Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by sandee (administrator) on SANDEE-PC on 06-11-2013 20:34:59
Running from C:\Users\sandee\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Egis Technology Inc.) c:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) c:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
(Google Inc.) C:\Users\sandee\AppData\Local\Google\Update\GoogleUpdate.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SFR) C:\Program Files (x86)\SFR\Kit\9props.exe
(SFR) C:\Program Files (x86)\SFR\Mediacenter Evolution\MediaCenter.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\sandee\AppData\Roaming\BitTorrent\BitTorrent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Micro Application) C:\Program Files (x86)\Micro Application\LauncherMA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-11-03] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2012-06-12] ()
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-02] (Acer Incorporated)
HKLM\...\Run: [fssui] - C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [892416 2012-09-12] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\sandee\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-13] (Google Inc.)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKCU\...\Run: [Connexion SFR 9props.exe] - C:\Program Files (x86)\SFR\Kit\9props.exe [959880 2011-06-10] (SFR)
HKCU\...\Run: [SFR Mediacenter] - C:\Program Files (x86)\SFR\Mediacenter Evolution\MediaCenter.exe [2688368 2013-02-26] (SFR)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [BitTorrent] - C:\Users\sandee\AppData\Roaming\BitTorrent\BitTorrent.exe [894816 2013-10-25] (BitTorrent Inc.)
MountPoints2: {4323196b-39bb-11e3-a88e-00262d664655} - G:\Startme.exe
MountPoints2: {44e76511-bde1-11e1-96e0-00262d664655} - G:\iStudio.exe
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3564544 2009-08-06] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1100368 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-11-25] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [ROC_roc_ssl_v12] - "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\NiCo\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\sandee2012\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Lsa: [Notification Packages] c:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk
ShortcutTarget: Lanceur.lnk -> C:\Program Files (x86)\Micro Application\LauncherMA.exe (Micro Application)
Startup: C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
ShortcutTarget: OneNote 2007 - Capture d'écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope CDFC382202E940D4BF450A6E858AD8FB URL = http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=FR&userid=448235c0-4c08-45a7-a361-75e14333958d&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate={installDate}&type=hp1000
SearchScopes: HKCU - CDFC382202E940D4BF450A6E858AD8FB URL = http://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=FR&userid=448235c0-4c08-45a7-a361-75e14333958d&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate={installDate}&type=hp1000
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d’aide de l’Assistant de connexion au compte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\sandee\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sandee\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\sandee\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [helperframework@zonemedia.com] - C:\Program Files (x86)\Internet Explorer\bin
FF Extension: Browser Helper Framework - C:\Program Files (x86)\Internet Explorer\bin

Chrome:
=======
CHR Extension: (ElectroLyrics-16) - C:\Users\sandee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemfpepmlfpoeaopamikcgielgbdfndp\1.25.18_0
