Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by LEO (administrator) on LEO-PC on 14-11-2013 20:38:41
Running from C:\Users\LEO\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(VMware, Inc.) C:\windows\SysWOW64\vmnat.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(VMware, Inc.) C:\windows\SysWOW64\vmnetdhcp.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\windows\system32\hkcmd.exe
(Intel Corporation) C:\windows\system32\igfxpers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1021056 2012-03-09] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800896 2012-03-09] (Atheros Commnucations)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Allmyapps Update] - C:\Users\LEO\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe check startup
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
MountPoints2: F - F:\laucher.exe
MountPoints2: {1e2dc7ae-0cd9-11e3-840a-005056c00008} - F:\Unlock.exe autoplay=true
MountPoints2: {4f2cc729-def0-11e2-a2a0-e95f1e8fe8c8} - F:\laucher.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601976 2013-03-15] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
Startup: C:\Users\LEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=fr&pid=NIS&pvid=20.4.0.40
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (TV) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0
CHR Extension: (YouTube) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (FlashBlock) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.12_0
CHR Extension: (Adblock Plus) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Hide IP Address) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcanjhffnbochejifidgcbmnlehfgjkl\2_0
CHR Extension: (Highlight to Search) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\floipahigmmkfhkoapmnijnlnboniglg\1.0.37_0
CHR Extension: (AdBlock) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
CHR Extension: (IP Address) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.1_0
CHR Extension: (Privacy Palette) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.4_0
CHR Extension: (Norton Identity Protection) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (Ghostery) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\LEO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

==================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-03-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-03-15] (BlueStack Systems, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-04-18] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164184 2012-04-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-03-09] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-19] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-03-15] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-17] (Symantec Corporation)
S3 EraserUtilDrv11220; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [138912 2013-08-21] (Symantec Corporation)
S3 EraserUtilDrv11310; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [139864 2013-08-20] (Symantec Corporation)
S3 EraserUtilDrv11311; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys [140376 2013-09-17] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-31] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20131113.002\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131113.023\ENG64.SYS [126040 2013-09-17] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131113.023\EX64.SYS [2099288 2013-09-17] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 17:07 - 2013-11-14 17:07 - 00002371 _____ C:\Users\LEO\Desktop\RKreport[0]_S_11142013_170706.txt
