1384762970&from=tugs&uid=SAMSUNGXHD321HJ_S2GVJ9FZ707535” onclick=”window.open(this.href);return false;
    SearchScopes: HKLM – DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM – {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM – {1871549F-30CE-4A8F-A421-CDE322D14035} URL = http://www.bing.com/search?q=” onclick=”window.open(this.href);return false;{searchTerms}&form=CMDTDF&pc=CMDTDF&src=IE-SearchBox
    SearchScopes: HKCU – DefaultScope {ACED870A-C5D0-4992-BE24-68D0EA5CE8FD} URL = http://search.conduit.com/ResultsExt.aspx?q=” onclick=”window.open(this.href);return false;{searchTerms}&SearchSource=4&ctid=CT3312330&CUI=UN10996905162751164&UM=2
    SearchScopes: HKCU – {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid=” onclick=”window.open(this.href);return false;{FCB7AC60-0EAA-4064-B4BB-F6DB1DA5E1B4}&mid=8c2b54129dda47d08ebdd16a62f795ac-8170d2904f00a1b816feca2a2c58043eb01c93a9&lang=fr&ds=od011&pr=sa&d=2012-06-01 10:55:33&v=11.1.0.7&sap=dsp&q={searchTerms}
    SearchScopes: HKCU – {ACED870A-C5D0-4992-BE24-68D0EA5CE8FD} URL = http://search.conduit.com/ResultsExt.aspx?q=” onclick=”window.open(this.href);return false;{searchTerms}&SearchSource=4&ctid=CT3312330&CUI=UN10996905162751164&UM=2
    BHO: TmIEPlugInBHO Class – {1CA1377B-DC1D-4A52-9585-6E06050FAC53} – C:Program FilesTrend MicroClient Server Security Agentbho1006TmIEPlg.dll (Trend Micro Inc.)
    BHO: File Sanitizer for HP ProtectTools – {3134413B-49B4-425C-98A5-893C1F195601} – C:Program FilesHewlett-PackardFile SanitizerIEBHO.dll (Hewlett-Packard)
    BHO: HP ProtectTools Security Manager Extension – {395610AE-C624-4f58-B89E-23733EA00F9A} – C:Program FilesHewlett-PackardHP ProtectTools Security ManagerBinDpOtsPluginIe8.dll (DigitalPersona, Inc.)
    BHO: Spybot-S&D IE Protection – {53707962-6F74-2D53-2644-206D7942484F} – C:Program FilesSpybot – Search & DestroySDHelper.dll (Safer Networking Limited)
    BHO: No Name – {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} – No File
    BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program FilesJavajre7binssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper – {9FDDE16B-836F-4806-AB1F-1455CBEFF289} – C:Program FilesWindows LiveCompanioncompanioncore.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler – {B4F3A835-0E21-4959-BA22-42B3008E02FF} – C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)
    Toolbar: HKCU – No Name – {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} – No File
    DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab” onclick=”window.open(this.href);return false;
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx” onclick=”window.open(this.href);return false;
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab” onclick=”window.open(this.href);return false;
    Handler: belarc – {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} – C:Program FilesBelarcAdvisorSystemBAVoilaX.dll (Belarc, Inc.)
    Handler: tmpx – {0E526CB5-7446-41D1-A403-19BFE95E8C23} – C:Program FilesTrend MicroClient Server Security Agentbho1006TmIEPlg.dll (Trend Micro Inc.)
    Winsock: Catalog5 09 C:Program FilesBonjourmdnsNSP.dll [121704] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip..Interfaces{BFE4BB22-D16C-4616-8ADF-3C7CADF2FC0F}: [NameServer]192.168.10.1,192.168.10.4

    ========================== Services (Whitelisted) =================

    R2 ac.sharedstore; C:Program FilesCommon FilesActivIdentityac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
    R2 DpHost; C:Program FilesHewlett-PackardHP ProtectTools Security ManagerBinDpHostW.exe [300808 2010-04-22] (DigitalPersona, Inc.)
    S3 FLCDLOCK; C:Windowssystem32flcdlock.exe [362040 2010-04-28] (Hewlett-Packard Ltd)
    S2 HP LaserJet Service; C:Program FilesHPHPLaserJetServiceHPLaserJetService.exe [136704 2009-06-24] (HP)
    R2 HP ProtectTools Service; C:Program FilesHewlett-Packard2009 Password Filter for HP ProtectToolsPTChangeFilterService.exe [36864 2010-03-16] (Hewlett-Packard Development Company, L.P)
    R2 Hp.Skyroom.Windows.Service; C:Program FilesHewlett-PackardHP SkyRoomHp.Skyroom.Windows.Service.exe [124472 2010-03-03] (Hewlett-Packard)
    R2 HpFkCryptService; C:Program FilesHewlett-PackardDrive EncryptionHpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.)
    R2 HPFSService; C:Program FilesHewlett-PackardFile SanitizerHPFSService.exe [298496 2010-05-06] (Hewlett-Packard)
    R2 ntrtscan; C:Program FilesTrend MicroClient Server Security Agentntrtscan.exe [1316176 2010-07-28] (Trend Micro Inc.)
    R2 rgsender; c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderrgsendersvc.exe [379904 2009-11-19] (Hewlett-Packard, Inc.)
    S2 SBSDWSCService; C:Program FilesSpybot – Search & DestroySDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    R3 TMBMServer; C:Program FilesTrend MicroBMTMBMSRV.exe [345424 2010-07-05] ()
    R2 tmlisten; C:Program FilesTrend MicroClient Server Security Agenttmlisten.exe [1358160 2010-07-28] (Trend Micro Inc.)
    S3 TmPfw; C:Program FilesTrend MicroClient Server Security AgentTmPfw.exe [497008 2009-07-15] (Trend Micro Inc.)
    R3 TmProxy; C:Program FilesTrend MicroClient Server Security AgentTmProxy.exe [689416 2009-07-15] (Trend Micro Inc.)
    R2 UNS; C:Program FilesCommon FilesIntelPrivacy IconUNSUNS.exe [2066968 2009-07-24] (Intel Corporation)
    S2 wuauserv; C:Windowssystem32svchost.exe [20992 2009-07-14] (Microsoft Corporation)
    S4 rupeiecan; [x]

