Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by ab (administrator) on AAA on 24-03-2014 12:48:29
Running from C:\Users\ab\Desktop
Windows 8 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\system32\atbroker.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-22] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/3
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {C1A3FC1A-AD57-4781-9D62-908810E292F1} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll (Symantec Corporation)

==================== Services (Whitelisted) =================

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe [143928 2012-06-14] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20120615.003\BHDrvx64.sys [1377440 2012-06-11] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1400000.088\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-24] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-24] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-20] (Symantec Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140323.034\ENG64.SYS [126040 2014-03-24] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140323.034\EX64.SYS [2099288 2014-03-24] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSP64.SYS [753312 2012-05-25] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSPX64.SYS [37496 2012-01-11] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1400000.088\SYMDS64.SYS [485024 2012-05-25] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1400000.088\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1400000.088\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-09-11] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1400000.088\Ironx64.SYS [222368 2012-05-25] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1400000.088\SYMNETS.SYS [431224 2012-05-09] (Symantec Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 12:48 - 2014-03-24 12:48 - 02157056 _____ (Farbar) C:\Users\ab\Desktop\FRST64.exe
2014-03-24 12:48 - 2014-03-24 12:48 - 00010747 _____ () C:\Users\ab\Desktop\FRST.txt
2014-03-24 12:48 - 2014-03-24 12:48 - 00000000 ____D () C:\FRST
2014-03-24 12:46 - 2014-03-24 12:46 - 00222496 _____ (Fusion Install ) C:\Users\ab\Downloads\Setup.exe
2014-03-24 11:57 - 2014-03-24 11:57 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1849367719-593064534-2600978153-1001
2014-03-24 11:49 - 2014-03-24 11:49 - 00000117 _____ () C:\Windows\system32\netcfg-5358125.txt
2014-03-24 11:49 - 2014-03-24 11:49 - 00000117 _____ () C:\Windows\system32\netcfg-5358062.txt
2014-03-24 10:22 - 2014-03-24 10:22 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Malwarebytes
2014-03-24 10:21 - 2014-03-24 10:21 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 10:21 - 2014-03-24 10:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 10:21 - 2014-03-24 10:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-24 10:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-24 10:18 - 2014-03-24 10:18 - 00002740 _____ () C:\Users\ab\Desktop\AdwCleaner[R0].txt
2014-03-24 10:15 - 2014-03-24 10:15 - 00001486 _____ () C:\Users\ab\Desktop\JRT.txt
2014-03-24 10:11 - 2014-03-24 10:11 - 00000000 ____D () C:\Windows\ERUNT
2014-03-24 10:11 - 2014-03-24 10:11 - 00000000 ____D () C:\JRT
2014-03-24 10:10 - 2014-03-24 10:11 - 00545954 _____ (Oleg N. Scherbakov) C:\Users\ab\Desktop\jrt.exe
2014-03-24 10:06 - 2014-03-24 10:06 - 00370920 _____ (C) C:\Users\ab\Downloads\jrt.exe
2014-03-22 08:08 - 2014-03-22 08:08 - 00000117 _____ () C:\Windows\system32\netcfg-63506421.txt
2014-03-22 08:08 - 2014-03-22 08:08 - 00000117 _____ () C:\Windows\system32\netcfg-63506187.txt
2014-03-21 22:01 - 2014-03-21 22:01 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-21 22:01 - 2014-03-21 16:03 - 00000000 ____D () C:\Windows.old
2014-03-21 21:33 - 2014-03-21 13:24 - 00000000 ___HD () C:\$SysReset
2014-03-21 15:50 - 2014-03-21 15:50 - 00000117 _____ () C:\Windows\system32\netcfg-4860531.txt
2014-03-21 15:17 - 2014-03-21 15:17 - 00000117 _____ () C:\Windows\system32\netcfg-2863546.txt
2014-03-21 14:51 - 2014-03-21 14:51 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-03-21 14:45 - 2014-03-24 10:15 - 00000000 ____D () C:\Users\ab\AppData\Roaming\ZHP
