Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by Fabien (administrator) on 29-07-2013 14:29:12
Running from C:\Users\Fabien\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\seccenter.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\odscanui.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\odscanui.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [524800 2010-12-02] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp [x]
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [BitDefender Antiphishing Helper] - C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe [109344 2011-07-01] (BitDefender S.R.L.)
HKLM\...\Run: [BDAgent] - C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2026680 2011-07-01] (BitDefender S.R.L.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-12-13] (EasyBits Software AS)
HKLM-x32\...\Run: [BitDefender Antiphishing Helper] - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe [92352 2011-07-01] (BitDefender S.R.L.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-01-28] (Ask)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-06-06] (Renesas Electronics Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll [2521040 2013-05-23] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://visualbee.delta-search.com/?babsrc=HP_ss&mntrId=BA3EC0F8DA0F6C19&affID=121376&tsp=4947
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://visualbee.delta-search.com/?babsrc=HP_ss&mntrId=BA3EC0F8DA0F6C19&affID=121376&tsp=4947
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://visualbee.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BA3EC0F8DA0F6C19&affID=121376&tsp=4947
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://visualbee.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BA3EC0F8DA0F6C19&affID=121376&tsp=4947
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {9DAC172D-0A9E-400D-A102-B77E9E7CA908} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=fr_FR&apn_ptnrs=U3&apn_dtid=OSJ000YYFR&apn_uid=D0065678-FB5C-4212-B324-DA5681667B3B&apn_sauid=9B48C142-0308-420C-8F98-7BF4FF9CC176
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: VisualBee - {11111111-1111-1111-1111-110311391106} - C:\Program Files (x86)\VisualBee\VisualBee-bho.dll (VisualBee)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: HistoryTriggerBHO Class - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll No File
BHO-x32: electroLyrics - {4E01CBE9-1225-4FEC-B8D9-E96D2E65685F} - C:\Program Files (x86)\electroLyrics\125.dll (Electrosoft)
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll (Visualbee)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: electroLyrics - {B75611CF-D3CE-4F0E-843D-6085704DB2CE} - C:\Program Files (x86)\electroLyrics\120.dll No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll (BitDefender S.R.L.)
Toolbar: HKLM-x32 - BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll (Visualbee)
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-03-13] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default
FF user.js: detected! => C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\user.js
FF SelectedSearchEngine: Ask.com Search
FF Homepage: hxxp://search.babylon.com/?AF=109129&babsrc=HP_ss&mntrId=ba3eb340000000000000c0f8da0f6c19
FF Keyword.URL: hxxp://search.babylon.com/?AF=109129&babsrc=adbartrp&mntrId=ba3eb340000000000000c0f8da0f6c19&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\searchplugins\visualbee.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
FF Extension: electroLyrics - C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\Extensions\120
FF Extension: electroLyrics - C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\Extensions\122
FF Extension: electroLyrics - C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\Extensions\125
FF Extension: No Name - C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\Extensions\67314b39-24e6-4f05-99f3-3f88c7cddd17@6c5fa560-13a3-4d42-8e90-53d9930111f9.com
FF Extension: VisualBee Toolbar - C:\Users\Fabien\AppData\Roaming\Mozilla\Firefox\Profiles\j2753dck.default\Extensions\ffxtlbr@visualbee.com
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [FFToolbar@bitdefender.com] C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\
FF Extension: No Name - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\
FF Extension: No Name - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}] C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [electroLyrics@Electrosoft.co] C:\Program Files (x86)\electroLyrics\125.xpi
FF Extension: No Name - C:\Program Files (x86)\electroLyrics\125.xpi

==================== Services (Whitelisted) =================

R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation)
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation)
S3 Update Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [467248 2011-06-08] (BitDefender)
R2 Updatesrv; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [53224 2011-07-01] (BitDefender S.R.L.)
R2 VSSERV; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2660624 2011-07-01] (BitDefender S.R.L.)

