Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by kontamine (administrator) on KONTAMINE-PC on 20-02-2014 19:29:09
Running from C:\Users\kontamine\Desktop
Microsoft Windows 7 Professionnel  (X86) OS Language: French Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Tobias Erichsen) C:\Program Files\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(KORG Inc.) C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe
(WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe
() C:\Program Files\MOTU\Audio\MFWAKeys.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CTHelper] - C:\Windows\system32\CTHELPER.EXE [19456 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTxfiHlp] - C:\Windows\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [tvncontrol] - C:\Program Files\TightVNC\tvnserver.exe [1184312 2012-06-26] (GlavSoft LLC.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [KORG USB-MIDI Driver] - C:\Program Files\KORG\KORG USB-MIDI Driver\EsHelper2.exe [393656 2012-09-13] (KORG Inc.)
HKU\.DEFAULT\...\Run: [DevconDefaultDB] - C:\Windows\system32\READREG /SILENT /FAIL=1
HKU\.DEFAULT\...\Run: [CtxfiReg] - CTXFIREG.exe /FAIL1
HKU\S-1-5-21-1765441652-3825123164-819375994-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-1765441652-3825123164-819375994-1001\...\Run: [wincrt.exe] - C:\Users\kontamine\AppData\Roaming\wincrt\wincrt.exe [28672 2014-02-19] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - URL http://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=387
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\kontamine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx [2013-08-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S2 avgarcln; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2304912 2011-07-06] (WIBU-SYSTEMS AG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [3857408 2011-04-07] (Native Instruments GmbH)
R2 rtpMIDIService; C:\Program Files\Tobias Erichsen\rtpMIDI\rtpMIDISvc.exe [1142272 2012-08-24] (Tobias Erichsen)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1514304 2011-12-14] (TuneUp Software)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1184312 2012-06-26] (GlavSoft LLC.)
S2 alcxwdm; %systemroot%\system32\ultra66.dll [X]
S2 alertmanager; %systemroot%\system32\mindretrieve.dll [X]
S2 AYDrvNT_ALYAC; %systemroot%\system32\W55U01.dll [X]
S2 blueservice; %systemroot%\system32\odserv.dll [X]
S2 btwavdt; %systemroot%\system32\procexp100.dll [X]
S2 buslogic; %systemroot%\system32\vrmonsvc.dll [X]
S2 CdaC15BA; %systemroot%\system32\mssql$sony_mediamgr.dll [X]
S2 CdaD10BA; %systemroot%\system32\ATKFUSService.dll [X]
S2 cics.region2; %systemroot%\system32\U81xmdfl.dll [X]
S2 dbustrcm; %systemroot%\system32\sfsync02.dll [X]
S2 dmload; %systemroot%\system32\wwsecsvc.dll [X]
S2 enxpsvc; %systemroot%\system32\helpsvc.dll [X]
S2 epfw; %systemroot%\system32\ELmon.dll [X]
S2 ftpds; %systemroot%\system32\ovsecurityserver.dll [X]
S2 InCDsrvR; %systemroot%\system32\Mtlmnt5.dll [X]
S2 KS0108; %systemroot%\system32\ASMMAP.dll [X]
S2 MaxtorFrontPanel1; %systemroot%\system32\s217mdm.dll [X]
S2 mfebopk; %systemroot%\system32\datunidr.dll [X]
S2 mxserver; %systemroot%\system32\lxcf_device.dll [X]
S2 nic1394; %systemroot%\system32\pdreli.dll [X]
S2 nidomainservice; %systemroot%\system32\HECI.dll [X]
S2 NTSIM; %systemroot%\system32\cbidf2k.dll [X]
S2 nv; %systemroot%\system32\eliservice.dll [X]
S2 openldap-slapd; %systemroot%\system32\mozybackup.dll [X]
S2 pdlnemsg; %systemroot%\system32\REVO.dll [X]
S2 pktfilter; %systemroot%\system32\FVXSCSI.dll [X]
S2 purgeieservice; %systemroot%\system32\se2Bunic.dll [X]
S2 s716nd5; %systemroot%\system32\lxrjd31s.dll [X]
S2 serialkeys; %systemroot%\system32\statusagent.dll [X]
