Répondre à : suprimer AARTEMIS 2016-09-08T13:16:28+00:00
rapsut
Participant
Nombre d'articles : 11

Re
désolé voila la bon
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by jas (administrator) on JAS-PC on 10-11-2013 19:45:43
Running from C:UsersjasDesktop
Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA Corporation3D VisionnvSCPAPISvr.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastSvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
(NVIDIA Corporation) C:Windowssystem32nvvsvc.exe
(Microsoft Corporation.) C:Program FilesMicrosoftBingBar7.2.241.0BBSvc.exe
(Intel Corporation) C:Windowssystem32IProsetMonitor.exe
() C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe
(Logitech Inc.) C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
(Oracle Corporation) C:Windowssystem32java.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA Update Coredaemonu.exe
(TomTom) C:Program FilesTomTom HOME 2TomTomHOMEService.exe
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(Cisco Systems, Inc.) C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe
(Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
(Google Inc.) C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe
(Realtek Semiconductor) C:Program FilesRealtekAudioHDARtHDVCpl.exe
(Intel Corporation) C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
(Renesas Electronics Corporation) C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe
() C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe
(Cisco Systems, Inc.) C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe
(Hewlett-Packard) C:Program FilesHPHP Software Updatehpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:Program FilesSamsungKiesKiesTrayAgent.exe
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplaynvtray.exe
(MyHeritage) C:Program FilesMyHeritageBinFTBCheckUpdates.exe
() C:Program FilesCommon FilesLogishrdLQCVFXCOCIManager.exe
(AVAST Software) C:Program FilesAVAST SoftwareAvastAvastUI.exe
(Microsoft Corporation) C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE
(Microsoft Corporation) C:Program FilesWindows Sidebarsidebar.exe
(Samsung) C:Program FilesSamsungKiesKies.exe
(Samsung) C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe
(TomTom) C:Program FilesTomTom HOME 2TomTomHOMERunner.exe
(WinZip Computing, S.L.) C:Program FilesWinZipWZQKPICK.EXE
(NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
(Intel Corporation) C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe
(Google Inc.) C:Program FilesGoogleChromeApplicationchrome.exe

==================== Registry (Whitelisted) ==================

HKLM…Run: [RtHDVCpl] – C:Program FilesRealtekAudioHDARtHDVCpl.exe [9808488 2010-11-02] (Realtek Semiconductor)
HKLM…Run: [IAStorIcon] – C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM…Run: [NUSB3MON] – C:Program FilesRenesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM…Run: [LogitechQuickCamRibbon] – C:Program FilesLogitechLogitech WebCam SoftwareLWS.exe [2793304 2009-10-14] ()
HKLM…Run: [BCSSync] – C:Program FilesMicrosoft OfficeOffice14BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM…Run: [Nvtmru] – C:Program FilesNVIDIA CorporationNVIDIA Update CoreNvTmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM…Run: [Adobe ARM] – C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM…Run: [SunJavaUpdateSched] – “C:Program FilesJavajre7binjusched.exe”
HKLM…Run: [nmctxth] – C:Program FilesCommon FilesPure Networks SharedPlatformnmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
HKLM…Run: [HP Software Update] – C:Program FilesHPHP Software Updatehpwuschd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM…Run: [] – [x]
HKLM…Run: [KiesTrayAgent] – C:Program FilesSamsungKiesKiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM…Run: [ShadowPlay] – C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap.dll,ShadowPlayOnSystemStart
HKLM…Run: [Family Tree Builder Update] – C:Program FilesMyHeritageBinFTBCheckUpdates.exe [2532864 2013-10-13] (MyHeritage)
HKLM…Run: [AvastUI.exe] – C:Program FilesAVAST SoftwareAvastAvastUI.exe [3568312 2013-11-07] (AVAST Software)
HKCU…Run: [OfficeSyncProcess] – C:Program FilesMicrosoft OfficeOffice14MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU…Run: [ultracopier] – “C:Program FilesSupercopiersupercopier.exe”
HKCU…Run: [KiesPreload] – C:Program FilesSamsungKiesKies.exe [1564528 2013-09-04] (Samsung)
HKCU…Run: [KiesAirMessage] – C:Program FilesSamsungKiesKiesAirMessage.exe -startup
HKCU…Run: [] – C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe [844656 2013-09-04] (Samsung)
HKCU…Run: [Update Service] – C:Program FilesCommon FilesTeknum Systemsupdate.exe [19456 2013-06-23] (Teknum Systems AS)
HKCU…Run: [TomTomHOME.exe] – C:Program FilesTomTom HOME 2TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = http://fr.msn.com/” onclick=”window.open(this.href);return false;
HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache_TIMESTAMP = 0xF686B300FE97CE01
HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache AcceptLangs = fr-FR
HKCUSoftwareMicrosoftInternet ExplorerMain,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch” onclick=”window.open(this.href);return false;
HKCUSoftwareMicrosoftInternet ExplorerMain,Default_page_url = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499&q=” onclick=”window.open(this.href);return false;{searchTerms}
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://aartemis.com/?type=hp&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499&q=” onclick=”window.open(this.href);return false;{searchTerms}
HKLMSoftwareMicrosoftInternet ExplorerMain,Search bar = http://search.msn.com/spbasic.htm” onclick=”window.open(this.href);return false;
HKLMSoftwareMicrosoftInternet ExplorerMain,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE – C:Program FilesInternet Exploreriexplore.exe http://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;
SearchScopes: HKLM – DefaultScope value is missing.
BHO: MSS+ Identifier – {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} – C:Program FilesMcAfee Security Scan3.0.318McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:Program FilesJavajre7binssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class – {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} – C:Program FilesBluetooth SuiteIEPlugIn.dll (Atheros Commnucations)
BHO: avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon Filesmicrosoft sharedWindows LiveWindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler – {B4F3A835-0E21-4959-BA22-42B3008E02FF} – C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} – C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)
Toolbar: HKLM – avast! Online Security – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} – C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll (AVAST Software)
Toolbar: HKLM – Bing Bar – {8dcb7100-df86-4384-8842-8fa844297b3f} – C:Program FilesMicrosoftBingBar7.2.241.0BingExt.dll (Microsoft Corporation.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab” onclick=”window.open(this.href);return false;
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab” onclick=”window.open(this.href);return false;
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab” onclick=”window.open(this.href);return false;
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: pure-go – {4746C79A-2042-4332-8650-48966E44ABA8} – C:Program FilesCommon FilesPure Networks SharedPlatformpuresp4.dll (Cisco Systems, Inc.)
TcpipParameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

Chrome:
=======
CHR HomePage: hxxp://www.google-chrome.fr/” onclick=”window.open(this.href);return false;
CHR Plugin: (Shockwave Flash) – C:Program FilesGoogleChromeApplication30.0.1599.101PepperFlashpepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) – internal-remoting-viewer
CHR Plugin: (Native Client) – C:Program FilesGoogleChromeApplication30.0.1599.101ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) – C:Program FilesGoogleChromeApplication30.0.1599.101pdf.dll ()
CHR Plugin: (Microsoft Office 2010) – C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) – C:PROGRA~1MICROS~1Office14NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) – C:Program FilesAdobeReader 11.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) – C:Program FilesGoogleGoogle Earthpluginnpgeplugin.dll (Google)
CHR Plugin: (Google Update) – C:Program FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U25) – C:Program FilesJavajre7binplugin2npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee Security Scanner +) – C:Program FilesMcAfee Security Scan3.0.318npMcAfeeMss.dll (McAfee, Inc.)
CHR Plugin: (NVIDIA 3D Vision) – C:Program FilesNVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) – C:Program FilesNVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) – C:Program FilesVideoLANVLCnpvlc.dll (VideoLAN)
CHR Plugin: (Windows Liveu0099 Photo Gallery) – C:Program FilesWindows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) – C:Windowssystem32npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) – c:Program FilesMicrosoft Silverlight5.1.20513.0npctrl.dll No File
CHR Extension: (Google Docs) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake.5_0
CHR Extension: (Google Drive) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0
CHR Extension: (YouTube) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0
CHR Extension: (Google Search) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf.0.0.20_0
CHR Extension: (avast! Online Security) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsgomekmidlodglbbmalcneegieacbdmki8.0.8_0
CHR Extension: (Google Wallet) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda.0.5.0_0
CHR Extension: (Gmail) – C:UsersjasAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1
CHR StartMenuInternet: Google Chrome – C:Program FilesGoogleChromeApplicationchrome.exe http://aartemis.com/?type=sc&ts=1384105853&from=tugs&uid=WDCXWD2500AAKX-08ERMA0_WD-WCC2EK64249942499” onclick=”window.open(this.href);return false;

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe [68096 2013-06-06] ()
R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344 2013-11-07] (AVAST Software)
R2 Intel® PROSet Monitoring Service; C:Windowssystem32IProsetMonitor.exe [87712 2010-08-12] (Intel Corporation)
S3 McComponentHostService; C:Program FilesMcAfee Security Scan3.0.318McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 nmservice; C:Program FilesCommon FilesPure Networks SharedPlatformnmsrvc.exe [642856 2008-12-12] (Cisco Systems, Inc.)
R2 NvStreamSvc; C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe [14650144 2013-10-18] (NVIDIA Corporation)
R2 LinksysUpdater; “C:Program FilesLinksysLinksys UpdaterbinLinksysUpdater.exe” -s “C:Program FilesLinksysLinksys Updaterconfwrapper.conf”

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:Windowssystem32driversaswFsBlk.sys [35656 2013-11-07] (AVAST Software)
R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [70384 2013-11-07] (AVAST Software)
R1 aswRdr; C:Windowssystem32driversaswRdr2.sys [79720 2013-11-07] (AVAST Software)
R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [49944 2013-11-07] ()
R1 aswSnx; C:Windowssystem32driversaswSnx.sys [774392 2013-11-07] (AVAST Software)
R1 aswSP; C:Windowssystem32driversaswSP.sys [403440 2013-11-07] (AVAST Software)
R1 aswTdi; C:Windowssystem32driversaswTdi.sys [57672 2013-11-07] (AVAST Software)
R0 aswVmm; C:WindowsSystem32DriversaswVmm.sys [178304 2013-11-07] ()
S3 AthBTPort; C:WindowsSystem32DRIVERSbtath_flt.sys [37224 2010-10-27] (Atheros)
S3 ATHDFU; C:WindowsSystem32DriversAthDfu.sys [47144 2010-10-27] (Windows (R) Win 7 DDK provider)
S3 BTATH_A2DP; C:WindowsSystem32driversbtath_a2dp.sys [260968 2010-10-27] (Atheros)
R3 BTATH_BUS; C:WindowsSystem32DRIVERSbtath_bus.sys [26984 2010-10-27] (Atheros)
S3 BTATH_HCRP; C:WindowsSystem32DRIVERSbtath_hcrp.sys [178024 2010-10-27] (Atheros)
S3 BTATH_LWFLT; C:WindowsSystem32DRIVERSbtath_lwflt.sys [51560 2010-10-27] (Atheros)
S3 BTATH_RCP; C:WindowsSystem32DRIVERSbtath_rcp.sys [143336 2010-10-27] (Atheros)
S3 BtFilter; C:WindowsSystem32DRIVERSbtfilter.sys [242024 2010-10-27] (Atheros)
R3 e1cexpress; C:WindowsSystem32DRIVERSe1c6232.sys [238248 2010-09-21] (Intel Corporation)
R2 ElbyCDIO; C:WindowsSystem32DriversElbyCDIO.sys [9728 2004-06-08] (Elaborate Bytes AG)
R3 ElbyDelay; C:WindowsSystem32DriversElbyDelay.sys [3968 2004-06-08] (Elaborate Bytes AG)
R3 LVPr2Mon; C:WindowsSystem32DRIVERSLVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:WindowsSystem32DRIVERSLVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MEI; C:WindowsSystem32DRIVERSHECI.sys [41088 2010-10-19] (Intel Corporation)
R3 nusb3hub; C:WindowsSystem32DRIVERSnusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:WindowsSystem32DRIVERSnusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad32v.sys [33568 2013-09-28] (NVIDIA Corporation)
S3 PID_PEPI; C:WindowsSystem32DRIVERSLV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R2 pnarp; C:WindowsSystem32DRIVERSpnarp.sys [24880 2008-12-12] (Cisco Systems, Inc.)
