suprimer AARTEMIS 2013-11-10T19:51:32+00:00

Dépannage Informatique : suprimer AARTEMIS

  • Auteur
    Messages
  • rapsut
    Participant
    Nombre d'articles : 10

    bonsoir
    lien sos upload
    SosUpload.b2e616fc22d93eb7fb732e34a7999a92.txt
    SosUpload.ecd7e5a483faef398439d8abfff9f9ea.txt
    merci pour votre aide

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir et bienvenue ! 🙂

    Nous allons t’aider à supprimer Aartemis ainsi que ses acolytes qui se sont installés 😉

    On va faire les choses dans l’ordre, cela ne devrait pas être très long ! Par contre les liens de tes rapports ne mène nul part il faudrait que tu refasse stp 😉

    1.

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Choisi l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Acceptes les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    2.

    • Télécharge Shortcut_Module (de g3n-h@ckm@n) sur ton bureau.
    • Lance Shortcut_Module, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      Note : Patiente le temps du scan

    • Copie et colle le rapport qui va s’ouvrir sur le forum.

    3.

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware PRO”
    • Sélectionne Examen Rapide
    • Clic sur Rechercher
    • Supprime tout les éléments trouvés !
    • Poste le rapport sur le forum

    4.

    Si tu lance IE depuis un raccourcis alors vérifie ceci 🙂

    • Clic droit sur ce raccourcis
    • Clic sur Propriétés
    • Vérifie qu’il n’y ai pas un argument (voir l’image ci dessous)

    A toute à l’heure 🙂

  • rapsut
    Participant
    Nombre d'articles : 10

    RE
    bien ,merci de m’avoir répondu je remet les lien
    SosUpload.b2e616fc22d93eb7fb732e34a7999a92.txt
    SosUpload.ecd7e5a483faef398439d8abfff9f9ea.txt
    Amicalement JAS

  • rapsut
    Participant
    Nombre d'articles : 10

    RE
    resulat shortcup

    [spoiler:2bqf2jth]¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module 27.09.2013 – g3n-h@ckm@n

    21:16:32 – 10/11/2013

    Disinfected : C:UsersAll UsersMicrosoftWindowsStart MenuProgramsGoogle ChromeGoogle Chrome.lnk : C:Program FilesGoogleChromeApplicationchrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk : C:Program FilesGoogleChromeApplicationchrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk : C:Program FilesInternet Exploreriexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarGoogle Chrome.lnk : C:Program FilesGoogleChromeApplicationchrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedTaskBarInternet Explorer.lnk : C:Program FilesInternet Exploreriexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk : C:Program FilesInternet Exploreriexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessoriesSystem ToolsInternet Explorer (No Add-ons).lnk : C:Program FilesInternet Exploreriexplore.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)
    Disinfected : C:UsersPublicDesktopGoogle Chrome.lnk : C:Program FilesGoogleChromeApplicationchrome.exe (hxxp://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499)[/spoiler:2bqf2jth]

  • rapsut
    Participant
    Nombre d'articles : 10

    Re
    le rapport ADW cleaner[spoiler:26dtluyh]# AdwCleaner v3.011 – Rapport créé le 10/11/2013 à 21:21:15
    # Mis à jour le 03/11/2013 par Xplode
    # Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
    # Nom d'utilisateur : jas – JAS-PC
    # Exécuté depuis : C:UsersjasDownloadsadwcleaner (3).exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16720

    -\ Google Chrome v30.0.1599.101

    [ Fichier : C:UsersjasAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [1648 octets] – [18/09/2013 07:00:36]
    AdwCleaner[R1].txt – [6190 octets] – [10/11/2013 19:22:55]
    AdwCleaner[R2].txt – [1160 octets] – [10/11/2013 19:33:11]
    AdwCleaner[R3].txt – [1158 octets] – [10/11/2013 20:57:44]
    AdwCleaner[R4].txt – [1278 octets] – [10/11/2013 21:20:34]
    AdwCleaner[S0].txt – [1585 octets] – [18/09/2013 07:00:55]
    AdwCleaner[S1].txt – [5907 octets] – [10/11/2013 19:23:39]
    AdwCleaner[S2].txt – [1223 octets] – [10/11/2013 19:33:36]
    AdwCleaner[S3].txt – [1220 octets] – [10/11/2013 20:58:06]
    AdwCleaner[S4].txt – [1200 octets] – [10/11/2013 21:21:15]

    ########## EOF – C:AdwCleanerAdwCleaner[S4].txt – [1260 octets] ##########[/spoiler:26dtluyh]

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir 🙂

    Ok pour le moment ça me vas continue à faire ce que je t’ai dis mais copie/colle le contenue des rapports de FRST stp car il y a un soucis avec tes liens 😉

  • rapsut
    Participant
    Nombre d'articles : 10

    AH OK
    [spoiler:ieiyhvpa]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
    Ran by jas at 2013-11-10 19:47:10
    Running from C:UsersjasDesktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    AV: avast! Antivirus (Enabled – Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled – Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    µTorrent (HKCU Version: 3.3.1.30017)
    32 Bit HP CIO Components Installer (Version: 7.1.8)
    Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
    Adobe Photoshop CS (Version: CS)
    Adobe Reader XI (11.0.05) – Français (Version: 11.0.05)
    avast! Free Antivirus (Version: 9.0.2007)
    Bing Bar (Version: 7.2.241.0)
    Bluetooth Win7 Suite (Version: 7.2.0.40)
    CCleaner (remove only)
    CDex – Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
    CloneDVD2
    Counter-Strike 1.6
    CTK DB Tool 1.2.5
    D3DX10 (Version: 15.4.2368.0902)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Free Coinche
    Galerie de photos Windows Live (Version: 15.4.3502.0922)
    GeForce Experience NvStream Client Components (Version: 1.6.28)
    Google Chrome (Version: 30.0.1599.101)
    Google Update Helper (Version: 1.3.21.165)
    Google Earth (Version: 7.1.1.1888)
    HP Photosmart B010 All-In-One Driver 14.0 Rel. 7 (Version: 14.0)
    HP Update (Version: 5.002.002.002)
    HPDiagnosticAlert (Version: 1.00.0000)
    Intel(R) Management Engine Components (Version: 7.0.0.1144)
    Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0)
    Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
    Java 7 Update 25 (Version: 7.0.250)
    Java Auto Updater (Version: 2.1.9.5)
    Java(TM) 6 Update 3 (Version: 1.6.0.30)
    Junk Mail filter update (Version: 15.4.3502.0922)
    KeePass Password Safe 1.11 (Version: 1.11)
    Linksys EasyLink Advisor
    Linksys EasyLink Advisor (Version: 3.11.9139.94)
    Logiciel d'archivage WinRAR
    Logitech Vid HD (Version: 7.2 (7259))
    Logitech Webcam Software (Version: 12.10.1113)
    Magic DVD Ripper V8.0.0 10th
    McAfee Security Scan Plus (Version: 3.0.318.3)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft .NET Framework 4 Client Profile FRA Language Pack (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended FRA Language Pack (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6012.5000)
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Excel MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Groove MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office InfoPath MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office OneNote MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Outlook MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office PowerPoint MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
    Microsoft Office Professionnel Plus 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Arabic) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Dutch) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Proofing (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Publisher MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Shared MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Word MUI (French) 2010 (Version: 14.0.6029.1000)
    Microsoft Silverlight (Version: 5.1.20913.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (Version: 9.0.21022)
    Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Mises à jour NVIDIA 9.3.16 (Version: 9.3.16)
    Module linguistique Microsoft .NET Framework 4 Client Profile FRA (Version: 4.0.30319)
    Module linguistique Microsoft .NET Framework 4 Extended FRA (Version: 4.0.30319)
    MSVCRT (Version: 15.4.2862.0708)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
    MyHeritage Family Tree Builder (Version: 7.0.0.7126)
    NVIDIA GeForce Experience 1.7 (Version: 1.7)
    NVIDIA Install Application (Version: 2.1002.140.952)
    NVIDIA LED Visualizer 1.0 (Version: 1.0)
    NVIDIA Logiciel système PhysX 9.12.1031 (Version: 9.12.1031)
    NVIDIA PhysX (Version: 9.12.1031)
    NVIDIA Pilote 3D Vision 320.18 (Version: 320.18)
    NVIDIA Pilote audio HD : 1.3.24.2 (Version: 1.3.24.2)
    NVIDIA Pilote du contrôleur 3D Vision 320.18 (Version: 320.18)
    NVIDIA Pilote graphique 320.18 (Version: 320.18)
    NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
    NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2018)
    NVIDIA Update Components (Version: 9.3.16)
    NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
    Oxemis Video Library (Version: 2.01.0001)
    Panneau de configuration NVIDIA 320.18 (Version: 320.18)
    PS_AIO_07_B010_SW_Min (Version: 140.0.224.000)
    Pure Networks Platform (Version: 11.1.9051.0)
    Realtek High Definition Audio Driver (Version: 6.0.1.6235)
    Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
    Samsung Kies (Version: 2.6.0.13091_9)
    SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
    Scan (Version: 140.0.80.000)
    SHIELD Streaming (Version: 1.6.34)
    TomTom HOME (Version: 2.9.7)
    TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
    Toolbox (Version: 140.0.428.000)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
    Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
    UsbFix By El Desaparecido
    Video Downloader version 2.0 (Version: 2.0)
    VLC media player 2.0.8 (Version: 2.0.8)
    WebEx Support Manager for Internet Explorer (Version: 6.5.47)
    Windows Live (Version: 15.4.3502.0922)
    Windows Live (Version: 15.4.3555.0308)
    Windows Live Communications Platform (Version: 15.4.3502.0922)
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
    Windows Live Installer (Version: 15.4.3502.0922)
    Windows Live Mail (Version: 15.4.3502.0922)
    Windows Live MIME IFilter (Version: 15.4.3502.0922)
    Windows Live Movie Maker (Version: 15.4.3502.0922)
    Windows Live Photo Common (Version: 15.4.3502.0922)
    Windows Live Photo Gallery (Version: 15.4.3502.0922)
    Windows Live PIMT Platform (Version: 15.4.3508.1109)
    Windows Live SOXE (Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (Version: 15.4.3502.0922)
    Windows Live UX Platform (Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
    Windows Live Writer (Version: 15.4.3502.0922)
    Windows Live Writer Resources (Version: 15.4.3502.0922)
    WinZip 11.1 (Version: 11.1.7466)
    YouSendIt Express (Version: 2.11.2)

