Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Alain (administrator) on MIMI on 01-06-2015 19:32:09
Running from C:\Users\Alain\Downloads
Loaded Profiles: Alain (Available Profiles: michelle & Alain & Ednammoc)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-09-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-13] (Copyright 2013 SAMSUNG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-11] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-10-11] (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {642A2906-0CB0-4FC3-857A-B595A75A8B6D} => C:\windows\SYSTEM32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {642A2906-0CB0-4FC3-857A-B595A75A8B6D} => C:\windows\SysWOW64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/?pc=smjb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/u/0/?tab=wm&pli=1#inbox
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com/?pc=smjb
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = https://www.google.com/
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-21-3504710949-4177054267-196861561-1004 -> {FCE6121E-596E-4303-B8C0-D0E44E3F5318} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-11] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-11] (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [2013-09-13] (Samsung)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-11]
Chrome:
=======
CHR Profile: C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Google Docs) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Sheets) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (Bookmark Manager) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-03]
CHR Extension: (Google Wallet) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-11] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-06] (ELAN Microelectronics Corp.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-13] (Copyright 2013 SAMSUNG)
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1592712 2013-09-07] (Samsung Electronics CO., LTD.) [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-08-28] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-11] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-09-24] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [67864 2013-06-21] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
S1 iSafeKrnlR3; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [X]
S1 iSafeNetFilter; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 19:32 - 2015-06-01 19:33 - 00018029 _____ () C:\Users\Alain\Downloads\FRST.txt
2015-06-01 19:31 - 2015-06-01 19:32 - 00000000 ____D () C:\FRST
2015-06-01 19:27 - 2015-06-01 19:27 - 02108928 _____ (Farbar) C:\Users\Alain\Downloads\FRST64.exe
2015-06-01 19:09 - 2015-06-01 19:09 - 00000000 ___RD () C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-01 10:56 - 2015-06-01 10:56 - 00000000 ___RD () C:\Users\michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-31 10:43 - 2015-05-31 10:43 - 04614144 _____ () C:\Users\michelle\Downloads\La_maison_de_Monet_badier.pps
2015-05-30 23:14 - 2015-05-30 23:14 - 02791037 _____ () C:\Users\michelle\Downloads\laurel et hardy (1).mp4
2015-05-27 17:20 - 2015-06-01 19:06 - 00000812 _____ () C:\windows\setupact.log
2015-05-27 17:20 - 2015-05-27 17:20 - 00000000 _____ () C:\windows\setuperr.log
2015-05-27 16:16 - 2015-06-01 19:20 - 00889188 _____ () C:\windows\WindowsUpdate.log
2015-05-27 16:10 - 2015-06-01 12:04 - 00002782 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-05-27 16:10 - 2015-05-27 16:10 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-27 16:10 - 2015-05-27 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-27 16:10 - 2015-05-27 16:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-27 16:02 - 2015-05-27 16:02 - 06549184 _____ (Piriform Ltd) C:\Users\Alain\Downloads\ccsetup506.exe
2015-05-25 18:25 - 2015-05-25 18:25 - 02791037 _____ () C:\Users\michelle\Downloads\laurel et hardy.mp4
2015-05-25 17:08 - 2015-05-25 17:08 - 04650491 _____ () C:\Users\michelle\Downloads\Le carre_ de chocolat en trop (1).mp4
2015-05-25 17:07 - 2015-05-25 17:07 - 04650491 _____ () C:\Users\michelle\Downloads\Le carre_ de chocolat en trop.mp4
2015-05-15 10:15 - 2015-05-15 10:15 - 02323968 _____ () C:\Users\michelle\Downloads\bikini-evolution-jb.pps
2015-05-13 23:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 23:31 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 23:31 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 23:31 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 23:31 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 23:31 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 23:31 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 23:31 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 23:31 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-05-13 23:31 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 23:31 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 23:31 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 23:31 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-05-13 23:31 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 23:31 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 