    ==================== Drivers (Whitelisted) ====================

    S3 DAMDrv; C:WindowsSystem32DRIVERSDAMDrv.sys [32312 2010-03-08] (Hewlett-Packard Development Company L.P.)
    R1 RsvLock; C:WindowsSystem32DriversRsvLock.sys [40088 2010-02-01] (McAfee, Inc.)
    R0 SafeBoot; C:WindowsSystem32DriversSafeBoot.sys [110520 2010-02-01] ()
    R0 SbAlg; C:WindowsSystem32DriversSbAlg.sys [51800 2010-02-01] (McAfee, Inc.)
    R0 SbFsLock; C:WindowsSystem32DriversSbFsLock.sys [13256 2010-02-01] (McAfee, Inc.)
    R3 tmactmon; C:WindowsSystem32DRIVERStmactmon.sys [67664 2010-06-15] ()
    R2 tmcomm; C:WindowsSystem32DRIVERStmcomm.sys [177232 2010-06-15] ()
    R3 tmevtmgr; C:WindowsSystem32DRIVERStmevtmgr.sys [57424 2010-06-15] ()
    R2 TmFilter; C:Program FilesTrend MicroClient Server Security AgentTmXPFlt.sys [249424 2010-10-20] (Trend Micro Inc.)
    R1 tmlwf; C:WindowsSystem32DRIVERStmlwf.sys [146448 2009-07-15] (Trend Micro Inc.)
    R2 TmPreFilter; C:Program FilesTrend MicroClient Server Security AgentTmPreFlt.sys [36432 2010-10-20] (Trend Micro Inc.)
    R1 tmtdi; C:WindowsSystem32DRIVERStmtdi.sys [89872 2009-07-15] (Trend Micro Inc.)
    S2 tmwfp; C:WindowsSystem32DRIVERStmwfp.sys [283152 2009-07-15] (Trend Micro Inc.)
    R2 VSApiNt; C:Program FilesTrend MicroClient Server Security AgentVSApiNt.sys [1331384 2010-10-20] (Trend Micro Inc.)
    S4 LMIRfsClientNP; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========

    2013-11-18 14:23 – 2013-11-18 14:24 – 00017297 _____ C:UsersFrancoisDownloadsFRST.txt
    2013-11-18 14:23 – 2013-11-18 14:23 – 01090935 _____ (Farbar) C:UsersFrancoisDownloadsFRST.exe
    2013-11-18 14:23 – 2013-11-18 14:23 – 00000000 ____D C:FRST
    2013-11-18 13:14 – 2013-11-18 13:14 – 00000000 ____D C:UsersFrancoisAppDataRoamingC1I1L1R1J0M1P0I1G
    2013-11-18 13:13 – 2013-11-18 13:14 – 00000000 _____ C:end
    2013-11-18 13:12 – 2013-11-18 13:12 – 00607776 _____ C:UsersFrancoisDownloadsSetup.vuupc.exe
    2013-11-18 12:54 – 2013-11-18 12:54 – 00026112 _____ C:UsersFrancoisDocumentsormes.xls
    2013-11-18 11:01 – 2013-11-18 11:01 – 10285040 _____ (Malwarebytes Corporation ) C:UsersFrancoisDownloadsmbam-setup-1.75.0.1300.exe
    2013-11-18 11:01 – 2013-11-18 11:01 – 00001073 _____ C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk
    2013-11-18 11:01 – 2013-11-18 11:01 – 00000000 ____D C:Program FilesMalwarebytes’ Anti-Malware
    2013-11-18 11:01 – 2013-04-04 14:50 – 00022856 _____ (Malwarebytes Corporation) C:Windowssystem32Driversmbam.sys
    2013-11-18 10:33 – 2013-11-18 12:56 – 00000112 _____ C:Windowssetupact.log
    2013-11-18 10:33 – 2013-11-18 10:33 – 00000000 _____ C:Windowssetuperr.log
    2013-11-18 10:32 – 2013-11-18 12:56 – 00024848 _____ C:WindowsPFRO.log
    2013-11-18 10:32 – 2013-11-18 10:32 – 00486376 _____ C:Windowssystem32FNTCACHE.DAT
    2013-11-18 10:28 – 2013-11-18 10:28 – 00133456 _____ C:UsersFrancoisAppDataLocalGDIPFONTCACHEV1.DAT
    2013-11-18 10:20 – 2013-11-18 10:21 – 00003317 _____ C:Windowswininit.ini
    2013-11-18 09:36 – 2013-11-18 09:36 – 04379048 _____ (Piriform Ltd) C:UsersFrancoisDownloadsccsetup407.exe
    2013-11-18 09:24 – 2013-11-18 09:24 – 00000000 ____D C:8cd533be8f9227eda802b5ff3f
    2013-11-18 09:23 – 2013-11-18 09:32 – 00000000 ____D C:UsersFrancoisAppDataLocalLollipop
    2013-11-18 09:23 – 2013-11-18 09:23 – 00000000 __RSH C:MSDOS.SYS
    2013-11-18 09:23 – 2013-11-18 09:23 – 00000000 __RSH C:IO.SYS
    2013-11-18 09:19 – 2013-11-18 09:22 – 150252521 _____ C:UsersFrancoisDownloadsMan.Of.Steel.2013.TRUEFRENCH.avi
    2013-11-18 09:08 – 2013-11-18 09:08 – 00001755 _____ C:UsersPublicDesktopiTunes.lnk
    2013-11-18 09:07 – 2013-11-18 09:08 – 00000000 ____D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-11-18 09:07 – 2013-11-18 09:08 – 00000000 ____D C:Program FilesiTunes
    2013-11-18 09:07 – 2013-11-18 09:07 – 00000000 ____D C:Program FilesiPod
    2013-11-15 15:56 – 2013-11-15 16:56 – 185258188 _____ C:UsersFrancoisDownloadsDecizif-eckm4nkuzsougk-1nDD.rar