    ==================== Restore Points =========================

    10-11-2013 08:26:16 Point de contrôle planifié

    ==================== Hosts content: ==========================

    2009-07-14 03:04 – 2013-08-13 20:09 – 00000824 ____A C:Windowssystem32Driversetchosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {02BF7C57-E89B-4504-8CBA-A490D1DE4107} – System32TasksOfficeSoftwareProtectionPlatformSvcRestartTask => Sc.exe start osppsvc
    Task: {5E0CDAEC-EC53-4A6C-A755-7D9DCDA15B8D} – System32TasksGoogleUpdateTaskMachineCore => C:Program FilesGoogleUpdateGoogleUpdate.exe [2013-06-07] (Google Inc.)
    Task: {A207A09E-E13A-4502-9CC5-963348966732} – System32TasksGoogleUpdateTaskMachineUA => C:Program FilesGoogleUpdateGoogleUpdate.exe [2013-06-07] (Google Inc.)
    Task: {AD419206-BDA7-4959-B376-083EE17AA84B} – System32Tasksavast! Emergency Update => C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [2013-11-07] (AVAST Software)
    Task: {EC2B7EB7-45C9-473C-9296-227B8B784074} – System32TasksAdobe Flash Player Updater => C:WindowsSystem32MacromedFlashFlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
    Task: C:WindowsTasksAdobe Flash Player Updater.job => C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program FilesGoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program FilesGoogleUpdateGoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-03-16 23:11 – 2011-03-16 23:11 – 04297568 _____ () C:Program FilesCommon Filesmicrosoft sharedOFFICE14CulturesOFFICE.ODF
    2013-06-01 19:35 – 2010-03-15 10:28 – 00141824 _____ () C:Program FilesWinRARrarext.dll
    2008-12-12 17:11 – 2008-12-12 17:11 – 00148480 _____ () C:Program FilesCommon FilesPure Networks SharedPlatformCAntiVirusCOM.dll
    2013-11-07 15:48 – 2013-11-07 15:48 – 19336120 _____ () C:Program FilesAVAST SoftwareAvastlibcef.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 01924608 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.UIbee88fd68a7fbf826e5b13f7d8d90acaKies.UI.ni.dll
    2013-09-15 17:30 – 2013-09-15 17:30 – 00079360 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.MVVM40e1d3d166754a0ee95587d5d7304414Kies.MVVM.ni.dll
    2013-09-15 17:30 – 2013-09-15 17:30 – 00080896 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32ZipStore3a2ea444aa16a449759bd64ef15ee047ZipStore.ni.dll
    2013-09-15 17:30 – 2013-09-15 17:30 – 00189952 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.Common.DeviceS#7932879d1006f45d6c5837c365ecbcf6Kies.Common.DeviceServiceLib.Interface.ni.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 00362496 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32DevicePhotob072044f4139d59fe42fef3e9b0bcd4dDevicePhoto.ni.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 00296960 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32DeviceVideo742f94cc8e12d6f5d6f3067c379f5830DeviceVideo.ni.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 00612352 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32DevicePodcastcfa2577a9e9acc5fe958f312a59a1c81DevicePodcast.ni.dll
    2013-09-15 17:31 – 2013-09-15 17:31 – 00307200 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32DummyStorePluginc001433d3ccb98bd9c3744d8d288d1c5DummyStorePlugin.ni.dll
    2013-09-15 17:31 – 2013-09-15 17:31 – 14972928 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.Themea0be2c714964d75270c37bd0e57182eeKies.Theme.ni.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 00582144 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.Common.DeviceS#a87a3ef65dabe86f36798af6830b7bdcKies.Common.DeviceServiceLib.FileService.ni.dll
    2013-09-15 17:30 – 2013-09-15 17:30 – 00046592 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32Kies.Common.DeviceS#129affa1c25fe7751026f37ac4441abeKies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
    2013-10-12 02:09 – 2013-10-12 02:09 – 01002496 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32DeviceCommonLiba14014a110371a0911719ec4fd24fb2DeviceCommonLib.ni.dll
    2013-09-15 17:31 – 2013-09-15 17:31 – 00232960 _____ () C:WindowsassemblyNativeImages_v4.0.30319_32ASF_cSharpAPI6c2268d21092027249488bb1b5b0b75fASF_cSharpAPI.ni.dll
    2013-10-19 16:29 – 2013-10-09 01:01 – 00698832 _____ () C:Program FilesGoogleChromeApplication30.0.1599.101libglesv2.dll
    2013-10-19 16:29 – 2013-10-09 01:01 – 00099792 _____ () C:Program FilesGoogleChromeApplication30.0.1599.101libegl.dll
    2013-10-19 16:29 – 2013-10-09 01:02 – 04055504 _____ () C:Program FilesGoogleChromeApplication30.0.1599.101pdf.dll
    2013-10-19 16:29 – 2013-10-09 01:02 – 00415184 _____ () C:Program FilesGoogleChromeApplication30.0.1599.101ppGoogleNaClPluginChrome.dll
    2013-10-19 16:29 – 2013-10-09 01:01 – 01604560 _____ () C:Program FilesGoogleChromeApplication30.0.1599.101ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========

    ==================== Safe Mode (whitelisted) ===================

    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 07:20:06 PM) (Source: Application Error) (User: )
    Description: Windows ne peut pas accéder au fichier C:WindowsSystem32ListSvc.dll pour une des raisons suivantes :
    un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les
    pilotes de stockage installés sur cet ordinateur, ou le disque est manquant.
    Windows a fermé le programme Processus hôte pour les services Windows en raison de cette erreur.

    Programme : Processus hôte pour les services Windows
    Fichier : C:WindowsSystem32ListSvc.dll

    La valeur de l’erreur est affichée dans la section Données supplémentaires.
    Action utilisateur
    1. Ouvrez à nouveau le fichier.
    Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme.
    2.
    Si le fichier est toujours inaccessible et
    – Il se trouve sur le réseau :
    votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté.
    – Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur.
    3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée.
    4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde.
    5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur
    pour obtenir une assistance supplémentaire.

    Données supplémentaires
    Valeur de l’erreur : C0000185
    Type du disque : 3

    Error: (11/10/2013 07:20:06 PM) (Source: Application Error) (User: )
    Description: Nom de l’application défaillante svchost.exe_HomeGroupListener, version : 6.1.7600.16385, horodatage : 0x4a5bc100
    Nom du module défaillant : listsvc.dll, version : 6.1.7601.17514, horodatage : 0x4ce7b85c
    Code d’exception : 0xc0000006
    Décalage d’erreur : 0x0001d922
    ID du processus défaillant : 0x47c
    Heure de début de l’application défaillante : 0xsvchost.exe_HomeGroupListener0
    Chemin d’accès de l’application défaillante : svchost.exe_HomeGroupListener1
    Chemin d’accès du module défaillant: svchost.exe_HomeGroupListener2
    ID de rapport : svchost.exe_HomeGroupListener3

    Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    System errors:
    =============
    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Error: (11/10/2013 07:44:57 PM) (Source: atapi) (User: )
    Description: Le pilote a détecté une erreur du contrôleur sur DeviceIdeIdePort2.

    Microsoft Office Sessions:
    =========================
    Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:35:26 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:25:40 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 07:20:06 PM) (Source: Application Error)(User: )
    Description: C:WindowsSystem32ListSvc.dllProcessus hôte pour les services WindowsC00001853

    Error: (11/10/2013 07:20:06 PM) (Source: Application Error)(User: )
    Description: svchost.exe_HomeGroupListener6.1.7600.163854a5bc100listsvc.dll6.1.7601.175144ce7b85cc00000060001d92247c01cede412d263d29C:WindowsSystem32svchost.exec:windowssystem32listsvc.dllb9091b36-4a34-11e3-8937-f46d044ef55f

    Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 07:19:49 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (11/10/2013 03:49:43 PM) (Source: NvStreamSvc)(User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    CodeIntegrity Errors:
    ===================================
    Date: 2013-11-09 07:17:19.363
    Description: Le module d’intégrité du code ne peut pas vérifier l’intégrité image du fichier DeviceHarddiskVolume2WindowsSystem32sfc_os.dll car le jeu de hachages d’images par page n’a pas été trouvé sur le système.

    ==================== Memory info ===========================

    Percentage of memory in use: 47%
    Total physical RAM: 3056.84 MB
    Available physical RAM: 1616.54 MB
    Total Pagefile: 6111.98 MB
    Available Pagefile: 4190.7 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1895.61 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:232.79 GB) (Free:183.22 GB) NTFS
    Drive e: (USB DISK) (Removable) (Total:29.82 GB) (Free:28.98 GB) NTFS
    Drive f: (ext2) (Fixed) (Total:153.38 GB) (Free:53.22 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: C4C710B1)
    Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)
    Partition 2: (Not Active) – (Size=233 GB) – (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
    Partition 1: (Not Active) – (Size=30 GB) – (Type=07 NTFS)

    ========================================================
    Disk: 2 (MBR Code: Windows XP) (Size: 153 GB) (Disk ID: DD5C4BA2)
    Partition 1: (Not Active) – (Size=153 GB) – (Type=07 NTFS)

    ==================== End Of Log ============================[/spoiler:ieiyhvpa]

  • rapsut
    Participant
    Nombre d'articles : 10

    RE
    rapport Mbam[spoiler:2qbz8t94]Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2013.11.10.04

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16721
    jas :: JAS-PC [administrateur]

    10/11/2013 21:32:33
    mbam-log-2013-11-10 (21-32-33).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 270211
    Temps écoulé: 12 minute(s), 14 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 3
    C:UsersjasAppDataLocalTempmt_ffxDelta (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempmt_ffxDeltadelta (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempmt_ffxDeltadelta1.8.22.0 (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.

    Fichier(s) détecté(s): 11
    C:$Recycle.BinS-1-5-21-1565210137-3146814292-896495932-1000$RMYJ8PC.exe (PUP.Optional.UpdateStar.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTemputt6559.tmp.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnsaF4D2.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnsk9D9B.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnsq4DA6.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnsuF2DD.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnsz9FCD.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempMircosoftStudioeGdpSvc.exe (PUP.Optional.Wsys.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempDMSPIdentifier.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasAppDataLocalTempnszA20B.tmpSPtool.dll (PUP.Optional.SearchProtect.A) -> Mis en quarantaine et supprimé avec succès.
    C:UsersjasDownloads7-zip (1).exe (PUP.Optional.UpdateStar.A) -> Mis en quarantaine et supprimé avec succès.

    (fin)[/spoiler:2qbz8t94]

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir,

    Je sais que cela n’est pas forcément évident les manipulations de son pas courantes mais il faut que tu sois attentif à ce que tu fais 😉

    Tu l’avais coller deux fois le même rapport.