==================== Drivers (Whitelisted) ====================

S4 avc3; C:\Windows\System32\DRIVERS\avc3.sys [692816 2010-06-28] (BitDefender)
S4 avckf; C:\Windows\System32\DRIVERS\avckf.sys [1040976 2010-06-28] (BitDefender)
R3 BDFM; C:\Windows\System32\DRIVERS\bdfm.sys [162896 2010-05-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2011-07-01] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [99408 2011-06-08] (BitDefender)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [x]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [x]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [x]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [x]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 14:25 - 2013-07-29 14:25 - 01780547 _____ (Farbar) C:\Users\Fabien\Desktop\FRST64.exe
2013-07-29 09:43 - 2013-07-29 09:44 - 00000000 ____D C:\Users\Fabien\AppData\Local\{86745301-487F-46C4-A445-F5177AE26557}
2013-07-28 09:02 - 2013-07-28 21:43 - 00000000 ____D C:\Users\Fabien\AppData\Local\{7A7B9885-C15D-4B20-901F-13CB51CDA40B}
2013-07-27 21:01 - 2013-07-27 21:02 - 00000000 ____D C:\Users\Fabien\AppData\Local\{3B52028C-A0A6-4D33-AAD0-0EDAAD4E3D50}
2013-07-27 08:52 - 2013-07-27 08:52 - 00002172 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-27 08:27 - 2013-07-27 08:27 - 00000000 ____D C:\Users\Fabien\AppData\Local\{449A29D8-CDEB-428E-94DA-F8A2A8D2C4DB}
2013-07-26 06:17 - 2013-07-26 06:17 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5CFE53E4-FE0E-486C-8266-A112DCAFD0D1}
2013-07-25 12:00 - 2013-07-25 12:00 - 00000000 ____D C:\Users\Fabien\AppData\Local\{3B8EB3EA-2961-412C-9D6C-F8437E248E84}
2013-07-24 22:19 - 2013-07-24 22:19 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5A75DF96-9657-4D9C-8E5B-6F3A6BD3C399}
2013-07-24 22:19 - 2013-07-24 22:19 - 00000000 ____D C:\Program Files (x86)\electroLyrics
2013-07-23 09:31 - 2013-07-23 09:32 - 00000000 ____D C:\Users\Fabien\AppData\Local\{94CB3CF9-9F84-44D6-BBDD-44761A635CB1}
2013-07-22 12:30 - 2013-07-22 12:30 - 00000000 ____D C:\Users\Fabien\AppData\Local\{FB2F35CD-49CB-49A1-9EF8-D4E91AB0C46F}
2013-07-21 15:00 - 2013-07-21 15:00 - 00000000 ____D C:\Users\Fabien\AppData\Local\{26BA44AC-9E98-4EEA-B453-EAAA3CDEBD6B}
2013-07-20 16:18 - 2013-07-20 16:20 - 00000000 ____D C:\Windows\system32\MRT
2013-07-20 10:22 - 2013-07-20 10:22 - 00000000 ____D C:\Users\Fabien\AppData\Local\{781A12CE-44E1-4143-8C5E-B34DDEA0F803}
2013-07-19 19:31 - 2013-07-19 19:31 - 12755533 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-19.zip
2013-07-19 12:58 - 2013-07-19 12:59 - 00000000 ____D C:\Users\Fabien\AppData\Local\{2E6A9E66-584E-4DD0-8DC2-57F18115CDE3}
2013-07-18 18:05 - 2013-07-29 12:05 - 00001232 _____ C:\Windows\Tasks\VisualBee-codedownloader.job
2013-07-18 18:05 - 2013-07-29 12:05 - 00001226 _____ C:\Windows\Tasks\VisualBee-updater.job
2013-07-18 18:05 - 2013-07-29 12:05 - 00001132 _____ C:\Windows\Tasks\VisualBee-enabler.job
2013-07-18 18:05 - 2013-07-18 18:05 - 00004262 _____ C:\Windows\System32\Tasks\VisualBee-codedownloader
2013-07-18 18:05 - 2013-07-18 18:05 - 00004256 _____ C:\Windows\System32\Tasks\VisualBee-updater
2013-07-18 18:05 - 2013-07-18 18:05 - 00004162 _____ C:\Windows\System32\Tasks\VisualBee-enabler