    2013-11-15 15:50 – 2013-11-15 17:05 – 229059688 _____ C:UsersFrancoisDownloadszumba.fitness.dance.party.autumn.2013.rar
    2013-11-15 15:14 – 2013-11-15 17:16 – 376116900 _____ C:UsersFrancoisDownloadsDecizif-2kiv4d3wni8tmcln-1nDD.rar
    2013-11-15 14:44 – 2013-11-15 15:03 – 105133349 _____ C:UsersFrancoisDownloadsCollMeti-_Destina_Sol_-__2011_-_stef.rar
    2013-11-15 12:39 – 2013-11-15 12:51 – 47571800 _____ C:UsersFrancoisDownloadsW9 Hits 2014 2CD MP3 320.rar
    2013-11-15 11:05 – 2013-11-03 22:17 – 00000000 ____D C:UsersFrancoisStromae – Racine
    2013-11-15 10:40 – 2013-11-15 11:00 – 110446684 _____ C:UsersFrancoisDownloadsS.Racine.Carree.rar
    2013-11-15 10:24 – 2013-11-15 10:59 – 106615332 _____ C:UsersFrancoisDownloads18E_Jes_Mat_Wa-Ma_@_13-09-13.rar
    2013-11-14 11:31 – 2013-11-14 12:35 – 376399610 _____ C:UsersFrancoisDownloadsVirgin Radio la Playlist Pop Music MP3.rar
    2013-11-14 10:24 – 2013-11-14 10:44 – 115436643 _____ C:UsersFrancoisDownloadsRTL2 – le son Pop Rock – Volume 2.zip
    2013-11-14 10:21 – 2013-11-14 11:30 – 184953291 _____ C:UsersFrancoisDownloadsAge.Tendre.Et.Tetes.De.Bois.Magie.Annees6O.rar
    2013-11-13 15:40 – 2013-11-13 17:25 – 617217429 _____ C:UsersFrancoisDownloadsCallMusic-Disco.rar
    2013-11-13 12:49 – 2013-11-13 15:03 – 480719332 _____ C:UsersFrancoisDownloadsSuper.Funk.Hits.rar
    2013-11-13 12:24 – 2013-11-13 14:20 – 683502336 _____ C:UsersFrancoisDownloadsmega 80-dic100-wawa-mania.rar
    2013-11-13 11:07 – 2013-11-13 16:00 – 899762991 _____ C:UsersFrancoisDownloadsStArs…8o…L_…COmpilation…elbogossdu14.zip
    2013-11-13 10:52 – 2013-11-13 11:29 – 443038109 _____ C:UsersFrancoisDownloadsLes.50.Plus.Grands.Tubes.Fete.zip
    2013-11-13 10:31 – 2013-11-13 11:58 – 510535202 _____ C:UsersFrancoisDownloadsLes.50.Plus.Grands.Tubes.Disco.Funk.rar
    2013-11-07 18:37 – 2013-11-07 18:40 – 00000000 ____D C:UsersFrancoisDocumentsOutlook
    2013-11-07 17:27 – 2013-11-07 17:27 – 00000000 ____D C:UsersFrancoisDocumentsMy Data Files
    2013-11-07 17:24 – 2013-11-07 17:25 – 17637552 _____ (Wondershare Software Co.,Ltd. ) C:UsersFrancoisDownloadsdata-recovery_full935.exe
    2013-11-05 10:27 – 2013-11-05 10:26 – 00264616 _____ (Oracle Corporation) C:Windowssystem32javaws.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00175016 _____ (Oracle Corporation) C:Windowssystem32javaw.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00174504 _____ (Oracle Corporation) C:Windowssystem32java.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00094632 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge.dll
    2013-11-05 10:24 – 2013-11-05 10:24 – 00915368 _____ (Oracle Corporation) C:UsersFrancoisDownloadschromeinstall-7u45.exe
    2013-11-05 10:14 – 2013-11-05 10:27 – 00000000 ____D C:ProgramDataOracle
    2013-11-05 10:14 – 2013-11-05 10:14 – 00000000 ____D C:Program FilesCommon FilesJava
    2013-10-29 11:57 – 2013-10-29 11:57 – 00029500 _____ C:UsersFrancoisDocuments2 Amphithéâtres.htm
    2013-10-29 11:57 – 2013-10-29 11:57 – 00000162 ____H C:UsersFrancoisDocuments~$Amphithéâtres.htm
    2013-10-29 11:57 – 2013-10-29 11:57 – 00000000 ____D C:UsersFrancoisDocuments2 Amphithéâtres_fichiers
    2013-10-28 18:28 – 2013-10-28 18:28 – 00016780 _____ C:UsersFrancoisDocumentsImplantation et BE – Forum Sciences Po Entreprises 2013.xlsx
    2013-10-25 09:33 – 2013-11-15 18:03 – 00000000 ____D C:UsersFrancoisEstimatifs
    2013-10-24 14:11 – 2013-11-18 12:54 – 00000000 ____D C:ProgramDataConduit
    2013-10-24 14:10 – 2013-10-24 14:10 – 00000000 ____D C:UsersFrancoisAppDataRoamingMozilla
    2013-10-24 14:09 – 2013-10-24 14:16 – 00000000 ____D C:UsersFrancoisAppDataRoamingPerformerSoft
    2013-10-24 14:09 – 2013-10-24 14:11 – 00000000 ____D C:Program FilesConduit
    2013-10-24 14:09 – 2013-10-24 14:09 – 00000000 ____D C:UsersFrancoisAppDataLocalNativeMessaging
    2013-10-24 14:09 – 2013-10-24 14:09 – 00000000 ____D C:UsersFrancoisAppDataLocalCRE
    2013-10-24 13:50 – 2013-11-08 15:50 – 00000000 ____D C:UsersFrancoisPlans de masse dwg et pdf