2014-03-21 14:45 - 2014-03-21 14:46 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-21 14:45 - 2014-03-21 14:45 - 00001987 _____ () C:\Users\ab\Desktop\ZHPFix.lnk
2014-03-21 14:45 - 2014-03-21 14:45 - 00001860 _____ () C:\Users\ab\Desktop\ZHPDiag.lnk
2014-03-21 14:44 - 2014-03-21 14:44 - 06869581 _____ (Nicolas Coolman ) C:\Users\ab\Downloads\zhpdiag20.exe
2014-03-21 14:42 - 2014-03-21 14:42 - 00000000 ____D () C:\Users\ab\AppData\Roaming\hpqlog
2014-03-21 14:41 - 2014-03-21 14:41 - 00000117 _____ () C:\Windows\system32\netcfg-708640.txt
2014-03-21 14:27 - 2014-03-21 14:27 - 00000117 _____ () C:\Windows\system32\netcfg-4950515.txt
2014-03-21 14:22 - 2014-03-21 14:22 - 00000117 _____ () C:\Windows\system32\netcfg-4640265.txt
2014-03-21 13:38 - 2014-03-21 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-2014468.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915578.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915515.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915093.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1912031.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Macromedia
2014-03-21 13:20 - 2014-03-21 14:42 - 00000000 ____D () C:\Users\ab\AppData\Local\Hewlett-Packard
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-21 13:18 - 2014-03-21 13:18 - 00001446 _____ () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-21 13:18 - 2014-03-21 13:18 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Adobe
2014-03-21 13:16 - 2014-03-21 13:16 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Synaptics
2014-03-21 13:16 - 2014-03-21 13:16 - 00000000 ____D () C:\Users\ab\AppData\Local\Power2Go8
2014-03-21 13:15 - 2014-03-21 13:15 - 00000000 ____D () C:\Users\ab\AppData\Local\VirtualStore
2014-03-21 13:14 - 2014-03-21 13:14 - 00000020 ___SH () C:\Users\ab\ntuser.ini
2014-03-21 13:13 - 2014-03-24 12:39 - 01894057 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 13:13 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-21 13:13 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-21 13:13 - 2012-12-13 05:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-21 13:13 - 2012-12-13 04:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-21 13:12 - 2014-03-21 13:12 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-03-21 13:12 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-03-21 13:12 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-21 13:12 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-21 13:12 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2014-03-21 13:12 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2014-03-21 13:12 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2014-03-21 13:09 - 2014-03-21 13:09 - 00000415 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Voisinage réseau
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Voisinage d'impression
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Modèles
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Menu Démarrer
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Mes vidéos
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Mes images
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Ma musique
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\AppData\Local\Historique
2014-03-21 13:06 - 2014-03-21 13:19 - 00000000 ____D () C:\Users\ab
2014-03-21 13:06 - 2014-03-21 13:09 - 00017148 _____ () C:\Windows\diagwrn.xml
2014-03-21 13:06 - 2014-03-21 13:09 - 00017148 _____ () C:\Windows\diagerr.xml
2014-03-21 13:06 - 2014-03-21 13:09 - 00000000 ___HD () C:\Users\ab\Documents\hp.system.package.metadata
2014-03-21 13:06 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-21 13:06 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-21 13:06 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-21 13:06 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Modèles
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Modèles
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Bureau