2013-07-18 18:04 - 2013-07-29 12:04 - 00001860 _____ C:\Windows\Tasks\VisualBee-firefoxinstaller.job
2013-07-18 18:02 - 2013-07-29 09:13 - 00000406 _____ C:\Windows\Tasks\electroLyrics Update.job
2013-07-18 18:02 - 2013-07-18 18:02 - 00003056 _____ C:\Windows\System32\Tasks\electroLyrics Update
2013-07-18 18:01 - 2013-07-18 18:01 - 00000000 ____D C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-18 18:01 - 2013-07-18 18:01 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-18 18:00 - 2013-07-18 18:05 - 00000000 ____D C:\Program Files (x86)\visualbee
2013-07-18 18:00 - 2013-07-18 18:00 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-18 18:00 - 2013-07-18 18:00 - 00000000 ____D C:\Users\Fabien\AppData\Roaming\BabSolution
2013-07-18 17:58 - 2013-07-18 17:58 - 12745938 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-18.zip
2013-07-18 17:57 - 2013-07-18 17:57 - 00001228 _____ C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-18 17:57 - 2013-07-18 17:57 - 00000000 ____D C:\Users\Fabien\AppData\Local\emaze
2013-07-18 07:09 - 2013-07-18 19:10 - 00000000 ____D C:\Users\Fabien\AppData\Local\{2A1985E4-909D-4C5C-863D-0191C178B3ED}
2013-07-17 19:09 - 2013-07-17 19:09 - 00000000 ____D C:\Users\Fabien\AppData\Local\{A75145C8-86FC-43CC-BE9E-00A2B3B4D1C2}
2013-07-17 08:08 - 2013-07-17 20:42 - 12734609 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-17.zip
2013-07-17 07:08 - 2013-07-17 07:08 - 00000000 ____D C:\Users\Fabien\AppData\Local\{47275A81-8979-4B3D-978C-16977F60570F}
2013-07-16 22:09 - 2013-07-16 22:09 - 00000000 ____D C:\Users\Fabien\AppData\Local\{17F8D237-6306-4803-A433-8EA7BE23DD1D}
2013-07-13 13:35 - 2013-07-16 08:24 - 00000000 ____D C:\Users\Fabien\AppData\Local\{22FD26D9-EBF1-46EE-928E-0AA602F4FA5B}
2013-07-12 08:03 - 2013-07-12 08:03 - 00063293 _____ C:\Users\Fabien\Documents\14 juillet 2013.pptx
2013-07-12 06:40 - 2013-07-12 06:40 - 00000000 ____D C:\Users\Fabien\AppData\Local\{BFF3C748-B491-4AB1-8E18-66E5222FC243}
2013-07-12 06:24 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 06:24 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 06:24 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 06:24 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 06:24 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 06:24 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 06:24 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 06:24 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 06:24 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 06:24 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 06:24 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 06:24 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 06:24 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 06:24 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 06:24 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 06:24 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 06:24 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 06:24 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 06:24 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 06:24 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-12 