    ==================== One Month Modified Files and Folders =======

    2013-11-18 14:24 – 2013-11-18 14:23 – 00017297 _____ C:UsersFrancoisDownloadsFRST.txt
    2013-11-18 14:23 – 2013-11-18 14:23 – 01090935 _____ (Farbar) C:UsersFrancoisDownloadsFRST.exe
    2013-11-18 14:23 – 2013-11-18 14:23 – 00000000 ____D C:FRST
    2013-11-18 14:15 – 2012-01-23 10:25 – 00001060 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
    2013-11-18 14:13 – 2011-01-05 12:25 – 00000000 ____D C:UsersFrancoisDocumentsFichiers Outlook
    2013-11-18 14:08 – 2011-09-19 12:31 – 01788080 _____ C:WindowsWindowsUpdate.log
    2013-11-18 14:06 – 2012-09-10 11:35 – 00001090 _____ C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA.job
    2013-11-18 13:14 – 2013-11-18 13:14 – 00000000 ____D C:UsersFrancoisAppDataRoamingC1I1L1R1J0M1P0I1G
    2013-11-18 13:14 – 2013-11-18 13:13 – 00000000 _____ C:end
    2013-11-18 13:12 – 2013-11-18 13:12 – 00607776 _____ C:UsersFrancoisDownloadsSetup.vuupc.exe
    2013-11-18 13:03 – 2009-07-14 05:34 – 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-11-18 13:03 – 2009-07-14 05:34 – 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-11-18 13:00 – 2009-07-25 13:54 – 01702776 _____ C:Windowssystem32PerfStringBackup.INI
    2013-11-18 12:58 – 2011-01-05 10:01 – 00015235 _____ C:Windowscfgall.ini
    2013-11-18 12:58 – 2011-01-05 10:00 – 00000031 _____ C:tmuninst.ini
    2013-11-18 12:57 – 2011-01-05 10:00 – 08445032 _____ C:Windowssystem32TmInstall.log
    2013-11-18 12:56 – 2013-11-18 10:33 – 00000112 _____ C:Windowssetupact.log
    2013-11-18 12:56 – 2013-11-18 10:32 – 00024848 _____ C:WindowsPFRO.log
    2013-11-18 12:56 – 2012-01-23 10:25 – 00001056 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
    2013-11-18 12:56 – 2010-09-30 16:01 – 00000000 ____D C:ProgramDataHPQLOG
    2013-11-18 12:56 – 2009-07-14 05:53 – 00000006 ____H C:WindowsTasksSA.DAT
    2013-11-18 12:56 – 2009-07-14 03:37 – 00000000 ____D C:WindowsL2Schemas
    2013-11-18 12:54 – 2013-11-18 12:54 – 00026112 _____ C:UsersFrancoisDocumentsormes.xls
    2013-11-18 12:54 – 2013-10-24 14:11 – 00000000 ____D C:ProgramDataConduit
    2013-11-18 11:01 – 2013-11-18 11:01 – 10285040 _____ (Malwarebytes Corporation ) C:UsersFrancoisDownloadsmbam-setup-1.75.0.1300.exe
    2013-11-18 11:01 – 2013-11-18 11:01 – 00001073 _____ C:UsersPublicDesktopMalwarebytes Anti-Malware.lnk
    2013-11-18 11:01 – 2013-11-18 11:01 – 00000000 ____D C:Program FilesMalwarebytes’ Anti-Malware
    2013-11-18 10:39 – 2011-01-05 14:31 – 00000000 ____D C:UsersFrancoisAppDataLocalAdobe
    2013-11-18 10:33 – 2013-11-18 10:33 – 00000000 _____ C:Windowssetuperr.log
    2013-11-18 10:32 – 2013-11-18 10:32 – 00486376 _____ C:Windowssystem32FNTCACHE.DAT
    2013-11-18 10:32 – 2012-01-23 10:25 – 00000000 ____D C:Program FilesGoogle
    2013-11-18 10:30 – 2012-06-29 16:22 – 00102400 _____ C:WindowsRegBootClean.exe
    2013-11-18 10:28 – 2013-11-18 10:28 – 00133456 _____ C:UsersFrancoisAppDataLocalGDIPFONTCACHEV1.DAT
    2013-11-18 10:21 – 2013-11-18 10:20 – 00003317 _____ C:Windowswininit.ini
    2013-11-18 10:00 – 2009-07-14 03:37 – 00000000 ____D C:Windowssystem32LogFiles
    2013-11-18 09:58 – 2011-01-05 14:05 – 00000000 ____D C:ProgramDataSpybot – Search & Destroy
    2013-11-18 09:52 – 2011-01-05 17:52 – 00000000 ____D C:ProgramDataLogMeIn
    2013-11-18 09:36 – 2013-11-18 09:36 – 04379048 _____ (Piriform Ltd) C:UsersFrancoisDownloadsccsetup407.exe
    2013-11-18 09:36 – 2011-01-05 14:02 – 00000971 _____ C:UsersPublicDesktopCCleaner.lnk
    2013-11-18 09:36 – 2011-01-05 14:01 – 00000000 ____D C:Program FilesCCleaner
    2013-11-18 09:34 – 2012-12-10 16:15 – 00000000 ____D C:Program FilesWondershare
    2013-11-18 09:34 – 2011-01-05 10:22 – 00000000 ____D C:Windowssystem32appmgmt
    2013-11-18 09:32 – 2013-11-18 09:23 – 00000000 ____D C:UsersFrancoisAppDataLocalLollipop
    2013-11-18 09:31 – 2012-01-23 10:25 – 00000000 ____D C:UsersFrancoisAppDataLocalGoogle
    2013-11-18 09:24 – 2013-11-18 09:24 – 00000000 ____D C:8cd533be8f9227eda802b5ff3f
    2013-11-18 09:23 – 2013-11-18 09:23 – 00000000 __RSH C:MSDOS.SYS
    2013-11-18 09:23 – 2013-11-18 09:23 – 00000000 __RSH C:IO.SYS
    2013-11-18 09:23 – 2012-09-10 11:36 – 00002521 _____ C:UsersFrancoisDesktopGoogle Chrome.lnk
    2013-11-18 09:23 – 2011-01-05 10:16 – 00001595 _____ C:UsersFrancoisAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
    2013-11-18 09:22 – 2013-11-18 09:19 – 150252521 _____ C:UsersFrancoisDownloadsMan.Of.Steel.2013.TRUEFRENCH.avi
    2013-11-18 09:08 – 2013-11-18 09:08 – 00001755 _____ C:UsersPublicDesktopiTunes.lnk
    2013-11-18 09:08 – 2013-11-18 09:07 – 00000000 ____D C:ProgramData188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-11-18 09:08 – 2013-11-18 09:07 – 00000000 ____D C:Program FilesiTunes
    2013-11-18 09:07 – 2013-11-18 09:07 – 00000000 ____D C:Program FilesiPod
    2013-11-18 09:07 – 2011-01-05 12:14 – 00000000 ____D C:Program FilesCommon FilesApple
    2013-11-18 09:06 – 2012-09-10 11:35 – 00001038 _____ C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core.job
    2013-11-15 18:03 – 2013-10-25 09:33 – 00000000 ____D C:UsersFrancoisEstimatifs
    2013-11-15 17:56 – 2011-01-05 12:27 – 00000000 ____D C:UsersFrancoisExcel
    2013-11-15 17:16 – 2013-11-15 15:14 – 376116900 _____ C:UsersFrancoisDownloadsDecizif-2kiv4d3wni8tmcln-1nDD.rar
