Websteroids
legros1968
Messages postés
8
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour , j'ai besoin d'aide !! Hier en voulant télécharger un jeux pour mes filles j'ai rencontré websteroids !!! De plus il y a install Converter Bundle uninstaller qui est apparu dans mes programme ! Incapable de les désinstaller !! Mes connaissances sont asser basique ! Quelqu'un peut m'aider ? J'envisage de remettre l'ordinateur à zéro vu qu'il n'y a pas beaucoup de chose dessus ! Ordi dell inspiron 15r avec Windows 8
14 réponses
*Télécharge et installe : Malwarebytes' Anti-Malware
* Installez puis lancez le programme (pensez à décocher la case "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium" à la fin de l'installation) .
/!\Utilisateur de Vista, Windows 7 et 8 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »/!\
* Vérifie l'onglet tableau de bord que ta version soit à jour.
* Si ce n'est pas le cas clic sur mettre a jour.
* Dans l'onglet examen sélectionne examen Menaces et clic sur examiner maintenant.
* Le scan démarre.
* L'analyse terminée un message s'affiche ===> L'examen terminé avec succès.
* Cliquez sur "Tout mettre en quarantaine" puis sur "Appliquez les actions".
(Si un message demande de redémarrer le PC pour terminer la suppression, acceptez).
* Le rapport est disponible dans Historique ===> Journaux de l'application ===> Double clic sur journal d'examen en date du dernier scan.
Dans journal de l'historique d'examen choisis exporter au format fichier.txt sur ton bureau et ok.
Héberge le rapport sur Cjoint et copie et colle son lien sur ton prochain message.
* Installez puis lancez le programme (pensez à décocher la case "Activer l'essai gratuit de Malwarebytes Anti-Malware Premium" à la fin de l'installation) .
/!\Utilisateur de Vista, Windows 7 et 8 : Clique droit sur le logo de Malwarebytes' Anti-Malware, « exécuter en tant qu'Administrateur »/!\
* Vérifie l'onglet tableau de bord que ta version soit à jour.
* Si ce n'est pas le cas clic sur mettre a jour.
* Dans l'onglet examen sélectionne examen Menaces et clic sur examiner maintenant.
* Le scan démarre.
* L'analyse terminée un message s'affiche ===> L'examen terminé avec succès.
* Cliquez sur "Tout mettre en quarantaine" puis sur "Appliquez les actions".
(Si un message demande de redémarrer le PC pour terminer la suppression, acceptez).
* Le rapport est disponible dans Historique ===> Journaux de l'application ===> Double clic sur journal d'examen en date du dernier scan.
Dans journal de l'historique d'examen choisis exporter au format fichier.txt sur ton bureau et ok.
Héberge le rapport sur Cjoint et copie et colle son lien sur ton prochain message.
bonjour
* Télécharge AdwCleaner sur ton Bureau. (Merci à Xplode)
*Double-clique sur l'icône AdwCleaner située sur ton Bureau.
*Clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur Nettoyer
*Laisse travailler l'outil.
*Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un
* Télécharge AdwCleaner sur ton Bureau. (Merci à Xplode)
*Double-clique sur l'icône AdwCleaner située sur ton Bureau.
*Clique sur [Scanner].
Le scan peux durer plusieurs minutes, patienter.
Une fois le scan terminé, clique sur Nettoyer
*Laisse travailler l'outil.
*Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\ AdwCleaner[SX].Txt)
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un
# AdwCleaner v3.023 - Report created 08/04/2014 at 14:49:11
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Denis - ANNE
# Running from : C:\Users\Denis\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
*************************
AdwCleaner[R0].txt - [1868 octets] - [07/04/2014 21:32:23]
AdwCleaner[R1].txt - [727 octets] - [08/04/2014 14:44:42]
AdwCleaner[S0].txt - [1634 octets] - [07/04/2014 21:34:51]
AdwCleaner[S1].txt - [649 octets] - [08/04/2014 14:49:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [708 octets] ##########
est ce que cest ca
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Denis - ANNE
# Running from : C:\Users\Denis\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
*************************
AdwCleaner[R0].txt - [1868 octets] - [07/04/2014 21:32:23]
AdwCleaner[R1].txt - [727 octets] - [08/04/2014 14:44:42]
AdwCleaner[S0].txt - [1634 octets] - [07/04/2014 21:34:51]
AdwCleaner[S1].txt - [649 octets] - [08/04/2014 14:49:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [708 octets] ##########
est ce que cest ca
ou celui la que jai essayer hier
# AdwCleaner v3.023 - Report created 07/04/2014 at 21:34:51
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Denis - ANNE
# Running from : C:\Users\Denis\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Websteroids
Folder Deleted : C:\Program Files (x86)\weDownload Manager Pro
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter bundle uninstaller\InstallConverter bundle uninstaller.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Deleted : HKLM\Software\weDownload Manager Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
*************************
AdwCleaner[R0].txt - [1868 octets] - [07/04/2014 21:32:23]
AdwCleaner[S0].txt - [1494 octets] - [07/04/2014 21:34:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1554 octets] ##########
# AdwCleaner v3.023 - Report created 07/04/2014 at 21:34:51
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Denis - ANNE
# Running from : C:\Users\Denis\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Websteroids
Folder Deleted : C:\Program Files (x86)\weDownload Manager Pro
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter bundle uninstaller\InstallConverter bundle uninstaller.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\weDownload Manager Pro
Key Deleted : HKLM\Software\weDownload Manager Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\weDownload Manager Pro
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
*************************
AdwCleaner[R0].txt - [1868 octets] - [07/04/2014 21:32:23]