U5 AtherosSvc; C:Program FilesBluetooth Suiteadminservice.exe [56480 2010-10-27] (Atheros Commnucations)
U3 Idcsvdpobksv; No ImagePath
S3 Pcouffin; System32DriversPcouffin.sys [x]
U5 purendis; C:WindowsSystem32DRIVERSpurendis.sys [26416 2008-12-12] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-10 19:44 – 2013-11-10 19:44 – 00000000 ____D C:FRST
2013-11-10 19:42 – 2013-11-10 19:42 – 01090275 _____ (Farbar) C:UsersjasDesktopFRST.exe
2013-11-10 19:32 – 2013-11-10 19:32 – 01073262 _____ C:UsersjasDownloadsadwcleaner (2).exe
2013-11-10 19:22 – 2013-11-10 19:22 – 01073262 _____ C:UsersjasDownloadsadwcleaner (3).exe
2013-11-10 18:57 – 2013-11-10 18:58 – 10285040 _____ (Malwarebytes Corporation ) C:UsersjasDownloadsmbam-setup-1.75.0.1300 (1).exe
2013-11-10 08:56 – 2013-11-10 08:56 – 00000000 ____D C:UsersjasAppDataLocal{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
2013-11-09 19:02 – 2013-11-09 19:02 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
2013-11-09 19:01 – 2013-11-09 19:01 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
2013-11-09 16:53 – 2013-11-09 19:47 – 733247488 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
2013-11-09 07:20 – 2013-11-09 07:20 – 00000000 ____D C:UsersjasAppDataLocal{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
2013-11-08 18:58 – 2013-11-08 18:59 – 00000000 ____D C:UsersjasAppDataLocal{5206A44D-3316-4AE0-9E31-41882BA9BE44}
2013-11-08 06:58 – 2013-11-08 06:58 – 00000000 ____D C:UsersjasAppDataLocal{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
2013-11-07 19:51 – 2013-11-07 19:51 – 00000000 ____D C:UsersjasAppDataRoamingAVAST Software
2013-11-07 19:50 – 2013-11-07 19:50 – 00000000 ____D C:Windowssystem32%LOCALAPPDATA%
2013-11-07 11:35 – 2013-11-07 12:12 – 00000000 ____D C:UsersjasAppDataRoamingMyHeritage
2013-11-07 11:35 – 2013-11-07 12:10 – 00000000 ____D C:UsersjasDocumentsMyHeritage
2013-11-07 11:35 – 2013-11-07 11:40 – 00000000 ____D C:ProgramDataMyHeritage
2013-11-07 11:35 – 2013-11-07 11:35 – 00001039 _____ C:UsersjasDesktopMyHeritage Family Tree Builder.lnk
2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingThe Complete Genealogy Reporter – FTB
2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsMyHeritage.com
2013-11-07 11:35 – 2012-08-02 08:56 – 00606208 _____ (Lorenzi Davide) C:Windowssystem32HexUniRTFBox.ocx
2013-11-07 11:35 – 2010-06-17 19:49 – 02029056 _____ (Bytescout) C:Windowssystem32PDFDocScout.DLL
2013-11-07 11:35 – 2004-12-07 11:11 – 00258352 _____ (Microsoft Corporation) C:Windowssystem32unicows.dll
2013-11-07 11:35 – 2003-07-06 14:07 – 00372736 _____ (Intel Corporation) C:Windowssystem32ijl15.dll
2013-11-07 11:35 – 2002-03-07 01:19 – 00454656 _____ () C:Windowssystem32PaintX.dll
2013-11-07 11:35 – 2000-05-22 17:58 – 00608448 _____ (Microsoft Corporation) C:Windowssystem32comctl32.ocx
2013-11-07 11:35 – 1998-06-24 01:00 – 00137000 _____ (Microsoft Corporation) C:Windowssystem32msmapi32.ocx
2013-11-07 11:34 – 2013-11-07 11:34 – 00000000 ____D C:Program FilesMyHeritage
2013-11-07 10:52 – 2013-11-07 10:54 – 36976408 _____ C:UsersjasDownloadsfamily_tree_builder_7126.exe
2013-11-07 08:14 – 2013-11-07 08:14 – 00000000 ____D C:UsersjasAppDataLocal{15B57D3E-43D3-492D-B2AA-8841703E839B}
2013-11-06 18:56 – 2013-11-06 18:56 – 00000000 ____D C:UsersjasAppDataLocal{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
2013-11-06 06:56 – 2013-11-06 06:56 – 00000000 ____D C:UsersjasAppDataLocal{727A2663-8B6A-4415-B637-707CA89D9BB4}
2013-11-05 08:37 – 2013-11-05 08:37 – 00000000 ____D C:UsersjasAppDataLocal{56499710-2952-4FA0-9120-C744ECE1662F}
2013-11-04 20:04 – 2013-11-04 20:04 – 00000000 ____D C:UsersjasAppDataLocal{5F562531-B68F-4847-AD86-DDBB891A5F6C}
2013-11-04 08:04 – 2013-11-04 08:04 – 00000000 ____D C:UsersjasAppDataLocal{5427FFA4-7B50-4012-87AC-04A452B02429}
2013-11-03 20:03 – 2013-11-03 20:03 – 00000000 ____D C:UsersjasAppDataLocal{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
2013-11-03 08:03 – 2013-11-03 08:03 – 00000000 ____D C:UsersjasAppDataLocal{262E305E-C24F-4FDF-AB3E-AB613A922D99}
2013-11-02 19:50 – 2013-11-02 19:50 – 00000000 ____D C:UsersjasAppDataLocal{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
2013-11-02 07:49 – 2013-11-02 07:49 – 00000000 ____D C:UsersjasAppDataLocal{F411F597-18EB-4E7C-815B-473BC1CA74B5}
2013-11-01 18:00 – 2013-11-01 18:00 – 00000000 ____D C:UsersjasAppDataLocal{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
2013-10-31 20:46 – 2013-10-31 20:46 – 00000000 ____D C:UsersjasAppDataLocal{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
