Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-09-2013 01
Ran by Lalanne (administrator) on LALANNE-PC on 21-09-2013 10:24:53
Running from C:\Users\Lalanne\Downloads
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
() C:\Program Files\sysTPL\sysTPLMonitor.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
() C:\Program Files\sysTPL\sysTPLService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\sysTPL\sysTPL.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvSvc] - RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [417792 2009-11-10] (Apple Inc.)
HKLM\...\Run: [BlackBerryAutoUpdate] - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [623960 2009-07-02] (Research In Motion Limited)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [sysTPL] - C:\Program Files\sysTPL\sysTPL.exe [505112 2013-07-23] ()
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-14] (Google Inc.)
HKCU\...\Run: [EPSON Stylus DX4400 Series] - C:\Windows\TEMP\E_S25F6.tmp [132 2011-09-14] ()
HKCU\...\Run: [Badoo Desktop] - C:\ProgramData\Badoo\Badoo Desktop\1.6.55.1183\Badoo.Desktop.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8877;https=127.0.0.1:8877
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP_ss&mntrId=B6210018F3D77E8F&affID=119649&tsp=5005
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAABFF206DB8ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6210018F3D77E8F&affID=119649&tsp=5005
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {F558214C-8E6C-4655-AC6D-9333463F9AA0} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=fr_FR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^FR&apn_uid=0E19D4BA-0FC9-42CC-9612-856BBD54B85A&apn_sauid=678667E4-833E-4B36-998F-5E3DB47E410A
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files\Speed Analysis 3\ScriptHost.dll (SpeedAnalysis.com)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF ProfilePath: C:\Users\Lalanne\AppData\Roaming\Mozilla\Firefox\Profiles\mol8tiq8.default
FF user.js: detected! => C:\Users\Lalanne\AppData\Roaming\Mozilla\Firefox\Profiles\mol8tiq8.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: 7Go Games - C:\Users\Lalanne\AppData\Roaming\Mozilla\Firefox\Profiles\mol8tiq8.default\Extensions\7go@7go.com
FF Extension: Speed Analysis 3 - C:\Users\Lalanne\AppData\Roaming\Mozilla\Firefox\Profiles\mol8tiq8.default\Extensions\speedanalysis03@SpeedAnalysis.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B6210018F3D77E8F&affID=119649&tsp=5005
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B6210018F3D77E8F&affID=119649&tsp=5005"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (7Go Games) - C:\Users\Lalanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjajpkikblccgefaibcafkfbanllpefi\1.0.0.0_0
CHR Extension: () - C:\Users\Lalanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmpjbkgemhgalmeiigcdljkccfcafoj\1.0.0.4
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lalanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\...\Chrome\Extension: [gjajpkikblccgefaibcafkfbanllpefi] - C:\Users\Lalanne\AppData\Roaming\7go\7go.crx
CHR HKLM\...\Chrome\Extension: [mbmpjbkgemhgalmeiigcdljkccfcafoj] - C:\Users\Lalanne\AppData\Roaming\SpeedAnalysis3\SpeedAnalysis.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2006-12-10] (Syntek America Inc.)
R2 sysTPLMonitor.exe; C:\Program Files\sysTPL\sysTPLMonitor.exe [33048 2013-07-23] ()
R2 sysTPLService.exe; C:\Program Files\sysTPL\sysTPLService.exe [33048 2013-07-23] ()
S2 aswUpdSv; "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1132544 2006-12-21] (Syntek)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-21 10:24 - 2013-09-21 10:24 - 00000000 ____D C:\FRST
2013-09-21 10:04 - 2013-09-21 10:04 - 01083549 _____ (Farbar) C:\Users\Lalanne\Downloads\FRST.exe
2013-09-19 20:57 - 2013-08-30 09:48 - 00177864 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-19 20:57 - 2013-08-30 09:48 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-17 20:11 - 2013-09-17 20:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-16 19:40 - 2013-09-18 20:19 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-16 19:40 - 2013-09-16 19:40 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 ____D C:\Program Files\enginesysTPL
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 _____ C:\Windows\system32\wget-log
2013-09-14 21:00 - 2013-09-20 21:08 - 00000000 ____D C:\Program Files\sysTPL
2013-09-14 21:00 - 2013-09-14 21:01 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\Tlapia
2013-09-14 20:50 - 2013-09-14 20:58 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\PerformerSoft
2013-09-14 20:50 - 2013-09-14 20:50 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\7go
2013-09-14 20:50 - 2013-06-19 14:58 - 00017920 _____ (PerformerSoft LLC) C:\Windows\system32\roboot.exe
2013-09-14 20:49 - 2013-09-14 20:49 - 00001856 _____ C:\Users\Lalanne\Desktop\Search.lnk
2013-09-14 20:49 - 2013-09-14 20:49 - 00001140 _____ C:\Users\Lalanne\Desktop\SpeedAnalysis.lnk
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\SpeedAnalysis3
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\File Scout
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\Babylon
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\ProgramData\Babylon
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Program Files\Speed Analysis 3
2013-09-12 21:43 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 21:43 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 21:43 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 21:43 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 21:43 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 21:43 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 21:43 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 17:38 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 17:38 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 17:38 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 17:38 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 17:38 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 17:38 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 17:38 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 17:38 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 17:38 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-01 10:16 - 2013-09-21 09:13 - 00013119 _____ C:\Users\Lalanne\AppData\Roaming\nvModes.001
2013-08-31 15:59 - 2013-08-31 15:59 - 00013119 _____ C:\Users\Lalanne\AppData\Roaming\nvModes.dat