    J’attends le contenue du rapport FRST.txt stp

    A tout de suite 😉

    PS : Sinon pour le reste tu as tout bon ! 😉

  • rapsut
    Participant
    Nombre d'articles : 10

    Re
    désolé voila la bon
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
    Ran by jas (administrator) on JAS-PC on 10-11-2013 19:45:43
    Running from C:UsersjasDesktop
    Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: French Standard
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) ===================

    (NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
    (AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
    (NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
    (Microsoft Corporation.) C:Program FilesMicrosoftBingBar7.2.241.0BBSvc.exe
    (Intel Corporation) C:Windowssystem32IProsetMonitor.exe
    () C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe
    (Logitech Inc.) C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
    (Oracle Corporation) C:Windowssystem32java.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe
    (TomTom) C:Program FilesTomTom HOME 2TomTomHOMEService.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
    (Cisco Systems, Inc.) C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe
    (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
    (Google Inc.) C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe
    (Realtek Semiconductor) C:Program FilesRealtekAudioHDARtHDVCpl.exe
    (Intel Corporation) C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    (Renesas Electronics Corporation) C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe
    () C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe
    (Cisco Systems, Inc.) C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe
    (Hewlett-Packard) C:Program FilesHPHP Software Updatehpwuschd2.exe
    (Samsung Electronics Co., Ltd.) C:Program FilesSamsungKiesKiesTrayAgent.exe
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe
    (MyHeritage) C:Program FilesMyHeritageBinFTBCheckUpdates.exe
    () C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe
    (AVAST Software) C:Program FilesAVAST SoftwareAvastAvastUI.exe
    (Microsoft Corporation) C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE
    (Microsoft Corporation) C:Program FilesWindows Sidebarsidebar.exe
    (Samsung) C:Program FilesSamsungKiesKies.exe
    (Samsung) C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    (TomTom) C:Program FilesTomTom HOME 2TomTomHOMERunner.exe
    (WinZip Computing, S.L.) C:Program FilesWinZipWZQKPICK.EXE
    (NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    (Intel Corporation) C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
    (Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM…Run: [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe [9808488 2010-11-02] (Realtek Semiconductor)
    HKLM…Run: [IAStorIcon] – C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
    HKLM…Run: [NUSB3MON] – C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
    HKLM…Run: [LogitechQuickCamRibbon] – C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe [2793304 2009-10-14] ()
    HKLM…Run: [BCSSync] – C:Program FilesMicrosoft OfficeOffice14BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
    HKLM…Run: [Nvtmru] – C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
    HKLM…Run: [Adobe ARM] – C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
    HKLM…Run: [SunJavaUpdateSched] – “C:Program FilesJavajre7binjusched.exe”
    HKLM…Run: [nmctxth] – C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
    HKLM…Run: [HP Software Update] – C:Program FilesHPHP Software Updatehpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
    HKLM…Run: [] – [x]
    HKLM…Run: [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
    HKLM…Run: [ShadowPlay] – C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap.dll,ShadowPlayOnSystemStart
    HKLM…Run: [Family Tree Builder Update] – C:Program FilesMyHeritageBinFTBCheckUpdates.exe [2532864 2013-10-13] (MyHeritage)
    HKLM…Run: [AvastUI.exe] – C:Program FilesAVAST SoftwareAvastAvastUI.exe [3568312 2013-11-07] (AVAST Software)
    HKCU…Run: [OfficeSyncProcess] – C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
    HKCU…Run: [ultracopier] – “C:Program FilesSupercopiersupercopier.exe”
    HKCU…Run: [KiesPreload] – C:Program FilesSamsungKiesKies.exe [1564528 2013-09-04] (Samsung)
    HKCU…Run: [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
    HKCU…Run: [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe [844656 2013-09-04] (Samsung)
    HKCU…Run: [Update Service] – C:Program FilesCommon FilesTeknum Systemsupdate.exe [19456 2013-06-23] (Teknum Systems AS)
    HKCU…Run: [TomTomHOME.exe] – C:Program FilesTomTom HOME 2TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
    BootExecute: autocheck autochk * sdnclean.exe

    ==================== Internet (Whitelisted) ====================

    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://fr.msn.com/” onclick=”window.open(this.href);return false;
    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 0xF686B300FE97CE01
    HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = fr-FR
    HKCUSoftwareMicrosoftInternet ExplorerMain,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch” onclick=”window.open(this.href);return false;
    HKCUSoftwareMicrosoftInternet ExplorerMain,Default_page_url = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499&q=” onclick=”window.open(this.href);return false;{searchTerms}
    HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499&q=” onclick=”window.open(this.href);return false;{searchTerms}
    HKLMSoftwareMicrosoftInternet ExplorerMain,Search bar = http://search.msn.com/spbasic.htm” onclick=”window.open(this.href);return false;
    HKLMSoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages =
    StartMenuInternet: IEXPLORE.EXE – C:Program FilesInternet Exploreriexplore.exe http://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
    SearchScopes: HKLM – DefaultScope value is missing.
    BHO: MSS+ Identifier – {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} – C:Program FilesMcAfee Security Scan3.0.318McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
    BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program FilesJavajre7binssv.dll (Oracle Corporation)
    BHO: CIESpeechBHO Class – {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} – C:Program FilesBluetooth SuiteIEPlugIn.dll (Atheros Commnucations)
    BHO: avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler – {B4F3A835-0E21-4959-BA22-42B3008E02FF} – C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)
    BHO: Bing Bar Helper – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} – C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll (Microsoft Corporation.)
    BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM – avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software)
    Toolbar: HKLM – Bing Bar – {8dcb7100-df86-4384-8842-8fa844297b3f} – C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll (Microsoft Corporation.)
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab” onclick=”window.open(this.href);return false;
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
    Handler: pure-go – {4746C79A-2042-4332-8650-48966E44ABA8} – C:Program FilesCommon FilesPure Networks SharedPlatformpuresp4.dll (Cisco Systems, Inc.)
    TcpipParameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

    Chrome:
    =======
    CHR HomePage: hxxp://www.google-chrome.fr/” onclick=”window.open(this.href);return false;
    CHR Plugin: (Shockwave Flash) – C:Program FilesGoogleChromeApplication30.0.1599.101PepperFlashpepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) – internal-remoting-viewer
    CHR Plugin: (Native Client) – C:Program FilesGoogleChromeApplication30.0.1599.101ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) – C:Program FilesGoogleChromeApplication30.0.1599.101pdf.dll ()
    CHR Plugin: (Microsoft Office 2010) – C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) – C:PROGRA~1MICROS~1Office14NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Adobe Acrobat) – C:Program FilesAdobeReader 11.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Earth Plugin) – C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)
    CHR Plugin: (Google Update) – C:Program FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll No File
    CHR Plugin: (Java(TM) Platform SE 7 U25) – C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)
    CHR Plugin: (McAfee Security Scanner +) – C:Program FilesMcAfee Security Scan3.0.318npMcAfeeMss.dll (McAfee, Inc.)
    CHR Plugin: (NVIDIA 3D Vision) – C:Program FilesNVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) – C:Program FilesNVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (VLC Web Plugin) – C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN)
    CHR Plugin: (Windows Liveu0099 Photo Gallery) – C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Java Deployment Toolkit 7.0.250.16) – C:Windowssystem32npDeployJava1.dll (Oracle Corporation)
    CHR Plugin: (Silverlight Plug-In) – c:Program FilesMicrosoft Silverlight5.1.20513.0npctrl.dll No File
    CHR Extension: (Google Docs) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake.5_0
    CHR Extension: (Google Drive) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0
    CHR Extension: (YouTube) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0
    CHR Extension: (Google Search) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf.0.0.20_0
    CHR Extension: (avast! Online Security) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki8.0.8_0
    CHR Extension: (Google Wallet) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.5.0_0
    CHR Extension: (Gmail) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1
    CHR StartMenuInternet: Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe http://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;

    ========================== Services (Whitelisted) =================

    S3 Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [68096 2013-06-06] ()
    R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344 2013-11-07] (AVAST Software)
    R2 Intel® PROSet Monitoring Service; C:Windowssystem32IProsetMonitor.exe [87712 2010-08-12] (Intel Corporation)
    S3 McComponentHostService; C:Program FilesMcAfee Security Scan3.0.318McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
    R2 nmservice; C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe [642856 2008-12-12] (Cisco Systems, Inc.)
    R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [14650144 2013-10-18] (NVIDIA Corporation)
    R2 LinksysUpdater; “C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe” -s “C:Program FilesLinksysLinksys Updaterconfwrapper.conf”

    ==================== Drivers (Whitelisted) ====================

    R2 aswFsBlk; C:Windowssystem32driversaswFsBlk.sys [35656 2013-11-07] (AVAST Software)
    R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [70384 2013-11-07] (AVAST Software)
    R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [79720 2013-11-07] (AVAST Software)
    R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [49944 2013-11-07] ()
    R1 aswSnx; C:Windowssystem32driversaswSnx.sys [774392 2013-11-07] (AVAST Software)
    R1 aswSP; C:Windowssystem32driversaswSP.sys [403440 2013-11-07] (AVAST Software)
    R1 aswTdi; C:Windowssystem32driversaswTdi.sys [57672 2013-11-07] (AVAST Software)
    R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [178304 2013-11-07] ()
    S3 AthBTPort; C:WindowsSystem32DRIVERSbtath_flt.sys [37224 2010-10-27] (Atheros)
    S3 ATHDFU; C:WindowsSystem32DriversAthDfu.sys [47144 2010-10-27] (Windows (R) Win 7 DDK provider)
    S3 BTATH_A2DP; C:WindowsSystem32driversbtath_a2dp.sys [260968 2010-10-27] (Atheros)
    R3 BTATH_BUS; C:WindowsSystem32DRIVERSbtath_bus.sys [26984 2010-10-27] (Atheros)
    S3 BTATH_HCRP; C:WindowsSystem32DRIVERSbtath_hcrp.sys [178024 2010-10-27] (Atheros)
    S3 BTATH_LWFLT; C:WindowsSystem32DRIVERSbtath_lwflt.sys [51560 2010-10-27] (Atheros)
    S3 BTATH_RCP; C:WindowsSystem32DRIVERSbtath_rcp.sys [143336 2010-10-27] (Atheros)
    S3 BtFilter; C:WindowsSystem32DRIVERSbtfilter.sys [242024 2010-10-27] (Atheros)
    R3 e1cexpress; C:WindowsSystem32DRIVERSe1c6232.sys [238248 2010-09-21] (Intel Corporation)
    R2 ElbyCDIO; C:WindowsSystem32DriversElbyCDIO.sys [9728 2004-06-08] (Elaborate Bytes AG)
    R3 ElbyDelay; C:WindowsSystem32DriversElbyDelay.sys [3968 2004-06-08] (Elaborate Bytes AG)
    R3 LVPr2Mon; C:WindowsSystem32DRIVERSLVPr2Mon.sys [25752 2009-10-07] ()
    R3 LVUSBSta; C:WindowsSystem32DRIVERSLVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
    R3 MEI; C:WindowsSystem32DRIVERSHECI.sys [41088 2010-10-19] (Intel Corporation)
    R3 nusb3hub; C:WindowsSystem32DRIVERSnusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
    R3 nusb3xhc; C:WindowsSystem32DRIVERSnusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
    R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)
    S3 PID_PEPI; C:WindowsSystem32DRIVERSLV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
    R2 pnarp; C:WindowsSystem32DRIVERSpnarp.sys [24880 2008-12-12] (Cisco Systems, Inc.)
    U5 AtherosSvc; C:Program FilesBluetooth Suiteadminservice.exe [56480 2010-10-27] (Atheros Commnucations)
    U3 Idcsvdpobksv; No ImagePath
    S3 Pcouffin; System32DriversPcouffin.sys [x]
    U5 purendis; C:WindowsSystem32DRIVERSpurendis.sys [26416 2008-12-12] (Cisco Systems, Inc.)

