Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by UTILISATEUR (administrator) on R3451167-PC on 28-03-2014 13:32:48 Running from C:\Users\UTILISATEUR\Downloads Windows 8 (X64) OS Language: French Standard Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Program Files (x86)\Hotkey\PowerBiosServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Alcor) C:\Windows\WebCam\S6000\S6000Mnt.exe () C:\Program Files (x86)\Hotkey\Hotkey.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7770936 2013-04-12] (Motorola Solutions, Inc.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-30] (Synaptics Incorporated) HKLM-x32\...\Run: [S6000Mnt] - C:\Windows\SysWOW64\Rundll32.exe S6000Rmv.dll,WinMainRmv /StartStillMnt HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-09-12] (VIA) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-164236617-185173839-1171195664-1001\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.) HKU\S-1-5-21-164236617-185173839-1171195664-1001\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {9B275630-88ED-4736-9885-BC0B7851003D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS SearchScopes: HKLM-x32 - {9B275630-88ED-4736-9885-BC0B7851003D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default FF NewTab: chrome://quick_start/content/index.html FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default\searchplugins\Mysearchdial.xml FF Extension: mysearchdial.com - C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default\Extensions\ffxtlbr@mysearchdial.com [2014-03-28] FF Extension: MySearchDial NewTab - C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-03-28] FF Extension: leethax.net extension - C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default\Extensions\leethax@leethax.net.xpi [2014-03-09] FF Extension: Mega Browse - C:\Users\UTILISATEUR\AppData\Roaming\Mozilla\Firefox\Profiles\02flh208.default\Extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014-03-28] Chrome: ======= CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=dsites_14_13_ff&cd=2XzuyEtN2Y1L1QzutDtDzytD0FyD0E0CyC0E0AzzyB0E0DzytN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzztAtC0EyCtD0AtGyD0F0EyCtGyE0A0B0DtG0E0DtBzztGtC0B0ByD0AyCyCtC0EyC0CyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEzy0DyCzz0DtG0DyC0F0BtG0FyBtByCtG0AzyyBtDtGyBtCtCtAyBtA0CtB0E0EyD0B2Q&cr=1305276719&ir= CHR DefaultSearchKeyword: mysearchdial.com CHR DefaultSearchProvider: Mysearchdial CHR DefaultSearchURL: http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_13_ff&cd=2XzuyEtN2Y1L1QzutDtDzytD0FyD0E0CyC0E0AzzyB0E0DzytN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzztAtC0EyCtD0AtGyD0F0EyCtGyE0A0B0DtG0E0DtBzztGtC0B0ByD0AyCyCtC0EyC0CyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEzy0DyCzz0DtG0DyC0F0BtG0FyBtByCtG0AzyyBtDtGyBtCtCtAyBtA0CtB0E0EyD0B2Q&cr=1305276719&ir= CHR DefaultNewTabURL: CHR Extension: (Documents Google) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-14] CHR Extension: (Google Drive) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-14] CHR Extension: (YouTube) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-14] CHR Extension: (Recherche Google) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-14] CHR Extension: (Google Wallet) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15] CHR Extension: (Gmail) - C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-14] ==================== Services (Whitelisted) ================= R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] () R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [46080 2012-11-05] () R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-10] (VIA Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) R3 LVPr2M64; C:\Windows\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3341792 2013-04-25] (Intel Corporation) S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA)) R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3555456 2012-07-12] (Windows (R) Win 7 DDK provider) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [26424 2012-11-30] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-30] (Synaptics