06:24 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 06:24 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 06:24 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-12 06:24 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 06:24 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-12 06:24 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-12 06:24 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 06:24 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 06:24 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-12 06:24 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 06:24 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-12 06:24 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-11 13:48 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 13:48 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 13:48 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 13:48 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 13:39 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 13:36 - 2013-04-10 07:45 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 13:36 - 2013-04-10 07:02 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 12:51 - 2013-07-11 12:51 - 00000000 ____D C:\Users\Fabien\AppData\Local\{66C0F99A-C51F-483B-8133-FB3DB03CE058}
2013-07-10 13:40 - 2013-07-10 13:41 - 00000000 ____D C:\Users\Fabien\AppData\Local\{C38B17EF-56DF-4C6B-9B91-00ECE25BF267}
2013-07-09 09:36 - 2013-07-09 09:36 - 00000000 ____D C:\Users\Fabien\AppData\Local\{51CF6219-22FC-47FB-B37C-0B37ABC3BBF7}
2013-07-08 12:32 - 2013-07-08 12:32 - 00000000 ____D C:\Users\Fabien\AppData\Local\{D42111FA-ADFC-4599-9739-B4AF150A413D}
2013-07-07 14:51 - 2013-07-07 14:52 - 00000000 ____D C:\Users\Fabien\AppData\Local\{046311F4-610B-41C3-8DF7-DA3CA14E4FC3}
2013-07-04 16:25 - 2013-07-04 17:05 - 00066797 _____ C:\Users\Fabien\Documents\tournoi airel 2013.pptx
2013-07-04 11:58 - 2013-07-05 13:30 - 00000000 ____D C:\Users\Fabien\AppData\Local\{B1095742-5B8D-4868-B8D1-6526504E1826}
2013-07-03 08:45 - 2013-07-03 08:45 - 00000000 ____D C:\Users\Fabien\AppData\Local\{11971AAD-5785-4D20-9F0B-82C27C18BCBF}
2013-07-02 20:44 - 2013-07-02 20:44 - 00000000 ____D C:\Users\Fabien\AppData\Local\{A2D7737D-6F67-4520-B791-81266ED867D0}
2013-07-01 23:07 - 2013-07-01 23:07 - 00000000 ____D C:\Users\Fabien\AppData\Local\{C2BEF818-4F1F-4DFA-844B-B3AAC4186868}
2013-06-30 20:38 - 2013-07-01 09:55 - 00000000 ____D C:\Users\Fabien\AppData\Local\{D0DB46CF-2810-4E48-A40B-1352E278B274}
2013-06-30 13:17 - 2013-07-01 18:28 - 00014434 _____ C:\Users\Fabien\Desktop\Bilan perso.xlsx
2013-06-30 08:37 - 2013-06-30 08:38 - 00000000 ____D C:\Users\Fabien\AppData\Local\{8F6F1E20-FDC1-4EDF-B7AC-A527FDB294FE}
2013-06-29 20:24 - 2013-06-29 20:25 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5065814A-C0A2-4108-834D-C528A24B1999}
2013-06-29 19:41 - 2013-06-29 19:41 - 12572428 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-06-29.zip
2013-06-29 08:24 - 2013-06-29 08:24 - 00000000 ____D C:\Users\Fabien\AppData\Local\{62A2899B-3724-4B04-82BE-32196368EF33}
102

==================== One Month Modified Files and Folders =======