23:31 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-05-13 23:31 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 23:31 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-05-13 23:31 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 23:31 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 23:31 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 23:31 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 23:31 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 23:31 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 23:31 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-05-13 23:31 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 23:31 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-05-13 23:31 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 23:31 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-05-13 23:31 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 23:31 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 23:31 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 23:31 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 23:31 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 23:31 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 23:31 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 23:31 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 23:31 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 23:31 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 23:01 - 2015-05-13 23:02 - 00000000 ____D () C:\Mimi
2015-05-13 22:58 - 2015-05-13 23:02 - 00000022 _____ () C:\Users\michelle\Downloads\Mes Documents Signes.zip
2015-05-02 14:30 - 2015-05-02 14:30 - 05219840 _____ () C:\Users\michelle\Downloads\Phenomenes.pps
2015-05-02 14:27 - 2015-05-02 14:27 - 00122880 _____ () C:\Users\michelle\Downloads\le_jeune_cur_2.pps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 19:30 - 2014-10-16 15:36 - 00000000 ____D () C:\Users\Alain\AppData\Local\CrashDumps
2015-06-01 19:17 - 2014-10-11 14:46 - 00001086 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-01 19:16 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sru
2015-06-01 19:12 - 2013-11-07 09:12 - 00000000 ____D () C:\ProgramData\WinClon
2015-06-01 19:11 - 2013-11-08 02:17 - 00812350 _____ () C:\windows\system32\perfh00C.dat
2015-06-01 19:11 - 2013-11-08 02:17 - 00159412 _____ () C:\windows\system32\perfc00C.dat
2015-06-01 19:11 - 2013-08-27 06:56 - 01824010 _____ () C:\windows\system32\PerfStringBackup.INI
2015-06-01 19:08 - 2014-10-11 14:46 - 00001082 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 19:06 - 2013-08-22 16:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-06-01 12:18 - 2014-09-22 17:09 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3504710949-4177054267-196861561-1004
2015-06-01 11:57 - 2014-09-13 23:33 - 00003932 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{3FA0ECC4-B93F-41DF-8B2A-4E34510F1D2D}
2015-06-01 11:54 - 2014-11-03 22:02 - 00000000 ____D () C:\Users\michelle\AppData\Local\CrashDumps
2015-05-31 10:57 - 2013-08-22 17:20 - 00000000 ____D () C:\windows\CbsTemp
2015-05-30 23:07 - 2014-12-19 03:01 - 00000000 ____D () C:\Users\michelle\AppData\Roaming\vlc
2015-05-27 17:58 - 2014-09-13 23:23 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3504710949-4177054267-196861561-1001
2015-05-27 16:26 - 2013-08-22 15:25 - 00786432 ___SH () C:\windows\system32\config\BBI
2015-05-27 16:20 - 2014-09-13 23:19 - 00000000 ____D () C:\Users\michelle\Documents\Bluetooth Folder
2015-05-27 16:19 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\AppReadiness
2015-05-27 16:13 - 2014-10-16 20:06 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-05-27 16:12 - 2013-08-27 07:50 - 00000000 ____D () C:\windows\Panther
2015-05-25 23:07 - 2013-11-07 08:33 - 00065536 _____ () C:\windows\system32\spu_storage.bin
2015-05-17 16:35 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\rescache
2015-05-17 09:12 - 2014-10-11 14:46 - 00004058 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 09:12 - 2014-10-11 14:46 - 00003822 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:44 - 2014-10-11 14:49 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-05 19:59 - 2014-10-16 14:38 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-10-16 14:38 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-09-22 17:05 - 2014-10-18 22:42 - 0003528 _____ () C:\Users\Alain\AppData\Roaming\AbsoluteReminder.xml
2013-11-07 09:33 - 2013-02-19 09:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-11-07 09:33 - 2013-01-12 16:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-28 12:20
==================== End of log ============================
Ran by Alain (administrator) on MIMI on 01-06-2015 19:32:09
Running from C:\Users\Alain\Downloads