AdwCleaner[S0].txt - [1494 octets] - [07/04/2014 21:34:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1554 octets] ##########
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 2014-04-08
Heure de l'examen: 18:00:21
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.08.08
Base de données Rootkits: v2014.03.27.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Denis
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 291803
Temps écoulé: 19 min, 33 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 5
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Mis en quarantaine, [09dff532cbb044f29aa8759bcf339a66],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Mis en quarantaine, [09dff532cbb044f29aa8759bcf339a66],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Mis en quarantaine, [4b9dc364c9b2ed49d23e58b827dbf50b],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Mis en quarantaine, [4b9dc364c9b2ed49d23e58b827dbf50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-841231337-2411926650-2731257203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [a3454adddaa10f27aa38f5a7c43f15eb],
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 1
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\CT3319613, Mis en quarantaine, [5890f037354645f1602ccf8851b18f71],
Fichiers: 10
PUP.Optional.Conduit, C:\$Recycle.Bin\S-1-5-21-841231337-2411926650-2731257203-1004\$R4NX40T.exe, Mis en quarantaine, [826635f2c2b9a294e2c901416a9ad12f],
PUP.Optional.ZombieAlert.A, C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll, Mis en quarantaine, [f0f80027ea91ec4a77239b7340c454ac],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsmB8EE.exe, Mis en quarantaine, [e404a5826f0c3bfb45273ee4cd343ac6],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsp7485.exe, Mis en quarantaine, [00e88e993f3c0135d59767bbc14041bf],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsv90C9.exe, Mis en quarantaine, [0fd972b5de9da690ee7ecb579e6332ce],
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\nsi32C7\SpSetup.exe, Mis en quarantaine, [1eca101792e9999de676b76048b946ba],
PUP.Optional.Koyote.A, C:\Users\Denis\Downloads\FuzeZipSetup-r145-w-bi.exe, Mis en quarantaine, [66821c0b82f9cd695a278cdb877a60a0],
PUP.Optional.WeDownload.A, C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job, Mis en quarantaine, [16d2081fdaa12610433c761e4fb46799],
PUP.Optional.WeDownload.A, C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job, Mis en quarantaine, [85635fc86714b086c8b7197bee158f71],
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\CT3319613\ddt.csf, Mis en quarantaine, [5890f037354645f1602ccf8851b18f71],
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 2014-04-08
Heure de l'examen: 18:00:21
Fichier journal: rapport.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de données Malveillants: v2014.04.08.08
Base de données Rootkits: v2014.03.27.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Chameleon: Désactivé(e)
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Denis
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 291803
Temps écoulé: 19 min, 33 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Shuriken: Activé(e)
PUP: Activé(e)
PUM: Activé(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Clés du Registre: 5
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Mis en quarantaine, [09dff532cbb044f29aa8759bcf339a66],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Mis en quarantaine, [09dff532cbb044f29aa8759bcf339a66],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Mis en quarantaine, [4b9dc364c9b2ed49d23e58b827dbf50b],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Mis en quarantaine, [4b9dc364c9b2ed49d23e58b827dbf50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-841231337-2411926650-2731257203-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [a3454adddaa10f27aa38f5a7c43f15eb],
Valeurs du Registre: 0
(No malicious items detected)
Données du Registre: 0
(No malicious items detected)
Dossiers: 1
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\CT3319613, Mis en quarantaine, [5890f037354645f1602ccf8851b18f71],
Fichiers: 10
PUP.Optional.Conduit, C:\$Recycle.Bin\S-1-5-21-841231337-2411926650-2731257203-1004\$R4NX40T.exe, Mis en quarantaine, [826635f2c2b9a294e2c901416a9ad12f],
PUP.Optional.ZombieAlert.A, C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll, Mis en quarantaine, [f0f80027ea91ec4a77239b7340c454ac],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsmB8EE.exe, Mis en quarantaine, [e404a5826f0c3bfb45273ee4cd343ac6],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsp7485.exe, Mis en quarantaine, [00e88e993f3c0135d59767bbc14041bf],
PUP.Optional.SearchProtect.A, C:\Users\Denis\AppData\Local\Temp\nsv90C9.exe, Mis en quarantaine, [0fd972b5de9da690ee7ecb579e6332ce],
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\nsi32C7\SpSetup.exe, Mis en quarantaine, [1eca101792e9999de676b76048b946ba],
PUP.Optional.Koyote.A, C:\Users\Denis\Downloads\FuzeZipSetup-r145-w-bi.exe, Mis en quarantaine, [66821c0b82f9cd695a278cdb877a60a0],
PUP.Optional.WeDownload.A, C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job, Mis en quarantaine, [16d2081fdaa12610433c761e4fb46799],
PUP.Optional.WeDownload.A, C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job, Mis en quarantaine, [85635fc86714b086c8b7197bee158f71],
PUP.Optional.Conduit.A, C:\Users\Denis\AppData\Local\Temp\CT3319613\ddt.csf, Mis en quarantaine, [5890f037354645f1602ccf8851b18f71],
Secteurs physiques: 0
(No malicious items detected)
(end)
On va faire une analyse de ton systéme.
Télécharge la version FRST de Farbar, compatible avec ton système et enregistre le fichier sur ton Bureau <== Important
Pour un système en 32 bits ==> FRST de Farbar
Pour un système en 64 bits ==> FRST de Farbar
Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?
Patiente le temps que ton navigateur te propose le téléchargement à enregistrer, sans cliquer nulle part, surtout pas sur les sponsors de la page.