S2 SfCtlCom; %systemroot%\system32\zntport.dll [X]
S2 sit_mdm; %systemroot%\system32\s616mgmt.dll [X]
S2 Sk99202k; %systemroot%\system32\slssvc.dll [X]
S2 slip; %systemroot%\system32\sysaudio.dll [X]
S2 sqlagent$soshome22; %systemroot%\system32\atfsd.dll [X]
S2 tapeware; %systemroot%\system32\sonicwall_netextender.dll [X]
S2 tmxpflt; %systemroot%\system32\wg6n.dll [X]
S2 vsmon; %systemroot%\system32\Nmea.dll [X]
S2 vulfnths; %systemroot%\system32\ndis.dll [X]
S2 vulfntrs; %systemroot%\system32\mpe.dll [X]
S2 w22n51; %systemroot%\system32\fs_rec.dll [X]
S2 W700mdfl; %systemroot%\system32\ofcservice.dll [X]
S2 WDM_YAMAHAAC97; %systemroot%\system32\oracleformsserver-forms60server-oraform.dll [X]
S2 webcompserver; %systemroot%\system32\SNP2STD.dll [X]
S2 winproxy; %systemroot%\system32\ql2100.dll [X]
S2 wlankeeper; %systemroot%\system32\nmwcd.dll [X]
S2 Xponaut_WBD; %systemroot%\system32\smwdm.dll [X]
S2 yukonwlh; %systemroot%\system32\MRESP50.dll [X]
S2 zmxpzip; %systemroot%\system32\DCamUSBSQTECH.dll [X]
S2 zpjava; %systemroot%\system32\dwusbdnt.dll [X]
S2 zpsc; %systemroot%\system32\winachsf.dll [X]

==================== Drivers (Whitelisted) ====================

R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [27720 2009-10-15] (Bome Software)
R3 bomemidi; C:\Windows\System32\drivers\bomemidi.sys [24136 2009-10-15] (Bome Software)
R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [98600 2007-04-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [546048 2007-04-12] (Creative Technology Ltd)
S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347128 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [94976 2007-04-12] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [560384 2007-04-12] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-05-21] (DT Soft Ltd)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [797992 2007-04-10] (Creative Technology Ltd)
R3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [163112 2007-04-10] (Creative Technology Ltd)
S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [189736 2007-04-10] (Creative Technology Ltd)
R3 KORGUMDS; C:\Windows\System32\Drivers\KORGUMDS.SYS [24096 2012-09-13] (KORG INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 mfwamidi; C:\Windows\System32\drivers\mfwamidi.sys [26736 2010-09-20] (Mark of the Unicorn)
R3 mfwawave; C:\Windows\System32\drivers\mfwawave.sys [70256 2010-09-20] (Mark of the Unicorn)
R3 motubus; C:\Windows\System32\drivers\MotuBus.sys [23664 2010-09-20] (Mark of the Unicorn)
R3 motufwa; C:\Windows\System32\drivers\motufwa.sys [472688 2010-09-20] (Mark of the Unicorn)
S3 RDID1064; C:\Windows\System32\Drivers\rdwm1064.sys [79153 2005-10-31] (Roland Corporation)
R3 teVirtualMIDI32; C:\Windows\System32\DRIVERS\teVirtualMIDI32.sys [24320 2012-08-15] (Tobias Erichsen)
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [86016 2009-12-23] (PACE Anti-Piracy, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-10-13] (TuneUp Software)
R3 catchme; \??\C:\Users\KONTAM~1\AppData\Local\Temp\catchme.sys [X]
S1 CSC; system32\drivers\csc.sys [X]
U3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [X]
U3 mbr; \??\C:\ComboFix\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVC: NTSIM -> C:\Windows\system32\cbidf2k.dll ==> No File.
NETSVC: SfCtlCom -> C:\Windows\system32\zntport.dll ==> No File.
NETSVC: zmxpzip -> C:\Windows\system32\DCamUSBSQTECH.dll ==> No File.
NETSVC: CdaD10BA -> C:\Windows\system32\ATKFUSService.dll ==> No File.
NETSVC: openldap-slapd -> C:\Windows\system32\mozybackup.dll ==> No File.
NETSVC: winproxy -> C:\Windows\system32\ql2100.dll ==> No File.
NETSVC: nic1394 -> C:\Windows\system32\pdreli.dll ==> No File.