2013-11-14 17:04 - 2013-11-14 17:07 - 00000000 ____D C:\Users\LEO\Desktop\RK_Quarantine
2013-11-14 17:04 - 2013-11-14 17:04 - 03679744 _____ C:\Users\LEO\Downloads\RogueKiller.exe
2013-11-14 17:00 - 2013-11-14 18:59 - 00000000 ____D C:\AdwCleaner
2013-11-14 16:58 - 2013-11-14 16:58 - 01085542 _____ C:\Users\LEO\Downloads\AdwCleaner.exe
2013-11-14 16:28 - 2013-11-14 16:28 - 00000000 ____D C:\Users\LEO\AppData\Local\{9C6C7289-E61B-4BEA-B393-1E1F09FBC7C2}
2013-11-14 14:52 - 2013-11-14 14:54 - 00036118 _____ C:\Users\LEO\Downloads\Addition.txt
2013-11-14 14:51 - 2013-11-14 20:39 - 00015309 _____ C:\Users\LEO\Downloads\FRST.txt
2013-11-14 14:51 - 2013-11-14 16:55 - 00000000 ____D C:\FRST
2013-11-14 14:48 - 2013-11-14 14:48 - 01957794 _____ (Farbar) C:\Users\LEO\Downloads\FRST64.exe
2013-11-14 14:19 - 2013-11-14 14:19 - 00019168 _____ C:\Users\LEO\Downloads\Torrent.torrent
2013-11-14 11:53 - 2013-11-14 11:54 - 00001908 _____ C:\windows\diagwrn.xml
2013-11-14 11:53 - 2013-11-14 11:54 - 00001908 _____ C:\windows\diagerr.xml
2013-11-14 11:47 - 2013-11-14 11:47 - 00040695 _____ C:\Users\LEO\Desktop\JRT.txt
2013-11-14 11:39 - 2013-11-14 11:39 - 00000000 ____D C:\windows\ERUNT
2013-11-14 11:37 - 2013-11-14 11:37 - 01034531 _____ (Thisisu) C:\Users\LEO\Downloads\JRT.exe
2013-11-10 19:29 - 2013-11-14 15:53 - 00008286 _____ C:\windows\PFRO.log
2013-11-10 13:58 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2013-11-10 13:58 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2013-11-06 08:28 - 2013-11-14 18:57 - 00001346 _____ C:\windows\setupact.log
2013-11-06 08:28 - 2013-11-14 11:54 - 00000000 _____ C:\windows\setuperr.log
2013-11-05 12:58 - 2013-11-05 12:58 - 00002104 _____ C:\{722A2672-5CE5-4F35-9E92-59234D977BD6}
2013-11-04 17:30 - 2013-11-04 17:51 - 00023058 _____ C:\Users\LEO\Desktop\LM VSHIPS.odt
2013-11-04 16:56 - 2013-11-04 19:04 - 00022677 _____ C:\Users\LEO\Desktop\LM SOCATRA.odt
2013-11-04 16:33 - 2013-11-04 16:33 - 00092973 _____ C:\Users\LEO\Desktop\Léo LOMBARDO CV 2.odt
2013-11-04 14:51 - 2013-11-02 00:31 - 00044744 _____ (AnchorFree Inc.) C:\windows\system32\Drivers\hssdrv6.sys
2013-11-02 00:34 - 2013-11-02 00:34 - 00042184 _____ (Anchorfree Inc.) C:\windows\system32\Drivers\taphss6.sys
2013-10-31 12:25 - 2013-10-31 12:25 - 00022065 _____ C:\Users\LEO\Desktop\LM GAZOCEAN Léo LOMBARDO.odt
2013-10-30 13:16 - 2013-10-30 13:16 - 00002104 _____ C:\{429170BD-D3D6-4EC3-A8D1-50837AC8E8EB}
2013-10-28 15:39 - 2013-10-28 15:39 - 00000000 ____D C:\LXKZ600
2013-10-28 15:29 - 2013-10-28 15:32 - 00001798 _____ C:\Users\LEO\Desktop\Chrome.lnk
2013-10-28 15:06 - 2013-10-28 15:06 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Carambis
2013-10-16 10:34 - 2013-11-14 20:39 - 00000288 _____ C:\windows\Tasks\bench-Updater removing.job
2013-10-16 10:34 - 2013-10-16 10:34 - 00003228 _____ C:\windows\System32\Tasks\bench-Updater removing
2013-10-15 19:55 - 2013-10-15 19:55 - 00002976 _____ C:\windows\System32\Tasks\{BEA68BF8-362A-4C52-AF22-7B9632C43F3E}
2013-10-15 19:55 - 2013-10-15 19:55 - 00002976 _____ C:\windows\System32\Tasks\{134AD9B6-B36B-441B-BDCC-8AE742A76B85}

==================== One Month Modified Files and Folders =======

