Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by sylvain (administrator) on SYLVAIN-PC on 08-11-2013 11:54:46
Running from D:\programme\telechargement a partir de firefox
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Druide informatique inc.) C:\Program Files (x86)\Druide\Antidote\Gestionnaire Antidote.exe
(Orbiscom Ltd. All rights reserved.) C:\Program Files (x86)\e-Carte Bleue Société Générale\ecbl-sg.exe
(Philips) C:\Windows\VPro620.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Fatal1tySTU] - [x]
HKCU\...\Run: [zASRockInstantBoot] - [x]
HKCU\...\Run: [WindowsUpdate] - C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe [55632 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - "L:\sauvegarde\disque programme\programmes\DAEMON Tools Lite\DTLite.exe" -autorun
HKCU\...\Run: [Gestionnaire Antidote.exe] - C:\Program Files (x86)\Druide\Antidote\Gestionnaire Antidote.exe [542136 2008-12-03] (Druide informatique inc.)
HKCU\...\Winlogon: [Shell] C:\Windows\explorer.exe,Explorer.exe <==== ATTENTION
MountPoints2: {15210bff-e6d2-11e2-9382-bc5ff435ee51} - M:\Eautorun.exe
MountPoints2: {2d48e0f8-e095-11e2-8c4a-806e6f6e6963} - G:\Setup.exe
MountPoints2: {82485c4c-e097-11e2-a821-806e6f6e6963} - G:\Msetup.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] - C:\Program Files (x86)\XFastUSB\XFastUsb.exe [4934880 2013-06-29] (FNet Co., Ltd.)
HKLM-x32\...\Run: [THX TruStudio NB Settings] - C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\Updreg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
Startup: C:\Users\sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDC8D8EEACD75CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - F:\programme\vlc\vlc2013\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: a2zLyrics-16 - C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default\Extensions\2f86d471-1122-4c15-901a-d7fd67316cd9@ca42b8d2-0eb6-47be-84a2-6d95abe186e8.com
FF Extension: SearchNewTab - C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default\Extensions\byyea@aoeyoyao.com
FF Extension: savenshare - C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default\Extensions\d3qfcbl@rwuds.com
FF Extension: QuickShare Widget - C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default\Extensions\{35baa3b3-a3d9-7cca-cf11-aebad09cf378}
FF Extension: No Name - C:\Users\sylvain\AppData\Roaming\Mozilla\Firefox\Profiles\9xerfcbk.default\Extensions\{75493B06-1504-4976-9A55-B6FE240FF0BF}.xpi

==================== Services (Whitelisted) =================

R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
S2 aswUpdSv; "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-07-07] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-07-31] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-06-29] (FNet Co., Ltd.)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips )
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-11-08] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-08 11:54 - 2013-11-08 11:54 - 00000000 ____D C:\FRST
2013-11-07 20:49 - 2013-11-07 20:59 - 00000000 ____D C:\AdwCleaner
2013-11-06 18:14 - 2013-11-06 18:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-20 13:30 - 2013-10-24 05:33 - 00000000 ____D C:\ProgramData\Skype
2013-10-20 13:30 - 2013-10-24 05:32 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\Skype
2013-10-20 13:27 - 2013-10-20 13:27 - 00008096 _____ C:\Windows\DPINST.LOG
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Windows\Philips
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files\Philips
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files\DIFX
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files (x86)\Philips
2013-10-20 13:27 - 2007-06-18 15:10 - 00061440 _____ (Philips) C:\Windows\VPro620.exe
2013-10-20 13:27 - 2003-03-19 05:20 - 01060864 _____ (Microsoft Corporation) C:\Windows\MFC71.dll
2013-10-20 13:27 - 2003-02-21 12:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2013-10-20 13:24 - 2013-10-20 13:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_phaudlwr_01005.Wdf
2013-10-20 13:24 - 2007-09-28 15:12 - 00581120 _____ (Philips ) C:\Windows\system32\Drivers\SPC620.sys
2013-10-20 13:24 - 2007-09-28 15:12 - 00008192 _____ (Philips ) C:\Windows\system32\Drivers\SPC620m.sys
2013-10-20 13:24 - 2007-09-28 15:05 - 00307200 _____ (Philips) C:\Windows\SysWOW64\stvspc.ax
2013-10-20 13:24 - 2007-06-06 16:24 - 00151552 _____ (STMicroelectronics) C:\Windows\SysWOW64\imgcpylib.dll
2013-10-20 09:19 - 2013-10-31 18:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-19 12:33 - 2013-10-19 12:33 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\Malwarebytes
2013-10-19 12:32 - 2013-10-19 17:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-19 12:32 - 2013-10-19 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-19 11:12 - 2013-10-19 17:02 - 00000000 ____D C:\Users\sylvain\AppData\Local\WebPlayer
2013-10-19 11:11 - 2013-10-19 17:02 - 00000000 ____D C:\ProgramData\Wincert
2013-10-17 17:05 - 2013-10-17 17:05 - 00213366 _____ C:\Users\sylvain\AppData\Local\census.cache
2013-10-17 17:04 - 2013-10-17 17:04 - 00095467 _____ C:\Users\sylvain\AppData\Local\ars.cache
2013-10-17 16:54 - 2013-10-17 16:54 - 00000036 _____ C:\Users\sylvain\AppData\Local\housecall.guid.cache
2013-10-10 20:01 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 20:01 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 20:01 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 20:01 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 20:01 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 20:01 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 20:01 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 20:01 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 20:01 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 20:01 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 20:01 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-10 20:01 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 18:26 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 18:26 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 18:26 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 18:26 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 18:26 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 18:26 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 18:26 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 18:26 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 18:26 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 18:26 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 18:26 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 18:26 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 18:26 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 18:26 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 18:26 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 18:26 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 18:26 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 18:26 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 18:26 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 18:26 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 18:26 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 18:26 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 18:26 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:26 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:26 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 18:26 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 18:26 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 18:26 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 18:26 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 18:26 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 18:26 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 18:26 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 18:26 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 18:26 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 18:26 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 18:26 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 18:26 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 18:26 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 18:26 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 18:26 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 18:26 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 18:26 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 18:26 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 18:26 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 18:26 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 18:26 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 18:26 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