2013-07-29 14:30 - 2012-09-10 12:26 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 14:28 - 2013-07-29 14:28 - 00000000 ____D C:\FRST
2013-07-29 14:28 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 14:28 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-29 14:25 - 2013-07-29 14:25 - 01780547 _____ (Farbar) C:\Users\Fabien\Desktop\FRST64.exe
2013-07-29 12:05 - 2013-07-18 18:05 - 00001232 _____ C:\Windows\Tasks\VisualBee-codedownloader.job
2013-07-29 12:05 - 2013-07-18 18:05 - 00001226 _____ C:\Windows\Tasks\VisualBee-updater.job
2013-07-29 12:05 - 2013-07-18 18:05 - 00001132 _____ C:\Windows\Tasks\VisualBee-enabler.job
2013-07-29 12:04 - 2013-07-18 18:04 - 00001860 _____ C:\Windows\Tasks\VisualBee-firefoxinstaller.job
2013-07-29 11:46 - 2011-04-13 15:19 - 01302805 _____ C:\Windows\WindowsUpdate.log
2013-07-29 09:57 - 2011-06-17 20:04 - 00000000 ____D C:\Users\Fabien\Documents\Gestion Commerce
2013-07-29 09:44 - 2013-07-29 09:43 - 00000000 ____D C:\Users\Fabien\AppData\Local\{86745301-487F-46C4-A445-F5177AE26557}
2013-07-29 09:13 - 2013-07-18 18:02 - 00000406 _____ C:\Windows\Tasks\electroLyrics Update.job
2013-07-29 09:13 - 2012-09-10 12:26 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-29 09:13 - 2011-09-17 14:21 - 00000000 ____D C:\Users\Fabien\Tracing
2013-07-29 09:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 09:08 - 2009-07-14 06:51 - 00130176 _____ C:\Windows\setupact.log
2013-07-28 21:43 - 2013-07-28 09:02 - 00000000 ____D C:\Users\Fabien\AppData\Local\{7A7B9885-C15D-4B20-901F-13CB51CDA40B}
2013-07-28 15:43 - 2011-07-03 19:31 - 00000000 ____D C:\Users\Fabien\AppData\Local\CrashDumps
2013-07-27 21:02 - 2013-07-27 21:01 - 00000000 ____D C:\Users\Fabien\AppData\Local\{3B52028C-A0A6-4D33-AAD0-0EDAAD4E3D50}
2013-07-27 21:01 - 2011-06-11 07:55 - 00003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3BB323D0-612D-4838-B119-5AC6207AE4C2}
2013-07-27 08:52 - 2013-07-27 08:52 - 00002172 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-27 08:52 - 2012-09-10 12:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-27 08:27 - 2013-07-27 08:27 - 00000000 ____D C:\Users\Fabien\AppData\Local\{449A29D8-CDEB-428E-94DA-F8A2A8D2C4DB}
2013-07-27 08:26 - 2011-06-11 16:03 - 00000376 _____ C:\Users\Fabien\AppData\Roamingprivacy.xml
2013-07-26 08:09 - 2013-05-10 14:55 - 00015497 _____ C:\Users\Fabien\Desktop\Heures Julie.xlsx
2013-07-26 06:17 - 2013-07-26 06:17 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5CFE53E4-FE0E-486C-8266-A112DCAFD0D1}
2013-07-25 14:37 - 2011-11-03 09:57 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-25 14:37 - 2011-06-11 07:53 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-25 12:00 - 2013-07-25 12:00 - 00000000 ____D C:\Users\Fabien\AppData\Local\{3B8EB3EA-2961-412C-9D6C-F8437E248E84}
2013-07-25 08:13 - 2011-04-13 15:36 - 00765526 _____ C:\Windows\PFRO.log
2013-07-24 22:19 - 2013-07-24 22:19 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5A75DF96-9657-4D9C-8E5B-6F3A6BD3C399}
2013-07-24 22:19 - 2013-07-24 22:19 - 00000000 ____D C:\Program Files (x86)\electroLyrics
2013-07-23 09:32 - 2013-07-23 09:31 - 00000000 ____D C:\Users\Fabien\AppData\Local\{94CB3CF9-9F84-44D6-BBDD-44761A635CB1}