Ferme toutes les applications, y compris ton navigateur
Double-clique sur FRST.exe et clique sur Oui pour accepter le Disclaimer
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal coche la case Addition.txt et clique sur Scan et patiente le temps de l'analyse
A la fin du scan, les rapports FRST.txt et Addition.txt sont créés.
Les rapports sont enregistrés au même emplacement que l'outil et sous C:\FRST\Logs
Héberge les rapports sur le site pjjoint.malekal.com ou cijoint ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Sous IE9, IE10 ou IE11, le filtre SmartScreen déclenche une alerte. Cliquer sur Actions puis sur Exécuter quand même
Télécharge la version FRST de Farbar, compatible avec ton système et enregistre le fichier sur ton Bureau <== Important
Pour un système en 32 bits ==> FRST de Farbar
Pour un système en 64 bits ==> FRST de Farbar
Comment savoir quelle version 32 bits ou 64 bits est exécutée sur mon système ?
Patiente le temps que ton navigateur te propose le téléchargement à enregistrer, sans cliquer nulle part, surtout pas sur les sponsors de la page.
Ferme toutes les applications, y compris ton navigateur
Double-clique sur FRST.exe et clique sur Oui pour accepter le Disclaimer
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal coche la case Addition.txt et clique sur Scan et patiente le temps de l'analyse
A la fin du scan, les rapports FRST.txt et Addition.txt sont créés.
Les rapports sont enregistrés au même emplacement que l'outil et sous C:\FRST\Logs
Héberge les rapports sur le site pjjoint.malekal.com ou cijoint ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Sous IE9, IE10 ou IE11, le filtre SmartScreen déclenche une alerte. Cliquer sur Actions puis sur Exécuter quand même
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 ([color=red]ATTENTION: ====> FRST version is 27 days old and could be outdated[/color])
Ran by Denis (administrator) on ANNE on 09-04-2014 08:32:04
Running from C:\Users\Denis\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Zedge.net) C:\Users\Denis\AppData\Local\Apps\2.0\5TN5K2PW.4EZ\AWNRLG9P.7LM\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\ZedgeTonesync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [11229696 2012-09-17] (Dell Inc.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-12-16] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-841231337-2411926650-2731257203-1004\...\Run: [ZedgeToneSync] - C:\Users\Denis\AppData\Local\Apps\2.0\Data\W8EDRDOG.GR1\QCZAHBE8.X9A\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
HKU\S-1-5-21-841231337-2411926650-2731257203-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ZedgeToneSync] - C:\Users\Denis\AppData\Local\Apps\2.0\Data\W8EDRDOG.GR1\QCZAHBE8.X9A\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-841231337-2411926650-2731257203-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-841231337-2411926650-2731257203-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/en-ca?checklang=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=dell13.msn.com&ocid=DELLDHP&pc=MDDCJS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=dell13.msn.com&ocid=DELLDHP&pc=MDDCJS
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 96.22.246.145 24.200.228.113 24.200.210.241
==================== Services (Whitelisted) =================
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-18] (Realtek Semiconductor)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-12-16] (Check Point Software Technologies LTD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6334464 2012-09-17] (Dell Inc.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6834760 2012-09-13] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-26] (Microsoft Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2013-02-21] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489056 2013-10-08] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-09 08:29 - 2014-04-09 08:29 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2014-04-08 18:06 - 2014-04-08 18:06 - 00003501 _____ () C:\Users\Denis\Desktop\rapport.txt
2014-04-08 17:38 - 2014-04-09 08:21 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 17:37 - 2014-04-08 17:37 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 17:37 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-08 17:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-08 17:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-08 17:35 - 2014-04-08 17:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Denis\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-07 22:21 - 2014-04-07 22:21 - 00001451 _____ () C:\Users\Denis\Desktop\JRT.txt
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-07 22:12 - 2014-04-07 22:12 - 01016261 _____ (Thisisu) C:\Users\Denis\Desktop\JRTa.exe
2014-04-07 21:31 - 2014-04-08 14:49 - 00000000 ____D () C:\AdwCleaner
2014-04-07 21:30 - 2014-04-07 21:30 - 01426178 _____ () C:\Users\Denis\Desktop\adwcleaner.exe
2014-04-07 20:49 - 2014-04-07 20:49 - 00026509 _____ () C:\Users\Denis\Desktop\Addition.txt
2014-04-07 20:48 - 2014-04-09 08:32 - 00014838 _____ () C:\Users\Denis\Desktop\FRST.txt
2014-04-07 20:48 - 2014-04-09 08:32 - 00000000 ____D () C:\FRST
2014-04-07 20:46 - 2014-04-07 20:46 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\farbar.exe
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\Fuze Zip
2014-04-07 19:40 - 2014-04-07 19:56 - 00000000 ____D () C:\Users\Denis\AppData\Local\FuzeZip
2014-04-06 09:43 - 2014-04-06 09:43 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 09:37 - 2014-04-06 09:39 - 148885840 _____ (Apple Inc.) C:\Users\Denis\Downloads\iTunes64Setup (1).exe
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-02 20:41 - 2014-04-03 19:07 - 00000000 ____D () C:\Users\Denis\AppData\Local\PackageStaging
2014-03-30 16:29 - 2014-03-30 16:29 - 00007609 _____ () C:\Users\Denis\AppData\Local\Resmon.ResmonCfg
2014-03-27 14:07 - 2014-04-08 15:10 - 00000000 ____D () C:\Users\Denis\Desktop\iTunes
2014-03-23 22:23 - 2014-04-08 18:02 - 00000000 ____D () C:\Users\Denis\AppData\Local\Deployment
2014-03-23 22:23 - 2014-03-23 22:23 - 00000336 _____ () C:\Users\Denis\Desktop\ToneSync for Windows.appref-ms
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Apps\2.0
2014-03-23 22:22 - 2014-03-23 22:22 - 00429832 _____ () C:\Users\Denis\Desktop\ToneSyncSetup.exe
2014-03-17 23:12 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-17 23:12 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-17 21:47 - 2014-03-17 21:47 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple
2014-03-17 21:44 - 2014-01-07 21:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-17 21:44 - 2014-01-07 21:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-17 21:44 - 2014-01-07 21:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-17 21:44 - 2014-01-04 11:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-17 21:44 - 2014-01-04 11:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-17 21:44 - 2014-01-04 10:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-17 21:44 - 2014-01-04 09:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-17 21:44 - 2014-01-02 19:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-17 21:44 - 2014-01-02 19:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-17 21:44 - 2013-12-31 21:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-17 21:44 - 2013-12-31 21:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-17 21:44 - 2013-12-31 20:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-17 21:44 - 2013-12-31 20:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-17 21:44 - 2013-12-31 19:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-17 21:44 - 2013-12-31 19:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-17 21:44 - 2013-12-31 19:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-17 21:44 - 2013-12-30 19:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-17 21:44 - 2013-12-30 19:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-17 21:44 - 2013-12-30 19:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-17 21:44 - 2013-12-30 19:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-17 21:44 - 2013-12-30 19:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-17 21:44 - 2013-12-27 11:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-17 21:44 - 2013-12-27 04:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-17 21:44 - 2013-12-27 04:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-17 21:44 - 2013-12-27 04:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-17 21:44 - 2013-12-27 03:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-17 21:44 - 2013-12-27 03:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-17 21:44 - 2013-12-27 02:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-17 21:44 - 2013-12-21 03:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-17 21:44 - 2013-12-17 03:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-17 21:44 - 2013-12-14 02:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-17 21:44 - 2013-12-14 02:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-17 21:44 - 2013-12-13 06:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-17 21:44 - 2013-12-13 02:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-17 21:44 - 2013-12-13 01:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-17 21:44 - 2013-12-09 04:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-17 21:44 - 2013-12-09 00:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 21:41 - 2014-03-17 21:41 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple Computer
2014-03-16 15:06 - 2014-03-16 15:06 - 00000000 ____D () C:\Users\Denis\Desktop\chanson des filles
2014-03-11 22:14 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-11 22:14 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-11 22:14 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-11 22:05 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-11 22:05 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-11 22:05 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-11 22:05 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-11 22:05 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-11 22:05 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-11 22:05 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-11 22:05 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-11 22:05 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-11 22:05 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-11 22:05 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-11 22:05 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-11 22:05 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-11 22:05 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-11 22:05 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-11 22:05 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-11 22:05 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-11 22:05 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-11 22:05 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-11 22:05 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-11 22:05 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-11 22:05 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-11 22:05 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-11 22:05 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-11 22:05 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-11 22:05 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-11 22:05 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-11 22:05 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-11 22:05 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-11 22:05 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-11 22:05 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-11 22:05 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-11 22:05 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-11 22:05 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-11 22:05 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-11 22:05 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-11 22:05 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-11 22:05 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-11 22:05 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-11 22:05 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-11 22:05 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-11 22:05 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-11 22:05 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-11 22:05 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-11 22:05 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-11 22:05 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-11 22:05 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-11 22:05 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-11 22:05 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-11 22:05 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-11 22:05 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-11 22:05 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-11 22:05 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-11 22:05 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-11 22:05 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-10 21:58 - 2013-12-08 20:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-10 21:58 - 2013-12-08 19:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
==================== One Month Modified Files and Folders =======
2014-04-09 08:32 - 2014-04-07 20:48 - 00014838 _____ () C:\Users\Denis\Desktop\FRST.txt
2014-04-09 08:32 - 2014-04-07 20:48 - 00000000 ____D () C:\FRST
2014-04-09 08:31 - 2013-12-26 15:05 - 01095498 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-09 08:29 - 2014-04-09 08:29 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2014-04-09 08:27 - 2013-12-26 10:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841231337-2411926650-2731257203-1004