CHR Extension: (Browser Helper Object) - C:\Users\sandee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc\1.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\sandee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM-x32\...\Chrome\Extension: [kkkeikdkpjenmoiicggnnodbkebafgpc] - C:\Program Files (x86)\Internet Explorer\cr_addon.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788000 2009-10-02] (Acer Incorporated)
R2 IGBASVC; c:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-08-06] (Egis Technology Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-28] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [6656 2009-07-21] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [25088 2009-07-21] (Nuvoton Technology Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
U5 BITS; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 23:14 - 2013-11-05 23:14 - 00000000 ____D C:\Program Files\Windows Live
2013-11-05 23:00 - 2013-11-05 23:00 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 23:00 - 2013-11-05 23:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-05 23:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-05 22:59 - 2013-11-05 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandee\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-05 22:54 - 2013-11-05 22:54 - 00026873 _____ C:\Users\sandee\Desktop\AdwCleaner[S0].txt
2013-11-05 22:49 - 2013-11-05 22:52 - 00000000 ____D C:\AdwCleaner
2013-11-05 22:48 - 2013-11-05 22:48 - 01073262 _____ C:\Users\sandee\Downloads\AdwCleaner.exe
2013-11-05 19:49 - 2013-11-05 19:49 - 01957098 _____ (Farbar) C:\Users\sandee\Desktop\FRST64.exe
2013-11-05 19:49 - 2013-11-05 19:49 - 00000000 ____D C:\FRST
2013-11-04 12:42 - 2013-11-04 12:42 - 00000000 _____ C:\autoexec.bat
2013-11-04 12:41 - 2013-11-04 12:41 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-04 12:40 - 2013-11-05 22:43 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-04 12:09 - 2013-11-04 12:09 - 00003190 _____ C:\Windows\System32\Tasks\{5A5C5222-B9F7-4536-8E58-BAB6F5CEB195}
2013-11-04 11:46 - 2013-11-04 11:46 - 00003186 _____ C:\Windows\System32\Tasks\{9EE02B30-299B-41DA-822F-56CB6D2B0B56}
2013-11-03 20:54 - 2013-11-03 20:54 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3drm.dll
2013-11-03 20:46 - 2013-11-03 20:46 - 00000286 _____ C:\Windows\EReg213.dat
2013-11-03 20:46 - 2013-11-03 20:46 - 00000000 ____D C:\Program Files (x86)\LEGO Media
2013-11-03 20:45 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2013-11-03 17:08 - 2013-11-03 17:08 - 00000000 ____D C:\Users\sandee\Documents\RCT3
2013-11-03 17:08 - 2013-11-03 17:08 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Atari
2013-11-03 15:31 - 2013-11-03 15:31 - 00000000 ____D C:\Users\sandee\AppData\Roaming\ValuSoft
2013-11-03 15:07 - 2013-11-03 15:07 - 00000218 _____ C:\Users\sandee\AppData\Local\recently-used.xbel
2013-11-03 15:07 - 2013-11-03 15:07 - 00000000 ____D C:\Users\sandee\AppData\Roaming\deluge
2013-11-03 13:53 - 2004-12-10 21:50 - 00000000 ____D C:\Users\sandee\Desktop\images
2013-10-28 21:17 - 2013-10-28 21:17 - 00000000 ____D C:\Users\sandee\AppData\Roaming\IE Addon
2013-10-21 21:32 - 2013-10-21 21:32 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-10-20 20:43 - 2013-10-20 20:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-10-20 20:43 - 2013-10-20 20:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-10-20 20:37 - 2013-10-23 09:16 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2013-10-20 20:37 - 2013-10-20 20:37 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-10-20 20:37 - 2013-10-20 20:37 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-10-20 20:37 - 2013-10-20 20:37 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-10-20 17:49 - 2013-10-20 17:49 - 00000000 ____D C:\Users\sandee\AppData\Roaming\ooVoo Details
2013-10-16 15:51 - 2013-10-16 15:51 - 00000818 _____ C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

==================== One Month Modified Files and Folders =======

2013-11-06 20:38 - 2012-06-14 11:58 - 00000000 ____D C:\Users\sandee\AppData\Roaming\BitTorrent
2013-11-06 20:37 - 2012-08-31 19:45 - 00000000 ____D C:\ProgramData\MFAData