    ==================== NetSvcs (Whitelisted) ===================

    ==================== One Month Created Files and Folders ========

    2013-11-10 19:44 – 2013-11-10 19:44 – 00000000 ____D C:FRST
    2013-11-10 19:42 – 2013-11-10 19:42 – 01090275 _____ (Farbar) C:UsersjasDesktopFRST.exe
    2013-11-10 19:32 – 2013-11-10 19:32 – 01073262 _____ C:UsersjasDownloadsadwcleaner (2).exe
    2013-11-10 19:22 – 2013-11-10 19:22 – 01073262 _____ C:UsersjasDownloadsadwcleaner (3).exe
    2013-11-10 18:57 – 2013-11-10 18:58 – 10285040 _____ (Malwarebytes Corporation ) C:UsersjasDownloadsmbam-setup-1.75.0.1300 (1).exe
    2013-11-10 08:56 – 2013-11-10 08:56 – 00000000 ____D C:UsersjasAppDataLocal{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
    2013-11-09 19:02 – 2013-11-09 19:02 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
    2013-11-09 19:01 – 2013-11-09 19:01 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
    2013-11-09 16:53 – 2013-11-09 19:47 – 733247488 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
    2013-11-09 07:20 – 2013-11-09 07:20 – 00000000 ____D C:UsersjasAppDataLocal{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
    2013-11-08 18:58 – 2013-11-08 18:59 – 00000000 ____D C:UsersjasAppDataLocal{5206A44D-3316-4AE0-9E31-41882BA9BE44}
    2013-11-08 06:58 – 2013-11-08 06:58 – 00000000 ____D C:UsersjasAppDataLocal{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
    2013-11-07 19:51 – 2013-11-07 19:51 – 00000000 ____D C:UsersjasAppDataRoamingAVAST Software
    2013-11-07 19:50 – 2013-11-07 19:50 – 00000000 ____D C:Windowssystem32%LOCALAPPDATA%
    2013-11-07 11:35 – 2013-11-07 12:12 – 00000000 ____D C:UsersjasAppDataRoamingMyHeritage
    2013-11-07 11:35 – 2013-11-07 12:10 – 00000000 ____D C:UsersjasDocumentsMyHeritage
    2013-11-07 11:35 – 2013-11-07 11:40 – 00000000 ____D C:ProgramDataMyHeritage
    2013-11-07 11:35 – 2013-11-07 11:35 – 00001039 _____ C:UsersjasDesktopMyHeritage Family Tree Builder.lnk
    2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingThe Complete Genealogy Reporter – FTB
    2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsMyHeritage.com
    2013-11-07 11:35 – 2012-08-02 08:56 – 00606208 _____ (Lorenzi Davide) C:Windowssystem32HexUniRTFBox.ocx
    2013-11-07 11:35 – 2010-06-17 19:49 – 02029056 _____ (Bytescout) C:Windowssystem32PDFDocScout.DLL
    2013-11-07 11:35 – 2004-12-07 11:11 – 00258352 _____ (Microsoft Corporation) C:Windowssystem32unicows.dll
    2013-11-07 11:35 – 2003-07-06 14:07 – 00372736 _____ (Intel Corporation) C:Windowssystem32ijl15.dll
    2013-11-07 11:35 – 2002-03-07 01:19 – 00454656 _____ () C:Windowssystem32PaintX.dll
    2013-11-07 11:35 – 2000-05-22 17:58 – 00608448 _____ (Microsoft Corporation) C:Windowssystem32comctl32.ocx
    2013-11-07 11:35 – 1998-06-24 01:00 – 00137000 _____ (Microsoft Corporation) C:Windowssystem32msmapi32.ocx
    2013-11-07 11:34 – 2013-11-07 11:34 – 00000000 ____D C:Program FilesMyHeritage
    2013-11-07 10:52 – 2013-11-07 10:54 – 36976408 _____ C:UsersjasDownloadsfamily_tree_builder_7126.exe
    2013-11-07 08:14 – 2013-11-07 08:14 – 00000000 ____D C:UsersjasAppDataLocal{15B57D3E-43D3-492D-B2AA-8841703E839B}
    2013-11-06 18:56 – 2013-11-06 18:56 – 00000000 ____D C:UsersjasAppDataLocal{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
    2013-11-06 06:56 – 2013-11-06 06:56 – 00000000 ____D C:UsersjasAppDataLocal{727A2663-8B6A-4415-B637-707CA89D9BB4}
    2013-11-05 08:37 – 2013-11-05 08:37 – 00000000 ____D C:UsersjasAppDataLocal{56499710-2952-4FA0-9120-C744ECE1662F}
    2013-11-04 20:04 – 2013-11-04 20:04 – 00000000 ____D C:UsersjasAppDataLocal{5F562531-B68F-4847-AD86-DDBB891A5F6C}
    2013-11-04 08:04 – 2013-11-04 08:04 – 00000000 ____D C:UsersjasAppDataLocal{5427FFA4-7B50-4012-87AC-04A452B02429}
    2013-11-03 20:03 – 2013-11-03 20:03 – 00000000 ____D C:UsersjasAppDataLocal{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
    2013-11-03 08:03 – 2013-11-03 08:03 – 00000000 ____D C:UsersjasAppDataLocal{262E305E-C24F-4FDF-AB3E-AB613A922D99}
    2013-11-02 19:50 – 2013-11-02 19:50 – 00000000 ____D C:UsersjasAppDataLocal{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
    2013-11-02 07:49 – 2013-11-02 07:49 – 00000000 ____D C:UsersjasAppDataLocal{F411F597-18EB-4E7C-815B-473BC1CA74B5}
    2013-11-01 18:00 – 2013-11-01 18:00 – 00000000 ____D C:UsersjasAppDataLocal{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
    2013-10-31 20:46 – 2013-10-31 20:46 – 00000000 ____D C:UsersjasAppDataLocal{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
    2013-10-31 08:45 – 2013-10-31 08:46 – 00000000 ____D C:UsersjasAppDataLocal{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
    2013-10-30 20:27 – 2013-10-30 20:28 – 00000000 ____D C:UsersjasAppDataLocal{06E1E7F1-7FC7-442C-85D8-A95930C20086}
    2013-10-30 08:12 – 2013-10-30 08:12 – 00000000 ____D C:UsersjasAppDataLocal{0EC7399D-44DA-4440-9845-00031EA2FFB0}
    2013-10-29 08:32 – 2013-10-29 08:32 – 00000000 ____D C:UsersjasAppDataLocal{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
    2013-10-28 20:26 – 2013-10-28 20:27 – 00000000 ____D C:UsersjasAppDataLocal{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
    2013-10-28 18:47 – 2013-10-18 02:36 – 00955168 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll
    2013-10-28 18:46 – 2013-09-28 00:01 – 00033568 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad32v.sys
    2013-10-28 18:46 – 2013-09-28 00:01 – 00028960 _____ (NVIDIA Corporation) C:Windowssystem32nvaudcap32v.dll
    2013-10-28 08:24 – 2013-10-28 08:24 – 00000000 ____D C:UsersjasAppDataLocal{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
    2013-10-27 07:28 – 2013-10-27 07:29 – 00000000 ____D C:UsersjasAppDataLocal{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
    2013-10-26 19:28 – 2013-10-26 19:28 – 00000000 ____D C:UsersjasAppDataLocal{090B7702-3082-4050-82FF-58F3F99A351F}
    2013-10-26 07:27 – 2013-10-26 07:28 – 00000000 ____D C:UsersjasAppDataLocal{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
    2013-10-25 18:47 – 2013-10-25 18:47 – 00000000 ____D C:UsersjasAppDataLocal{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
    2013-10-25 06:46 – 2013-10-25 06:47 – 00000000 ____D C:UsersjasAppDataLocal{AB86A48F-88E0-4270-A479-F67EDCDE558F}
    2013-10-24 18:46 – 2013-10-24 18:46 – 00000000 ____D C:UsersjasAppDataLocal{D92853F3-358E-4C73-8428-FB9230F947CF}
    2013-10-24 06:46 – 2013-10-24 06:46 – 00000000 ____D C:UsersjasAppDataLocal{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
    2013-10-23 17:57 – 2013-10-23 17:57 – 00000000 ____D C:UsersjasAppDataLocal{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
    2013-10-23 05:57 – 2013-10-23 05:57 – 00000000 ____D C:UsersjasAppDataLocal{2B8523F8-9857-47D2-AD52-060695EA9E54}
    2013-10-22 17:45 – 2013-10-22 17:46 – 00000000 ____D C:UsersjasAppDataLocal{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
    2013-10-21 19:47 – 2013-10-21 19:47 – 00000000 ____D C:UsersjasAppDataLocal{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