2013-07-22 12:30 - 2013-07-22 12:30 - 00000000 ____D C:\Users\Fabien\AppData\Local\{FB2F35CD-49CB-49A1-9EF8-D4E91AB0C46F}
2013-07-21 15:00 - 2013-07-21 15:00 - 00000000 ____D C:\Users\Fabien\AppData\Local\{26BA44AC-9E98-4EEA-B453-EAAA3CDEBD6B}
2013-07-20 16:20 - 2013-07-20 16:18 - 00000000 ____D C:\Windows\system32\MRT
2013-07-20 10:22 - 2013-07-20 10:22 - 00000000 ____D C:\Users\Fabien\AppData\Local\{781A12CE-44E1-4143-8C5E-B34DDEA0F803}
2013-07-19 19:31 - 2013-07-19 19:31 - 12755533 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-19.zip
2013-07-19 12:59 - 2013-07-19 12:58 - 00000000 ____D C:\Users\Fabien\AppData\Local\{2E6A9E66-584E-4DD0-8DC2-57F18115CDE3}
2013-07-19 12:57 - 2012-05-10 09:29 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForFabien.job
2013-07-18 19:10 - 2013-07-18 07:09 - 00000000 ____D C:\Users\Fabien\AppData\Local\{2A1985E4-909D-4C5C-863D-0191C178B3ED}
2013-07-18 18:05 - 2013-07-18 18:05 - 00004262 _____ C:\Windows\System32\Tasks\VisualBee-codedownloader
2013-07-18 18:05 - 2013-07-18 18:05 - 00004256 _____ C:\Windows\System32\Tasks\VisualBee-updater
2013-07-18 18:05 - 2013-07-18 18:05 - 00004162 _____ C:\Windows\System32\Tasks\VisualBee-enabler
2013-07-18 18:05 - 2013-07-18 18:00 - 00000000 ____D C:\Program Files (x86)\visualbee
2013-07-18 18:02 - 2013-07-18 18:02 - 00003056 _____ C:\Windows\System32\Tasks\electroLyrics Update
2013-07-18 18:01 - 2013-07-18 18:01 - 00000000 ____D C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
2013-07-18 18:01 - 2013-07-18 18:01 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-18 18:00 - 2013-07-18 18:00 - 00003394 _____ C:\Windows\System32\Tasks\EPUpdater
2013-07-18 18:00 - 2013-07-18 18:00 - 00000000 ____D C:\Users\Fabien\AppData\Roaming\BabSolution
2013-07-18 17:58 - 2013-07-18 17:58 - 12745938 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-18.zip
2013-07-18 17:57 - 2013-07-18 17:57 - 00001228 _____ C:\Users\Fabien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
2013-07-18 17:57 - 2013-07-18 17:57 - 00000000 ____D C:\Users\Fabien\AppData\Local\emaze
2013-07-18 15:01 - 2012-05-10 09:29 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFabien
2013-07-18 10:06 - 2011-06-19 18:30 - 00000000 ____D C:\Users\Fabien\Documents\Mes numérisations
2013-07-17 20:42 - 2013-07-17 08:08 - 12734609 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-07-17.zip
2013-07-17 19:09 - 2013-07-17 19:09 - 00000000 ____D C:\Users\Fabien\AppData\Local\{A75145C8-86FC-43CC-BE9E-00A2B3B4D1C2}
2013-07-17 14:46 - 2013-05-13 17:36 - 00000000 ____D C:\Users\Fabien\Desktop\TVA
2013-07-17 07:08 - 2013-07-17 07:08 - 00000000 ____D C:\Users\Fabien\AppData\Local\{47275A81-8979-4B3D-978C-16977F60570F}
2013-07-16 22:09 - 2013-07-16 22:09 - 00000000 ____D C:\Users\Fabien\AppData\Local\{17F8D237-6306-4803-A433-8EA7BE23DD1D}
2013-07-16 08:25 - 2012-09-10 12:26 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-16 08:25 - 2012-09-10 12:26 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-16 08:24 - 2013-07-13 13:35 - 00000000 ____D C:\Users\Fabien\AppData\Local\{22FD26D9-EBF1-46EE-928E-0AA602F4FA5B}
2013-07-12 08:03 - 2013-07-12 08:03 - 00063293 _____ C:\Users\Fabien\Documents\14 juillet 2013.pptx
