Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Phil (administrator) on PC on 14-07-2015 00:56:08
Running from C:\Users\Phil\Documents\Fichiers4\Thailande_Samui\Voyage
Loaded Profiles: Phil (Available Profiles: Phil)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Users\Phil\AppData\Local\Temp\~spC809.tmp
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\DiskDefrag.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-18] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856 2014-06-23] (IObit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [uTorrent] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-17] (BitTorrent Inc.)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [GoogleChromeAutoLaunch_8F46E403C67104BF7EEB25B83E1B221E] => C:\Users\Phil\AppData\Local\Chromium\Application\chrome.exe [656384 2015-05-18] (The Chromium Authors)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [Google Update] => C:\Users\Phil\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-06-21] (Google Inc.)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-06] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://th.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> DefaultScope {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {B8E50B25-3372-40E7-8C43-F89230416A65} URL = https://th.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-07-13] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-06] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-06] (Avast Software s.r.o.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{651BCF50-7740-48FD-969B-D9FE2DF203B1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default
FF NewTab: hxxp://th.search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-is__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo Search!
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://th.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-is__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-is__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Phil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @talk.google.com/O1DPlugin -> C:\Users\Phil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Phil\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Phil\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Phil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Phil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Ads Removal - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\adremoveext@adremoveext.net [2015-07-13]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\iobitascsurfingprotection@iobit.com [2015-07-13]
FF Extension: Glass Bottle - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\{762f0906-f55a-470b-8a55-db5137bad752}.xpi [2015-06-01]
FF Extension: Adblock Edge - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-06]
Chrome:
=======
CHR Profile: C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]
CHR Extension: (Google Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-06]
CHR Extension: (Google Search) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Avast SafePrice) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-24]
CHR Extension: (Google Sheets) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]
CHR Extension: (Avast Online Security) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-06]
CHR Extension: (Glass Bottle) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchbcdpiplmepnccafoeaiimohjodkm [2015-06-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-06]
CHR Extension: (Google Wallet) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Gmail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-06] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-04] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2904864 2015-06-02] (IObit)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-06] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-06] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-13] (REALiX(tm))
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 00:54 - 2015-07-14 00:56 - 00000000 ____D C:\FRST
2015-07-13 17:30 - 2015-07-13 17:30 - 00000000 ____D C:\Users\Phil\AppData\Roaming\ProductData
2015-07-13 17:29 - 2015-07-13 17:29 - 00001194 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2015-07-13 17:29 - 2015-07-13 17:29 - 00001085 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-07-13 17:29 - 2015-07-13 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-07-13 17:29 - 2015-07-13 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-07-13 17:29 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2015-07-13 17:29 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-07-13 17:29 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-07-13 17:29 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-07-13 17:28 - 2015-07-14 00:34 - 00002380 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Phil