2013-11-14 20:39 - 2013-11-14 14:51 - 00015309 _____ C:\Users\LEO\Downloads\FRST.txt
2013-11-14 20:39 - 2013-10-16 10:34 - 00000288 _____ C:\windows\Tasks\bench-Updater removing.job
2013-11-14 20:34 - 2012-10-31 18:23 - 00001062 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 20:31 - 2012-05-25 21:25 - 00707398 _____ C:\windows\system32\perfh00C.dat
2013-11-14 20:31 - 2012-05-25 21:25 - 00132198 _____ C:\windows\system32\perfc00C.dat
2013-11-14 20:31 - 2009-07-14 06:13 - 01558054 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-14 20:27 - 2013-05-15 18:36 - 01116624 _____ C:\windows\WindowsUpdate.log
2013-11-14 20:27 - 2012-12-21 02:04 - 00000920 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3905478184-3407929709-2893840352-1000UA.job
2013-11-14 19:34 - 2013-10-14 21:13 - 00000340 _____ C:\windows\Tasks\bench-sys.job
2013-11-14 19:09 - 2012-05-25 06:00 - 00000830 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2013-11-14 19:04 - 2009-07-14 05:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 19:04 - 2009-07-14 05:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 18:59 - 2013-11-14 17:00 - 00000000 ____D C:\AdwCleaner
2013-11-14 18:57 - 2013-11-06 08:28 - 00001346 _____ C:\windows\setupact.log
2013-11-14 18:57 - 2013-02-02 15:22 - 00000000 ____D C:\ProgramData\VMware
2013-11-14 18:57 - 2012-10-31 18:23 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 18:57 - 2012-05-25 06:00 - 00000828 _____ C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2013-11-14 18:57 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-14 18:55 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2013-11-14 18:14 - 2013-06-22 17:36 - 00000000 ____D C:\Users\LEO\AppData\Roaming\uTorrent
2013-11-14 17:17 - 2013-05-16 12:08 - 00000000 ___RD C:\Users\LEO\Desktop\Léo +
2013-11-14 17:13 - 2012-10-31 17:50 - 00000000 ____D C:\Users\LEO
2013-11-14 17:07 - 2013-11-14 17:07 - 00002371 _____ C:\Users\LEO\Desktop\RKreport[0]_S_11142013_170706.txt
2013-11-14 17:07 - 2013-11-14 17:04 - 00000000 ____D C:\Users\LEO\Desktop\RK_Quarantine
2013-11-14 17:04 - 2013-11-14 17:04 - 03679744 _____ C:\Users\LEO\Downloads\RogueKiller.exe
2013-11-14 16:58 - 2013-11-14 16:58 - 01085542 _____ C:\Users\LEO\Downloads\AdwCleaner.exe
2013-11-14 16:55 - 2013-11-14 14:51 - 00000000 ____D C:\FRST
2013-11-14 16:46 - 2012-05-25 06:07 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-11-14 16:46 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-14 16:28 - 2013-11-14 16:28 - 00000000 ____D C:\Users\LEO\AppData\Local\{9C6C7289-E61B-4BEA-B393-1E1F09FBC7C2}
2013-11-14 16:19 - 2013-09-26 00:15 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Glarysoft
2013-11-14 15:53 - 2013-11-10 19:29 - 00008286 _____ C:\windows\PFRO.log
2013-11-14 14:54 - 2013-11-14 14:52 - 00036118 _____ C:\Users\LEO\Downloads\Addition.txt
2013-11-14 14:54 - 2012-12-05 23:20 - 00000000 ____D C:\Users\LEO\AppData\Roaming\vlc
2013-11-14 14:48 - 2013-11-14 14:48 - 01957794 _____ (Farbar) C:\Users\LEO\Downloads\FRST64.exe
2013-11-14 14:19 - 2013-11-14 14:19 - 00019168 _____ C:\Users\LEO\Downloads\Torrent.torrent
2013-11-14 11:54 - 2013-11-14 11:53 - 00001908 _____ C:\windows\diagwrn.xml
2013-11-14 11:54 - 2013-11-14 11:53 - 00001908 _____ C:\windows\diagerr.xml
2013-11-14 11:54 - 2013-11-06 08:28 - 00000000 _____ C:\windows\setuperr.log
2013-11-14 11:47 - 2013-11-14 11:47 - 00040695 _____ C:\Users\LEO\Desktop\JRT.txt