Loaded Profiles: Alain (Available Profiles: michelle & Alain & Ednammoc)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-09-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-13] (Copyright 2013 SAMSUNG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-11] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [571392 2013-08-22] (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-10-11] (AVAST Software)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {642A2906-0CB0-4FC3-857A-B595A75A8B6D} => C:\windows\SYSTEM32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {642A2906-0CB0-4FC3-857A-B595A75A8B6D} => C:\windows\SysWOW64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/?pc=smjb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/u/0/?tab=wm&pli=1#inbox
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com/?pc=smjb
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = https://www.google.com/
HKU\S-1-5-21-3504710949-4177054267-196861561-1004\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = https://www.google.com/
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://search.yac.mx/web/?q={searchTerms}&type=ds&from=yac&uid=samsungxmzmte128hmgr-000_s1eynyaf403742&ts=1414438171
SearchScopes: HKU\S-1-5-21-3504710949-4177054267-196861561-1004 -> {FCE6121E-596E-4303-B8C0-D0E44E3F5318} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-11] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-11] (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [2013-09-13] (Samsung)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-11]
Chrome:
=======
CHR Profile: C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-11]
CHR Extension: (Google Docs) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Google Sheets) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-11]
CHR Extension: (Bookmark Manager) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]
CHR Extension: (Avast Online Security) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-03]
CHR Extension: (Google Wallet) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Alain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkManagerDMS.exe [404360 2013-09-10] (Samsung) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-24] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-11] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-06] (ELAN Microelectronics Corp.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-13] (Copyright 2013 SAMSUNG)
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1592712 2013-09-07] (Samsung Electronics CO., LTD.) [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-08-28] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-24] (Atheros) [File not signed]
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-12-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-11] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-09-24] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)
S3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [67864 2013-06-21] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
S1 iSafeKrnlR3; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [X]
S1 iSafeNetFilter; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys [X]
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 19:32 - 2015-06-01 19:33 - 00018029 _____ () C:\Users\Alain\Downloads\FRST.txt
2015-06-01 19:31 - 2015-06-01 19:32 - 00000000 ____D () C:\FRST
2015-06-01 19:27 - 2015-06-01 19:27 - 02108928 _____ (Farbar) C:\Users\Alain\Downloads\FRST64.exe
2015-06-01 19:09 - 2015-06-01 19:09 - 00000000 ___RD () C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-01 10:56 - 2015-06-01 10:56 - 00000000 ___RD () C:\Users\michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-05-31 10:43 - 2015-05-31 10:43 - 04614144 _____ () C:\Users\michelle\Downloads\La_maison_de_Monet_badier.pps
2015-05-30 23:14 - 2015-05-30 23:14 - 02791037 _____ () C:\Users\michelle\Downloads\laurel et hardy (1).mp4
2015-05-27 17:20 - 2015-06-01 19:06 - 00000812 _____ () C:\windows\setupact.log
2015-05-27 17:20 - 2015-05-27 17:20 - 00000000 _____ () C:\windows\setuperr.log
2015-05-27 16:16 - 2015-06-01 19:20 - 00889188 _____ () C:\windows\WindowsUpdate.log
2015-05-27 16:10 - 2015-06-01 12:04 - 00002782 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-05-27 16:10 - 2015-05-27 16:10 - 00000834 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-27 16:10 - 2015-05-27 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-27 16:10 - 2015-05-27 16:10 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-27 16:02 - 2015-05-27 16:02 - 06549184 _____ (Piriform Ltd) C:\Users\Alain\Downloads\ccsetup506.exe
2015-05-25 18:25 - 2015-05-25 18:25 - 02791037 _____ () C:\Users\michelle\Downloads\laurel et hardy.mp4
2015-05-25 17:08 - 2015-05-25 17:08 - 04650491 _____ () C:\Users\michelle\Downloads\Le carre_ de chocolat en trop (1).mp4
2015-05-25 17:07 - 2015-05-25 17:07 - 04650491 _____ () C:\Users\michelle\Downloads\Le carre_ de chocolat en trop.mp4
2015-05-15 10:15 - 2015-05-15 10:15 - 02323968 _____ () C:\Users\michelle\Downloads\bikini-evolution-jb.pps