    2013-10-21 07:47 – 2013-10-21 07:47 – 00000000 ____D C:UsersjasAppDataLocal{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
    2013-10-20 08:18 – 2013-10-20 08:18 – 00000000 ____D C:UsersjasAppDataLocal{A5907C90-DA31-4EEC-B172-709C66CC2E28}
    2013-10-19 19:39 – 2013-10-19 19:39 – 00000000 ____D C:UsersjasAppDataLocal{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
    2013-10-19 06:59 – 2013-10-19 06:59 – 00000000 ____D C:UsersjasAppDataLocal{799D6292-FCC5-400E-B837-55FE13CC8135}
    2013-10-18 07:45 – 2013-10-18 07:46 – 00000000 ____D C:UsersjasAppDataLocal{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
    2013-10-17 21:00 – 2013-10-17 21:01 – 00160968 _____ C:WindowsMinidump101713-17503-01.dmp
    2013-10-17 19:45 – 2013-10-17 19:45 – 00000000 ____D C:UsersjasAppDataLocal{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
    2013-10-17 07:23 – 2013-10-17 07:23 – 00000000 ____D C:UsersjasAppDataLocal{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
    2013-10-16 19:54 – 2013-10-16 19:54 – 00000000 ____D C:UsersjasAppDataLocal{45B154E7-4548-45F8-B5F0-274B41956AE9}
    2013-10-16 07:26 – 2013-10-16 07:26 – 00000000 ____D C:UsersjasAppDataLocal{C383251E-2BE7-443D-A906-12BECC510AEC}
    2013-10-15 19:21 – 2013-10-15 19:21 – 00000000 ____D C:UsersjasAppDataLocal{271BE547-2774-4259-B597-121E5A1B3AAC}
    2013-10-15 07:09 – 2013-10-15 07:09 – 00000000 ____D C:UsersjasAppDataLocal{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
    2013-10-14 18:35 – 2013-10-14 18:35 – 00000000 ____D C:UsersjasAppDataLocal{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
    2013-10-14 17:18 – 2013-10-14 17:19 – 00161920 _____ C:WindowsMinidump101413-150416-01.dmp
    2013-10-14 10:47 – 2013-10-14 15:17 – 00000000 ____D C:Nouveau dossier
    2013-10-14 06:34 – 2013-10-14 06:34 – 00000000 ____D C:UsersjasAppDataLocal{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
    2013-10-13 18:34 – 2013-10-13 18:34 – 00000000 ____D C:UsersjasAppDataLocal{21F05535-B31D-4342-99A6-DF0BD43DF983}
    2013-10-13 15:05 – 2013-10-13 15:05 – 00930848 _____ (MyHeritage) C:Windowssystem32FTBSaver.scr
    2013-10-13 06:33 – 2013-10-13 06:34 – 00000000 ____D C:UsersjasAppDataLocal{A17F5054-6159-4944-9E5E-74C041174366}
    2013-10-12 07:09 – 2013-10-12 07:09 – 00000000 ____D C:UsersjasAppDataLocal{D8372A0A-038F-4EF2-B029-2A0C8C973134}
    2013-10-12 02:32 – 2013-10-12 02:32 – 00000000 __SHD C:found.002
    2013-10-12 02:04 – 2013-09-23 00:28 – 01767936 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll
    2013-10-12 02:04 – 2013-09-23 00:28 – 01141248 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll
    2013-10-12 02:04 – 2013-09-23 00:28 – 00042496 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe
    2013-10-12 02:04 – 2013-09-23 00:27 – 14335488 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 13761024 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 02876928 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 02048512 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00690688 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00493056 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00391168 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00109056 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00061440 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00039424 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll
    2013-10-12 02:04 – 2013-09-23 00:27 – 00033280 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll
    2013-10-12 02:04 – 2013-09-21 04:30 – 02706432 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb
    2013-10-12 02:04 – 2013-09-21 03:39 – 00071680 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe
    2013-10-11 19:09 – 2013-10-11 19:09 – 00000000 ____D C:UsersjasAppDataLocal{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
    2013-10-11 07:16 – 2013-09-14 01:48 – 00338944 _____ (Microsoft Corporation) C:Windowssystem32Driversafd.sys
    2013-10-11 07:16 – 2013-09-08 03:07 – 01294272 _____ (Microsoft Corporation) C:Windowssystem32Driverstcpip.sys
    2013-10-11 07:16 – 2013-09-08 03:03 – 00231424 _____ (Microsoft Corporation) C:Windowssystem32mswsock.dll
    2013-10-11 07:16 – 2013-08-29 02:51 – 03969472 _____ (Microsoft Corporation) C:Windowssystem32ntkrnlpa.exe
    2013-10-11 07:16 – 2013-08-29 02:51 – 03914176 _____ (Microsoft Corporation) C:Windowssystem32ntoskrnl.exe
    2013-10-11 07:16 – 2013-08-29 02:50 – 01289096 _____ (Microsoft Corporation) C:Windowssystem32ntdll.dll
    2013-10-11 07:16 – 2013-08-29 02:50 – 00619520 _____ (Microsoft Corporation) C:Windowssystem32tdh.dll
    2013-10-11 07:16 – 2013-08-29 02:48 – 00640512 _____ (Microsoft Corporation) C:Windowssystem32advapi32.dll
    2013-10-11 07:16 – 2013-08-28 02:04 – 02348544 _____ (Microsoft Corporation) C:Windowssystem32win32k.sys
    2013-10-11 07:16 – 2013-08-28 01:57 – 00434688 _____ (Microsoft Corporation) C:Windowssystem32scavengeui.dll
    2013-10-11 07:16 – 2013-08-01 12:03 – 00729024 _____ (Microsoft Corporation) C:Windowssystem32Driversdxgkrnl.sys
    2013-10-11 07:16 – 2013-07-20 11:33 – 00102608 _____ (Microsoft Corporation) C:Windowssystem32PresentationCFFRasterizerNative_v0300.dll
    2013-10-11 07:16 – 2013-07-12 11:07 – 00086016 _____ (Microsoft Corporation) C:Windowssystem32Driversusbcir.sys
    2013-10-11 07:16 – 2013-07-12 11:07 – 00080896 _____ (Microsoft Corporation) C:Windowssystem32DriversUSBAUDIO.sys
    2013-10-11 07:16 – 2013-07-04 12:57 – 00205824 _____ (Microsoft Corporation) C:Windowssystem32WebClnt.dll
    2013-10-11 07:16 – 2013-07-04 12:51 – 00081920 _____ (Microsoft Corporation) C:Windowssystem32davclnt.dll
    2013-10-11 07:16 – 2013-07-04 12:50 – 00530432 _____ (Microsoft Corporation) C:Windowssystem32comctl32.dll
    2013-10-11 07:16 – 2013-07-04 10:48 – 00115712 _____ (Microsoft Corporation) C:Windowssystem32Driversmrxdav.sys
    2013-10-11 07:16 – 2013-07-03 05:02 – 00036352 _____ (Microsoft Corporation) C:Windowssystem32Driversusbscan.sys
    2013-10-11 07:16 – 2013-07-03 04:36 – 00055808 _____ (Microsoft Corporation) C:Windowssystem32Drivershidclass.sys
    2013-10-11 07:16 – 2013-07-03 04:36 – 00025728 _____ (Microsoft Corporation) C:Windowssystem32Drivershidparse.sys
    2013-10-11 07:16 – 2013-06-25 23:56 – 00527064 _____ (Microsoft Corporation) C:Windowssystem32DriversWdf01000.sys
    2013-10-11 07:16 – 2013-06-06 05:52 – 00026112 _____ (Microsoft Corporation) C:Windowssystem32lpk.dll
    2013-10-11 07:16 – 2013-06-06 05:51 – 00070656 _____ (Microsoft Corporation) C:Windowssystem32fontsub.dll
    2013-10-11 07:16 – 2013-06-06 05:50 – 00010240 _____ (Microsoft Corporation) C:Windowssystem32dciman32.dll
    2013-10-11 07:16 – 2013-06-06 04:01 – 00295424 _____ (Adobe Systems Incorporated) C:Windowssystem32atmfd.dll
    2013-10-11 07:16 – 2013-06-06 04:01 – 00034304 _____ (Adobe Systems) C:Windowssystem32atmlib.dll
    2013-10-11 07:08 – 2013-10-11 07:09 – 00000000 ____D C:UsersjasAppDataLocal{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