    2013-11-15 17:05 – 2013-11-15 15:50 – 229059688 _____ C:UsersFrancoisDownloadszumba.fitness.dance.party.autumn.2013.rar
    2013-11-15 16:56 – 2013-11-15 15:56 – 185258188 _____ C:UsersFrancoisDownloadsDecizif-eckm4nkuzsougk-1nDD.rar
    2013-11-15 15:03 – 2013-11-15 14:44 – 105133349 _____ C:UsersFrancoisDownloadsCollMeti-_Destina_Sol_-__2011_-_stef.rar
    2013-11-15 14:29 – 2013-04-26 09:34 – 00000000 ____D C:UsersFrancoisFa
    2013-11-15 12:51 – 2013-11-15 12:39 – 47571800 _____ C:UsersFrancoisDownloadsW9 Hits 2014 2CD MP3 320.rar
    2013-11-15 11:05 – 2011-01-05 10:15 – 00000000 ____D C:UsersFrancois
    2013-11-15 11:00 – 2013-11-15 10:40 – 110446684 _____ C:UsersFrancoisDownloadsS.Racine.Carree.rar
    2013-11-15 10:59 – 2013-11-15 10:24 – 106615332 _____ C:UsersFrancoisDownloads18E_Jes_Mat_Wa-Ma_@_13-09-13.rar
    2013-11-14 12:35 – 2013-11-14 11:31 – 376399610 _____ C:UsersFrancoisDownloadsVirgin Radio la Playlist Pop Music MP3.rar
    2013-11-14 11:30 – 2013-11-14 10:21 – 184953291 _____ C:UsersFrancoisDownloadsAge.Tendre.Et.Tetes.De.Bois.Magie.Annees6O.rar
    2013-11-14 10:44 – 2013-11-14 10:24 – 115436643 _____ C:UsersFrancoisDownloadsRTL2 – le son Pop Rock – Volume 2.zip
    2013-11-13 17:25 – 2013-11-13 15:40 – 617217429 _____ C:UsersFrancoisDownloadsCallMusic-Disco.rar
    2013-11-13 16:00 – 2013-11-13 11:07 – 899762991 _____ C:UsersFrancoisDownloadsStArs…8o…L_…COmpilation…elbogossdu14.zip
    2013-11-13 15:12 – 2011-11-18 16:20 – 00000000 ____D C:UsersFrancoisPlans
    2013-11-13 15:03 – 2013-11-13 12:49 – 480719332 _____ C:UsersFrancoisDownloadsSuper.Funk.Hits.rar
    2013-11-13 14:20 – 2013-11-13 12:24 – 683502336 _____ C:UsersFrancoisDownloadsmega 80-dic100-wawa-mania.rar
    2013-11-13 11:58 – 2013-11-13 10:31 – 510535202 _____ C:UsersFrancoisDownloadsLes.50.Plus.Grands.Tubes.Disco.Funk.rar
    2013-11-13 11:29 – 2013-11-13 10:52 – 443038109 _____ C:UsersFrancoisDownloadsLes.50.Plus.Grands.Tubes.Fete.zip
    2013-11-08 15:50 – 2013-10-24 13:50 – 00000000 ____D C:UsersFrancoisPlans de masse dwg et pdf
    2013-11-08 15:38 – 2013-07-05 13:29 – 00000000 ____D C:UsersFrancoisRécapitulatifs
    2013-11-07 18:40 – 2013-11-07 18:37 – 00000000 ____D C:UsersFrancoisDocumentsOutlook
    2013-11-07 17:27 – 2013-11-07 17:27 – 00000000 ____D C:UsersFrancoisDocumentsMy Data Files
    2013-11-07 17:25 – 2013-11-07 17:24 – 17637552 _____ (Wondershare Software Co.,Ltd. ) C:UsersFrancoisDownloadsdata-recovery_full935.exe
    2013-11-06 17:28 – 2012-12-18 10:18 – 00000000 ____D C:UsersFrancoisDocs 2013
    2013-11-06 11:13 – 2013-07-05 13:29 – 00000000 ____D C:UsersFrancoisTABLEAUX DE CONVERSION
    2013-11-05 10:27 – 2013-11-05 10:14 – 00000000 ____D C:ProgramDataOracle
    2013-11-05 10:26 – 2013-11-05 10:27 – 00264616 _____ (Oracle Corporation) C:Windowssystem32javaws.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00175016 _____ (Oracle Corporation) C:Windowssystem32javaw.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00174504 _____ (Oracle Corporation) C:Windowssystem32java.exe
    2013-11-05 10:26 – 2013-11-05 10:26 – 00094632 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge.dll
    2013-11-05 10:24 – 2013-11-05 10:24 – 00915368 _____ (Oracle Corporation) C:UsersFrancoisDownloadschromeinstall-7u45.exe
    2013-11-05 10:14 – 2013-11-05 10:14 – 00000000 ____D C:Program FilesCommon FilesJava
    2013-11-05 09:56 – 2011-01-05 17:52 – 00086888 _____ (LogMeIn, Inc.) C:Windowssystem32LMIRfsClientNP.dll
    2013-11-05 09:56 – 2011-01-05 17:52 – 00085832 _____ (LogMeIn, Inc.) C:Windowssystem32LMIinit.dll
    2013-11-05 09:56 – 2011-01-05 17:52 – 00031560 _____ (LogMeIn, Inc.) C:Windowssystem32LMIport.dll
    2013-11-05 09:56 – 2011-01-05 17:51 – 00000000 ____D C:Program FilesLogMeIn
    2013-11-03 22:17 – 2013-11-15 11:05 – 00000000 ____D C:UsersFrancoisStromae – Racine
    2013-10-29 12:33 – 2009-07-14 03:37 – 00000000 ____D C:Windowssystem32NDF
    2013-10-29 11:57 – 2013-10-29 11:57 – 00029500 _____ C:UsersFrancoisDocuments2 Amphithéâtres.htm
    2013-10-29 11:57 – 2013-10-29 11:57 – 00000162 ____H C:UsersFrancoisDocuments~$Amphithéâtres.htm
    2013-10-29 11:57 – 2013-10-29 11:57 – 00000000 ____D C:UsersFrancoisDocuments2 Amphithéâtres_fichiers
    2013-10-29 09:09 – 2012-02-06 12:44 – 00000000 ____D C:Program FilesCommon FilesAdobe AIR
    2013-10-29 09:07 – 2009-07-14 05:53 – 00032482 _____ C:WindowsTasksSCHEDLGU.TXT
    2013-10-28 18:28 – 2013-10-28 18:28 – 00016780 _____ C:UsersFrancoisDocumentsImplantation et BE – Forum Sciences Po Entreprises 2013.xlsx
    2013-10-25 15:34 – 2010-09-30 15:56 – 00000000 ____D C:ProgramDataMicrosoft Help
    2013-10-24 14:16 – 2013-10-24 14:09 – 00000000 ____D C:UsersFrancoisAppDataRoamingPerformerSoft
    2013-10-24 14:16 – 2012-12-21 15:33 – 00000000 ____D C:Ptp
    2013-10-24 14:11 – 2013-10-24 14:09 – 00000000 ____D C:Program FilesConduit
    2013-10-24 14:10 – 2013-10-24 14:10 – 00000000 ____D C:UsersFrancoisAppDataRoamingMozilla
    2013-10-24 14:09 – 2013-10-24 14:09 – 00000000 ____D C:UsersFrancoisAppDataLocalNativeMessaging
    2013-10-24 14:09 – 2013-10-24 14:09 – 00000000 ____D C:UsersFrancoisAppDataLocalCRE
    2013-10-24 08:23 – 2011-01-05 17:52 – 00086888 _____ (LogMeIn, Inc.) C:Windowssystem32LMIRfsClientNP.dll.000.bak
    2013-10-24 08:23 – 2011-01-05 17:52 – 00085832 _____ (LogMeIn, Inc.) C:Windowssystem32LMIinit.dll.000.bak