2015-07-13 17:28 - 2015-07-14 00:34 - 00000282 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Phil.job
2015-07-13 17:28 - 2015-07-13 17:28 - 00002362 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_Système
2015-07-13 17:28 - 2015-07-13 17:28 - 00002096 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-07-13 17:28 - 2015-07-13 17:28 - 00001143 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-07-13 17:28 - 2015-07-13 17:28 - 00000258 _____ C:\Windows\Tasks\ASC8_SkipUac_Système.job
2015-07-13 17:28 - 2015-07-13 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-07-13 17:28 - 2015-07-13 17:28 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-07-13 17:27 - 2015-07-14 00:35 - 00000000 ____D C:\ProgramData\ProductData
2015-07-13 17:27 - 2015-07-13 17:27 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-07-13 17:27 - 2015-07-13 17:27 - 00002059 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-07-13 17:27 - 2015-07-13 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-13 17:26 - 2015-07-14 00:34 - 00000000 ____D C:\ProgramData\IObit
2015-07-13 17:25 - 2015-07-13 17:30 - 00000000 ____D C:\Users\Phil\AppData\Roaming\IObit
2015-07-13 17:25 - 2015-07-13 17:29 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-13 17:25 - 2015-07-13 17:25 - 00001164 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-07-13 17:25 - 2015-07-13 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-07-13 16:47 - 2015-07-13 16:47 - 00000000 ____D C:\Users\Phil\Tracing
2015-07-10 17:55 - 2015-07-12 14:02 - 735547392 ____R C:\Users\Phil\Downloads\Indiana.jones.et.le.royaume.du.crane.de.cristal.FRENCH.DVDRIP.REPACK.1.CD.XVID-SYR.Upload.(Steph53).Mininova.org..avi
2015-07-10 17:53 - 2015-07-12 14:18 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.And.The.Last.Crusade.1989.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-10 17:53 - 2015-07-10 17:56 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.2008.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-09 18:56 - 2015-07-13 23:56 - 00001624 _____ C:\Windows\setupact.log
2015-07-09 18:56 - 2015-07-09 18:56 - 00000000 _____ C:\Windows\setuperr.log
2015-07-08 15:54 - 2015-07-14 00:22 - 01437438 _____ C:\Windows\WindowsUpdate.log
2015-07-08 15:50 - 2015-07-08 15:51 - 00000000 ____D C:\AdwCleaner
2015-07-08 15:49 - 2015-07-08 15:49 - 02244096 _____ C:\Users\Phil\Downloads\adwcleaner_4.207.exe
2015-07-08 15:13 - 2015-07-08 15:13 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-08 09:13 - 2015-07-08 09:13 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2015-07-07 09:52 - 2015-07-13 21:36 - 00000000 ____D C:\Users\Phil\Downloads\Trilogie mission impossible.French.DVDrip.Xvid.AC3-FwD
2015-07-07 09:27 - 2015-07-07 09:46 - 00000000 ____D C:\Users\Phil\Downloads\[ www.Cpasbien.pw ] Sin.City.A.Dame.To.Kill.For.2014.TRUEFRENCH.BRRip.XviD-DesTroY
2015-07-07 09:24 - 2015-07-07 09:51 - 733974528 ____R C:\Users\Phil\Downloads\Contre_Enquete.avi
2015-07-06 15:38 - 2015-07-06 15:38 - 00000950 _____ C:\Users\Public\Desktop\ZedTV.lnk
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\Users\Phil\Documents\ZedTV
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZedTV
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\Program Files (x86)\ZedTV
2015-07-06 15:16 - 2015-07-06 15:16 - 00001062 _____ C:\Users\Public\Desktop\FastStone Capture.lnk
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\Users\Phil\AppData\Roaming\FastStone
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\Program Files (x86)\FastStone Capture
2015-07-05 20:23 - 2015-07-06 11:46 - 00000000 ____D C:\Users\Phil\Downloads\Top.Gun.1986.TRUEFRENCH.DVDRip.XviD.AC3-LiberTeam
2015-07-05 20:23 - 2015-07-06 11:45 - 00000000 ____D C:\Users\Phil\Downloads\Benjamin.Gates.Et.Le.Tresor.Des.Templiers.2004.FRENCH.BRRiP.XViD.AC3-HuSh
2015-07-05 20:23 - 2015-07-06 02:27 - 731024690 ____R C:\Users\Phil\Downloads\gladiator.avi
2015-07-05 18:32 - 2015-07-06 01:27 - 746243022 ____R C:\Users\Phil\Downloads\Avatar.Truefrench.Subforced.Dvdrip.Repack.1CD-RiPPER.avi
2015-07-05 18:31 - 2015-07-06 02:43 - 1466443776 ____R C:\Users\Phil\Downloads\The Secret Life of Walter Mitty 2013 FRENCH BDRiP XviD AC3-CARPEDIEM.avi
2015-07-05 18:29 - 2015-07-05 22:20 - 1412635654 ____R C:\Users\Phil\Downloads\Master and Commander.avi
2015-07-05 18:27 - 2015-07-06 11:46 - 00000000 ____D C:\Users\Phil\Downloads\Pirates des Caraibes
2015-07-05 18:25 - 2015-07-13 21:27 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.Raiders.Of.The.Lost.Ark.1981.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-05 11:26 - 2015-07-08 15:58 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-04 10:32 - 2015-07-04 11:10 - 733538304 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Lazarus.Effect.2015.TRUEFRENCH.BDRiP.XViD-AViTECH.avi
2015-07-04 10:31 - 2015-07-04 11:14 - 734676486 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Forbidden.Dimensions.2013.TRUEFRENCH.BDRip.XviD.avi