2013-10-31 08:45 – 2013-10-31 08:46 – 00000000 ____D C:UsersjasAppDataLocal{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
2013-10-30 20:27 – 2013-10-30 20:28 – 00000000 ____D C:UsersjasAppDataLocal{06E1E7F1-7FC7-442C-85D8-A95930C20086}
2013-10-30 08:12 – 2013-10-30 08:12 – 00000000 ____D C:UsersjasAppDataLocal{0EC7399D-44DA-4440-9845-00031EA2FFB0}
2013-10-29 08:32 – 2013-10-29 08:32 – 00000000 ____D C:UsersjasAppDataLocal{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
2013-10-28 20:26 – 2013-10-28 20:27 – 00000000 ____D C:UsersjasAppDataLocal{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
2013-10-28 18:47 – 2013-10-18 02:36 – 00955168 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll
2013-10-28 18:46 – 2013-09-28 00:01 – 00033568 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad32v.sys
2013-10-28 18:46 – 2013-09-28 00:01 – 00028960 _____ (NVIDIA Corporation) C:Windowssystem32nvaudcap32v.dll
2013-10-28 08:24 – 2013-10-28 08:24 – 00000000 ____D C:UsersjasAppDataLocal{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
2013-10-27 07:28 – 2013-10-27 07:29 – 00000000 ____D C:UsersjasAppDataLocal{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
2013-10-26 19:28 – 2013-10-26 19:28 – 00000000 ____D C:UsersjasAppDataLocal{090B7702-3082-4050-82FF-58F3F99A351F}
2013-10-26 07:27 – 2013-10-26 07:28 – 00000000 ____D C:UsersjasAppDataLocal{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
2013-10-25 18:47 – 2013-10-25 18:47 – 00000000 ____D C:UsersjasAppDataLocal{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
2013-10-25 06:46 – 2013-10-25 06:47 – 00000000 ____D C:UsersjasAppDataLocal{AB86A48F-88E0-4270-A479-F67EDCDE558F}
2013-10-24 18:46 – 2013-10-24 18:46 – 00000000 ____D C:UsersjasAppDataLocal{D92853F3-358E-4C73-8428-FB9230F947CF}
2013-10-24 06:46 – 2013-10-24 06:46 – 00000000 ____D C:UsersjasAppDataLocal{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
2013-10-23 17:57 – 2013-10-23 17:57 – 00000000 ____D C:UsersjasAppDataLocal{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
2013-10-23 05:57 – 2013-10-23 05:57 – 00000000 ____D C:UsersjasAppDataLocal{2B8523F8-9857-47D2-AD52-060695EA9E54}
2013-10-22 17:45 – 2013-10-22 17:46 – 00000000 ____D C:UsersjasAppDataLocal{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
2013-10-21 19:47 – 2013-10-21 19:47 – 00000000 ____D C:UsersjasAppDataLocal{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
2013-10-21 07:47 – 2013-10-21 07:47 – 00000000 ____D C:UsersjasAppDataLocal{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
2013-10-20 08:18 – 2013-10-20 08:18 – 00000000 ____D C:UsersjasAppDataLocal{A5907C90-DA31-4EEC-B172-709C66CC2E28}
2013-10-19 19:39 – 2013-10-19 19:39 – 00000000 ____D C:UsersjasAppDataLocal{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
2013-10-19 06:59 – 2013-10-19 06:59 – 00000000 ____D C:UsersjasAppDataLocal{799D6292-FCC5-400E-B837-55FE13CC8135}
2013-10-18 07:45 – 2013-10-18 07:46 – 00000000 ____D C:UsersjasAppDataLocal{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
2013-10-17 21:00 – 2013-10-17 21:01 – 00160968 _____ C:WindowsMinidump101713-17503-01.dmp
2013-10-17 19:45 – 2013-10-17 19:45 – 00000000 ____D C:UsersjasAppDataLocal{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
2013-10-17 07:23 – 2013-10-17 07:23 – 00000000 ____D C:UsersjasAppDataLocal{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
2013-10-16 19:54 – 2013-10-16 19:54 – 00000000 ____D C:UsersjasAppDataLocal{45B154E7-4548-45F8-B5F0-274B41956AE9}
2013-10-16 07:26 – 2013-10-16 07:26 – 00000000 ____D C:UsersjasAppDataLocal{C383251E-2BE7-443D-A906-12BECC510AEC}
2013-10-15 19:21 – 2013-10-15 19:21 – 00000000 ____D C:UsersjasAppDataLocal{271BE547-2774-4259-B597-121E5A1B3AAC}
2013-10-15 07:09 – 2013-10-15 07:09 – 00000000 ____D C:UsersjasAppDataLocal{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
2013-10-14 18:35 – 2013-10-14 18:35 – 00000000 ____D C:UsersjasAppDataLocal{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
2013-10-14 17:18 – 2013-10-14 17:19 – 00161920 _____ C:WindowsMinidump101413-150416-01.dmp
2013-10-14 10:47 – 2013-10-14 15:17 – 00000000 ____D C:Nouveau dossier
2013-10-14 06:34 – 2013-10-14 06:34 – 00000000 ____D C:UsersjasAppDataLocal{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
2013-10-13 18:34 – 2013-10-13 18:34 – 00000000 ____D C:UsersjasAppDataLocal{21F05535-B31D-4342-99A6-DF0BD43DF983}
2013-10-13 15:05 – 2013-10-13 15:05 – 00930848 _____ (MyHeritage) C:Windowssystem32FTBSaver.scr
2013-10-13 06:33 – 2013-10-13 06:34 – 00000000 ____D C:UsersjasAppDataLocal{A17F5054-6159-4944-9E5E-74C041174366}