    ==================== One Month Modified Files and Folders =======

    2013-11-10 19:44 – 2013-11-10 19:44 – 00000000 ____D C:FRST
    2013-11-10 19:42 – 2013-11-10 19:42 – 01090275 _____ (Farbar) C:UsersjasDesktopFRST.exe
    2013-11-10 19:42 – 2009-07-14 05:34 – 00015696 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-11-10 19:42 – 2009-07-14 05:34 – 00015696 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-11-10 19:40 – 2013-06-01 17:37 – 01381557 _____ C:WindowsWindowsUpdate.log
    2013-11-10 19:35 – 2013-06-07 19:37 – 00001046 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
    2013-11-10 19:34 – 2013-06-01 21:17 – 00000000 ____D C:ProgramDataNVIDIA
    2013-11-10 19:34 – 2013-06-01 20:04 – 00188250 _____ C:WindowsPFRO.log
    2013-11-10 19:34 – 2009-07-14 05:53 – 00000006 ____H C:WindowsTasksSA.DAT
    2013-11-10 19:34 – 2009-07-14 05:39 – 00080502 _____ C:Windowssetupact.log
    2013-11-10 19:33 – 2013-09-18 07:00 – 00000000 ____D C:AdwCleaner
    2013-11-10 19:32 – 2013-11-10 19:32 – 01073262 _____ C:UsersjasDownloadsadwcleaner (2).exe
    2013-11-10 19:26 – 2013-06-07 19:37 – 00001050 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
    2013-11-10 19:22 – 2013-11-10 19:22 – 01073262 _____ C:UsersjasDownloadsadwcleaner (3).exe
    2013-11-10 19:17 – 2013-08-13 20:12 – 00000000 ____D C:Windows4FC9DA9DF608454E8191D7EFFDCC5726.TMP
    2013-11-10 19:16 – 2013-06-01 20:56 – 00000000 ____D C:Program FilesFree Coinche
    2013-11-10 19:13 – 2013-07-22 08:34 – 00001002 _____ C:WindowsTasksAdobe Flash Player Updater.job
    2013-11-10 18:58 – 2013-11-10 18:57 – 10285040 _____ (Malwarebytes Corporation ) C:UsersjasDownloadsmbam-setup-1.75.0.1300 (1).exe
    2013-11-10 18:53 – 2013-06-23 10:54 – 00000000 ____D C:Program FilesHandyBits
    2013-11-10 18:51 – 2013-09-18 06:57 – 00002291 _____ C:UsersPublicDesktopGoogle Chrome.lnk
    2013-11-10 18:51 – 2013-06-01 17:43 – 00001631 _____ C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
    2013-11-10 15:49 – 2013-06-02 08:32 – 00000000 ____D C:UsersUpdatusUser.jas-PC
    2013-11-10 08:56 – 2013-11-10 08:56 – 00000000 ____D C:UsersjasAppDataLocal{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
    2013-11-10 08:55 – 2013-06-10 08:33 – 00000000 ____D C:UsersjasAppDataLocalCrashDumps
    2013-11-09 19:47 – 2013-11-09 16:53 – 733247488 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
    2013-11-09 19:47 – 2013-06-05 20:40 – 00000000 ____D C:UsersjasAppDataRoaminguTorrent
    2013-11-09 19:02 – 2013-11-09 19:02 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
    2013-11-09 19:01 – 2013-11-09 19:01 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
    2013-11-09 19:00 – 2013-06-02 18:55 – 00000000 ____D C:UsersjasAppDataRoamingvlc
    2013-11-09 18:49 – 2013-06-01 17:45 – 01668334 _____ C:Windowssystem32PerfStringBackup.INI
    2013-11-09 07:20 – 2013-11-09 07:20 – 00000000 ____D C:UsersjasAppDataLocal{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
    2013-11-09 07:16 – 2009-07-14 05:53 – 00032482 _____ C:WindowsTasksSCHEDLGU.TXT
    2013-11-08 18:59 – 2013-11-08 18:58 – 00000000 ____D C:UsersjasAppDataLocal{5206A44D-3316-4AE0-9E31-41882BA9BE44}
    2013-11-08 10:47 – 2013-06-17 08:35 – 00000000 ____D C:Program FilesTomTom HOME 2
    2013-11-08 10:47 – 2013-06-17 08:33 – 00000000 ____D C:UsersjasAppDataLocalDownloaded Installations
    2013-11-08 06:58 – 2013-11-08 06:58 – 00000000 ____D C:UsersjasAppDataLocal{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
    2013-11-07 19:51 – 2013-11-07 19:51 – 00000000 ____D C:UsersjasAppDataRoamingAVAST Software
    2013-11-07 19:51 – 2013-06-01 18:59 – 00403440 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys
    2013-11-07 19:50 – 2013-11-07 19:50 – 00000000 ____D C:Windowssystem32%LOCALAPPDATA%
    2013-11-07 15:48 – 2013-07-10 15:27 – 00002007 _____ C:UsersPublicDesktopavast! Free Antivirus.lnk
    2013-11-07 15:48 – 2013-06-01 18:59 – 00774392 _____ (AVAST Software) C:Windowssystem32DriversaswSnx.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00269216 _____ (AVAST Software) C:Windowssystem32aswBoot.exe
    2013-11-07 15:48 – 2013-06-01 18:59 – 00178304 _____ C:Windowssystem32DriversaswVmm.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00079720 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00070384 _____ (AVAST Software) C:Windowssystem32DriversaswMonFlt.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00057672 _____ (AVAST Software) C:Windowssystem32DriversaswTdi.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00049944 _____ C:Windowssystem32DriversaswRvrt.sys
    2013-11-07 15:48 – 2013-06-01 18:59 – 00043152 _____ (AVAST Software) C:WindowsavastSS.scr
    2013-11-07 15:48 – 2013-06-01 18:59 – 00035656 _____ (AVAST Software) C:Windowssystem32DriversaswFsBlk.sys
    2013-11-07 15:45 – 2013-06-01 18:58 – 00000000 ____D C:ProgramDataAVAST Software
    2013-11-07 15:44 – 2009-07-14 03:04 – 00002577 _____ C:Windowssystem32config.nt
    2013-11-07 12:12 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMyHeritage
    2013-11-07 12:10 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasDocumentsMyHeritage
    2013-11-07 11:40 – 2013-11-07 11:35 – 00000000 ____D C:ProgramDataMyHeritage
    2013-11-07 11:35 – 2013-11-07 11:35 – 00001039 _____ C:UsersjasDesktopMyHeritage Family Tree Builder.lnk
    2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingThe Complete Genealogy Reporter – FTB
    2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsMyHeritage.com
    2013-11-07 11:34 – 2013-11-07 11:34 – 00000000 ____D C:Program FilesMyHeritage
    2013-11-07 10:54 – 2013-11-07 10:52 – 36976408 _____ C:UsersjasDownloadsfamily_tree_builder_7126.exe
    2013-11-07 08:14 – 2013-11-07 08:14 – 00000000 ____D C:UsersjasAppDataLocal{15B57D3E-43D3-492D-B2AA-8841703E839B}
    2013-11-06 18:56 – 2013-11-06 18:56 – 00000000 ____D C:UsersjasAppDataLocal{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
    2013-11-06 06:56 – 2013-11-06 06:56 – 00000000 ____D C:UsersjasAppDataLocal{727A2663-8B6A-4415-B637-707CA89D9BB4}
    2013-11-05 08:37 – 2013-11-05 08:37 – 00000000 ____D C:UsersjasAppDataLocal{56499710-2952-4FA0-9120-C744ECE1662F}
    2013-11-04 20:04 – 2013-11-04 20:04 – 00000000 ____D C:UsersjasAppDataLocal{5F562531-B68F-4847-AD86-DDBB891A5F6C}
    2013-11-04 08:04 – 2013-11-04 08:04 – 00000000 ____D C:UsersjasAppDataLocal{5427FFA4-7B50-4012-87AC-04A452B02429}
    2013-11-03 20:03 – 2013-11-03 20:03 – 00000000 ____D C:UsersjasAppDataLocal{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
    2013-11-03 08:03 – 2013-11-03 08:03 – 00000000 ____D C:UsersjasAppDataLocal{262E305E-C24F-4FDF-AB3E-AB613A922D99}
    2013-11-02 19:50 – 2013-11-02 19:50 – 00000000 ____D C:UsersjasAppDataLocal{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
    2013-11-02 07:49 – 2013-11-02 07:49 – 00000000 ____D C:UsersjasAppDataLocal{F411F597-18EB-4E7C-815B-473BC1CA74B5}
    2013-11-01 18:00 – 2013-11-01 18:00 – 00000000 ____D C:UsersjasAppDataLocal{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
    2013-10-31 20:46 – 2013-10-31 20:46 – 00000000 ____D C:UsersjasAppDataLocal{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
    2013-10-31 08:46 – 2013-10-31 08:45 – 00000000 ____D C:UsersjasAppDataLocal{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
    2013-10-30 20:28 – 2013-10-30 20:27 – 00000000 ____D C:UsersjasAppDataLocal{06E1E7F1-7FC7-442C-85D8-A95930C20086}
    2013-10-30 08:12 – 2013-10-30 08:12 – 00000000 ____D C:UsersjasAppDataLocal{0EC7399D-44DA-4440-9845-00031EA2FFB0}
    2013-10-29 08:32 – 2013-10-29 08:32 – 00000000 ____D C:UsersjasAppDataLocal{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
    2013-10-28 20:27 – 2013-10-28 20:26 – 00000000 ____D C:UsersjasAppDataLocal{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
    2013-10-28 18:47 – 2013-06-01 21:16 – 00000000 ____D C:ProgramDataNVIDIA Corporation
    2013-10-28 18:47 – 2013-06-01 21:10 – 00000000 ____D C:Program FilesNVIDIA Corporation
    2013-10-28 08:24 – 2013-10-28 08:24 – 00000000 ____D C:UsersjasAppDataLocal{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
    2013-10-27 07:29 – 2013-10-27 07:28 – 00000000 ____D C:UsersjasAppDataLocal{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
    2013-10-26 19:28 – 2013-10-26 19:28 – 00000000 ____D C:UsersjasAppDataLocal{090B7702-3082-4050-82FF-58F3F99A351F}
    2013-10-26 07:28 – 2013-10-26 07:27 – 00000000 ____D C:UsersjasAppDataLocal{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
    2013-10-25 18:47 – 2013-10-25 18:47 – 00000000 ____D C:UsersjasAppDataLocal{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
    2013-10-25 06:47 – 2013-10-25 06:46 – 00000000 ____D C:UsersjasAppDataLocal{AB86A48F-88E0-4270-A479-F67EDCDE558F}
    2013-10-24 18:46 – 2013-10-24 18:46 – 00000000 ____D C:UsersjasAppDataLocal{D92853F3-358E-4C73-8428-FB9230F947CF}
    2013-10-24 06:46 – 2013-10-24 06:46 – 00000000 ____D C:UsersjasAppDataLocal{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
    2013-10-23 17:57 – 2013-10-23 17:57 – 00000000 ____D C:UsersjasAppDataLocal{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
    2013-10-23 05:57 – 2013-10-23 05:57 – 00000000 ____D C:UsersjasAppDataLocal{2B8523F8-9857-47D2-AD52-060695EA9E54}
    2013-10-22 17:46 – 2013-10-22 17:45 – 00000000 ____D C:UsersjasAppDataLocal{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
    2013-10-21 19:47 – 2013-10-21 19:47 – 00000000 ____D C:UsersjasAppDataLocal{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
    2013-10-21 07:47 – 2013-10-21 07:47 – 00000000 ____D C:UsersjasAppDataLocal{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
    2013-10-20 08:18 – 2013-10-20 08:18 – 00000000 ____D C:UsersjasAppDataLocal{A5907C90-DA31-4EEC-B172-709C66CC2E28}
    2013-10-19 19:39 – 2013-10-19 19:39 – 00000000 ____D C:UsersjasAppDataLocal{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
    2013-10-19 06:59 – 2013-10-19 06:59 – 00000000 ____D C:UsersjasAppDataLocal{799D6292-FCC5-400E-B837-55FE13CC8135}
    2013-10-18 07:46 – 2013-10-18 07:45 – 00000000 ____D C:UsersjasAppDataLocal{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
    2013-10-18 02:36 – 2013-10-28 18:47 – 00955168 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll
    2013-10-17 21:01 – 2013-10-17 21:00 – 00160968 _____ C:WindowsMinidump101713-17503-01.dmp
    2013-10-17 21:00 – 2013-06-03 07:20 – 253343240 _____ C:WindowsMEMORY.DMP
    2013-10-17 21:00 – 2013-06-03 07:20 – 00000000 ____D C:WindowsMinidump
    2013-10-17 19:45 – 2013-10-17 19:45 – 00000000 ____D C:UsersjasAppDataLocal{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
    2013-10-17 07:23 – 2013-10-17 07:23 – 00000000 ____D C:UsersjasAppDataLocal{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
    2013-10-16 19:54 – 2013-10-16 19:54 – 00000000 ____D C:UsersjasAppDataLocal{45B154E7-4548-45F8-B5F0-274B41956AE9}
    2013-10-16 08:43 – 2013-06-01 20:54 – 00000000 ____D C:UsersjasDesktoplogiciel
    2013-10-16 07:26 – 2013-10-16 07:26 – 00000000 ____D C:UsersjasAppDataLocal{C383251E-2BE7-443D-A906-12BECC510AEC}
    2013-10-15 19:21 – 2013-10-15 19:21 – 00000000 ____D C:UsersjasAppDataLocal{271BE547-2774-4259-B597-121E5A1B3AAC}
    2013-10-15 07:09 – 2013-10-15 07:09 – 00000000 ____D C:UsersjasAppDataLocal{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
    2013-10-14 18:35 – 2013-10-14 18:35 – 00000000 ____D C:UsersjasAppDataLocal{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
    2013-10-14 17:19 – 2013-10-14 17:18 – 00161920 _____ C:WindowsMinidump101413-150416-01.dmp
    2013-10-14 15:17 – 2013-10-14 10:47 – 00000000 ____D C:Nouveau dossier
    2013-10-14 15:14 – 2013-06-04 20:59 – 00000000 ____D C:UsersjasAppDataRoamingAdobe
    2013-10-14 15:14 – 2013-06-04 20:59 – 00000000 ____D C:ProgramDataAdobe
    2013-10-14 10:46 – 2013-06-01 17:43 – 00000000 ____D C:UsersjasAppDataLocalVirtualStore
    2013-10-14 06:34 – 2013-10-14 06:34 – 00000000 ____D C:UsersjasAppDataLocal{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
    2013-10-13 18:34 – 2013-10-13 18:34 – 00000000 ____D C:UsersjasAppDataLocal{21F05535-B31D-4342-99A6-DF0BD43DF983}
    2013-10-13 15:05 – 2013-10-13 15:05 – 00930848 _____ (MyHeritage) C:Windowssystem32FTBSaver.scr
    2013-10-13 06:34 – 2013-10-13 06:33 – 00000000 ____D C:UsersjasAppDataLocal{A17F5054-6159-4944-9E5E-74C041174366}
    2013-10-12 07:09 – 2013-10-12 07:09 – 00000000 ____D C:UsersjasAppDataLocal{D8372A0A-038F-4EF2-B029-2A0C8C973134}
    2013-10-12 03:14 – 2009-07-14 03:37 – 00000000 ____D C:Windowsrescache
    2013-10-12 02:43 – 2009-07-14 03:37 – 00000000 ____D C:WindowsMicrosoft.NET
    2013-10-12 02:37 – 2009-07-14 05:33 – 00408616 _____ C:Windowssystem32FNTCACHE.DAT
    2013-10-12 02:36 – 2013-06-06 18:54 – 00000000 ____D C:Program FilesMicrosoft Silverlight
    2013-10-12 02:32 – 2013-10-12 02:32 – 00000000 __SHD C:found.002
    2013-10-12 02:27 – 2009-07-14 03:37 – 00000000 ____D C:Windowssystem32fr-FR
    2013-10-12 02:10 – 2013-06-01 19:36 – 00000000 ____D C:ProgramDataMicrosoft Help
    2013-10-12 02:09 – 2013-08-15 11:11 – 00000000 ____D C:Windowssystem32MRT
    2013-10-12 02:06 – 2013-06-05 10:38 – 78106760 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe
    2013-10-11 19:09 – 2013-10-11 19:09 – 00000000 ____D C:UsersjasAppDataLocal{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
    2013-10-11 07:09 – 2013-10-11 07:08 – 00000000 ____D C:UsersjasAppDataLocal{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