2013-11-06 20:37 - 2012-06-12 18:17 - 01051447 _____ C:\Windows\WindowsUpdate.log
2013-11-06 20:35 - 2012-06-14 15:39 - 00000000 ____D C:\Users\sandee\AppData\Local\Windows Live
2013-11-06 20:32 - 2013-01-20 13:24 - 00056347 _____ C:\Windows\setupact.log
2013-11-06 20:32 - 2012-06-12 19:50 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-06 20:32 - 2012-06-12 18:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-06 20:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-06 05:08 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-06 05:08 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-06 05:03 - 2012-06-13 22:00 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000UA.job
2013-11-06 05:01 - 2013-01-20 13:24 - 00015726 _____ C:\Windows\PFRO.log
2013-11-06 05:00 - 2012-06-12 19:50 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-06 04:59 - 2013-01-06 14:47 - 00000000 ____D C:\Users\sandee\AppData\Local\DirectDownloader
2013-11-06 04:50 - 2012-06-15 12:20 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-06 02:28 - 2012-06-20 13:18 - 00001100 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000UA.job
2013-11-06 00:08 - 2012-06-12 13:40 - 00000000 ___RD C:\Users\sandee\Desktop\telechargement12
2013-11-05 23:43 - 2012-06-13 03:57 - 00745738 _____ C:\Windows\system32\perfh00C.dat
2013-11-05 23:43 - 2012-06-13 03:57 - 00149410 _____ C:\Windows\system32\perfc00C.dat
2013-11-05 23:43 - 2009-07-14 06:13 - 01661928 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-05 23:39 - 2013-01-24 21:41 - 00000000 ____D C:\Users\sandee\AppData\Roaming\vlc
2013-11-05 23:28 - 2012-06-20 13:18 - 00001078 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000Core.job
2013-11-05 23:14 - 2013-11-05 23:14 - 00000000 ____D C:\Program Files\Windows Live
2013-11-05 23:03 - 2012-06-13 22:00 - 00001030 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000Core.job
2013-11-05 23:00 - 2013-11-05 23:00 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-05 23:00 - 2013-11-05 23:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-05 22:59 - 2013-11-05 22:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sandee\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-05 22:54 - 2013-11-05 22:54 - 00026873 _____ C:\Users\sandee\Desktop\AdwCleaner[S0].txt
2013-11-05 22:52 - 2013-11-05 22:49 - 00000000 ____D C:\AdwCleaner
2013-11-05 22:52 - 2012-08-05 15:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-05 22:52 - 2012-06-13 22:01 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-11-05 22:52 - 2012-06-12 18:28 - 00001196 _____ C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-05 22:52 - 2012-06-12 18:28 - 00001009 _____ C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-11-05 22:48 - 2013-11-05 22:48 - 01073262 _____ C:\Users\sandee\Downloads\AdwCleaner.exe
2013-11-05 22:47 - 2012-06-12 18:45 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-05 22:43 - 2013-11-04 12:40 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-11-05 19:49 - 2013-11-05 19:49 - 01957098 _____ (Farbar) C:\Users\sandee\Desktop\FRST64.exe
2013-11-05 19:49 - 2013-11-05 19:49 - 00000000 ____D C:\FRST
2013-11-04 12:42 - 2013-11-04 12:42 - 00000000 _____ C:\autoexec.bat
2013-11-04 12:41 - 2013-11-04 12:41 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-04 12:09 - 2013-11-04 12:09 - 00003190 _____ C:\Windows\System32\Tasks\{5A5C5222-B9F7-4536-8E58-BAB6F5CEB195}
2013-11-04 11:50 - 2013-07-10 14:55 - 00000000 ____D C:\Users\sandee\Desktop\photo
2013-11-04 11:46 - 2013-11-04 11:46 - 00003186 _____ C:\Windows\System32\Tasks\{9EE02B30-299B-41DA-822F-56CB6D2B0B56}
2013-11-04 11:43 - 2012-07-22 17:38 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-11-03 20:54 - 2013-11-03 20:54 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3drm.dll
2013-11-03 20:46 - 2013-11-03 20:46 - 00000286 _____ C:\Windows\EReg213.dat
2013-11-03 20:46 - 2013-11-03 20:46 - 00000000 ____D C:\Program Files (x86)\LEGO Media