2014-04-09 08:24 - 2013-12-26 15:14 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8737D76A-A11A-463D-B364-2F806E84D9DA}
2014-04-09 08:21 - 2014-04-08 17:38 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 08:21 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-08 18:06 - 2014-04-08 18:06 - 00003501 _____ () C:\Users\Denis\Desktop\rapport.txt
2014-04-08 18:02 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Deployment
2014-04-08 18:02 - 2013-12-26 16:16 - 00000000 __RDO () C:\Users\Denis\SkyDrive
2014-04-08 18:01 - 2013-11-14 03:20 - 00005974 _____ () C:\WINDOWS\PFRO.log
2014-04-08 18:01 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-08 18:01 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-08 17:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-08 17:37 - 2014-04-08 17:37 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 17:35 - 2014-04-08 17:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Denis\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-08 15:10 - 2014-03-27 14:07 - 00000000 ____D () C:\Users\Denis\Desktop\iTunes
2014-04-08 14:50 - 2013-12-26 15:12 - 00000638 __RSH () C:\Users\Denis\ntuser.pol
2014-04-08 14:50 - 2013-12-26 14:53 - 00000000 ____D () C:\Users\Denis
2014-04-08 14:49 - 2014-04-07 21:31 - 00000000 ____D () C:\AdwCleaner
2014-04-08 14:44 - 2013-11-14 03:28 - 02050632 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-08 14:44 - 2012-08-05 10:08 - 00990810 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-04-08 14:44 - 2012-08-05 10:08 - 00201276 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-04-07 23:00 - 2013-12-25 14:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841231337-2411926650-2731257203-1001
2014-04-07 22:58 - 2014-02-16 23:38 - 00000000 ____D () C:\Program Files (x86)\World Mosaics 2
2014-04-07 22:45 - 2013-12-26 15:41 - 00000000 __RDO () C:\Users\anne\SkyDrive
2014-04-07 22:21 - 2014-04-07 22:21 - 00001451 _____ () C:\Users\Denis\Desktop\JRT.txt
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-07 22:12 - 2014-04-07 22:12 - 01016261 _____ (Thisisu) C:\Users\Denis\Desktop\JRTa.exe
2014-04-07 21:30 - 2014-04-07 21:30 - 01426178 _____ () C:\Users\Denis\Desktop\adwcleaner.exe
2014-04-07 20:49 - 2014-04-07 20:49 - 00026509 _____ () C:\Users\Denis\Desktop\Addition.txt
2014-04-07 20:46 - 2014-04-07 20:46 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\farbar.exe
2014-04-07 19:56 - 2014-04-07 19:40 - 00000000 ____D () C:\Users\Denis\AppData\Local\FuzeZip
2014-04-07 19:50 - 2014-02-05 18:21 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Apple Computer
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\Fuze Zip
2014-04-06 09:43 - 2014-04-06 09:43 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 09:42 - 2014-02-05 18:17 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 09:42 - 2014-02-05 18:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 09:39 - 2014-04-06 09:37 - 148885840 _____ (Apple Inc.) C:\Users\Denis\Downloads\iTunes64Setup (1).exe
2014-04-05 23:29 - 2013-12-26 15:43 - 00003906 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DE7E8A06-E88F-4E8D-9A02-7775B06847E7}
2014-04-05 23:29 - 2013-12-25 15:09 - 00000000 ____D () C:\Users\anne\games anne
2014-04-05 00:10 - 2013-08-22 10:46 - 00337449 _____ () C:\WINDOWS\setupact.log
2014-04-03 19:53 - 2013-12-26 08:13 - 00000000 ____D () C:\Users\Denis\AppData\Local\Packages
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-03 19:07 - 2014-04-02 20:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\PackageStaging
2014-04-03 09:51 - 2014-04-08 17:37 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-08 17:37 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-08 17:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-30 21:40 - 2013-12-31 08:44 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-30 16:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-30 16:29 - 2014-03-30 16:29 - 00007609 _____ () C:\Users\Denis\AppData\Local\Resmon.ResmonCfg
2014-03-30 00:25 - 2013-12-26 21:24 - 00010649 ____H () C:\WINDOWS\SysWOW64\BTImages.dat
2014-03-27 16:48 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-23 22:23 - 2014-03-23 22:23 - 00000336 _____ () C:\Users\Denis\Desktop\ToneSync for Windows.appref-ms
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Apps\2.0
2014-03-23 22:22 - 2014-03-23 22:22 - 00429832 _____ () C:\Users\Denis\Desktop\ToneSyncSetup.exe
2014-03-20 14:10 - 2013-12-26 08:14 - 00000000 ___RD () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-20 14:10 - 2013-12-26 08:14 - 00000000 ___RD () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 22:37 - 2013-12-25 14:26 - 00000000 ___RD () C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-18 22:37 - 2013-12-25 14:26 - 00000000 ___RD () C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 22:34 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-18 08:45 - 2013-12-25 16:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 08:43 - 2013-12-25 16:56 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 08:43 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-17 22:50 - 2014-02-09 22:37 - 00000000 ____D () C:\Users\anne\AppData\Roaming\Apple Computer
2014-03-17 21:47 - 2014-03-17 21:47 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple
2014-03-17 21:41 - 2014-03-17 21:41 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple Computer
2014-03-16 15:06 - 2014-03-16 15:06 - 00000000 ____D () C:\Users\Denis\Desktop\chanson des filles
2014-03-12 18:28 - 2014-01-05 09:26 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2014-03-12 18:26 - 2013-08-22 10:44 - 00484272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 18:58 - 2013-12-26 15:40 - 00000000 ____D () C:\Users\anne\AppData\Local\PackageStaging
2014-03-11 18:58 - 2013-12-25 14:24 - 00000000 ____D () C:\Users\anne\AppData\Local\Packages
Some content of TEMP:
====================
C:\Users\anne\AppData\Local\Temp\1385723452_wedownload_manager_pro.exe
C:\Users\anne\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\anne\AppData\Local\Temp\OfficeSetup.exe
C:\Users\anne\AppData\Local\Temp\Setup.X86.fr-FR_O365HomePremRetail_400d4808-f419-47c6-8ef6-e29ce1346fb0_TX_PR_.exe
C:\Users\anne\AppData\Local\Temp\tempmessage.bfg
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-11 22:05] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-03 17:43
==================== End Of Log ============================
Ran by Denis (administrator) on ANNE on 09-04-2014 08:32:04
Running from C:\Users\Denis\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Zedge.net) C:\Users\Denis\AppData\Local\Apps\2.0\5TN5K2PW.4EZ\AWNRLG9P.7LM\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\ZedgeTonesync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [11229696 2012-09-17] (Dell Inc.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408 2013-03-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-12-16] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-841231337-2411926650-2731257203-1004\...\Run: [ZedgeToneSync] - C:\Users\Denis\AppData\Local\Apps\2.0\Data\W8EDRDOG.GR1\QCZAHBE8.X9A\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