Incorporated) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-28 13:32 - 2014-03-28 13:33 - 00014993 _____ () C:\Users\UTILISATEUR\Downloads\FRST.txt 2014-03-28 13:31 - 2014-03-28 13:32 - 00000000 ____D () C:\FRST 2014-03-28 13:31 - 2014-03-28 13:31 - 02157056 _____ (Farbar) C:\Users\UTILISATEUR\Downloads\FRST64.exe 2014-03-28 13:30 - 2014-03-28 13:31 - 01145856 _____ (Farbar) C:\Users\UTILISATEUR\Downloads\FRST.exe 2014-03-28 13:13 - 2014-03-28 13:24 - 00011836 _____ () C:\Windows\WindowsUpdate.log 2014-03-28 11:46 - 2014-03-28 11:53 - 00000000 ____D () C:\Program Files (x86)\Mobogenie 2014-03-28 11:45 - 2014-03-28 11:45 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-03-28 11:44 - 2014-03-28 11:53 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\LavFilters 2014-03-28 11:44 - 2014-03-28 11:53 - 00000000 ____D () C:\Program Files (x86)\Xvid 2014-03-28 11:44 - 2014-03-28 11:53 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity 2014-03-28 11:44 - 2014-03-28 11:53 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-28 11:44 - 2014-03-28 11:53 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\ProgramData\DivX 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\DSP-worx 2014-03-28 11:42 - 2014-03-28 11:42 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\DigitalSites 2014-03-27 11:18 - 2014-03-27 11:18 - 00000225 _____ () C:\Users\UTILISATEUR\Documents\Error.log 2014-03-27 11:16 - 2014-03-27 11:16 - 00009056 _____ () C:\Users\UTILISATEUR\Documents\test1.mat 2014-03-24 15:58 - 2014-03-24 15:58 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Skype 2014-03-23 00:01 - 2014-03-27 19:18 - 00014967 _____ () C:\Users\UTILISATEUR\Documents\italien.ods 2014-03-17 08:37 - 2014-03-17 08:37 - 00000218 _____ () C:\Users\UTILISATEUR\.recently-used.xbel 2014-03-14 10:33 - 2014-03-14 10:33 - 00004317 _____ () C:\Users\UTILISATEUR\Documents\ZHPFixReport.txt 2014-03-14 07:38 - 2014-03-14 07:38 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\UTILISATEUR\Downloads\sc-cleaner (1).exe 2014-03-14 07:37 - 2014-03-14 07:38 - 00001778 _____ () C:\sc-cleaner.txt 2014-03-14 07:36 - 2014-03-14 07:36 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\UTILISATEUR\Downloads\sc-cleaner.exe 2014-03-14 01:01 - 2014-03-14 11:13 - 00299680 _____ () C:\Users\UTILISATEUR\Documents\ZHPDiag.txt 2014-03-14 01:00 - 2014-03-14 11:07 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin 2014-03-14 00:51 - 2014-03-14 00:52 - 06866688 _____ (Nicolas Coolman ) C:\Users\UTILISATEUR\Downloads\ZHPDiag2 (1).exe 2014-03-14 00:46 - 2014-03-14 11:05 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\ZHP 2014-03-14 00:46 - 2014-03-14 11:04 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag 2014-03-14 00:46 - 2014-03-14 00:52 - 00001994 _____ () C:\Users\UTILISATEUR\Desktop\ZHPFix.lnk 2014-03-14 00:46 - 2014-03-14 00:52 - 00001867 _____ () C:\Users\UTILISATEUR\Desktop\ZHPDiag.lnk 2014-03-14 00:45 - 2014-03-14 00:46 - 06866688 _____ (Nicolas Coolman ) C:\Users\UTILISATEUR\Downloads\ZHPDiag2.exe 2014-03-13 20:38 - 2014-03-13 20:38 - 00007071 _____ () C:\Users\UTILISATEUR\Documents\AdwCleaner[S2].txt 2014-03-13 20:35 - 2014-03-13 20:35 - 00308808 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 20:31 - 2014-03-13 20:31 - 01949184 _____ () C:\Users\UTILISATEUR\Downloads\adwcleaner (1).exe 2014-03-13 18:30 - 2014-03-13 18:30 - 00000578 _____ () C:\Users\UTILISATEUR\AppData\Roaming\aps.scan.quick.results 2014-03-13 18:30 - 2014-03-13 18:30 - 00000158 _____ () C:\Users\UTILISATEUR\AppData\Roaming\aps.uninstall.scan.results 2014-03-13 18:28 - 2014-03-13 18:28 - 00954784 _____ (AnyProtect.com) C:\Users\UTILISATEUR\AppData\Local\nsfAEF2.tmp 2014-03-13 18:02 - 2014-03-13 19:35 - 00000290 __RSH () C:\ProgramData\ntuser.pol 2014-03-13 17:21 - 2014-03-13 17:21 - 01581568 _____ () C:\Users\UTILISATEUR\Downloads\Pour_toi_1.pps 2014-03-13 07:25 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 07:25 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-03-13 07:25 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-03-13 07:24 