    ZeroAccess:
    C:WindowsInstaller{9675067c-18d2-e78f-771d-7080743f6b11}

    ZeroAccess:
    C:UsersFrancoisAppDataLocal{9675067c-18d2-e78f-771d-7080743f6b11}

    Some content of TEMP:
    ====================
    C:UsersFrancoisAppDataLocalTempPlayer_Setup.exe
    C:UsersMDC-W7AppDataLocalTempHPQSi.exe
    C:UsersMDC-W7AppDataLocalTempuninstall.exe

    ==================== Bamital & volsnap Check =================

    C:Windowsexplorer.exe => MD5 is legit
    C:WindowsSystem32winlogon.exe => MD5 is legit
    C:WindowsSystem32wininit.exe => MD5 is legit
    C:WindowsSystem32svchost.exe => MD5 is legit
    C:WindowsSystem32services.exe
    [2009-07-14 00:11] – [2009-07-14 02:14] – 0259072 ____A () D41D8CD98F00B204E9800998ECF8427E

    C:WindowsSystem32services.exe IS INFECTED. < ===== ATTENTION!C:WindowsSystem32User32.dll => MD5 is legit
    C:WindowsSystem32userinit.exe => MD5 is legit
    C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

    LastRegBack: 2013-11-12 13:37

    ==================== End Of Log ============================

    ==================== Security Center ========================

    AV: Trend Micro Client/Server Security Agent (Disabled – Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
    AS: Anti-spyware de Trend Micro Client/Server Security Agent (Disabled – Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    AS: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Trend Micro Personal Firewall (Enabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
    FW: Trend Micro Personal Firewall (Disabled) {50C2E989-60CF-0845-AFD3-290B7D301E79}

    ==================== Installed Programs ======================

    ActivClient x86 (Version: 6.2)
    Adobe AIR (Version: 3.9.0.1030)
    Adobe Download Assistant (Version: 1.2.3)
    Adobe Reader XI (11.0.05) – Français (Version: 11.0.05)
    Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
    Apple Application Support (Version: 2.3.6)
    Apple Mobile Device Support (Version: 7.0.0.117)
    Apple Software Update (Version: 2.1.3.127)
    Belarc Advisor 7.2
    Bonjour (Version: 3.0.0.10)
    CCleaner (Version: 4.07)
    Complément Messenger (Version: 15.4.3502.0922)
    Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
    Correctif pour Microsoft Visual Studio 2007 Tools for Applications – ENU (KB947789) (Version: 1)
    D3DX10 (Version: 15.4.2368.0902)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Device Access Manager for HP ProtectTools (Version: 5.0.1.8)
    Drive Encryption for HP ProtectTools (Version: 5.0.6.0)
    Easy Word Recovery (Version: 2.0)
    Feedback Tool (Version: 1.1.0)
    Feedback Tool (Version: 1.2.0)
    File Sanitizer For HP ProtectTools (Version: 5.0.1.4)
    Galerie de photos Windows Live (Version: 15.4.3502.0922)
    Google Chrome (HKCU Version: 31.0.1650.57)
    Google Update Helper (Version: 1.3.21.165)
    Google Earth (Version: 7.1.1.1888)
    Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
    HP Customer Experience Enhancements (Version: 6.0.1.3)
    HP LaserJet Professional P1100-P1560-P1600 Series
    HP ProtectTools Security Manager (Version: 5.08.717)
    HP SkyRoom (Version: 1.1.6.5201.)
    HP Support Assistant (Version: 6.1.12.1)
    hppLaserJetService (Version: 001.001.0.0)
    hppP1100P1560P1600SeriesLaserJetService (Version: 001.001.0.0)
    hppusgP1100P1560P1600Series (Version: 1.0.0.1)
    HPSSupply (Version: 2.1.1.0000)
    iCloud (Version: 3.0.2.163)
    Intel(R) Graphics Media Accelerator Driver
    iPhoneSMSExport
    iTunes (Version: 11.1.3.8)
    Java 7 Update 45 (Version: 7.0.450)
    Java Auto Updater (Version: 2.1.9.8)
    Java Card Security for HP ProtectTools (Version: 5.0.4.1)
    Java(TM) 6 Update 20 (Version: 6.0.200)
    Java(TM) 6 Update 29 (Version: 6.0.290)
    Junk Mail filter update (Version: 15.4.3502.0922)
    La Chaîne Météo (Version: 1.6)
    LogMeIn (Version: 4.1.1578)
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
    MarketResearch (Version: 130.0.374.000)
    Mesh Runtime (Version: 15.4.5722.2)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6012.5000)
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Excel MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Famille et Petite Entreprise 2010 (Version: 14.0.6029.1000)
    Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
    Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proofing (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Shared MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
    Microsoft Office Suite Activation Assistant (Version: 2.8)
    Microsoft Office Word MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
    Microsoft Silverlight (Version: 5.1.20125.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual Studio Tools for Applications 2.0 – ENU (Version: 9.0.30729)
    Microsoft Visual Studio Tools for Applications 2.0 Language Pack – FRA (Version: 9.0.30729)
    Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
    Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack – FRA (Version: 9.0.30729)
    Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
    Movies2iPhone 1.28 for Windows (Version: 1.28 for Windows)
    MSVCRT (Version: 15.4.2862.0708)
    Privacy Manager for HP ProtectTools (Version: 5.10.796)
    QuickTime (Version: 7.74.80.86)
    Realtek High Definition Audio Driver (Version: 6.0.1.5886)
    Reconstitution suite a un Vol (Version: 5.1.0.19)
    Remote Graphics Receiver (Version: 5.3.2)
    Remote Graphics Sender (Version: 5.3.2)
    Safari (Version: 5.34.57.2)
    Spybot – Search & Destroy (Version: 1.6.2)
    swMSM (Version: 12.0.0.1)
    TeamViewer 8 (Version: 8.0.22298)
    Technologie d’administration active Intel®
    Theft Recovery (Version: 5.1.0.19)
    Trend Micro Client/Server Security Agent (Version: 16.0.4177)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    VuuPC Packages
    Vuze_Remote Toolbar
    Windows Live (Version: 15.4.3502.0922)
    Windows Live (Version: 15.4.3555.0308)
    Windows Live Communications Platform (Version: 15.4.3502.0922)
    Windows Live Family Safety (Version: 15.4.3555.0308)
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
    Windows Live Installer (Version: 15.4.3502.0922)
    Windows Live Mail (Version: 15.4.3502.0922)
    Windows Live Mesh (Version: 15.4.3502.0922)
    Windows Live Messenger (Version: 15.4.3538.0513)
    Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
    Windows Live MIME IFilter (Version: 15.4.3502.0922)
    Windows Live Movie Maker (Version: 15.4.3502.0922)
    Windows Live Photo Common (Version: 15.4.3502.0922)
    Windows Live Photo Gallery (Version: 15.4.3502.0922)
    Windows Live PIMT Platform (Version: 15.4.3508.1109)
    Windows Live Remote Client (Version: 15.4.5722.2)
    Windows Live Remote Client Resources (Version: 15.4.5722.2)
    Windows Live Remote Service (Version: 15.4.5722.2)
    Windows Live Remote Service Resources (Version: 15.4.5722.2)
    Windows Live SOXE (Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (Version: 15.4.3502.0922)
    Windows Live UX Platform (Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
    Windows Live Writer (Version: 15.4.3502.0922)
    Windows Live Writer Resources (Version: 15.4.3502.0922)
    WinRAR 4.00 (32 bits) (Version: 4.00.0)
    WinZip 15.0 (Version: 15.0.9411)