2015-07-04 10:30 - 2015-07-04 12:06 - 1468088335 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Monsters.Dark.Continent.2014.TRUEFRENCH.BDRiP.XViD-AViTECH.avi
2015-07-03 20:51 - 2015-07-14 00:53 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-03 20:51 - 2015-07-09 18:53 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-03 12:22 - 2015-07-09 22:55 - 00005028 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-Phil PC
2015-07-03 08:22 - 2015-07-04 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 20:33 - 2015-07-03 08:19 - 733480960 ____R C:\Users\Phil\Downloads\Clash.of.the.Titans.2010.FRENCH.DVDRip.XviD-FF.avi
2015-07-02 20:30 - 2015-07-03 08:28 - 1452350534 ____R C:\Users\Phil\Downloads\Harry.Potter.And.The.Deathly.Hallows.Part.2.2011.FRENCH.BRRip.XviD-LKT.avi
2015-07-02 20:29 - 2015-07-02 22:24 - 729079304 ____R C:\Users\Phil\Downloads\Harry.Potter.And.The.Deathly.Hallows.Part.1.2010.TRUEFRENCH BRRiP XviD LKT.avi
2015-07-02 17:36 - 2015-07-02 17:36 - 00000000 ____D C:\output
2015-07-02 17:32 - 2015-07-02 17:32 - 00000631 _____ C:\Users\Public\Desktop\Free JPG To PDF Converter.lnk
2015-07-02 17:32 - 2015-07-02 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free JPG To PDF Converter
2015-07-02 17:32 - 2015-07-02 17:32 - 00000000 ____D C:\FreeJPG2PDF
2015-07-01 12:21 - 2015-07-01 12:21 - 00000000 ____D C:\Users\Phil\Documents\btn01
2015-06-30 09:46 - 2015-06-30 10:19 - 1466026006 ____R C:\Users\Phil\Downloads\Frozen 2013.avi
2015-06-28 22:35 - 2015-06-29 09:28 - 2199603790 ____R C:\Users\Phil\Downloads\The.Dark.Knight.Rises.2012.FRENCH.BRRip.XviD.AC3.FUZION.AVI
2015-06-28 11:57 - 2015-07-06 15:38 - 00036352 ___SH C:\Users\Phil\Downloads\Thumbs.db
2015-06-28 10:09 - 2015-06-28 10:54 - 734319526 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Bis.2015.FRENCH.DVDrip.XviD-UTT.avi
2015-06-28 09:20 - 2015-06-28 11:33 - 737734768 ____R C:\Users\Phil\Downloads\[ www.Cpasbien.pw ] The.Imitation.Game.2014.FRENCH.BRRip.XviD-SVR.avi
2015-06-28 09:17 - 2015-06-28 09:57 - 714453713 _____ C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Night.Crew.2015.FRENCH.BDRip.x264-PRiDEHD.mkv
2015-06-27 22:56 - 2015-06-28 05:42 - 1470665262 _____ C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Saint.Seiya.Legend.of.Sanctuary.2014.FRENCH.BRRip.XviD.AC3-S.V.avi
2015-06-27 14:01 - 2015-06-27 14:01 - 00000000 ____D C:\Users\Phil\Documents\SelfMV
2015-06-27 11:22 - 2015-06-27 11:22 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2015-06-27 11:21 - 2015-06-27 11:21 - 00001993 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-06-27 11:21 - 2015-06-27 11:21 - 00001983 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\Documents\samsung
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Samsung
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\AppData\Local\Samsung
2015-06-27 11:18 - 2014-10-13 12:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-06-27 11:18 - 2014-10-13 12:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-06-27 11:17 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-06-27 11:17 - 2015-06-27 11:17 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2015-06-27 11:13 - 2015-06-27 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-27 11:12 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2015-06-27 11:12 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-06-27 11:11 - 2015-06-27 11:18 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-27 11:11 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Samsung
2015-06-27 11:08 - 2015-06-27 11:08 - 00000000 ____D C:\Users\Phil\AppData\Local\Downloaded Installations
2015-06-27 11:03 - 2015-06-27 11:07 - 77663392 _____ (Samsung Electronics Co., Ltd.) C:\Users\Phil\Downloads\KiesSetup.exe
2015-06-27 10:01 - 2015-06-29 08:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-27 10:00 - 2015-06-27 10:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-27 10:00 - 2015-06-27 10:00 - 00002038 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-06-27 10:00 - 2015-06-27 10:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-27 09:59 - 2015-06-27 10:02 - 00000000 ____D C:\ProgramData\Adobe
2015-06-21 17:55 - 2015-07-14 00:00 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001UA.job
2015-06-21 17:55 - 2015-07-13 18:00 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001Core.job
2015-06-21 17:55 - 2015-06-21 17:55 - 00004024 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001UA
2015-06-21 17:55 - 2015-06-21 17:55 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001Core
2015-06-21 17:54 - 2015-06-21 17:54 - 00931408 _____ (Google Inc.) C:\Users\Phil\Downloads\GoogleVoiceAndVideoSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 00:59 - 2015-03-31 12:41 - 00000000 ____D C:\Users\Phil\AppData\Roaming\uTorrent
2015-07-14 00:56 - 2015-02-08 11:40 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Skype