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 07:24 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 07:24 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-03-13 07:24 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-03-13 07:24 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-13 07:24 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 07:24 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 07:24 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 07:24 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-13 07:24 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-13 07:24 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-13 07:24 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-13 07:24 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-13 07:24 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 07:24 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-13 07:24 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-03-13 07:23 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 07:23 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-13 07:23 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-13 07:23 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 07:23 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-03-13 07:23 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-03-09 14:22 - 2014-03-09 14:22 - 00021498 _____ () C:\Users\UTILISATEUR\Downloads\leethax.xpi 2014-03-09 14:21 - 2014-03-28 11:54 - 00000000 ____D () C:\Program Files (x86)\Mega Browse 2014-03-09 14:19 - 2014-03-09 14:19 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup(2).exe 2014-03-09 14:19 - 2014-03-09 14:19 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup(1).exe 2014-03-09 14:18 - 2014-03-09 14:19 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup.exe 2014-03-09 14:18 - 2014-03-09 14:18 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Macromedia 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\Mozilla 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Mozilla 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-09 13:15 - 2014-03-09 13:15 - 00283088 _____ (Mozilla) C:\Users\UTILISATEUR\Downloads\Firefox Setup Stub 27.0.1.exe 2014-03-06 11:36 - 2014-03-06 11:36 - 00033884 _____ () C:\Users\UTILISATEUR\Downloads\italien-facile.exe 2014-03-06 11:36 - 2014-03-06 11:36 - 00001648 _____ () C:\Users\Public\Desktop\Italien-Facile.com.lnk 2014-03-06 11:36 - 2014-03-06 11:36 - 00000055 _____ () C:\Users\UTILISATEUR\Downloads\Italien-Facile.com.URL 2014-03-05 10:06 - 2014-03-05 10:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2014-03-04 15:44 - 2014-03-04 15:47 - 02457654 _____ () C:\Users\UTILISATEUR\Documents\ScreenShot018.bmp 2014-02-28 12:09 - 2014-02-28 12:09 - 04765152 _____ (Piriform Ltd) C:\Users\UTILISATEUR\Downloads\ccleaner_4-11_fr_14492.exe 2014-02-28 12:09 - 2014-02-28 12:09 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-28 12:09 - 2014-02-28 12:09 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-28 12:09 - 2014-02-28 12:09 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-26 01:39 - 2014-02-26 01:39 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\vlc ==================== One Month Modified Files and Folders ======= 2014-03-28 13:33 - 2014-03-28 13:32 - 00014993 _____ () C:\Users\UTILISATEUR\Downloads\FRST.txt 2014-03-28 13:32 - 2014-03-28 13:31 - 00000000 ____D () C:\FRST 2014-03-28 13:31 - 2014-03-28 13:31 - 02157056 _____ (Farbar) C:\Users\UTILISATEUR\Downloads\FRST64.exe 2014-03-28 13:31 - 2014-03-28 13:30 - 01145856 _____ (Farbar) C:\Users\UTILISATEUR\Downloads\FRST.exe 2014-03-28 13:24 - 2014-03-28 13:13 - 00011836 _____ () C:\Windows\WindowsUpdate.log 2014-03-28 13:05 - 2014-01-14 17:22 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-28 13:05 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-28 13:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru 2014-03-28 12:49 - 2014-01-14 17:24 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-28 12:42 - 2014-01-14 17:22 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-28 11:54 - 2014-03-09 14:21 - 00000000 ____D () C:\Program Files (x86)\Mega Browse 2014-03-28 11:54 - 2014-01-14 17:07 - 00000000 ____D () C:\Users\UTILISATEUR 2014-03-28 11:53 - 2014-03-28 11:46 - 00000000 ____D () C:\Program Files (x86)\Mobogenie 2014-03-28 11:53 - 2014-03-28 11:44 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\LavFilters 2014-03-28 11:53 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\Xvid 2014-03-28 11:53 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity 2014-03-28 11:53 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\ffdshow 2014-03-28 11:53 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub 2014-03-28 11:53 - 2014-01-20 07:47 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\Skype 2014-03-28 11:53 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration 2014-03-28 11:45 - 2014-03-28 11:45 - 00000000 ____D () C:\Program Files (x86)\DivX 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\ProgramData\DivX 2014-03-28 11:44 - 2014-03-28 11:44 - 00000000 ____D () C:\Program Files (x86)\DSP-worx 2014-03-28 11:42 - 2014-03-28 11:42 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\DigitalSites 2014-03-27 19:18 - 2014-03-23 00:01 - 00014967 _____ () C:\Users\UTILISATEUR\Documents\italien.ods 2014-03-27 11:18 - 2014-03-27 11:18 - 00000225 _____ () C:\Users\UTILISATEUR\Documents\Error.log 2014-03-27 11:16 - 2014-03-27 11:16 - 00009056 _____ () C:\Users\UTILISATEUR\Documents\test1.mat 2014-03-26 13:38 - 2014-01-14 17:57 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-164236617-185173839-1171195664-1001 2014-03-24 15:58 - 2014-03-24 15:58 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-24 15:58 - 2014-03-24 15:58 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Skype 2014-03-24 15:58 - 2014-01-20 07:47 - 00000000 ____D () C:\ProgramData\Skype 2014-03-19 10:04 - 2014-01-14 18:22 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-19 10:01 - 2014-01-14 18:22 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-18 12:56 - 2014-01-23 17:03 - 00000624 _____ () C:\Users\UTILISATEUR\Desktop\Dice.dat 2014-03-18 07:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-03-17 08:37 - 2014-03-17 08:37 - 00000218 _____ () C:\Users\UTILISATEUR\.recently-used.xbel 2014-03-17 07:55 - 2014-01-22 11:57 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\gtk-2.0 2014-03-15 18:45 - 2014-01-14 17:22 - 00002188 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-14 13:23 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache 2014-03-14 11:13 - 2014-03-14 01:01 - 00299680 _____ () C:\Users\UTILISATEUR\Documents\ZHPDiag.txt 2014-03-14 11:07 - 2014-03-14 01:00 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin 2014-03-14 11:05 - 2014-03-14 00:46 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\ZHP 2014-03-14 11:04 - 2014-03-14 00:46 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag 2014-03-14 10:58 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-03-14 10:33 - 2014-03-14 10:33 - 00004317 _____ () C:\Users\UTILISATEUR\Documents\ZHPFixReport.txt 2014-03-14 07:38 - 2014-03-14 07:38 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\UTILISATEUR\Downloads\sc-cleaner (1).exe 2014-03-14 07:38 - 2014-03-14 07:37 - 00001778 _____ () C:\sc-cleaner.txt 2014-03-14 07:36 - 2014-03-14 07:36 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\UTILISATEUR\Downloads\sc-cleaner.exe 2014-03-14 00:52 - 2014-03-14 00:51 - 06866688 _____ (Nicolas Coolman ) C:\Users\UTILISATEUR\Downloads\ZHPDiag2 (1).exe 2014-03-14 00:52 - 2014-03-14 00:46 - 00001994 _____ () C:\Users\UTILISATEUR\Desktop\ZHPFix.lnk 2014-03-14 00:52 - 2014-03-14 00:46 - 00001867 _____ () C:\Users\UTILISATEUR\Desktop\ZHPDiag.lnk 2014-03-14 00:46 - 2014-03-14 00:45 - 06866688 _____ (Nicolas Coolman ) C:\Users\UTILISATEUR\Downloads\ZHPDiag2.exe 2014-03-13 20:38 - 2014-03-13 20:38 - 00007071 _____ () C:\Users\UTILISATEUR\Documents\AdwCleaner[S2].txt 2014-03-13 20:35 - 2014-03-13 20:35 - 00308808 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-13 20:35 - 2014-01-24 00:25 - 00000000 ____D () C:\AdwCleaner 2014-03-13 20:35 - 