==================== One Month Modified Files and Folders =======

2013-09-21 10:24 - 2013-09-21 10:24 - 00000000 ____D C:\FRST
2013-09-21 10:18 - 2012-07-30 13:11 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 10:04 - 2013-09-21 10:04 - 01083549 _____ (Farbar) C:\Users\Lalanne\Downloads\FRST.exe
2013-09-21 09:58 - 2011-09-08 14:35 - 01817280 _____ C:\Windows\WindowsUpdate.log
2013-09-21 09:34 - 2011-09-14 17:58 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-21 09:20 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 09:20 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 09:13 - 2013-09-01 10:16 - 00013119 _____ C:\Users\Lalanne\AppData\Roaming\nvModes.001
2013-09-21 09:13 - 2011-09-14 17:57 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-21 09:12 - 2011-09-14 18:15 - 00013350 _____ C:\Windows\PFRO.log
2013-09-21 09:12 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 09:12 - 2009-07-14 06:39 - 00060720 _____ C:\Windows\setupact.log
2013-09-20 21:08 - 2013-09-14 21:00 - 00000000 ____D C:\Program Files\sysTPL
2013-09-19 20:57 - 2009-07-14 04:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-18 20:19 - 2013-09-16 19:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-18 20:19 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2013-09-18 18:01 - 2011-09-14 18:37 - 00000000 ____D C:\Users\Lalanne\AppData\Local\Mozilla
2013-09-17 20:11 - 2013-09-17 20:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-16 19:40 - 2013-09-16 19:40 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 ____D C:\Program Files\enginesysTPL
2013-09-14 21:01 - 2013-09-14 21:01 - 00000000 _____ C:\Windows\system32\wget-log
2013-09-14 21:01 - 2013-09-14 21:00 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\Tlapia
2013-09-14 20:58 - 2013-09-14 20:50 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\PerformerSoft
2013-09-14 20:50 - 2013-09-14 20:50 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\7go
2013-09-14 20:49 - 2013-09-14 20:49 - 00001856 _____ C:\Users\Lalanne\Desktop\Search.lnk
2013-09-14 20:49 - 2013-09-14 20:49 - 00001140 _____ C:\Users\Lalanne\Desktop\SpeedAnalysis.lnk
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\SpeedAnalysis3
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\File Scout
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\Babylon
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\ProgramData\Babylon
2013-09-14 20:49 - 2013-09-14 20:49 - 00000000 ____D C:\Program Files\Speed Analysis 3
2013-09-13 18:14 - 2011-09-08 14:44 - 01549936 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-13 17:29 - 2012-09-03 23:50 - 00001067 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-13 17:29 - 2012-09-03 23:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-13 17:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-13 16:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-13 16:41 - 2009-07-14 06:33 - 00295280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-13 16:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-09-12 21:43 - 2013-08-14 17:55 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 21:41 - 2011-10-27 18:27 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 21:15 - 2011-09-18 10:58 - 00000000 ____D C:\Users\Lalanne\AppData\Roaming\OFFICEOne7
2013-09-11 19:52 - 2012-07-30 13:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-11 19:52 - 2011-09-15 19:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-31 15:59 - 2013-08-31 15:59 - 00013119 _____ C:\Users\Lalanne\AppData\Roaming\nvModes.dat
2013-08-31 11:59 - 2011-09-14 17:57 - 00000000 ____D C:\Users\Lalanne\AppData\Local\Google
2013-08-30 09:48 - 2013-09-19 20:57 - 00177864 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-09-19 20:57 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00061680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2012-10-04 17:48 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2012-10-04 17:47 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2012-10-04 17:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr

Some content of TEMP:
====================
C:\Users\Lalanne\AppData\Local\Temp\ApnStub.exe
C:\Users\Lalanne\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Lalanne\AppData\Local\Temp\contentDATs.exe
C:\Users\Lalanne\AppData\Local\Temp\fdldy6k9.dll
C:\Users\Lalanne\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Lalanne\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Lalanne\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Lalanne\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Lalanne\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Lalanne\AppData\Local\Temp\uninst1.exe
C:\Users\Lalanne\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Lalanne\AppData\Local\Temp\_is7B95.exe
C:\Users\Lalanne\AppData\Local\Temp\_is93A7.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 09:42

==================== End Of Log ============================