2013-10-12 07:09 – 2013-10-12 07:09 – 00000000 ____D C:UsersjasAppDataLocal{D8372A0A-038F-4EF2-B029-2A0C8C973134}
2013-10-12 02:32 – 2013-10-12 02:32 – 00000000 __SHD C:found.002
2013-10-12 02:04 – 2013-09-23 00:28 – 01767936 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll
2013-10-12 02:04 – 2013-09-23 00:28 – 01141248 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll
2013-10-12 02:04 – 2013-09-23 00:28 – 00042496 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe
2013-10-12 02:04 – 2013-09-23 00:27 – 14335488 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 13761024 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 02876928 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 02048512 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00690688 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00493056 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00391168 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00109056 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00061440 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00039424 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll
2013-10-12 02:04 – 2013-09-23 00:27 – 00033280 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll
2013-10-12 02:04 – 2013-09-21 04:30 – 02706432 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb
2013-10-12 02:04 – 2013-09-21 03:39 – 00071680 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe
2013-10-11 19:09 – 2013-10-11 19:09 – 00000000 ____D C:UsersjasAppDataLocal{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
2013-10-11 07:16 – 2013-09-14 01:48 – 00338944 _____ (Microsoft Corporation) C:Windowssystem32Driversafd.sys
2013-10-11 07:16 – 2013-09-08 03:07 – 01294272 _____ (Microsoft Corporation) C:Windowssystem32Driverstcpip.sys
2013-10-11 07:16 – 2013-09-08 03:03 – 00231424 _____ (Microsoft Corporation) C:Windowssystem32mswsock.dll
2013-10-11 07:16 – 2013-08-29 02:51 – 03969472 _____ (Microsoft Corporation) C:Windowssystem32ntkrnlpa.exe
2013-10-11 07:16 – 2013-08-29 02:51 – 03914176 _____ (Microsoft Corporation) C:Windowssystem32ntoskrnl.exe
2013-10-11 07:16 – 2013-08-29 02:50 – 01289096 _____ (Microsoft Corporation) C:Windowssystem32ntdll.dll
2013-10-11 07:16 – 2013-08-29 02:50 – 00619520 _____ (Microsoft Corporation) C:Windowssystem32tdh.dll
2013-10-11 07:16 – 2013-08-29 02:48 – 00640512 _____ (Microsoft Corporation) C:Windowssystem32advapi32.dll
2013-10-11 07:16 – 2013-08-28 02:04 – 02348544 _____ (Microsoft Corporation) C:Windowssystem32win32k.sys
2013-10-11 07:16 – 2013-08-28 01:57 – 00434688 _____ (Microsoft Corporation) C:Windowssystem32scavengeui.dll
2013-10-11 07:16 – 2013-08-01 12:03 – 00729024 _____ (Microsoft Corporation) C:Windowssystem32Driversdxgkrnl.sys
2013-10-11 07:16 – 2013-07-20 11:33 – 00102608 _____ (Microsoft Corporation) C:Windowssystem32PresentationCFFRasterizerNative_v0300.dll
2013-10-11 07:16 – 2013-07-12 11:07 – 00086016 _____ (Microsoft Corporation) C:Windowssystem32Driversusbcir.sys
2013-10-11 07:16 – 2013-07-12 11:07 – 00080896 _____ (Microsoft Corporation) C:Windowssystem32DriversUSBAUDIO.sys
2013-10-11 07:16 – 2013-07-04 12:57 – 00205824 _____ (Microsoft Corporation) C:Windowssystem32WebClnt.dll
2013-10-11 07:16 – 2013-07-04 12:51 – 00081920 _____ (Microsoft Corporation) C:Windowssystem32davclnt.dll
2013-10-11 07:16 – 2013-07-04 12:50 – 00530432 _____ (Microsoft Corporation) C:Windowssystem32comctl32.dll
2013-10-11 07:16 – 2013-07-04 10:48 – 00115712 _____ (Microsoft Corporation) C:Windowssystem32Driversmrxdav.sys
2013-10-11 07:16 – 2013-07-03 05:02 – 00036352 _____ (Microsoft Corporation) C:Windowssystem32Driversusbscan.sys
2013-10-11 07:16 – 2013-07-03 04:36 – 00055808 _____ (Microsoft Corporation) C:Windowssystem32Drivershidclass.sys
2013-10-11 07:16 – 2013-07-03 04:36 – 00025728 _____ (Microsoft Corporation) C:Windowssystem32Drivershidparse.sys
2013-10-11 07:16 – 2013-06-25 23:56 – 00527064 _____ (Microsoft Corporation) C:Windowssystem32DriversWdf01000.sys
2013-10-11 07:16 – 2013-06-06 05:52 – 00026112 _____ (Microsoft Corporation) C:Windowssystem32lpk.dll
2013-10-11 07:16 – 2013-06-06 05:51 – 00070656 _____ (Microsoft Corporation) C:Windowssystem32fontsub.dll
2013-10-11 07:16 – 2013-06-06 05:50 – 00010240 _____ (Microsoft Corporation) C:Windowssystem32dciman32.dll
2013-10-11 07:16 – 2013-06-06 04:01 – 00295424 _____ (Adobe Systems Incorporated) C:Windowssystem32atmfd.dll
2013-10-11 07:16 – 2013-06-06 04:01 – 00034304 _____ (Adobe Systems) C:Windowssystem32atmlib.dll
2013-10-11 07:08 – 2013-10-11 07:09 – 00000000 ____D C:UsersjasAppDataLocal{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