2014-01-14 17:08 - 00001022 _____ () C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-03-13 20:31 - 2014-03-13 20:31 - 01949184 _____ () C:\Users\UTILISATEUR\Downloads\adwcleaner (1).exe 2014-03-13 19:35 - 2014-03-13 18:02 - 00000290 __RSH () C:\ProgramData\ntuser.pol 2014-03-13 19:31 - 2014-01-14 17:08 - 00000000 ___RD () C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-13 19:31 - 2014-01-14 17:08 - 00000000 ___RD () C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-13 19:28 - 2014-01-14 17:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-13 19:28 - 2014-01-14 17:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 19:27 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData 2014-03-13 19:27 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-13 19:27 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-03-13 19:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-03-13 19:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-03-13 18:30 - 2014-03-13 18:30 - 00000578 _____ () C:\Users\UTILISATEUR\AppData\Roaming\aps.scan.quick.results 2014-03-13 18:30 - 2014-03-13 18:30 - 00000158 _____ () C:\Users\UTILISATEUR\AppData\Roaming\aps.uninstall.scan.results 2014-03-13 18:28 - 2014-03-13 18:28 - 00954784 _____ (AnyProtect.com) C:\Users\UTILISATEUR\AppData\Local\nsfAEF2.tmp 2014-03-13 17:21 - 2014-03-13 17:21 - 01581568 _____ () C:\Users\UTILISATEUR\Downloads\Pour_toi_1.pps 2014-03-12 12:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF 2014-03-09 14:22 - 2014-03-09 14:22 - 00021498 _____ () C:\Users\UTILISATEUR\Downloads\leethax.xpi 2014-03-09 14:19 - 2014-03-09 14:19 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup(2).exe 2014-03-09 14:19 - 2014-03-09 14:19 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup(1).exe 2014-03-09 14:19 - 2014-03-09 14:18 - 00667272 _____ ( ) C:\Users\UTILISATEUR\Downloads\ZipSetup.exe 2014-03-09 14:18 - 2014-03-09 14:18 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Macromedia 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\Mozilla 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Mozilla 2014-03-09 13:17 - 2014-03-09 13:17 - 00000000 ____D () C:\ProgramData\Mozilla 2014-03-09 13:15 - 2014-03-09 13:15 - 00283088 _____ (Mozilla) C:\Users\UTILISATEUR\Downloads\Firefox Setup Stub 27.0.1.exe 2014-03-06 11:36 - 2014-03-06 11:36 - 00033884 _____ () C:\Users\UTILISATEUR\Downloads\italien-facile.exe 2014-03-06 11:36 - 2014-03-06 11:36 - 00001648 _____ () C:\Users\Public\Desktop\Italien-Facile.com.lnk 2014-03-06 11:36 - 2014-03-06 11:36 - 00000055 _____ () C:\Users\UTILISATEUR\Downloads\Italien-Facile.com.URL 2014-03-05 10:06 - 2014-03-05 10:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 2014-03-04 23:52 - 2014-01-16 10:19 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-04 23:52 - 2014-01-16 10:19 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-04 15:47 - 2014-03-04 15:44 - 02457654 _____ () C:\Users\UTILISATEUR\Documents\ScreenShot018.bmp 2014-03-03 11:31 - 2014-01-14 17:35 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Local\Paint.NET 2014-03-02 15:53 - 2012-08-08 09:58 - 00800978 _____ () C:\Windows\system32\perfh00C.dat 2014-03-02 15:53 - 2012-08-08 09:58 - 00155650 _____ () C:\Windows\system32\perfc00C.dat 2014-03-02 15:53 - 2012-07-26 08:28 - 01793362 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-28 12:17 - 2014-01-14 17:27 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-02-28 12:17 - 2013-07-23 16:17 - 00000000 ____D () C:\Windows\Panther 2014-02-28 12:09 - 2014-02-28 12:09 - 04765152 _____ (Piriform Ltd) C:\Users\UTILISATEUR\Downloads\ccleaner_4-11_fr_14492.exe 2014-02-28 12:09 - 2014-02-28 12:09 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-28 12:09 - 2014-02-28 12:09 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-28 12:09 - 2014-02-28 12:09 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-26 01:39 - 2014-02-26 01:39 - 00000000 ____D () C:\Users\UTILISATEUR\AppData\Roaming\vlc ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-28 10:32 ==================== End Of Log ============================