2013-11-03 17:08 - 2013-11-03 17:08 - 00000000 ____D C:\Users\sandee\Documents\RCT3
2013-11-03 17:08 - 2013-11-03 17:08 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Atari
2013-11-03 15:59 - 2012-06-12 18:28 - 00000000 ___RD C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-03 15:58 - 2009-10-28 18:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-03 15:31 - 2013-11-03 15:31 - 00000000 ____D C:\Users\sandee\AppData\Roaming\ValuSoft
2013-11-03 15:30 - 2013-02-06 15:19 - 00262376 _____ C:\Windows\DirectX.log
2013-11-03 15:07 - 2013-11-03 15:07 - 00000218 _____ C:\Users\sandee\AppData\Local\recently-used.xbel
2013-11-03 15:07 - 2013-11-03 15:07 - 00000000 ____D C:\Users\sandee\AppData\Roaming\deluge
2013-11-03 13:23 - 2012-08-19 12:19 - 00000000 ____D C:\Users\sandee\AppData\Local\SKIDROW
2013-10-31 22:03 - 2012-11-27 16:10 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Skype
2013-10-28 21:22 - 2012-10-04 15:59 - 00000000 ____D C:\Users\sandee\Documents\NICOLAS
2013-10-28 21:17 - 2013-10-28 21:17 - 00000000 ____D C:\Users\sandee\AppData\Roaming\IE Addon
2013-10-28 09:24 - 2009-07-14 06:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-24 15:41 - 2013-04-28 20:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-24 15:41 - 2012-11-27 16:10 - 00000000 ____D C:\ProgramData\Skype
2013-10-23 09:16 - 2013-10-20 20:37 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2013-10-21 21:32 - 2013-10-21 21:32 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-10-20 20:43 - 2013-10-20 20:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2013-10-20 20:43 - 2013-10-20 20:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2013-10-20 20:37 - 2013-10-20 20:37 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2013-10-20 20:37 - 2013-10-20 20:37 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2013-10-20 20:37 - 2013-10-20 20:37 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2013-10-20 17:49 - 2013-10-20 17:49 - 00000000 ____D C:\Users\sandee\AppData\Roaming\ooVoo Details
2013-10-18 21:41 - 2012-07-22 17:38 - 00000000 ____D C:\Users\sandee\Documents\My Games
2013-10-16 16:01 - 2012-12-23 19:26 - 00000000 ____D C:\Users\sandee\AppData\Roaming\Intelli-studio
2013-10-16 15:51 - 2013-10-16 15:51 - 00000818 _____ C:\Users\sandee\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2013-10-16 15:51 - 2012-06-14 11:59 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2013-10-10 22:39 - 2013-10-01 13:56 - 00000983 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-10 22:39 - 2012-08-31 19:49 - 00000000 ___HD C:\$AVG
2013-10-09 22:50 - 2012-06-15 12:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 22:50 - 2012-06-15 12:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 22:50 - 2012-06-15 12:20 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-08 21:58 - 2012-06-13 22:00 - 00004054 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000UA
2013-10-08 21:58 - 2012-06-13 22:00 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2449440193-2042137118-2482735012-1000Core
2013-10-07 11:26 - 2013-10-01 13:47 - 00000000 ____D C:\Users\sandee\AppData\Local\Avg2014

Some content of TEMP:
====================
C:\Users\sandee\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\sandee\AppData\Local\Temp\NLStubInstallerResources.dll
C:\Users\sandee\AppData\Local\Temp\Quarantine.exe
C:\Users\sandee\AppData\Local\Temp\SHSetup.exe
C:\Users\sandee\AppData\Local\Temp\SkypeSetup.exe
C:\Users\sandee\AppData\Local\Temp\uninst1.exe
C:\Users\sandee\AppData\Local\Temp\utt67F.tmp.exe
C:\Users\sandee\AppData\Local\Temp\utt7101.tmp.exe
C:\Users\sandee\AppData\Local\Temp\uttE67B.tmp.exe
C:\Users\sandee\AppData\Local\Temp\Windows Live Messenger.exe
C:\Users\sandee\AppData\Local\Temp\WLM2011Installer.exe
C:\Users\sandee\AppData\Local\Temp\WLM_2011.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-01 14:21

==================== End Of Log ============================