2015-05-13 23:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 23:31 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 23:31 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 23:31 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 23:31 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 23:31 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 23:31 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 23:31 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 23:31 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-05-13 23:31 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 23:31 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 23:31 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 23:31 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-05-13 23:31 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 23:31 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 23:31 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-05-13 23:31 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 23:31 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-05-13 23:31 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 23:31 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 23:31 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 23:31 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 23:31 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 23:31 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 23:31 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-05-13 23:31 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 23:31 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-05-13 23:31 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 23:31 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-05-13 23:31 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 23:31 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 23:31 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 23:31 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 23:31 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 23:31 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 23:31 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 23:31 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 23:31 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 23:31 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 23:01 - 2015-05-13 23:02 - 00000000 ____D () C:\Mimi
2015-05-13 22:58 - 2015-05-13 23:02 - 00000022 _____ () C:\Users\michelle\Downloads\Mes Documents Signes.zip
2015-05-02 14:30 - 2015-05-02 14:30 - 05219840 _____ () C:\Users\michelle\Downloads\Phenomenes.pps
2015-05-02 14:27 - 2015-05-02 14:27 - 00122880 _____ () C:\Users\michelle\Downloads\le_jeune_cur_2.pps
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 19:30 - 2014-10-16 15:36 - 00000000 ____D () C:\Users\Alain\AppData\Local\CrashDumps
2015-06-01 19:17 - 2014-10-11 14:46 - 00001086 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-01 19:16 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sru
2015-06-01 19:12 - 2013-11-07 09:12 - 00000000 ____D () C:\ProgramData\WinClon
2015-06-01 19:11 - 2013-11-08 02:17 - 00812350 _____ () C:\windows\system32\perfh00C.dat
2015-06-01 19:11 - 2013-11-08 02:17 - 00159412 _____ () C:\windows\system32\perfc00C.dat
2015-06-01 19:11 - 2013-08-27 06:56 - 01824010 _____ () C:\windows\system32\PerfStringBackup.INI
2015-06-01 19:08 - 2014-10-11 14:46 - 00001082 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 19:06 - 2013-08-22 16:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-06-01 12:18 - 2014-09-22 17:09 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3504710949-4177054267-196861561-1004
2015-06-01 11:57 - 2014-09-13 23:33 - 00003932 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{3FA0ECC4-B93F-41DF-8B2A-4E34510F1D2D}
2015-06-01 11:54 - 2014-11-03 22:02 - 00000000 ____D () C:\Users\michelle\AppData\Local\CrashDumps
2015-05-31 10:57 - 2013-08-22 17:20 - 00000000 ____D () C:\windows\CbsTemp
2015-05-30 23:07 - 2014-12-19 03:01 - 00000000 ____D () C:\Users\michelle\AppData\Roaming\vlc
2015-05-27 17:58 - 2014-09-13 23:23 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3504710949-4177054267-196861561-1001
2015-05-27 16:26 - 2013-08-22 15:25 - 00786432 ___SH () C:\windows\system32\config\BBI
2015-05-27 16:20 - 2014-09-13 23:19 - 00000000 ____D () C:\Users\michelle\Documents\Bluetooth Folder
2015-05-27 16:19 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\AppReadiness
2015-05-27 16:13 - 2014-10-16 20:06 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-05-27 16:12 - 2013-08-27 07:50 - 00000000 ____D () C:\windows\Panther
2015-05-25 23:07 - 2013-11-07 08:33 - 00065536 _____ () C:\windows\system32\spu_storage.bin
2015-05-17 16:35 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\rescache
2015-05-17 09:12 - 2014-10-11 14:46 - 00004058 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 09:12 - 2014-10-11 14:46 - 00003822 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 13:44 - 2014-10-11 14:49 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-05 19:59 - 2014-10-16 14:38 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-10-16 14:38 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-09-22 17:05 - 2014-10-18 22:42 - 0003528 _____ () C:\Users\Alain\AppData\Roaming\AbsoluteReminder.xml
2013-11-07 09:33 - 2013-02-19 09:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-11-07 09:33 - 2013-01-12 16:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-28 12:20
==================== End of log ============================