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2014-03-21 13:03 - 2014-03-21 13:03 - 00002302 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1849367719-593064534-2600978153-500
2014-03-21 13:03 - 2014-03-21 13:03 - 00001140 _____ () C:\Windows\system32\netcfg-87406.txt
2014-03-21 13:03 - 2014-03-21 13:03 - 00000109 _____ () C:\Windows\system32\netcfg-69906.txt
2014-03-21 11:47 - 2014-03-24 10:18 - 00000000 ____D () C:\AdwCleaner
2014-03-21 10:49 - 2014-03-21 10:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ab\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 10:46 - 2014-03-21 10:46 - 01950720 _____ () C:\Users\ab\Downloads\adwcleaner.exe
2014-03-21 10:23 - 2014-03-21 10:34 - 00000000 ____D () C:\Users\ab\Desktop\RK_Quarantine
2014-03-21 10:14 - 2014-03-21 10:14 - 00011510 _____ () C:\ComboFix.txt
2014-03-21 10:02 - 2014-03-21 10:14 - 00000000 ____D () C:\Qoobox
2014-03-21 00:36 - 2014-03-21 00:36 - 00000000 _____ () C:\Recovery.txt
2014-03-20 16:24 - 2014-03-20 16:24 - 00000000 ____D () C:\sources
2014-03-20 14:47 - 2012-09-11 13:18 - 00002232 _____ () C:\Users\Public\Desktop\Photos Snapfish.lnk
2014-03-20 14:47 - 2012-08-17 10:03 - 00002096 _____ () C:\Users\Public\Desktop\HP Games.lnk
2014-03-20 14:46 - 2014-03-21 13:18 - 00000000 ____D () C:\Users\ab\AppData\Local\Packages

==================== One Month Modified Files and Folders =======

2014-03-24 12:48 - 2014-03-24 12:48 - 02157056 _____ (Farbar) C:\Users\ab\Desktop\FRST64.exe
2014-03-24 12:48 - 2014-03-24 12:48 - 00010747 _____ () C:\Users\ab\Desktop\FRST.txt
2014-03-24 12:48 - 2014-03-24 12:48 - 00000000 ____D () C:\FRST
2014-03-24 12:46 - 2014-03-24 12:46 - 00222496 _____ (Fusion Install ) C:\Users\ab\Downloads\Setup.exe
2014-03-24 12:39 - 2014-03-21 13:13 - 01894057 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 12:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-24 11:57 - 2014-03-24 11:57 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1849367719-593064534-2600978153-1001
2014-03-24 11:57 - 2012-08-17 19:14 - 00874848 _____ () C:\Windows\system32\perfh00C.dat
2014-03-24 11:57 - 2012-08-17 19:14 - 00188148 _____ () C:\Windows\system32\perfc00C.dat
2014-03-24 11:57 - 2012-07-26 08:28 - 01994298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 11:52 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 11:51 - 2012-08-03 23:23 - 00007178 _____ () C:\Windows\PFRO.log
2014-03-24 11:50 - 2012-07-26 06:37 - 00000000 ____D () C:\Windows\servicing
2014-03-24 11:49 - 2014-03-24 11:49 - 00000117 _____ () C:\Windows\system32\netcfg-5358125.txt
2014-03-24 11:49 - 2014-03-24 11:49 - 00000117 _____ () C:\Windows\system32\netcfg-5358062.txt
2014-03-24 11:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-24 11:19 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-03-24 11:11 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-24 10:22 - 2014-03-24 10:22 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Malwarebytes
2014-03-24 10:21 - 2014-03-24 10:21 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-24 10:21 - 2014-03-24 10:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 10:21 - 2014-03-24 10:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-24 10:18 - 2014-03-24 10:18 - 00002740 _____ () C:\Users\ab\Desktop\AdwCleaner[R0].txt
2014-03-24 10:18 - 2014-03-21 11:47 - 00000000 ____D () C:\AdwCleaner
2014-03-24 10:15 - 2014-03-24 10:15 - 00001486 _____ () C:\Users\ab\Desktop\JRT.txt
2014-03-24 10:15 - 2014-03-21 14:45 - 00000000 ____D () C:\Users\ab\AppData\Roaming\ZHP
2014-03-24 10:11 - 2014-03-24 10:11 - 00000000 ____D () C:\Windows\ERUNT
2014-03-24 10:11 - 2014-03-24 10:11 - 00000000 ____D () C:\JRT
2014-03-24 10:11 - 2014-03-24 10:10 - 00545954 _____ (Oleg N. Scherbakov) C:\Users\ab\Desktop\jrt.exe
2014-03-24 10:06 - 2014-03-24 10:06 - 00370920 _____ (C) C:\Users\ab\Downloads\jrt.exe
2014-03-24 10:05 - 2012-08-04 00:21 - 00000000 ____D () C:\Windows\Panther
2014-03-22 08:08 - 2014-03-22 08:08 - 00000117 _____ () C:\Windows\system32\netcfg-63506421.txt
2014-03-22 08:08 - 2014-03-22 08:08 - 00000117 _____ () C:\Windows\system32\netcfg-63506187.txt