    ==================== Restore Points =========================

    12-11-2013 12:45:06 Point de contrôle planifié
    18-11-2013 08:23:42 Uniblue SpeedUpMyPC installation
    18-11-2013 08:23:43 Uniblue SpeedUpMyPC installation
    18-11-2013 08:34:28 Supprimé Microsoft Research AutoCollage 2008 version 1.1

    ==================== Hosts content: ==========================

    2009-07-14 03:04 – 2013-11-18 10:26 – 00450660 ____R C:Windowssystem32Driversetchosts
    127.0.0.1 http://www.007guard.com” onclick=”window.open(this.href);return false;
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 http://www.008k.com” onclick=”window.open(this.href);return false;
    127.0.0.1 008k.com
    127.0.0.1 http://www.00hq.com” onclick=”window.open(this.href);return false;
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 http://www.032439.com” onclick=”window.open(this.href);return false;
    127.0.0.1 032439.com
    127.0.0.1 http://www.0scan.com” onclick=”window.open(this.href);return false;
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 http://www.1000gratisproben.com” onclick=”window.open(this.href);return false;
    127.0.0.1 1001namen.com
    127.0.0.1 http://www.1001namen.com” onclick=”window.open(this.href);return false;
    127.0.0.1 100888290cs.com
    127.0.0.1 http://www.100888290cs.com” onclick=”window.open(this.href);return false;
    127.0.0.1 http://www.100sexlinks.com” onclick=”window.open(this.href);return false;
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 http://www.10sek.com” onclick=”window.open(this.href);return false;
    127.0.0.1 http://www.1-2005-search.com” onclick=”window.open(this.href);return false;
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 http://www.123fporn.info” onclick=”window.open(this.href);return false;
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 http://www.123haustiereundmehr.com” onclick=”window.open(this.href);return false;
    127.0.0.1 http://www.123moviedownload.com” onclick=”window.open(this.href);return false;

    There are 1000 more lines.

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {2BC8B20D-EDA3-4D5A-8F7B-E29DA0F48897} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Quick Start => C:Program FilesHewlett-PackardHP Support FrameworkResourcesHPSFMessengerHPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
    Task: {3132951C-B39C-4D43-912C-41B2BDDBDA67} – System32TasksHewlett-PackardHP Support AssistantPC Health Analysis => C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe [2011-09-09] (Hewlett-Packard Company)
    Task: {362D8214-6643-4759-8F21-89693F97786D} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [2013-10-22] (Piriform Ltd)
    Task: {43CCD523-0AC1-4FD7-8D5C-85036A4ECC89} – System32TasksHewlett-PackardHP Support AssistantUpdate Check => C:ProgramDataHewlett-PackardHP Support FrameworkResourcesUpdaterHPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
    Task: {630F5DC9-A0FB-46A7-BCFE-DFAED064A861} – System32TasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core => C:UsersFrancoisAppDataLocalGoogleUpdateGoogleUpdate.exe [2012-07-18] (Google Inc.)
    Task: {84B21444-4CF2-40E4-8168-B73BCBEC1E4D} – System32TasksMicrosoftWindowsMUILpksetup => C:WindowsSystem32lpksetup.exe [2010-11-20] (Microsoft Corporation)
    Task: {9B2E07E5-1E48-4A21-86B6-82AA9A9911DA} – System32TasksOfficeSoftwareProtectionPlatformSvcRestartTask => Sc.exe start osppsvc
    Task: {9C4A5D7D-7735-452B-868F-AD4D5F73CCC4} – System32TasksCreateChoiceProcessTask => C:WindowsSystem32browserchoice.exe [2010-02-11] (Microsoft Corporation)
    Task: {9EC3FF5D-3CDB-4C54-91F8-72F9A88D3F53} – System32TasksGoogleUpdateTaskMachineUA => C:Program FilesGoogleUpdateGoogleUpdate.exe [2012-01-23] (Google Inc.)
    Task: {AF856F04-EDEA-4C2D-9F17-F22750389F6D} – System32TasksAppleAppleSoftwareUpdate => C:Program FilesApple Software UpdateSoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EBD74ABE-E2DE-42DC-A6C8-1ED86DC9605B} – System32TasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA => C:UsersFrancoisAppDataLocalGoogleUpdateGoogleUpdate.exe [2012-07-18] (Google Inc.)
    Task: {F3B815EE-05F4-443F-9ED0-3E73E847E49B} – System32TasksGoogleUpdateTaskMachineCore => C:Program FilesGoogleUpdateGoogleUpdate.exe [2012-01-23] (Google Inc.)
    Task: {F3B95E0F-2166-4A0D-BC70-04EB5DB70CC8} – System32TasksHewlett-PackardHP Support AssistantPC Tuneup => C:Program FilesHewlett-PackardHP Support FrameworkHPSF.exe [2011-09-09] (Hewlett-Packard Company)
    Task: {FB874641-CAD8-4DF5-9F4B-B0188CBD3943} – System32TasksHewlett-PackardHP Support AssistantHP Total Care Tune-Up => C:Program FilesHewlett-PackardHP Support FrameworkHPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
    Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program FilesGoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program FilesGoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002Core.job => C:UsersFrancoisAppDataLocalGoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskUserS-1-5-21-3596785718-2163400444-1157879541-1002UA.job => C:UsersFrancoisAppDataLocalGoogleUpdateGoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-04-28 09:39 – 2010-04-28 09:39 – 00329272 _____ () C:Windowssystem32flcdlmsg.dll
    2010-09-30 16:03 – 2009-07-24 11:10 – 02199552 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderQtCore4.dll
    2010-09-30 16:03 – 2009-07-24 11:10 – 08024064 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderQtGui4.dll
    2010-09-30 16:03 – 2008-01-09 10:08 – 01245184 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderice32.dll
    2010-09-30 16:03 – 2008-01-09 10:10 – 00159744 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics sendericeutil32.dll
    2010-09-30 16:03 – 2008-01-09 10:06 – 00065536 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderbzip2.dll
    2010-09-30 16:03 – 2008-01-09 10:10 – 00167936 ____R () c:Program FilesHewlett-PackardHP SkyRoomremote graphics senderIceSSL32.dll
    2011-06-24 21:56 – 2011-06-24 21:56 – 00087328 _____ () C:Program FilesCommon FilesAppleApple Application Supportzlib1.dll
    2011-06-24 21:56 – 2011-06-24 21:56 – 01241888 _____ () C:Program FilesCommon FilesAppleApple Application Supportlibxml2.dll
    2012-09-23 20:43 – 2012-09-23 20:43 – 00313992 _____ () C:Program FilesAdobeReader 11.0Readersqlite.dll
    2011-03-17 00:11 – 2011-03-17 00:11 – 04297568 _____ () C:Program FilesCommon FilesMicrosoft Sharedoffice14Culturesoffice.odf
    2010-12-21 01:15 – 2010-12-21 01:15 – 01041248 _____ () C:Program FilesMicrosoft OfficeOffice14ADDINSUmOutlookAddin.dll
    2012-03-07 19:15 – 2012-03-07 19:15 – 00087912 _____ () C:Program FilesSafariApple Application Supportzlib1.dll
    2012-03-07 19:15 – 2012-03-07 19:15 – 01242472 _____ () C:Program FilesSafariApple Application Supportlibxml2.dll
    2013-11-15 10:10 – 2013-11-14 12:28 – 00702416 _____ () C:UsersFrancoisAppDataLocalGoogleChromeApplication31.0.1650.57libglesv2.dll
    2013-11-15 10:10 – 2013-11-14 12:28 – 00099792 _____ () C:UsersFrancoisAppDataLocalGoogleChromeApplication31.0.1650.57libegl.dll
    2013-11-15 10:10 – 2013-11-14 12:29 – 04055504 _____ () C:UsersFrancoisAppDataLocalGoogleChromeApplication31.0.1650.57pdf.dll
    2013-11-15 10:10 – 2013-11-14 12:29 – 00399312 _____ () C:UsersFrancoisAppDataLocalGoogleChromeApplication31.0.1650.57ppGoogleNaClPluginChrome.dll
    2013-11-15 10:10 – 2013-11-14 12:28 – 01619408 _____ () C:UsersFrancoisAppDataLocalGoogleChromeApplication31.0.1650.57ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:ProgramDataTEMP:24051EFF
    AlternateDataStreams: C:UsersFrancoisExcel:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsADDITIF.doc:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsADDITIF.doc:AFP_RESOURCE
    AlternateDataStreams: C:UsersFrancoisDocumentsCapacités MC.pdf:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsCapacités MC.pdf:AFP_RESOURCE
    AlternateDataStreams: C:UsersFrancoisDocumentslogiciels:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsMes sources de données:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsparametre IP.doc:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsparametre IP.doc:AFP_RESOURCE
    AlternateDataStreams: C:UsersFrancoisDocumentsPlan Fauteuils GA.doc:AFP_AFPINFO
    AlternateDataStreams: C:UsersFrancoisDocumentsPlan Fauteuils GA.doc:AFP_RESOURCE