    Some content of TEMP:
    ====================
    C:UsersjasAppDataLocalTempnsaF4D2.exe
    C:UsersjasAppDataLocalTempnsk9D9B.exe
    C:UsersjasAppDataLocalTempnsq4DA6.exe
    C:UsersjasAppDataLocalTempnsuF2DD.exe
    C:UsersjasAppDataLocalTempnsz9FCD.exe
    C:UsersjasAppDataLocalTempQuarantine.exe
    C:UsersjasAppDataLocalTemputt6559.tmp.exe
    C:UsersjasAppDataLocalTemputtB3A7.tmp.exe
    C:UsersjasAppDataLocalTempvlc-2.0.8-win32.exe

    ==================== Bamital & volsnap Check =================

    C:Windowsexplorer.exe => MD5 is legit
    C:WindowsSystem32winlogon.exe => MD5 is legit
    C:WindowsSystem32wininit.exe => MD5 is legit
    C:WindowsSystem32svchost.exe => MD5 is legit
    C:WindowsSystem32services.exe => MD5 is legit
    C:WindowsSystem32User32.dll => MD5 is legit
    C:WindowsSystem32userinit.exe => MD5 is legit
    C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

    LastRegBack: 2013-11-10 09:19

    ==================== End Of Log ============================

  • rapsut
    Participant
    Nombre d'articles : 10

    RE
    Bon bé la manip a été bonne AAArtemis à éte abattu il ne me reste plus qu’a te remercier Amicalement JAS

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonsoir,

    Ce n’est pas terminé je poste ton script demain 😉

    Bonne nuit

  • rapsut
    Participant
    Nombre d'articles : 10

    bonjour
    bien ,et que dois je faire?
    amicalement JAS

  • H.A.W.X
    Participant
    Nombre d'articles : 1704

    Bonjour,

    Penses aussi que nous sommes tous ici des bénévoles (qualifié cependant) mais des bénévoles 😉

    Voici ce que tu dois faire pour finir

    1.

    • Télécharge UsbFix (de El Desaparecido) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Choisis l’option Suppression

      Note : Si UsbFix bloque à 14%, démarrer en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse

    2.

    • Appuies simultanément sur les touches Windows et R
    • Une fenêtre va s’ouvrir, tape ceci : notepad
    • Clic sur OK

      Note : Le bloc note va s’ouvrir

    • Copie les lignes suivantes :
      start
      HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105 ... 4249942499
      HKCUSoftwareMicrosoftInternet ExplorerMain,Default_page_url = http://aartemis.com/?type=hp&ts=1384105 ... 4249942499
      HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts ... 9942499&q={searchTerms}
      HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384105 ... 4249942499
      HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105 ... 4249942499
      HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.aartemis.com/web/?type=ds&ts ... 9942499&q={searchTerms}
      tartMenuInternet: IEXPLORE.EXE - C:Program FilesInternet Exploreriexplore.exe http://aartemis.com/?type=sc&ts=1384105 ... 4249942499
      SearchScopes: HKLM - DefaultScope value is missing.
      CHR StartMenuInternet: Google Chrome - C:Program FilesGoogleChromeApplicationchrome.exe http://aartemis.com/?type=sc&ts=1384105 ... 4249942499
      end

    • Retourne dans le bloc note puis colle les lignes copiées.
    • Clic sur Fichier, puis Enregistrer sous …, nomme le fixlist.txt et enregistre le sur ton bureau !
    • Rends toi sur le bureau, Lance FRST, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Fix

      Note : Patiente le temps de la suppression

    • Une fois le scan terminé rends toi sur le bureau, deux rapports Fixlog.txt a été créé.
    • Héberge le rapport Fixlog.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse

    3.

    • Télécharge SFTGC.exe (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    4.

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Supprimer les outils de désinfection

    Voilà après ceci je te laisse lire nos recommandations pour éviter que tu ne retombes dans ce genre de situations 😉

    [hr:39e8md9n][hr:39e8md9n][hr:39e8md9n][hr:39e8md9n]

    [fin2desinf:39e8md9n][/fin2desinf:39e8md9n]

  • rapsut
    Participant
    Nombre d'articles : 10

    Re
    bien ,rapport USBfix
    amicalement JAS
    ############################## | UsbFix V 7.150 | [Suppression]

    Utilisateur: jas (Administrateur) # JAS-PC
    Mis à jour le 08/11/2013 par El Desaparecido – Team SosVirus
    Lancé à 12:20:52 | 11/11/2013

    Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: ASUSTeK Computer INC. (P8P67 PRO)
    CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    RAM -> [Total : 3057 | Free : 1483]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Professionnel (6.1.7601 32-Bit) Service Pack 1
    WB: Windows Internet Explorer : 10.0.9200.16721
    WB: Google Chrome : 30.0.1599.101

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes’ Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 233 Go (183 Go libre(s) – 78%) [] # NTFS
    D: -> CD-ROM
    E: -> Disque amovible # 30 Go (27 Go libre(s) – 90%) [] # FAT32
    F: -> Disque fixe # 153 Go (55 Go libre(s) – 36%) [ext2] # NTFS

    ################## | Processus Stoppés |

    Stoppé! C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 944 |ParentID: 668)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID: 1576 |ParentID: 668)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1708 |ParentID: 668)
    Stoppé! C:Windowssystem32taskhost.exe (ID: 1824 |ParentID: 668)
    Stoppé! C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 512 |ParentID: 668)
    Stoppé! C:WindowsExplorer.EXE (ID: 544 |ParentID: 1892)
    Stoppé! C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID: 800 |ParentID: 1960)
    Stoppé! C:Program FilesMicrosoftBingBar7.2.241.0BBSvc.exe (ID: 1200 |ParentID: 668)
    Stoppé! C:Windowssystem32IProsetMonitor.exe (ID: 1548 |ParentID: 668)
    Stoppé! C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe (ID: 1624 |ParentID: 668)
    Stoppé! C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe (ID: 1596 |ParentID: 668)
    Stoppé! C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 2060 |ParentID: 668)
    Stoppé! C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe (ID: 2120 |ParentID: 668)
    Stoppé! C:Program FilesTomTom HOME 2TomTomHOMEService.exe (ID: 2216 |ParentID: 668)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2272 |ParentID: 668)
    Stoppé! C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe (ID: 2320 |ParentID: 668)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2384 |ParentID: 2272)
    Stoppé! C:Windowssystem32rundll32.exe (ID: 2932 |ParentID: 2920)
    Stoppé! C:Program FilesRealtekAudioHDARtHDVCpl.exe (ID: 3032 |ParentID: 544)
    Stoppé! C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe (ID: 3040 |ParentID: 544)
    Stoppé! C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe (ID: 3048 |ParentID: 544)
    Stoppé! C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe (ID: 3080 |ParentID: 544)
    Stoppé! C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe (ID: 3120 |ParentID: 544)
    Stoppé! C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe (ID: 3184 |ParentID: 544)
    Stoppé! C:Program FilesHPHP Software Updatehpwuschd2.exe (ID: 3248 |ParentID: 544)
    Stoppé! C:Program FilesSamsungKiesKiesTrayAgent.exe (ID: 3280 |ParentID: 544)
    Stoppé! C:Program FilesMyHeritageBinFTBCheckUpdates.exe (ID: 3372 |ParentID: 544)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3428 |ParentID: 544)
    Stoppé! C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE (ID: 3532 |ParentID: 544)
    Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID: 3544 |ParentID: 544)
    Stoppé! C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe (ID: 3568 |ParentID: 840)
    Stoppé! C:Program FilesSamsungKiesKies.exe (ID: 3604 |ParentID: 544)
    Stoppé! C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3636 |ParentID: 544)
    Stoppé! C:Program FilesTomTom HOME 2TomTomHOMERunner.exe (ID: 3652 |ParentID: 544)
    Stoppé! C:Program FilesWinZipWZQKPICK.EXE (ID: 3732 |ParentID: 544)
    Stoppé! C:Windowssystem32java.exe (ID: 1776 |ParentID: 1624)
    Stoppé! C:Windowssystem32conhost.exe (ID: 1760 |ParentID: 540)
    Stoppé! C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe (ID: 2580 |ParentID: 2060)
    Stoppé! C:Windowssystem32conhost.exe (ID: 2568 |ParentID: 620)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 1732 |ParentID: 668)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4588 |ParentID: 668)
    Stoppé! C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (ID: 4068 |ParentID: 668)
    Stoppé! C:Program FilesWindows LiveMailwlmail.exe (ID: 5800 |ParentID: 544)
    Stoppé! C:Program FilesWindows LiveContactswlcomm.exe (ID: 4400 |ParentID: 840)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5724 |ParentID: 5800)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 1488 |ParentID: 5724)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 3900 |ParentID: 5724)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 5272 |ParentID: 5724)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4484 |ParentID: 5724)
    Stoppé! C:WindowsservicingTrustedInstaller.exe (ID: 5672 |ParentID: 668)
    Stoppé! C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4100 |ParentID: 5724)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 1568 |ParentID: 1136)