2014-03-21 22:01 - 2014-03-21 22:01 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-21 22:01 - 2012-07-26 09:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-03-21 16:03 - 2014-03-21 22:01 - 00000000 ____D () C:\Windows.old
2014-03-21 15:50 - 2014-03-21 15:50 - 00000117 _____ () C:\Windows\system32\netcfg-4860531.txt
2014-03-21 15:17 - 2014-03-21 15:17 - 00000117 _____ () C:\Windows\system32\netcfg-2863546.txt
2014-03-21 14:51 - 2014-03-21 14:51 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-03-21 14:46 - 2014-03-21 14:45 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-21 14:45 - 2014-03-21 14:45 - 00001987 _____ () C:\Users\ab\Desktop\ZHPFix.lnk
2014-03-21 14:45 - 2014-03-21 14:45 - 00001860 _____ () C:\Users\ab\Desktop\ZHPDiag.lnk
2014-03-21 14:44 - 2014-03-21 14:44 - 06869581 _____ (Nicolas Coolman ) C:\Users\ab\Downloads\zhpdiag20.exe
2014-03-21 14:42 - 2014-03-21 14:42 - 00000000 ____D () C:\Users\ab\AppData\Roaming\hpqlog
2014-03-21 14:42 - 2014-03-21 13:20 - 00000000 ____D () C:\Users\ab\AppData\Local\Hewlett-Packard
2014-03-21 14:41 - 2014-03-21 14:41 - 00000117 _____ () C:\Windows\system32\netcfg-708640.txt
2014-03-21 14:33 - 2012-07-26 08:19 - 00295848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\Com
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\en-GB
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-03-21 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-21 14:32 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\system32\winrm
2014-03-21 14:32 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\system32\slmgr
2014-03-21 14:32 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-03-21 14:32 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-03-21 14:32 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-03-21 14:31 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-03-21 14:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2014-03-21 14:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MUI
2014-03-21 14:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Com
2014-03-21 14:30 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\system32\WCN
2014-03-21 14:30 - 2012-07-26 08:51 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-03-21 14:30 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Dism
2014-03-21 14:27 - 2014-03-21 14:27 - 00000117 _____ () C:\Windows\system32\netcfg-4950515.txt
2014-03-21 14:22 - 2014-03-21 14:22 - 00000117 _____ () C:\Windows\system32\netcfg-4640265.txt
2014-03-21 13:38 - 2014-03-21 13:38 - 00000117 _____ () C:\Windows\system32\netcfg-2014468.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915578.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915515.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1915093.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000117 _____ () C:\Windows\system32\netcfg-1912031.txt
2014-03-21 13:36 - 2014-03-21 13:36 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Macromedia
2014-03-21 13:34 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\restore
2014-03-21 13:24 - 2014-03-21 21:33 - 00000000 ___HD () C:\$SysReset
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ___RD () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-21 13:19 - 2014-03-21 13:19 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-21 13:19 - 2014-03-21 13:06 - 00000000 ____D () C:\Users\ab
2014-03-21 13:18 - 2014-03-21 13:18 - 00001446 _____ () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-21 13:18 - 2014-03-21 13:18 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Adobe
2014-03-21 13:18 - 2014-03-20 14:46 - 00000000 ____D () C:\Users\ab\AppData\Local\Packages
2014-03-21 13:18 - 2012-08-17 09:53 - 00000000 ___RD () C:\Program Files\Online Services
2014-03-21 13:18 - 2012-08-17 09:53 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-03-21 13:18 - 2012-07-26 09:12 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-03-21 13:17 - 2012-08-04 01:02 - 00000000 ___HD () C:\SYSTEM.SAV
2014-03-21 13:16 - 2014-03-21 13:16 - 00000000 ____D () C:\Users\ab\AppData\Roaming\Synaptics
2014-03-21 13:16 - 2014-03-21 13:16 - 00000000 ____D () C:\Users\ab\AppData\Local\Power2Go8