NETSVC: zpjava -> C:\Windows\system32\dwusbdnt.dll ==> No File.
NETSVC: InCDsrvR -> C:\Windows\system32\Mtlmnt5.dll ==> No File.
NETSVC: wlankeeper -> C:\Windows\system32\nmwcd.dll ==> No File.
NETSVC: mfebopk -> C:\Windows\system32\datunidr.dll ==> No File.
NETSVC: epfw -> C:\Windows\system32\ELmon.dll ==> No File.
NETSVC: vulfnths -> C:\Windows\system32\ndis.dll ==> No File.
NETSVC: s716nd5 -> C:\Windows\system32\lxrjd31s.dll ==> No File.
NETSVC: blueservice -> C:\Windows\system32\odserv.dll ==> No File.
NETSVC: nidomainservice -> C:\Windows\system32\HECI.dll ==> No File.
NETSVC: btwavdt -> C:\Windows\system32\procexp100.dll ==> No File.
NETSVC: Xponaut_WBD -> C:\Windows\system32\smwdm.dll ==> No File.
NETSVC: nv -> C:\Windows\system32\eliservice.dll ==> No File.
NETSVC: yukonwlh -> C:\Windows\system32\MRESP50.dll ==> No File.
NETSVC: cics.region2 -> C:\Windows\system32\U81xmdfl.dll ==> No File.
NETSVC: webcompserver -> C:\Windows\system32\SNP2STD.dll ==> No File.
NETSVC: AYDrvNT_ALYAC -> C:\Windows\system32\W55U01.dll ==> No File.
NETSVC: MaxtorFrontPanel1 -> C:\Windows\system32\s217mdm.dll ==> No File.
NETSVC: pktfilter -> C:\Windows\system32\FVXSCSI.dll ==> No File.
NETSVC: WDM_YAMAHAAC97 -> C:\Windows\system32\oracleformsserver-forms60server-oraform.dll ==> No File.
NETSVC: alertmanager -> C:\Windows\system32\mindretrieve.dll ==> No File.
NETSVC: enxpsvc -> C:\Windows\system32\helpsvc.dll ==> No File.
NETSVC: avgarcln -> No Registry Path.
NETSVC: W700mdfl -> C:\Windows\system32\ofcservice.dll ==> No File.
NETSVC: serialkeys -> C:\Windows\system32\statusagent.dll ==> No File.
NETSVC: slip -> C:\Windows\system32\sysaudio.dll ==> No File.
NETSVC: zpsc -> C:\Windows\system32\winachsf.dll ==> No File.
NETSVC: dmload -> C:\Windows\system32\wwsecsvc.dll ==> No File.
NETSVC: mxserver -> C:\Windows\system32\lxcf_device.dll ==> No File.
NETSVC: sit_mdm -> C:\Windows\system32\s616mgmt.dll ==> No File.
NETSVC: pdlnemsg -> C:\Windows\system32\REVO.dll ==> No File.
NETSVC: CdaC15BA -> C:\Windows\system32\mssql$sony_mediamgr.dll ==> No File.
NETSVC: dbustrcm -> C:\Windows\system32\sfsync02.dll ==> No File.
NETSVC: vsmon -> C:\Windows\system32\Nmea.dll ==> No File.
NETSVC: vulfntrs -> C:\Windows\system32\mpe.dll ==> No File.
NETSVC: Sk99202k -> C:\Windows\system32\slssvc.dll ==> No File.
NETSVC: tmxpflt -> C:\Windows\system32\wg6n.dll ==> No File.
NETSVC: ftpds -> C:\Windows\system32\ovsecurityserver.dll ==> No File.
NETSVC: tapeware -> C:\Windows\system32\sonicwall_netextender.dll ==> No File.
NETSVC: clipsrv -> No Registry Path.
NETSVC: KS0108 -> C:\Windows\system32\ASMMAP.dll ==> No File.
NETSVC: purgeieservice -> C:\Windows\system32\se2Bunic.dll ==> No File.
NETSVC: w22n51 -> C:\Windows\system32\fs_rec.dll ==> No File.
NETSVC: alcxwdm -> C:\Windows\system32\ultra66.dll ==> No File.
NETSVC: buslogic -> C:\Windows\system32\vrmonsvc.dll ==> No File.
NETSVC: sqlagent$soshome22 -> C:\Windows\system32\atfsd.dll ==> No File.