2013-07-12 06:40 - 2013-07-12 06:40 - 00000000 ____D C:\Users\Fabien\AppData\Local\{BFF3C748-B491-4AB1-8E18-66E5222FC243}
2013-07-12 06:36 - 2009-07-14 06:45 - 00457528 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 06:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 06:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 06:34 - 2012-05-12 22:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 06:34 - 2012-05-12 22:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 06:31 - 2011-06-16 16:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 06:29 - 2011-03-13 15:11 - 00811700 _____ C:\Windows\system32\perfh00C.dat
2013-07-12 06:29 - 2011-03-13 15:11 - 00173716 _____ C:\Windows\system32\perfc00C.dat
2013-07-12 06:29 - 2009-07-14 07:13 - 01870666 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-11 12:51 - 2013-07-11 12:51 - 00000000 ____D C:\Users\Fabien\AppData\Local\{66C0F99A-C51F-483B-8133-FB3DB03CE058}
2013-07-10 17:47 - 2013-05-23 13:17 - 00024922 _____ C:\Users\Fabien\Desktop\Planning Julie.xlsx
2013-07-10 13:41 - 2013-07-10 13:40 - 00000000 ____D C:\Users\Fabien\AppData\Local\{C38B17EF-56DF-4C6B-9B91-00ECE25BF267}
2013-07-09 09:36 - 2013-07-09 09:36 - 00000000 ____D C:\Users\Fabien\AppData\Local\{51CF6219-22FC-47FB-B37C-0B37ABC3BBF7}
2013-07-09 09:28 - 2009-07-14 07:08 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-08 12:32 - 2013-07-08 12:32 - 00000000 ____D C:\Users\Fabien\AppData\Local\{D42111FA-ADFC-4599-9739-B4AF150A413D}
2013-07-07 14:52 - 2013-07-07 14:51 - 00000000 ____D C:\Users\Fabien\AppData\Local\{046311F4-610B-41C3-8DF7-DA3CA14E4FC3}
2013-07-05 13:30 - 2013-07-04 11:58 - 00000000 ____D C:\Users\Fabien\AppData\Local\{B1095742-5B8D-4868-B8D1-6526504E1826}
2013-07-04 17:05 - 2013-07-04 16:25 - 00066797 _____ C:\Users\Fabien\Documents\tournoi airel 2013.pptx
2013-07-04 16:24 - 2011-07-02 18:56 - 00064929 _____ C:\Users\Fabien\Documents\tournoi airel.pptx
2013-07-03 08:45 - 2013-07-03 08:45 - 00000000 ____D C:\Users\Fabien\AppData\Local\{11971AAD-5785-4D20-9F0B-82C27C18BCBF}
2013-07-02 20:44 - 2013-07-02 20:44 - 00000000 ____D C:\Users\Fabien\AppData\Local\{A2D7737D-6F67-4520-B791-81266ED867D0}
2013-07-01 23:07 - 2013-07-01 23:07 - 00000000 ____D C:\Users\Fabien\AppData\Local\{C2BEF818-4F1F-4DFA-844B-B3AAC4186868}
2013-07-01 18:28 - 2013-06-30 13:17 - 00014434 _____ C:\Users\Fabien\Desktop\Bilan perso.xlsx
2013-07-01 09:55 - 2013-06-30 20:38 - 00000000 ____D C:\Users\Fabien\AppData\Local\{D0DB46CF-2810-4E48-A40B-1352E278B274}
2013-06-30 08:38 - 2013-06-30 08:37 - 00000000 ____D C:\Users\Fabien\AppData\Local\{8F6F1E20-FDC1-4EDF-B7AC-A527FDB294FE}
2013-06-29 20:25 - 2013-06-29 20:24 - 00000000 ____D C:\Users\Fabien\AppData\Local\{5065814A-C0A2-4108-834D-C528A24B1999}
2013-06-29 19:41 - 2013-06-29 19:41 - 12572428 _____ C:\Users\Fabien\Documents\Sauvegarde_Bar Du Depart 2012_2013-06-29.zip
2013-06-29 08:24 - 2013-06-29 08:24 - 00000000 ____D C:\Users\Fabien\AppData\Local\{62A2899B-3724-4B04-82BE-32196368EF33}

Files to move or delete:
====================
C:\Users\Fabien\GoToAssistDownloadHelper.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 10:14

==================== End Of Log ============================