2014-03-21 13:15 - 2014-03-21 13:15 - 00000000 ____D () C:\Users\ab\AppData\Local\VirtualStore
2014-03-21 13:14 - 2014-03-21 13:14 - 00000020 ___SH () C:\Users\ab\ntuser.ini
2014-03-21 13:12 - 2014-03-21 13:12 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-03-21 13:11 - 2012-09-11 13:30 - 00000000 ____D () C:\ProgramData\Norton
2014-03-21 13:11 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-21 13:09 - 2014-03-21 13:09 - 00000415 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-03-21 13:09 - 2014-03-21 13:06 - 00017148 _____ () C:\Windows\diagwrn.xml
2014-03-21 13:09 - 2014-03-21 13:06 - 00017148 _____ () C:\Windows\diagerr.xml
2014-03-21 13:09 - 2014-03-21 13:06 - 00000000 ___HD () C:\Users\ab\Documents\hp.system.package.metadata
2014-03-21 13:09 - 2012-07-26 09:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-21 13:09 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-21 13:09 - 2012-07-26 08:21 - 00039212 _____ () C:\Windows\setupact.log
2014-03-21 13:09 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Voisinage réseau
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Voisinage d'impression
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Modèles
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Menu Démarrer
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Mes vidéos
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Mes images
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\Documents\Ma musique
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-21 13:07 - 2014-03-21 13:07 - 00000000 _SHDL () C:\Users\ab\AppData\Local\Historique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Mes vidéos
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Mes images
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Public\Documents\Ma musique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Voisinage réseau
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Voisinage d'impression
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Modèles
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Menu Démarrer
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Mes vidéos
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Mes images
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\Documents\Ma musique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Historique
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Modèles
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Menu Démarrer
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\ProgramData\Bureau
2014-03-21 13:05 - 2014-03-21 13:05 - 00000000 _SHDL () C:\Program Files\Fichiers communs
2014-03-21 13:05 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-21 13:03 - 2014-03-21 13:03 - 00002302 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1849367719-593064534-2600978153-500
2014-03-21 13:03 - 2014-03-21 13:03 - 00001140 _____ () C:\Windows\system32\netcfg-87406.txt
2014-03-21 13:03 - 2014-03-21 13:03 - 00000109 _____ () C:\Windows\system32\netcfg-69906.txt
2014-03-21 13:03 - 2012-08-03 23:40 - 00010171 _____ () C:\Windows\iis.log
2014-03-21 13:03 - 2012-07-26 09:13 - 00004552 _____ () C:\Windows\DtcInstall.log
2014-03-21 10:49 - 2014-03-21 10:49 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\ab\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-21 10:46 - 2014-03-21 10:46 - 01950720 _____ () C:\Users\ab\Downloads\adwcleaner.exe
2014-03-21 10:34 - 2014-03-21 10:23 - 00000000 ____D () C:\Users\ab\Desktop\RK_Quarantine
2014-03-21 10:34 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-21 10:14 - 2014-03-21 10:14 - 00011510 _____ () C:\ComboFix.txt
2014-03-21 10:14 - 2014-03-21 10:02 - 00000000 ____D () C:\Qoobox
2014-03-21 00:36 - 2014-03-21 00:36 - 00000000 _____ () C:\Recovery.txt
2014-03-20 16:24 - 2014-03-20 16:24 - 00000000 ____D () C:\sources

Some content of TEMP:
====================
C:\Users\ab\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe
C:\Users\ab\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 23:23

==================== End Of Log ============================