    ################## | Regedit Run |

    04 – HKLMSOFTWARE | Run : [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe -s
    04 – HKLMSOFTWARE | Run : [IAStorIcon] – C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
    04 – HKLMSOFTWARE | Run : [NUSB3MON] – “C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
    04 – HKLMSOFTWARE | Run : [LogitechQuickCamRibbon] – “C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe” /hide
    04 – HKLMSOFTWARE | Run : [BCSSync] – “C:Program FilesMicrosoft OfficeOffice14BCSSync.exe” /DelayServices
    04 – HKLMSOFTWARE | Run : [Nvtmru] – “C:Program FilesNVIDIA CorporationNVIDIA Update Corenvtmru.exe”
    04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program FilesJavajre7binjusched.exe”
    04 – HKLMSOFTWARE | Run : [nmctxth] – “C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe”
    04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program FilesHPHP Software UpdateHPWuSchd2.exe
    04 – HKLMSOFTWARE | Run : [] –
    04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe
    04 – HKLMSOFTWARE | Run : [ShadowPlay] – C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap.dll,ShadowPlayOnSystemStart
    04 – HKLMSOFTWARE | Run : [Family Tree Builder Update] – C:Program FilesMyHeritageBinFTBCheckUpdates.exe
    04 – HKLMSOFTWARE | Run : [AvastUI.exe] – “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – HKLMSOFTWARE | RunOnce : [] –
    04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [OfficeSyncProcess] – “C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE”
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [ultracopier] – “C:Program FilesSupercopiersupercopier.exe”
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [KiesPreload] – C:Program FilesSamsungKiesKies.exe /preload
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [Update Service] – C:PROGRA~1COMMON~1TEKNUM~1update.exe /startup
    04 – HKUS-1-5-21-1565210137-3146814292-896495932-1000SOFTWARE | Run : [TomTomHOME.exe] – “C:Program FilesTomTom HOME 2TomTomHOMERunner.exe”
    04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

    ################## | Recherche générique |

    Supprimé! E:RunClubSanDisk.exe
    Supprimé! C:UsersjasAppDataLocalTemputt6559.tmp.exe
    Supprimé! C:UsersjasAppDataLocalTemputtB3A7.tmp.exe
    Supprimé! E:autorun.inf

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Réparé ! HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced|Start_ShowMyGames -> 1

    ################## | Listing |

    [11/06/2013 – 18:28:35 | SHD ] C:$Recycle.Bin
    [03/06/2013 – 07:41:12 | D ] C:64e061826bef969197bcfdae81
    [03/06/2013 – 18:57:50 | D ] C:8601edb96f329213d41d3853d29afc
    [10/11/2013 – 21:21:21 | D ] C:AdwCleaner
    [13/08/2013 – 18:13:08 | N | 3557] C:AdwCleaner[R1].txt
    [13/08/2013 – 19:46:28 | N | 1610] C:AdwCleaner[R2].txt
    [13/08/2013 – 18:13:38 | N | 3548] C:AdwCleaner[S1].txt
    [13/08/2013 – 20:21:34 | N | 1483] C:AdwCleaner[S2].txt
    [01/06/2013 – 17:48:39 | N | 157] C:AsCD.log
    [10/06/2009 – 22:42:20 | N | 24] C:autoexec.bat
    [06/09/2013 – 07:46:23 | RASHD ] C:Autorun.inf
    [08/11/2013 – 11:01:47 | D ] C:Config.Msi
    [10/06/2009 – 22:42:20 | N | 10] C:config.sys
    [14/07/2009 – 05:53:55 | SHD ] C:Documents and Settings
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10134] C:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 118] C:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17734] C:eula.3082.txt
    [20/07/2013 – 08:59:35 | D ] C:found.000
    [03/10/2013 – 05:56:28 | D ] C:found.001
    [12/10/2013 – 02:32:41 | D ] C:found.002
    [10/11/2013 – 19:44:08 | D ] C:FRST
    [07/11/2007 – 08:00:40 | N | 1110] C:globdata.ini
    [19/06/2013 – 10:06:28 | D ] C:god mode
    [11/11/2013 – 12:11:00 | ASH | 2403999744] C:hiberfil.sys
    [07/11/2007 – 08:03:18 | N | 562688] C:install.exe
    [07/11/2007 – 08:00:40 | N | 843] C:install.ini
    [07/11/2007 – 08:03:18 | N | 76304] C:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 96272] C:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 91152] C:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 97296] C:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 95248] C:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 81424] C:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 79888] C:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 75792] C:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 96272] C:install.res.3082.dll
    [01/06/2013 – 17:49:21 | D ] C:Intel
    [20/07/2013 – 22:19:39 | RHD ] C:MSOCache
    [14/10/2013 – 15:17:10 | D ] C:Nouveau dossier
    [01/06/2013 – 20:18:43 | D ] C:NVIDIA
    [11/11/2013 – 12:10:59 | ASH | 3205332992] C:pagefile.sys
    [14/07/2009 – 03:37:05 | D ] C:PerfLogs
    [11/11/2013 – 12:09:12 | D ] C:Program Files
    [11/11/2013 – 12:07:46 | HD ] C:ProgramData
    [10/11/2013 – 21:18:12 | N | 2269] C:rapport.txt
    [01/06/2013 – 17:43:07 | SHD ] C:Recovery
    [11/11/2013 – 12:09:12 | D ] C:Shortcut_Module
    [11/11/2013 – 12:12:45 | SHD ] C:System Volume Information
    [11/11/2013 – 10:52:14 | N | 22] C:Upload_UsbFix.zip
    [11/11/2013 – 12:21:03 | D ] C:UsbFix
    [06/09/2013 – 08:10:19 | N | 12411] C:UsbFix [Clean 1] JAS-PC.txt
    [11/11/2013 – 12:21:19 | A | 12621] C:UsbFix [Clean 2] JAS-PC.txt
    [02/06/2013 – 08:32:14 | D ] C:Users
    [07/11/2007 – 08:00:40 | N | 5686] C:vcredist.bmp
    [07/11/2007 – 08:09:22 | N | 1442522] C:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] C:VC_RED.MSI
    [10/09/2013 – 08:16:18 | D ] C:VIDEO_TS
    [11/11/2013 – 12:13:08 | D ] C:Windows
    [29/06/2011 – 10:56:42 | N | 27311232] E:RunSanDiskSecureAccess_Win.exe
    [24/08/2011 – 19:48:26 | D ] E:club_application
    [24/08/2011 – 19:48:36 | D ] E:SanDiskSecureAccess
    [20/05/2013 – 21:29:42 | N | 735229952] E:A.Good.Day.To.Die.Hard.2013.FRENCH.HDRip.XViD-TNB.By.Hadopix.[emule-island.ru].avi
    [18/08/2013 – 09:52:20 | N | 2314992020] E:Oblivion.2013.TRUEFRENCH.RERiP.BRRip.XviD.AC3-TMB.By.DreameR.[emule-island.ru].avi
    [12/09/2013 – 10:05:54 | D ] E:Nouveau dossier
    [18/09/2013 – 08:00:32 | N | 1039554] E:adwcleaner (1).exe
    [06/06/2013 – 07:27:19 | SHD ] F:$RECYCLE.BIN
    [15/11/2009 – 21:20:58 | D ] F:729d9a513c911071ed18b0
    [18/02/2009 – 18:14:50 | D ] F:7e01cc77b7efdc52574bc4af994005
    [06/09/2013 – 07:46:23 | RASHD ] F:Autorun.inf
    [13/12/2012 – 03:28:06 | D ] F:emule
    [14/05/2013 – 20:49:56 | D ] F:film
    [04/04/2013 – 15:16:20 | N | 379] F:Groupe résidentiel – Raccourci.lnk
    [29/12/2009 – 14:31:43 | D ] F:help
    [29/12/2009 – 12:30:59 | D ] F:hitajick
    [24/10/2010 – 18:01:55 | D ] F:JAS-PC
    [28/09/2010 – 16:27:06 | D ] F:jeux
    [29/09/2010 – 17:22:01 | N | 528] F:MediaID.bin
    [04/04/2013 – 13:00:10 | D ] F:Nouveau dossier
    [29/12/2009 – 12:32:54 | D ] F:Nouveau dossier(2)
    [29/12/2009 – 12:37:24 | D ] F:Oxemis
    [04/09/2011 – 06:34:55 | N | 13557760] F:Oxemis Video Library.msi
    [26/10/2011 – 18:24:24 | D ] F:Program Files
    [29/12/2009 – 14:11:20 | D ] F:programme file
    [29/12/2009 – 14:11:34 | D ] F:Reader
    [06/09/2013 – 07:45:25 | SHD ] F:RECYCLER
    [29/12/2009 – 14:11:41 | D ] F:ref
    [29/12/2009 – 14:11:48 | D ] F:Resource
    [13/10/2012 – 17:30:09 | SHD ] F:System Volume Information
    [29/12/2009 – 14:11:48 | D ] F:temp
    [15/08/2010 – 18:57:18 | D ] F:video librairie
    [29/12/2009 – 14:22:26 | D ] F:video library
    [07/11/2010 – 19:06:09 | D ] F:WindowsImageBackup
    [29/12/2009 – 14:30:40 | D ] F:wolf

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • rapsut
    Participant
    Nombre d'articles : 10

    RE
    lien fixlog
    SosUpload.e65509ec516714f39cc22e2fa01f067e.txt
    amicalement JAS

Le sujet ‘suprimer AARTEMIS’ est fermé à de nouvelles réponses.