HKU\S-1-5-21-841231337-2411926650-2731257203-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ZedgeToneSync] - C:\Users\Denis\AppData\Local\Apps\2.0\Data\W8EDRDOG.GR1\QCZAHBE8.X9A\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
Startup: C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-841231337-2411926650-2731257203-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-841231337-2411926650-2731257203-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/en-ca?checklang=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=dell13.msn.com&ocid=DELLDHP&pc=MDDCJS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?cobrand=dell13.msn.com&ocid=DELLDHP&pc=MDDCJS
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F722D6B8-EE8D-4533-8A54-2DF24785D671} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 96.22.246.145 24.200.228.113 24.200.210.241
==================== Services (Whitelisted) =================
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-18] (Realtek Semiconductor)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-12-16] (Check Point Software Technologies LTD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6334464 2012-09-17] (Dell Inc.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6834760 2012-09-13] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-26] (Microsoft Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2013-02-21] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489056 2013-10-08] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-26] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-09 08:29 - 2014-04-09 08:29 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2014-04-08 18:06 - 2014-04-08 18:06 - 00003501 _____ () C:\Users\Denis\Desktop\rapport.txt
2014-04-08 17:38 - 2014-04-09 08:21 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 17:37 - 2014-04-08 17:37 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 17:37 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-08 17:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-08 17:37 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-08 17:35 - 2014-04-08 17:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Denis\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-07 22:21 - 2014-04-07 22:21 - 00001451 _____ () C:\Users\Denis\Desktop\JRT.txt
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-07 22:12 - 2014-04-07 22:12 - 01016261 _____ (Thisisu) C:\Users\Denis\Desktop\JRTa.exe
2014-04-07 21:31 - 2014-04-08 14:49 - 00000000 ____D () C:\AdwCleaner
2014-04-07 21:30 - 2014-04-07 21:30 - 01426178 _____ () C:\Users\Denis\Desktop\adwcleaner.exe
2014-04-07 20:49 - 2014-04-07 20:49 - 00026509 _____ () C:\Users\Denis\Desktop\Addition.txt
2014-04-07 20:48 - 2014-04-09 08:32 - 00014838 _____ () C:\Users\Denis\Desktop\FRST.txt
2014-04-07 20:48 - 2014-04-09 08:32 - 00000000 ____D () C:\FRST
2014-04-07 20:46 - 2014-04-07 20:46 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\farbar.exe
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\Fuze Zip
2014-04-07 19:40 - 2014-04-07 19:56 - 00000000 ____D () C:\Users\Denis\AppData\Local\FuzeZip
2014-04-06 09:43 - 2014-04-06 09:43 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 09:42 - 2014-04-06 09:43 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 09:37 - 2014-04-06 09:39 - 148885840 _____ (Apple Inc.) C:\Users\Denis\Downloads\iTunes64Setup (1).exe
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-02 20:41 - 2014-04-03 19:07 - 00000000 ____D () C:\Users\Denis\AppData\Local\PackageStaging
2014-03-30 16:29 - 2014-03-30 16:29 - 00007609 _____ () C:\Users\Denis\AppData\Local\Resmon.ResmonCfg
2014-03-27 14:07 - 2014-04-08 15:10 - 00000000 ____D () C:\Users\Denis\Desktop\iTunes
2014-03-23 22:23 - 2014-04-08 18:02 - 00000000 ____D () C:\Users\Denis\AppData\Local\Deployment
2014-03-23 22:23 - 2014-03-23 22:23 - 00000336 _____ () C:\Users\Denis\Desktop\ToneSync for Windows.appref-ms
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Apps\2.0
2014-03-23 22:22 - 2014-03-23 22:22 - 00429832 _____ () C:\Users\Denis\Desktop\ToneSyncSetup.exe
2014-03-17 23:12 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-17 23:12 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-17 21:47 - 2014-03-17 21:47 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple
2014-03-17 21:44 - 2014-01-07 21:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-17 21:44 - 2014-01-07 21:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-17 21:44 - 2014-01-07 21:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-17 21:44 - 2014-01-04 11:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-17 21:44 - 2014-01-04 11:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-17 21:44 - 2014-01-04 10:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-17 21:44 - 2014-01-04 09:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-17 21:44 - 2014-01-02 19:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-17 21:44 - 2014-01-02 19:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-17 21:44 - 2013-12-31 21:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-17 21:44 - 2013-12-31 21:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-17 21:44 - 2013-12-31 20:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-17 21:44 - 2013-12-31 20:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-17 21:44 - 2013-12-31 19:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-17 21:44 - 2013-12-31 19:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-17 21:44 - 2013-12-31 19:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-17 21:44 - 2013-12-30 19:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-17 21:44 - 2013-12-30 19:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-17 21:44 - 2013-12-30 19:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-17 21:44 - 2013-12-30 19:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-17 21:44 - 2013-12-30 19:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-17 21:44 - 2013-12-27 11:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-17 21:44 - 2013-12-27 04:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-17 21:44 - 2013-12-27 04:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-17 21:44 - 2013-12-27 04:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-17 21:44 - 2013-12-27 03:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-17 21:44 - 2013-12-27 03:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-17 21:44 - 2013-12-27 02:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-17 21:44 - 2013-12-21 03:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-17 21:44 - 2013-12-17 03:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-17 21:44 - 2013-12-14 02:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-17 21:44 - 2013-12-14 02:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-17 21:44 - 2013-12-13 06:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-17 21:44 - 2013-12-13 02:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-17 21:44 - 2013-12-13 01:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-17 21:44 - 2013-12-09 04:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-17 21:44 - 2013-12-09 00:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-17 21:41 - 2014-03-17 21:41 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple Computer