    ==================== Safe Mode (whitelisted) ===================

    ==================== Faulty Device Manager Devices =============

    Name: Souris compatible PS/2
    Description: Souris compatible PS/2
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: Clavier standard PS/2
    Description: Clavier standard PS/2
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Claviers standard)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/18/2013 01:49:57 PM) (Source: SideBySide) (User: )
    Description: La création du contexte d’activation a échoué pour « assemblyIdentity1 ». Erreur dans le fichier de manifeste ou de stratégie « assemblyIdentity2 » à la ligne assemblyIdentity3.
    La valeur « * » de l’attribut « language » de l’élément « assemblyIdentity » n’est pas valide.

    Error: (11/18/2013 01:47:09 PM) (Source: SideBySide) (User: )
    Description: La création du contexte d’activation a échoué pour « Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″1 ».
    Assembly dépendant Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″ introuvable.
    Utilisez sxstrace.exe pour un diagnostic détaillé.

    Error: (11/18/2013 11:42:38 AM) (Source: Application Error) (User: )
    Description: Nom de l’application défaillante Safari.exe, version : 5.34.57.2, horodatage : 0x4f982b5e
    Nom du module défaillant : ntdll.dll, version : 6.1.7601.17725, horodatage : 0x4ec49b60
    Code d’exception : 0xc0000374
    Décalage d’erreur : 0x000c380b
    ID du processus défaillant : 0xce8
    Heure de début de l’application défaillante : 0xSafari.exe0
    Chemin d’accès de l’application défaillante : Safari.exe1
    Chemin d’accès du module défaillant: Safari.exe2
    ID de rapport : Safari.exe3

    System errors:
    =============
    Error: (11/18/2013 02:06:15 PM) (Source: DCOM) (User: )
    Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error: (11/18/2013 00:57:54 PM) (Source: Service Control Manager) (User: )
    Description: Pare-feu personnel Trend Micro Client/Server Security AgentTrend Micro WFP Callout Driver%%2

    Error: (11/18/2013 00:57:54 PM) (Source: Service Control Manager) (User: )
    Description: Trend Micro WFP Callout Driver%%2

    Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
    Description: Pare-feu personnel Trend Micro Client/Server Security AgentTrend Micro WFP Callout Driver%%2

    Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
    Description: Trend Micro WFP Callout Driver%%2

    Error: (11/18/2013 00:57:53 PM) (Source: Service Control Manager) (User: )
    Description: Trend Micro WFP Callout Driver%%2

    Error: (11/18/2013 00:57:03 PM) (Source: Service Control Manager) (User: )
    Description: Windows Update%%2

    Error: (11/18/2013 00:57:03 PM) (Source: DCOM) (User: )
    Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

    Error: (11/18/2013 00:56:32 PM) (Source: Service Control Manager) (User: )
    Description: Windows Update%%2

    Error: (11/18/2013 00:56:21 PM) (Source: Service Control Manager) (User: )
    Description: SBSD Security Center ServiceSecurity Center%%1079

    Microsoft Office Sessions:
    =========================
    Error: (11/18/2013 01:49:57 PM) (Source: SideBySide)(User: )
    Description: assemblyIdentitylanguage*c:program filesspybot – search & destroyDelZip179.dllc:program filesspybot – search & destroyDelZip179.dll8

    Error: (11/18/2013 01:47:09 PM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language=”*”,processorArchitecture=”amd64″,publicKeyToken=”6595b64144ccf1df”,type=”win32″,version=”6.0.0.0″c:program fileshewlett-packardhp skyroomremote graphics receiverhprpusb64-bitDPInst.exe

    Error: (11/18/2013 11:42:38 AM) (Source: Application Error)(User: )
    Description: Safari.exe5.34.57.24f982b5entdll.dll6.1.7601.177254ec49b60c0000374000c380bce801cee44a8091af38C:Program FilesSafariSafari.exeC:WindowsSYSTEM32ntdll.dll2450146b-503e-11e3-8a87-002324137c5f

    ==================== Memory info ===========================

    Percentage of memory in use: 54%
    Total physical RAM: 3543.25 MB
    Available physical RAM: 1595.27 MB
    Total Pagefile: 7084.78 MB
    Available Pagefile: 4963.44 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1867.04 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:288.42 GB) (Free:221.71 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:7.66 GB) (Free:0.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 5205B86A)
    Partition 1: (Active) – (Size=2 GB) – (Type=07 NTFS)
    Partition 2: (Not Active) – (Size=288 GB) – (Type=07 NTFS)
    Partition 3: (Not Active) – (Size=8 GB) – (Type=07 NTFS)

    ==================== End Of Log ============================

  • Photo du profil de g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8314

    Bonjour et bienvenue sur SOSVirus :D

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

Le sujet ‘supprimer aartemis.com’ est fermé à de nouvelles réponses.