==================== One Month Modified Files and Folders =======

2013-11-10 19:44 – 2013-11-10 19:44 – 00000000 ____D C:FRST
2013-11-10 19:42 – 2013-11-10 19:42 – 01090275 _____ (Farbar) C:UsersjasDesktopFRST.exe
2013-11-10 19:42 – 2009-07-14 05:34 – 00015696 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:42 – 2009-07-14 05:34 – 00015696 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 19:40 – 2013-06-01 17:37 – 01381557 _____ C:WindowsWindowsUpdate.log
2013-11-10 19:35 – 2013-06-07 19:37 – 00001046 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
2013-11-10 19:34 – 2013-06-01 21:17 – 00000000 ____D C:ProgramDataNVIDIA
2013-11-10 19:34 – 2013-06-01 20:04 – 00188250 _____ C:WindowsPFRO.log
2013-11-10 19:34 – 2009-07-14 05:53 – 00000006 ____H C:WindowsTasksSA.DAT
2013-11-10 19:34 – 2009-07-14 05:39 – 00080502 _____ C:Windowssetupact.log
2013-11-10 19:33 – 2013-09-18 07:00 – 00000000 ____D C:AdwCleaner
2013-11-10 19:32 – 2013-11-10 19:32 – 01073262 _____ C:UsersjasDownloadsadwcleaner (2).exe
2013-11-10 19:26 – 2013-06-07 19:37 – 00001050 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
2013-11-10 19:22 – 2013-11-10 19:22 – 01073262 _____ C:UsersjasDownloadsadwcleaner (3).exe
2013-11-10 19:17 – 2013-08-13 20:12 – 00000000 ____D C:Windows4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-11-10 19:16 – 2013-06-01 20:56 – 00000000 ____D C:Program FilesFree Coinche
2013-11-10 19:13 – 2013-07-22 08:34 – 00001002 _____ C:WindowsTasksAdobe Flash Player Updater.job
2013-11-10 18:58 – 2013-11-10 18:57 – 10285040 _____ (Malwarebytes Corporation ) C:UsersjasDownloadsmbam-setup-1.75.0.1300 (1).exe
2013-11-10 18:53 – 2013-06-23 10:54 – 00000000 ____D C:Program FilesHandyBits
2013-11-10 18:51 – 2013-09-18 06:57 – 00002291 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2013-11-10 18:51 – 2013-06-01 17:43 – 00001631 _____ C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
2013-11-10 15:49 – 2013-06-02 08:32 – 00000000 ____D C:UsersUpdatusUser.jas-PC
2013-11-10 08:56 – 2013-11-10 08:56 – 00000000 ____D C:UsersjasAppDataLocal{C1300E90-2D4B-4D0C-8935-8C82B860E67A}
2013-11-10 08:55 – 2013-06-10 08:33 – 00000000 ____D C:UsersjasAppDataLocalCrashDumps
2013-11-09 19:47 – 2013-11-09 16:53 – 733247488 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi
2013-11-09 19:47 – 2013-06-05 20:40 – 00000000 ____D C:UsersjasAppDataRoaminguTorrent
2013-11-09 19:02 – 2013-11-09 19:02 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB (1).torrent
2013-11-09 19:01 – 2013-11-09 19:01 – 00028523 _____ C:UsersjasDownloadsHorton.Hears.a.Who.FRENCH.R5.XviD-PWD.avi.4209292.TPB.torrent
2013-11-09 19:00 – 2013-06-02 18:55 – 00000000 ____D C:UsersjasAppDataRoamingvlc
2013-11-09 18:49 – 2013-06-01 17:45 – 01668334 _____ C:Windowssystem32PerfStringBackup.INI
2013-11-09 07:20 – 2013-11-09 07:20 – 00000000 ____D C:UsersjasAppDataLocal{6685D871-696A-4AAA-AFE0-1EBB01CB62FA}
2013-11-09 07:16 – 2009-07-14 05:53 – 00032482 _____ C:WindowsTasksSCHEDLGU.TXT
2013-11-08 18:59 – 2013-11-08 18:58 – 00000000 ____D C:UsersjasAppDataLocal{5206A44D-3316-4AE0-9E31-41882BA9BE44}
2013-11-08 10:47 – 2013-06-17 08:35 – 00000000 ____D C:Program FilesTomTom HOME 2
2013-11-08 10:47 – 2013-06-17 08:33 – 00000000 ____D C:UsersjasAppDataLocalDownloaded Installations
2013-11-08 06:58 – 2013-11-08 06:58 – 00000000 ____D C:UsersjasAppDataLocal{4AE7A83A-75C0-471A-92FB-FA24F7D72204}
2013-11-07 19:51 – 2013-11-07 19:51 – 00000000 ____D C:UsersjasAppDataRoamingAVAST Software
2013-11-07 19:51 – 2013-06-01 18:59 – 00403440 _____ (AVAST Software) C:Windowssystem32Driversaswsp.sys
2013-11-07 19:50 – 2013-11-07 19:50 – 00000000 ____D C:Windowssystem32%LOCALAPPDATA%
2013-11-07 15:48 – 2013-07-10 15:27 – 00002007 _____ C:UsersPublicDesktopavast! Free Antivirus.lnk
2013-11-07 15:48 – 2013-06-01 18:59 – 00774392 _____ (AVAST Software) C:Windowssystem32DriversaswSnx.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00269216 _____ (AVAST Software) C:Windowssystem32aswBoot.exe
2013-11-07 15:48 – 2013-06-01 18:59 – 00178304 _____ C:Windowssystem32DriversaswVmm.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00079720 _____ (AVAST Software) C:Windowssystem32DriversaswRdr2.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00070384 _____ (AVAST Software) C:Windowssystem32DriversaswMonFlt.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00057672 _____ (AVAST Software) C:Windowssystem32DriversaswTdi.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00049944 _____ C:Windowssystem32DriversaswRvrt.sys