==================== One Month Created Files and Folders ========

2014-02-20 19:29 - 2014-02-20 19:29 - 00015589 _____ () C:\Users\kontamine\Desktop\FRST.txt
2014-02-20 19:29 - 2014-02-20 19:29 - 00000000 ____D () C:\FRST
2014-02-20 19:22 - 2014-02-20 19:21 - 01141248 _____ (Farbar) C:\Users\kontamine\Desktop\FRST.exe
2014-02-20 18:43 - 2014-02-18 20:03 - 03813376 _____ () C:\Users\kontamine\Desktop\RogueKiller.exe
2014-02-20 16:48 - 2014-02-20 16:48 - 00010511 _____ () C:\ComboFix.txt
2014-02-20 05:10 - 2014-02-20 05:10 - 44707944 _____ () C:\Users\kontamine\Downloads\TabletopMixdown.wav
2014-02-19 22:49 - 2014-02-19 22:49 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\wincrt
2014-02-19 20:19 - 2014-02-19 20:19 - 00009077 _____ () C:\Users\kontamine\Desktop\ComboFix2.txt
2014-02-19 20:03 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-19 20:03 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-19 20:03 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-19 20:03 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-19 20:03 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-19 20:03 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-19 20:03 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-19 20:03 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-19 20:01 - 2014-02-20 17:49 - 00000000 ____D () C:\Qoobox
2014-02-19 19:58 - 2014-02-19 20:18 - 00000000 ____D () C:\Windows\erdnt
2014-02-19 19:57 - 2014-02-19 19:55 - 05183254 ____R (Swearware) C:\Users\kontamine\Desktop\ComboFix.exe
2014-02-19 19:20 - 2014-02-19 19:20 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-02-19 19:18 - 2014-02-20 16:40 - 00000000 ____D () C:\Users\kontamine\Desktop\mbar
2014-02-19 19:18 - 2014-02-19 19:18 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-19 17:12 - 2013-03-29 19:24 - 01228854 _____ () C:\Users\kontamine\Desktop\instantané_001.bmp
2014-02-19 15:49 - 2014-02-19 15:49 - 00001094 _____ () C:\Users\kontamine\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 15:46 - 2014-02-19 19:11 - 00000000 ____D () C:\Users\kontamine\AppData\Local\CrashDumps
2014-02-19 15:45 - 2014-02-19 19:15 - 00000000 ____D () C:\Users\kontamine\Desktop\RK_Quarantine
2014-02-19 14:35 - 2014-02-19 14:36 - 00154456 _____ () C:\Windows\Minidump\021914-45287-01.dmp
2014-02-18 20:25 - 2014-02-18 20:25 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-18 19:56 - 2014-02-19 19:22 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-16 19:28 - 2014-02-16 19:35 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\ZHP
2014-02-16 19:28 - 2014-02-16 19:29 - 00001942 _____ () C:\Users\kontamine\Desktop\ZHPFix.lnk
2014-02-16 19:28 - 2014-02-16 19:29 - 00001815 _____ () C:\Users\kontamine\Desktop\ZHPDiag.lnk
2014-02-16 19:04 - 2014-02-16 19:27 - 00000000 ____D () C:\AdwCleaner
2014-02-16 01:38 - 2014-02-19 19:20 - 04958588 _____ () C:\Windows\{00000001-00000000-00000000-00001102-00000004-20021102}.BAK
2014-02-15 20:04 - 2014-02-15 20:04 - 00146232 _____ () C:\Windows\Minidump\021514-52275-01.dmp
2014-02-15 15:52 - 2014-02-15 15:52 - 00402167 ____T () C:\Users\kontamine\Desktop\TRIBE 140.mp3.asd
2014-02-14 14:38 - 2014-02-16 19:18 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\Lewyvoha
2014-02-12 10:46 - 2014-02-12 10:46 - 00146232 _____ () C:\Windows\Minidump\021214-35256-01.dmp
2014-02-11 21:39 - 2014-02-11 21:39 - 00146232 _____ () C:\Windows\Minidump\021114-49733-01.dmp
2014-02-05 17:30 - 2014-02-19 20:15 - 00000000 __SHD () C:\Users\kontamine\AppData\Roaming\IntelCommon
2014-02-01 01:44 - 2014-02-02 11:34 - 00000032 _____ () C:\Windows\system32\w3data.vss