2014-03-16 15:06 - 2014-03-16 15:06 - 00000000 ____D () C:\Users\Denis\Desktop\chanson des filles
2014-03-11 22:14 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-11 22:14 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-11 22:14 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-11 22:05 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-11 22:05 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-11 22:05 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-11 22:05 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-11 22:05 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-11 22:05 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-11 22:05 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-11 22:05 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-11 22:05 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-11 22:05 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-11 22:05 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-11 22:05 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-11 22:05 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-11 22:05 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-11 22:05 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-11 22:05 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-11 22:05 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-11 22:05 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-11 22:05 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-11 22:05 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-11 22:05 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-11 22:05 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-11 22:05 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-11 22:05 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-11 22:05 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-11 22:05 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-11 22:05 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-11 22:05 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-11 22:05 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-11 22:05 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-11 22:05 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-11 22:05 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-11 22:05 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-11 22:05 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-11 22:05 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-11 22:05 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-11 22:05 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-11 22:05 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-11 22:05 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-11 22:05 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-11 22:05 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-11 22:05 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-11 22:05 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-11 22:05 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-11 22:05 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-11 22:05 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-11 22:05 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-11 22:05 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-11 22:05 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-11 22:05 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-11 22:05 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-11 22:05 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-11 22:05 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-11 22:05 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-11 22:05 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-10 21:58 - 2013-12-08 20:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-10 21:58 - 2013-12-08 19:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
==================== One Month Modified Files and Folders =======
2014-04-09 08:32 - 2014-04-07 20:48 - 00014838 _____ () C:\Users\Denis\Desktop\FRST.txt
2014-04-09 08:32 - 2014-04-07 20:48 - 00000000 ____D () C:\FRST
2014-04-09 08:31 - 2013-12-26 15:05 - 01095498 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-09 08:29 - 2014-04-09 08:29 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\FRST64.exe
2014-04-09 08:27 - 2013-12-26 10:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841231337-2411926650-2731257203-1004
2014-04-09 08:24 - 2013-12-26 15:14 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8737D76A-A11A-463D-B364-2F806E84D9DA}
2014-04-09 08:21 - 2014-04-08 17:38 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 08:21 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-08 18:06 - 2014-04-08 18:06 - 00003501 _____ () C:\Users\Denis\Desktop\rapport.txt
2014-04-08 18:02 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Deployment
2014-04-08 18:02 - 2013-12-26 16:16 - 00000000 __RDO () C:\Users\Denis\SkyDrive
2014-04-08 18:01 - 2013-11-14 03:20 - 00005974 _____ () C:\WINDOWS\PFRO.log
2014-04-08 18:01 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-08 18:01 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-08 17:41 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-08 17:37 - 2014-04-08 17:37 - 00001116 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-08 17:37 - 2014-04-08 17:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-08 17:35 - 2014-04-08 17:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Denis\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-08 15:10 - 2014-03-27 14:07 - 00000000 ____D () C:\Users\Denis\Desktop\iTunes
2014-04-08 14:50 - 2013-12-26 15:12 - 00000638 __RSH () C:\Users\Denis\ntuser.pol
2014-04-08 14:50 - 2013-12-26 14:53 - 00000000 ____D () C:\Users\Denis
2014-04-08 14:49 - 2014-04-07 21:31 - 00000000 ____D () C:\AdwCleaner
2014-04-08 14:44 - 2013-11-14 03:28 - 02050632 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-08 14:44 - 2012-08-05 10:08 - 00990810 _____ () C:\WINDOWS\system32\perfh00C.dat
2014-04-08 14:44 - 2012-08-05 10:08 - 00201276 _____ () C:\WINDOWS\system32\perfc00C.dat
2014-04-07 23:00 - 2013-12-25 14:38 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-841231337-2411926650-2731257203-1001
2014-04-07 22:58 - 2014-02-16 23:38 - 00000000 ____D () C:\Program Files (x86)\World Mosaics 2
2014-04-07 22:45 - 2013-12-26 15:41 - 00000000 __RDO () C:\Users\anne\SkyDrive
2014-04-07 22:21 - 2014-04-07 22:21 - 00001451 _____ () C:\Users\Denis\Desktop\JRT.txt