2013-11-14 11:47 - 2012-10-31 17:58 - 00001433 _____ C:\Users\LEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-14 11:39 - 2013-11-14 11:39 - 00000000 ____D C:\windows\ERUNT
2013-11-14 11:37 - 2013-11-14 11:37 - 01034531 _____ (Thisisu) C:\Users\LEO\Downloads\JRT.exe
2013-11-12 15:52 - 2012-11-03 23:12 - 00000000 ____D C:\Users\LEO\AppData\Local\CrashDumps
2013-11-06 02:09 - 2012-12-21 02:04 - 00000898 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3905478184-3407929709-2893840352-1000Core.job
2013-11-05 17:48 - 2013-08-10 15:34 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Skype
2013-11-05 12:58 - 2013-11-05 12:58 - 00002104 _____ C:\{722A2672-5CE5-4F35-9E92-59234D977BD6}
2013-11-04 19:04 - 2013-11-04 16:56 - 00022677 _____ C:\Users\LEO\Desktop\LM SOCATRA.odt
2013-11-04 17:51 - 2013-11-04 17:30 - 00023058 _____ C:\Users\LEO\Desktop\LM VSHIPS.odt
2013-11-04 16:33 - 2013-11-04 16:33 - 00092973 _____ C:\Users\LEO\Desktop\Léo LOMBARDO CV 2.odt
2013-11-02 00:34 - 2013-11-02 00:34 - 00042184 _____ (Anchorfree Inc.) C:\windows\system32\Drivers\taphss6.sys
2013-11-02 00:31 - 2013-11-04 14:51 - 00044744 _____ (AnchorFree Inc.) C:\windows\system32\Drivers\hssdrv6.sys
2013-11-01 15:09 - 2013-05-25 20:46 - 00000000 ____D C:\Users\LEO\AppData\Roaming\dvdcss
2013-10-31 12:25 - 2013-10-31 12:25 - 00022065 _____ C:\Users\LEO\Desktop\LM GAZOCEAN Léo LOMBARDO.odt
2013-10-30 15:19 - 2012-11-03 18:42 - 00000000 ____D C:\Users\Léo I\Perso
2013-10-30 13:16 - 2013-10-30 13:16 - 00002104 _____ C:\{429170BD-D3D6-4EC3-A8D1-50837AC8E8EB}
2013-10-29 22:08 - 2013-04-03 23:04 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-10-28 22:59 - 2012-11-01 18:37 - 00000000 ____D C:\Users\LEO\Documents\Youcam
2013-10-28 15:39 - 2013-10-28 15:39 - 00000000 ____D C:\LXKZ600
2013-10-28 15:32 - 2013-10-28 15:29 - 00001798 _____ C:\Users\LEO\Desktop\Chrome.lnk
2013-10-28 15:06 - 2013-10-28 15:06 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Carambis
2013-10-25 16:55 - 2013-05-16 13:04 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Hacks
2013-10-25 16:55 - 2012-12-12 21:54 - 00000000 ____D C:\Users\LEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-25 16:55 - 2012-10-31 17:58 - 00000000 ___RD C:\Users\LEO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-16 10:34 - 2013-10-16 10:34 - 00003228 _____ C:\windows\System32\Tasks\bench-Updater removing
2013-10-15 19:55 - 2013-10-15 19:55 - 00002976 _____ C:\windows\System32\Tasks\{BEA68BF8-362A-4C52-AF22-7B9632C43F3E}
2013-10-15 19:55 - 2013-10-15 19:55 - 00002976 _____ C:\windows\System32\Tasks\{134AD9B6-B36B-441B-BDCC-8AE742A76B85}
2013-10-15 19:54 - 2012-10-31 18:21 - 00000000 ____D C:\Users\LEO\AppData\Local\Deployment
2013-10-15 19:49 - 2012-10-31 18:23 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-15 00:41 - 2013-10-14 21:11 - 00000000 ____D C:\Users\LEO\AppData\Roaming\BitTorrent

Some content of TEMP:
====================
C:\Users\LEO\AppData\Local\Temp\htmlayout.dll
C:\Users\LEO\AppData\Local\Temp\nsdA171.exe
C:\Users\LEO\AppData\Local\Temp\nsyA152.exe
C:\Users\LEO\AppData\Local\Temp\ntdll_dump.dll
C:\Users\LEO\AppData\Local\Temp\uninstall1874804.exe
C:\Users\LEO\AppData\Local\Temp\uninstall1874913.exe
C:\Users\LEO\AppData\Local\Temp\uninstall1893150.exe
C:\Users\LEO\AppData\Local\Temp\uninstall1893181.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-10 13:25

==================== End Of Log ============================