2013-11-07 15:48 – 2013-06-01 18:59 – 00043152 _____ (AVAST Software) C:WindowsavastSS.scr
2013-11-07 15:48 – 2013-06-01 18:59 – 00035656 _____ (AVAST Software) C:Windowssystem32DriversaswFsBlk.sys
2013-11-07 15:45 – 2013-06-01 18:58 – 00000000 ____D C:ProgramDataAVAST Software
2013-11-07 15:44 – 2009-07-14 03:04 – 00002577 _____ C:Windowssystem32config.nt
2013-11-07 12:12 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMyHeritage
2013-11-07 12:10 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasDocumentsMyHeritage
2013-11-07 11:40 – 2013-11-07 11:35 – 00000000 ____D C:ProgramDataMyHeritage
2013-11-07 11:35 – 2013-11-07 11:35 – 00001039 _____ C:UsersjasDesktopMyHeritage Family Tree Builder.lnk
2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingThe Complete Genealogy Reporter – FTB
2013-11-07 11:35 – 2013-11-07 11:35 – 00000000 ____D C:UsersjasAppDataRoamingMicrosoftWindowsStart MenuProgramsMyHeritage.com
2013-11-07 11:34 – 2013-11-07 11:34 – 00000000 ____D C:Program FilesMyHeritage
2013-11-07 10:54 – 2013-11-07 10:52 – 36976408 _____ C:UsersjasDownloadsfamily_tree_builder_7126.exe
2013-11-07 08:14 – 2013-11-07 08:14 – 00000000 ____D C:UsersjasAppDataLocal{15B57D3E-43D3-492D-B2AA-8841703E839B}
2013-11-06 18:56 – 2013-11-06 18:56 – 00000000 ____D C:UsersjasAppDataLocal{70AC820B-66C2-4D05-9A91-4C5984BF50C0}
2013-11-06 06:56 – 2013-11-06 06:56 – 00000000 ____D C:UsersjasAppDataLocal{727A2663-8B6A-4415-B637-707CA89D9BB4}
2013-11-05 08:37 – 2013-11-05 08:37 – 00000000 ____D C:UsersjasAppDataLocal{56499710-2952-4FA0-9120-C744ECE1662F}
2013-11-04 20:04 – 2013-11-04 20:04 – 00000000 ____D C:UsersjasAppDataLocal{5F562531-B68F-4847-AD86-DDBB891A5F6C}
2013-11-04 08:04 – 2013-11-04 08:04 – 00000000 ____D C:UsersjasAppDataLocal{5427FFA4-7B50-4012-87AC-04A452B02429}
2013-11-03 20:03 – 2013-11-03 20:03 – 00000000 ____D C:UsersjasAppDataLocal{3DE51A8C-04F2-49FD-A39B-8300CAADE9F5}
2013-11-03 08:03 – 2013-11-03 08:03 – 00000000 ____D C:UsersjasAppDataLocal{262E305E-C24F-4FDF-AB3E-AB613A922D99}
2013-11-02 19:50 – 2013-11-02 19:50 – 00000000 ____D C:UsersjasAppDataLocal{2B5A3BBD-74FB-4FB3-8379-F566C8183A81}
2013-11-02 07:49 – 2013-11-02 07:49 – 00000000 ____D C:UsersjasAppDataLocal{F411F597-18EB-4E7C-815B-473BC1CA74B5}
2013-11-01 18:00 – 2013-11-01 18:00 – 00000000 ____D C:UsersjasAppDataLocal{7DFB8FAF-49A6-49FE-BE4D-B33FC6CE298E}
2013-10-31 20:46 – 2013-10-31 20:46 – 00000000 ____D C:UsersjasAppDataLocal{6C0113DB-41FA-4B0C-BB74-6362CD6C9F73}
2013-10-31 08:46 – 2013-10-31 08:45 – 00000000 ____D C:UsersjasAppDataLocal{28CEA011-DE83-4166-AEC3-1ED066F3A3BC}
2013-10-30 20:28 – 2013-10-30 20:27 – 00000000 ____D C:UsersjasAppDataLocal{06E1E7F1-7FC7-442C-85D8-A95930C20086}
2013-10-30 08:12 – 2013-10-30 08:12 – 00000000 ____D C:UsersjasAppDataLocal{0EC7399D-44DA-4440-9845-00031EA2FFB0}
2013-10-29 08:32 – 2013-10-29 08:32 – 00000000 ____D C:UsersjasAppDataLocal{846C8266-A8A1-4F37-816B-2D3CFEDE0345}
2013-10-28 20:27 – 2013-10-28 20:26 – 00000000 ____D C:UsersjasAppDataLocal{47B2F110-2A44-4745-A26E-5392AEC5D7E9}
2013-10-28 18:47 – 2013-06-01 21:16 – 00000000 ____D C:ProgramDataNVIDIA Corporation
2013-10-28 18:47 – 2013-06-01 21:10 – 00000000 ____D C:Program FilesNVIDIA Corporation
2013-10-28 08:24 – 2013-10-28 08:24 – 00000000 ____D C:UsersjasAppDataLocal{D3B62CC9-44C7-491C-A9A5-4CC9F0B2BBE0}
2013-10-27 07:29 – 2013-10-27 07:28 – 00000000 ____D C:UsersjasAppDataLocal{907F7AFF-049F-4050-AF4F-CF64B021C6C6}
2013-10-26 19:28 – 2013-10-26 19:28 – 00000000 ____D C:UsersjasAppDataLocal{090B7702-3082-4050-82FF-58F3F99A351F}
2013-10-26 07:28 – 2013-10-26 07:27 – 00000000 ____D C:UsersjasAppDataLocal{04DD358B-B21F-4D0A-B4A6-5544BCFE89DC}
2013-10-25 18:47 – 2013-10-25 18:47 – 00000000 ____D C:UsersjasAppDataLocal{51706B50-67FF-4F06-A0AA-B8B13FB525E3}
2013-10-25 06:47 – 2013-10-25 06:46 – 00000000 ____D C:UsersjasAppDataLocal{AB86A48F-88E0-4270-A479-F67EDCDE558F}
2013-10-24 18:46 – 2013-10-24 18:46 – 00000000 ____D C:UsersjasAppDataLocal{D92853F3-358E-4C73-8428-FB9230F947CF}
2013-10-24 06:46 – 2013-10-24 06:46 – 00000000 ____D C:UsersjasAppDataLocal{C674EE34-CFB4-4292-A5B2-6AEE22338A62}
2013-10-23 17:57 – 2013-10-23 17:57 – 00000000 ____D C:UsersjasAppDataLocal{9CED3F10-DC56-4DD0-B593-E692BA4E6E60}
2013-10-23 05:57 – 2013-10-23 05:57 – 00000000 ____D C:UsersjasAppDataLocal{2B8523F8-9857-47D2-AD52-060695EA9E54}
2013-10-22 17:46 – 2013-10-22 17:45 – 00000000 ____D C:UsersjasAppDataLocal{15AF8E3B-0EB8-400D-8F6A-0868AE4726C8}
2013-10-21 19:47 – 2013-10-21 19:47 – 00000000 ____D C:UsersjasAppDataLocal{741DF0AD-DC51-4A15-BE51-A50FC6376DA7}