2014-04-07 22:13 - 2014-04-07 22:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-07 22:12 - 2014-04-07 22:12 - 01016261 _____ (Thisisu) C:\Users\Denis\Desktop\JRTa.exe
2014-04-07 21:30 - 2014-04-07 21:30 - 01426178 _____ () C:\Users\Denis\Desktop\adwcleaner.exe
2014-04-07 20:49 - 2014-04-07 20:49 - 00026509 _____ () C:\Users\Denis\Desktop\Addition.txt
2014-04-07 20:46 - 2014-04-07 20:46 - 02157056 _____ (Farbar) C:\Users\Denis\Desktop\farbar.exe
2014-04-07 19:56 - 2014-04-07 19:40 - 00000000 ____D () C:\Users\Denis\AppData\Local\FuzeZip
2014-04-07 19:50 - 2014-02-05 18:21 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Apple Computer
2014-04-07 19:41 - 2014-04-07 19:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\Fuze Zip
2014-04-06 09:43 - 2014-04-06 09:43 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iTunes
2014-04-06 09:43 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Apple
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\iPod
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-06 09:42 - 2014-04-06 09:42 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-04-06 09:42 - 2014-02-05 18:17 - 00000000 ____D () C:\ProgramData\Apple
2014-04-06 09:42 - 2014-02-05 18:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-06 09:39 - 2014-04-06 09:37 - 148885840 _____ (Apple Inc.) C:\Users\Denis\Downloads\iTunes64Setup (1).exe
2014-04-05 23:29 - 2013-12-26 15:43 - 00003906 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DE7E8A06-E88F-4E8D-9A02-7775B06847E7}
2014-04-05 23:29 - 2013-12-25 15:09 - 00000000 ____D () C:\Users\anne\games anne
2014-04-05 00:10 - 2013-08-22 10:46 - 00337449 _____ () C:\WINDOWS\setupact.log
2014-04-03 19:53 - 2013-12-26 08:13 - 00000000 ____D () C:\Users\Denis\AppData\Local\Packages
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-03 19:33 - 2014-04-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-03 19:07 - 2014-04-02 20:41 - 00000000 ____D () C:\Users\Denis\AppData\Local\PackageStaging
2014-04-03 09:51 - 2014-04-08 17:37 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-08 17:37 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-08 17:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-30 21:40 - 2013-12-31 08:44 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-30 16:36 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-30 16:29 - 2014-03-30 16:29 - 00007609 _____ () C:\Users\Denis\AppData\Local\Resmon.ResmonCfg
2014-03-30 00:25 - 2013-12-26 21:24 - 00010649 ____H () C:\WINDOWS\SysWOW64\BTImages.dat
2014-03-27 16:48 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-23 22:23 - 2014-03-23 22:23 - 00000336 _____ () C:\Users\Denis\Desktop\ToneSync for Windows.appref-ms
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zedge Europe AS
2014-03-23 22:23 - 2014-03-23 22:23 - 00000000 ____D () C:\Users\Denis\AppData\Local\Apps\2.0
2014-03-23 22:22 - 2014-03-23 22:22 - 00429832 _____ () C:\Users\Denis\Desktop\ToneSyncSetup.exe
2014-03-20 14:10 - 2013-12-26 08:14 - 00000000 ___RD () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-20 14:10 - 2013-12-26 08:14 - 00000000 ___RD () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 22:37 - 2013-12-25 14:26 - 00000000 ___RD () C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-18 22:37 - 2013-12-25 14:26 - 00000000 ___RD () C:\Users\anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 22:34 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-18 08:45 - 2013-12-25 16:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-18 08:43 - 2013-12-25 16:56 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 08:43 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-17 22:50 - 2014-02-09 22:37 - 00000000 ____D () C:\Users\anne\AppData\Roaming\Apple Computer
2014-03-17 21:47 - 2014-03-17 21:47 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple
2014-03-17 21:41 - 2014-03-17 21:41 - 00000000 ____D () C:\Users\anne\AppData\Local\Apple Computer
2014-03-16 15:06 - 2014-03-16 15:06 - 00000000 ____D () C:\Users\Denis\Desktop\chanson des filles
2014-03-12 18:28 - 2014-01-05 09:26 - 00000000 ____D () C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2014-03-12 18:26 - 2013-08-22 10:44 - 00484272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 13:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-11 18:58 - 2013-12-26 15:40 - 00000000 ____D () C:\Users\anne\AppData\Local\PackageStaging
2014-03-11 18:58 - 2013-12-25 14:24 - 00000000 ____D () C:\Users\anne\AppData\Local\Packages
Some content of TEMP:
====================
C:\Users\anne\AppData\Local\Temp\1385723452_wedownload_manager_pro.exe
C:\Users\anne\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\anne\AppData\Local\Temp\OfficeSetup.exe
C:\Users\anne\AppData\Local\Temp\Setup.X86.fr-FR_O365HomePremRetail_400d4808-f419-47c6-8ef6-e29ce1346fb0_TX_PR_.exe
C:\Users\anne\AppData\Local\Temp\tempmessage.bfg
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-11 22:05] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-03 17:43
==================== End Of Log ============================
Si tu dois remettre ton pc a zero a chaque fois que tu chopes des adwares ne télécharges plus sur internet ou alors fais attention quand tu cliques.
crois tu qu'on va en venir a bout et reste il plusieurs étape ??
bien sur suffit d'être patient.
Tu vas réinitialiser Internet Explorer
https://forums.commentcamarche.net/forum/affich-37585758-reinitialiser-son-navigateur#reinitialiser-internet-explorer
Encore des souçis??
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un
crois tu qu'on va en venir a bout et reste il plusieurs étape ??
bien sur suffit d'être patient.
Tu vas réinitialiser Internet Explorer
https://forums.commentcamarche.net/forum/affich-37585758-reinitialiser-son-navigateur#reinitialiser-internet-explorer
Encore des souçis??
Le cerveau a des capacités tellement étonnantes qu'aujourd'hui pratiquement tout le monde en a un
install converter bundle uninstaller est encore présent et quand j'essaie de la désinstaller webteroids ne peut se désinstaller !
On va essayer autre chose.
*Télécharge Shortcut_Module sur ton bureau.
*Enregistres ton travail avant de continuer !
*Lance Shortcut_Module et clique sur Nettoyer.
*Patiente le temps du scan
*Après le redémarrage relance l'outil et clique sur le petit "R" pour ouvrir le rapport , puis poste son contenu .
*Télécharge Shortcut_Module sur ton bureau.
*Enregistres ton travail avant de continuer !
*Lance Shortcut_Module et clique sur Nettoyer.
*Patiente le temps du scan
*Après le redémarrage relance l'outil et clique sur le petit "R" pour ouvrir le rapport , puis poste son contenu .
Tu veux certainement parler de smartscreen
dans panneau de configuration clic sur centre de maintenance
Cliques sur modifier les parametres smartscreen et coches désactiver smartscreen.
A présent le programme doit se lancer
dans panneau de configuration clic sur centre de maintenance
Cliques sur modifier les parametres smartscreen et coches désactiver smartscreen.
A présent le programme doit se lancer