2014-02-01 01:44 - 2014-02-02 11:34 - 00000032 _____ () C:\Windows\msocreg32.dat
2014-01-25 16:17 - 2014-02-20 15:00 - 00018305 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-02-20 19:29 - 2014-02-20 19:29 - 00015589 _____ () C:\Users\kontamine\Desktop\FRST.txt
2014-02-20 19:29 - 2014-02-20 19:29 - 00000000 ____D () C:\FRST
2014-02-20 19:21 - 2014-02-20 19:22 - 01141248 _____ (Farbar) C:\Users\kontamine\Desktop\FRST.exe
2014-02-20 18:57 - 2009-07-14 05:34 - 00023872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:57 - 2009-07-14 05:34 - 00023872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:45 - 2013-06-25 10:19 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 18:35 - 2012-10-12 04:23 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 17:49 - 2014-02-19 20:01 - 00000000 ____D () C:\Qoobox
2014-02-20 16:48 - 2014-02-20 16:48 - 00010511 _____ () C:\ComboFix.txt
2014-02-20 16:47 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2014-02-20 16:40 - 2014-02-19 19:18 - 00000000 ____D () C:\Users\kontamine\Desktop\mbar
2014-02-20 15:02 - 2010-06-16 22:10 - 00006074 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 15:00 - 2014-01-25 16:17 - 00018305 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 14:57 - 2014-01-08 15:57 - 00043223 _____ () C:\Windows\setupact.log
2014-02-20 14:57 - 2013-06-25 10:19 - 00001058 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 14:56 - 2014-01-08 19:20 - 00013008 _____ () C:\Windows\PFRO.log
2014-02-20 14:56 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-20 05:10 - 2014-02-20 05:10 - 44707944 _____ () C:\Users\kontamine\Downloads\TabletopMixdown.wav
2014-02-19 22:49 - 2014-02-19 22:49 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\wincrt
2014-02-19 20:19 - 2014-02-19 20:19 - 00009077 _____ () C:\Users\kontamine\Desktop\ComboFix2.txt
2014-02-19 20:19 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-02-19 20:19 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-02-19 20:18 - 2014-02-19 19:58 - 00000000 ____D () C:\Windows\erdnt
2014-02-19 20:15 - 2014-02-05 17:30 - 00000000 __SHD () C:\Users\kontamine\AppData\Roaming\IntelCommon
2014-02-19 19:55 - 2014-02-19 19:57 - 05183254 ____R (Swearware) C:\Users\kontamine\Desktop\ComboFix.exe
2014-02-19 19:53 - 2009-07-14 03:37 - 00000000 ___DC () C:\Windows\$NtUninstallKB5598$
2014-02-19 19:52 - 2012-09-16 19:01 - 01380352 ___SH () C:\Users\kontamine\Desktop\Thumbs.db
2014-02-19 19:22 - 2014-02-18 19:56 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-19 19:20 - 2014-02-19 19:20 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-02-19 19:20 - 2014-02-16 01:38 - 04958588 _____ () C:\Windows\{00000001-00000000-00000000-00001102-00000004-20021102}.BAK
2014-02-19 19:20 - 2010-06-16 22:10 - 04958588 _____ () C:\Windows\{00000001-00000000-00000000-00001102-00000004-20021102}.CDF
2014-02-19 19:18 - 2014-02-19 19:18 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-19 19:15 - 2014-02-19 15:45 - 00000000 ____D () C:\Users\kontamine\Desktop\RK_Quarantine
2014-02-19 19:11 - 2014-02-19 15:46 - 00000000 ____D () C:\Users\kontamine\AppData\Local\CrashDumps
2014-02-19 18:25 - 2013-06-16 10:32 - 00000000 ____D () C:\Program Files\IK Multimedia
2014-02-19 18:25 - 2010-06-16 23:10 - 00000000 ____D () C:\Users\kontamine\Desktop\VST.I
2014-02-19 18:24 - 2010-06-17 11:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-19 18:23 - 2010-06-17 11:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-19 18:23 - 2010-06-16 23:29 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\Adobe
2014-02-19 18:22 - 2013-01-25 12:30 - 00000000 ____D () C:\Program Files\Adobe
2014-02-19 17:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\TAPI