2013-10-21 07:47 – 2013-10-21 07:47 – 00000000 ____D C:UsersjasAppDataLocal{34D2CBFB-A0FD-43AD-8BAC-F30B1C39B4A0}
2013-10-20 08:18 – 2013-10-20 08:18 – 00000000 ____D C:UsersjasAppDataLocal{A5907C90-DA31-4EEC-B172-709C66CC2E28}
2013-10-19 19:39 – 2013-10-19 19:39 – 00000000 ____D C:UsersjasAppDataLocal{D7BCE0A6-CA6D-4147-AA61-390E4D281B1F}
2013-10-19 06:59 – 2013-10-19 06:59 – 00000000 ____D C:UsersjasAppDataLocal{799D6292-FCC5-400E-B837-55FE13CC8135}
2013-10-18 07:46 – 2013-10-18 07:45 – 00000000 ____D C:UsersjasAppDataLocal{339DCA58-CEEF-43E0-869D-1DBF0D41C26F}
2013-10-18 02:36 – 2013-10-28 18:47 – 00955168 _____ (NVIDIA Corporation) C:Windowssystem32nvspcap.dll
2013-10-17 21:01 – 2013-10-17 21:00 – 00160968 _____ C:WindowsMinidump101713-17503-01.dmp
2013-10-17 21:00 – 2013-06-03 07:20 – 253343240 _____ C:WindowsMEMORY.DMP
2013-10-17 21:00 – 2013-06-03 07:20 – 00000000 ____D C:WindowsMinidump
2013-10-17 19:45 – 2013-10-17 19:45 – 00000000 ____D C:UsersjasAppDataLocal{AB459CEC-2CC0-4F5C-85AD-B6549F996A4A}
2013-10-17 07:23 – 2013-10-17 07:23 – 00000000 ____D C:UsersjasAppDataLocal{E6FA2BF3-AC00-4A55-8E5B-3813C34E07B5}
2013-10-16 19:54 – 2013-10-16 19:54 – 00000000 ____D C:UsersjasAppDataLocal{45B154E7-4548-45F8-B5F0-274B41956AE9}
2013-10-16 08:43 – 2013-06-01 20:54 – 00000000 ____D C:UsersjasDesktoplogiciel
2013-10-16 07:26 – 2013-10-16 07:26 – 00000000 ____D C:UsersjasAppDataLocal{C383251E-2BE7-443D-A906-12BECC510AEC}
2013-10-15 19:21 – 2013-10-15 19:21 – 00000000 ____D C:UsersjasAppDataLocal{271BE547-2774-4259-B597-121E5A1B3AAC}
2013-10-15 07:09 – 2013-10-15 07:09 – 00000000 ____D C:UsersjasAppDataLocal{98F320AD-8DA4-413E-91CD-AD64E1A0CADE}
2013-10-14 18:35 – 2013-10-14 18:35 – 00000000 ____D C:UsersjasAppDataLocal{4166DD8D-9558-4229-94AC-FEE01EDD11E2}
2013-10-14 17:19 – 2013-10-14 17:18 – 00161920 _____ C:WindowsMinidump101413-150416-01.dmp
2013-10-14 15:17 – 2013-10-14 10:47 – 00000000 ____D C:Nouveau dossier
2013-10-14 15:14 – 2013-06-04 20:59 – 00000000 ____D C:UsersjasAppDataRoamingAdobe
2013-10-14 15:14 – 2013-06-04 20:59 – 00000000 ____D C:ProgramDataAdobe
2013-10-14 10:46 – 2013-06-01 17:43 – 00000000 ____D C:UsersjasAppDataLocalVirtualStore
2013-10-14 06:34 – 2013-10-14 06:34 – 00000000 ____D C:UsersjasAppDataLocal{6B0E1BA0-3F71-44E2-AE1D-A8269AE9FB4B}
2013-10-13 18:34 – 2013-10-13 18:34 – 00000000 ____D C:UsersjasAppDataLocal{21F05535-B31D-4342-99A6-DF0BD43DF983}
2013-10-13 15:05 – 2013-10-13 15:05 – 00930848 _____ (MyHeritage) C:Windowssystem32FTBSaver.scr
2013-10-13 06:34 – 2013-10-13 06:33 – 00000000 ____D C:UsersjasAppDataLocal{A17F5054-6159-4944-9E5E-74C041174366}
2013-10-12 07:09 – 2013-10-12 07:09 – 00000000 ____D C:UsersjasAppDataLocal{D8372A0A-038F-4EF2-B029-2A0C8C973134}
2013-10-12 03:14 – 2009-07-14 03:37 – 00000000 ____D C:Windowsrescache
2013-10-12 02:43 – 2009-07-14 03:37 – 00000000 ____D C:WindowsMicrosoft.NET
2013-10-12 02:37 – 2009-07-14 05:33 – 00408616 _____ C:Windowssystem32FNTCACHE.DAT
2013-10-12 02:36 – 2013-06-06 18:54 – 00000000 ____D C:Program FilesMicrosoft Silverlight
2013-10-12 02:32 – 2013-10-12 02:32 – 00000000 __SHD C:found.002
2013-10-12 02:27 – 2009-07-14 03:37 – 00000000 ____D C:Windowssystem32fr-FR
2013-10-12 02:10 – 2013-06-01 19:36 – 00000000 ____D C:ProgramDataMicrosoft Help
2013-10-12 02:09 – 2013-08-15 11:11 – 00000000 ____D C:Windowssystem32MRT
2013-10-12 02:06 – 2013-06-05 10:38 – 78106760 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe
2013-10-11 19:09 – 2013-10-11 19:09 – 00000000 ____D C:UsersjasAppDataLocal{1EC4256A-09D9-4FEF-85C7-6C1745CDCC0F}
2013-10-11 07:09 – 2013-10-11 07:08 – 00000000 ____D C:UsersjasAppDataLocal{AA424F58-90CD-4569-AF7F-BCF35283D2F3}

Some content of TEMP:
====================
C:UsersjasAppDataLocalTempnsaF4D2.exe
C:UsersjasAppDataLocalTempnsk9D9B.exe
C:UsersjasAppDataLocalTempnsq4DA6.exe
C:UsersjasAppDataLocalTempnsuF2DD.exe
C:UsersjasAppDataLocalTempnsz9FCD.exe
C:UsersjasAppDataLocalTempQuarantine.exe
C:UsersjasAppDataLocalTemputt6559.tmp.exe
C:UsersjasAppDataLocalTemputtB3A7.tmp.exe
C:UsersjasAppDataLocalTempvlc-2.0.8-win32.exe

==================== Bamital & volsnap Check =================

C:Windowsexplorer.exe => MD5 is legit
C:WindowsSystem32winlogon.exe => MD5 is legit
C:WindowsSystem32wininit.exe => MD5 is legit
C:WindowsSystem32svchost.exe => MD5 is legit
C:WindowsSystem32services.exe => MD5 is legit
C:WindowsSystem32User32.dll => MD5 is legit
C:WindowsSystem32userinit.exe => MD5 is legit
C:WindowsSystem32Driversvolsnap.sys => MD5 is legit

LastRegBack: 2013-11-10 09:19

==================== End Of Log ============================