==================== One Month Modified Files and Folders =======

2013-11-08 11:54 - 2013-11-08 11:54 - 00000000 ____D C:\FRST
2013-11-08 11:18 - 2013-06-30 21:11 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-08 11:02 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-08 11:02 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-08 11:00 - 2011-04-12 10:16 - 00704242 _____ C:\Windows\system32\perfh00C.dat
2013-11-08 11:00 - 2011-04-12 10:16 - 00130548 _____ C:\Windows\system32\perfc00C.dat
2013-11-08 11:00 - 2009-07-14 06:13 - 01549700 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-08 10:59 - 2013-06-29 09:35 - 01381105 _____ C:\Windows\WindowsUpdate.log
2013-11-08 10:55 - 2013-08-26 16:45 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2013-11-08 10:55 - 2013-06-29 21:57 - 00580558 _____ C:\Windows\PFRO.log
2013-11-08 10:55 - 2013-06-29 21:57 - 00020336 _____ C:\Windows\setupact.log
2013-11-08 10:55 - 2013-06-29 09:44 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2013-11-08 10:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-07 20:59 - 2013-11-07 20:49 - 00000000 ____D C:\AdwCleaner
2013-11-07 20:26 - 2013-06-29 09:48 - 00000000 ____D C:\Users\sylvain\AppData\Local\Mozilla
2013-11-07 20:26 - 2013-06-29 09:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 20:26 - 2013-06-29 09:35 - 00000000 ____D C:\Users\sylvain
2013-11-07 20:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-06 18:14 - 2013-11-06 18:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-04 16:48 - 2013-06-29 10:04 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\vlc
2013-10-31 18:23 - 2013-10-20 09:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-10-29 19:04 - 2013-09-14 09:12 - 00000000 ____D C:\Program Files (x86)\Druide
2013-10-29 19:04 - 2013-06-29 09:39 - 00000000 ____D C:\Program Files\Broadcom
2013-10-29 19:04 - 2013-06-29 09:36 - 00000000 ___RD C:\Users\sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-29 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-24 05:33 - 2013-10-20 13:30 - 00000000 ____D C:\ProgramData\Skype
2013-10-24 05:32 - 2013-10-20 13:30 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\Skype
2013-10-20 13:27 - 2013-10-20 13:27 - 00008096 _____ C:\Windows\DPINST.LOG
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Windows\Philips
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files\Philips
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files\DIFX
2013-10-20 13:27 - 2013-10-20 13:27 - 00000000 ____D C:\Program Files (x86)\Philips
2013-10-20 13:27 - 2013-06-29 09:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-20 13:24 - 2013-10-20 13:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_phaudlwr_01005.Wdf
2013-10-19 21:31 - 2013-07-18 15:22 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-19 21:31 - 2013-07-18 15:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-19 21:31 - 2013-07-18 15:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-19 17:03 - 2013-10-19 12:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-19 17:02 - 2013-10-19 11:12 - 00000000 ____D C:\Users\sylvain\AppData\Local\WebPlayer
2013-10-19 17:02 - 2013-10-19 11:11 - 00000000 ____D C:\ProgramData\Wincert
2013-10-19 17:02 - 2013-07-07 08:40 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\DAEMON Tools Lite
2013-10-19 17:02 - 2013-06-30 09:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-10-19 17:02 - 2013-06-29 17:04 - 00000000 ____D C:\Program Files\CCleaner
2013-10-19 12:33 - 2013-10-19 12:33 - 00000000 ____D C:\Users\sylvain\AppData\Roaming\Malwarebytes
2013-10-19 12:32 - 2013-10-19 12:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-17 17:11 - 2013-07-10 18:15 - 00000000 ____D C:\Users\sylvain\AppData\Local\CrashDumps
2013-10-17 17:11 - 2013-06-29 10:23 - 00000000 ____D C:\Windows\Panther
2013-10-17 17:05 - 2013-10-17 17:05 - 00213366 _____ C:\Users\sylvain\AppData\Local\census.cache
2013-10-17 17:04 - 2013-10-17 17:04 - 00095467 _____ C:\Users\sylvain\AppData\Local\ars.cache
2013-10-17 16:54 - 2013-10-17 16:54 - 00000036 _____ C:\Users\sylvain\AppData\Local\housecall.guid.cache
2013-10-11 11:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-11 11:03 - 2009-07-14 05:45 - 00445104 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-10 20:02 - 2013-06-30 09:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 19:59 - 2013-08-23 22:12 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 19:59 - 2013-06-29 17:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\sylvain\AppData\Local\Temp\53944.exe
C:\Users\sylvain\AppData\Local\Temp\73431.exe
C:\Users\sylvain\AppData\Local\Temp\82393.exe
C:\Users\sylvain\AppData\Local\Temp\82959.exe
C:\Users\sylvain\AppData\Local\Temp\87968.exe
C:\Users\sylvain\AppData\Local\Temp\92729.exe
C:\Users\sylvain\AppData\Local\Temp\bitool.dll
C:\Users\sylvain\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\sylvain\AppData\Local\Temp\install_flashplayer11x32ax_mssd_aaa_aih.exe
C:\Users\sylvain\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\sylvain\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-31 14:00

==================== End Of Log ============================