2014-02-19 16:09 - 2010-06-22 08:21 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\Daetwu
2014-02-19 15:49 - 2014-02-19 15:49 - 00001094 _____ () C:\Users\kontamine\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-19 14:46 - 2010-06-17 11:36 - 00000000 ____D () C:\Users\kontamine\AppData\Local\Adobe
2014-02-19 14:36 - 2014-02-19 14:35 - 00154456 _____ () C:\Windows\Minidump\021914-45287-01.dmp
2014-02-19 14:35 - 2010-06-16 22:36 - 00000000 ____D () C:\Windows\Minidump
2014-02-18 20:26 - 2011-06-17 02:56 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-02-18 20:25 - 2014-02-18 20:25 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-02-18 20:03 - 2014-02-20 18:43 - 03813376 _____ () C:\Users\kontamine\Desktop\RogueKiller.exe
2014-02-16 19:35 - 2014-02-16 19:28 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\ZHP
2014-02-16 19:29 - 2014-02-16 19:28 - 00001942 _____ () C:\Users\kontamine\Desktop\ZHPFix.lnk
2014-02-16 19:29 - 2014-02-16 19:28 - 00001815 _____ () C:\Users\kontamine\Desktop\ZHPDiag.lnk
2014-02-16 19:29 - 2013-08-04 16:39 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-02-16 19:27 - 2014-02-16 19:04 - 00000000 ____D () C:\AdwCleaner
2014-02-16 19:18 - 2014-02-14 14:38 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\Lewyvoha
2014-02-16 19:18 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing
2014-02-16 19:14 - 2012-08-27 18:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-16 18:31 - 2012-11-19 17:57 - 00001076 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-16 18:31 - 2012-11-19 17:57 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-16 18:20 - 2011-02-12 12:30 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\Ableton
2014-02-16 13:06 - 2010-06-17 00:16 - 00001080 _____ () C:\Windows\system32\settingsbkup.sfm
2014-02-16 13:06 - 2010-06-17 00:16 - 00001080 _____ () C:\Windows\system32\settings.sfm
2014-02-16 09:57 - 2013-04-27 10:35 - 00000000 ____D () C:\Users\kontamine\Desktop\vst
2014-02-15 20:04 - 2014-02-15 20:04 - 00146232 _____ () C:\Windows\Minidump\021514-52275-01.dmp
2014-02-15 17:14 - 2013-01-30 16:38 - 00000000 ____D () C:\Users\kontamine\Desktop\fl 21012
2014-02-15 15:52 - 2014-02-15 15:52 - 00402167 ____T () C:\Users\kontamine\Desktop\TRIBE 140.mp3.asd
2014-02-12 10:46 - 2014-02-12 10:46 - 00146232 _____ () C:\Windows\Minidump\021214-35256-01.dmp
2014-02-11 21:39 - 2014-02-11 21:39 - 00146232 _____ () C:\Windows\Minidump\021114-49733-01.dmp
2014-02-09 18:02 - 2014-01-05 16:58 - 00000000 ___RD () C:\Users\kontamine\Desktop\projet live
2014-02-08 17:07 - 2013-04-30 09:55 - 00000000 ____D () C:\Users\kontamine\Desktop\my sounds
2014-02-06 17:02 - 2012-08-26 16:51 - 00000000 ____D () C:\Users\kontamine\AppData\Roaming\FileZilla
2014-02-05 17:35 - 2012-10-12 04:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 17:35 - 2012-10-12 04:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-04 17:08 - 2011-09-18 00:39 - 00000000 ___RD () C:\Users\kontamine\Desktop\start Project
2014-02-02 11:34 - 2014-02-01 01:44 - 00000032 _____ () C:\Windows\system32\w3data.vss
2014-02-02 11:34 - 2014-02-01 01:44 - 00000032 _____ () C:\Windows\msocreg32.dat
2014-02-01 01:45 - 2013-06-16 10:42 - 00000016 _____ () C:\ProgramData\autobk.inc
2014-02-01 00:21 - 2010-06-17 09:45 - 00000000 ____D () C:\Users\kontamine\Desktop\pacht 02
2014-01-30 22:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-26 11:31 - 2011-02-12 12:29 - 00000000 ____D () C:\Users\kontamine\Desktop\vst live

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 00:43

==================== End Of Log ============================