2015-07-14 00:23 - 2015-02-02 15:12 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d03ebfff03d709.job
2015-07-14 00:17 - 2014-09-09 01:07 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 00:00 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-13 19:52 - 2015-02-02 15:03 - 00003908 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{29F663F4-7520-45F2-B45A-E6BCB8F0EB6F}
2015-07-13 17:33 - 2015-02-02 15:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1295647480-1273392803-2463703881-1001
2015-07-13 17:28 - 2015-02-04 21:28 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Apple Computer
2015-07-13 17:23 - 2014-09-09 01:06 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-13 16:57 - 2015-03-31 22:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 16:51 - 2014-09-09 01:07 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 16:47 - 2015-01-24 01:31 - 00000000 ____D C:\Users\Phil
2015-07-13 07:51 - 2013-08-22 22:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-13 07:36 - 2015-02-08 18:59 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 07:28 - 2015-02-08 18:59 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-09 21:02 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-09 20:55 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-07-09 18:47 - 2015-05-20 07:54 - 00000000 ____D C:\Users\Phil\OneDrive
2015-07-08 16:03 - 2015-02-09 12:16 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieBrowserModeList
2015-07-08 16:03 - 2015-02-02 15:03 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieUserList
2015-07-08 16:03 - 2015-02-02 15:03 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieSiteList
2015-07-08 15:52 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 15:52 - 2013-08-22 20:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-08 15:16 - 2014-05-06 21:37 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2015-07-08 15:16 - 2014-05-06 21:37 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2015-07-08 15:16 - 2014-03-18 16:53 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 15:13 - 2015-02-08 11:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-08 13:22 - 2015-06-01 16:24 - 00000000 ____D C:\ProgramData\51603d73-31f4-492f-a43e-5b71fef2ce15
2015-07-08 09:14 - 2015-06-01 16:27 - 00000000 ____D C:\Program Files (x86)\Capture Express
2015-07-08 06:25 - 2015-06-06 07:23 - 00002172 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 04:24 - 2015-06-10 14:33 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-07 04:24 - 2015-06-10 14:33 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 11:47 - 2015-05-15 09:43 - 00000000 ____D C:\Users\Phil\Documents\Fichiers4
2015-07-04 11:31 - 2015-02-02 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 20:51 - 2015-02-08 11:18 - 00000000 ____D C:\Users\Phil\AppData\Local\Adobe
2015-06-27 11:12 - 2014-09-09 01:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-27 10:03 - 2015-01-24 01:31 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Adobe
2015-06-27 10:01 - 2014-10-30 14:17 - 00000000 ____D C:\ProgramData\McAfee
2015-06-27 07:23 - 2015-06-06 07:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 10:53 - 2015-06-06 07:23 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-21 17:55 - 2015-02-02 15:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mozilla
2015-06-21 17:55 - 2015-01-24 01:35 - 00000000 ____D C:\Users\Phil\AppData\Local\Google
2015-06-18 17:18 - 2014-09-09 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-18 13:05 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 21:26 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\rescache
2015-06-14 16:17 - 2015-02-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-14 16:15 - 2015-02-08 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
==================== Files in the root of some directories =======
2014-10-30 13:52 - 2014-10-30 13:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\Quarantine.exe
C:\Users\Phil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-08 03:47
==================== End of log ============================
Ran by Phil (administrator) on PC on 14-07-2015 00:56:08
Running from C:\Users\Phil\Documents\Fichiers4\Thailande_Samui\Voyage
Loaded Profiles: Phil (Available Profiles: Phil)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(BitTorrent Inc.) C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Users\Phil\AppData\Local\Temp\~spC809.tmp
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\DiskDefrag.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-18] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856 2014-06-23] (IObit)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [uTorrent] => C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-17] (BitTorrent Inc.)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [GoogleChromeAutoLaunch_8F46E403C67104BF7EEB25B83E1B221E] => C:\Users\Phil\AppData\Local\Chromium\Application\chrome.exe [656384 2015-05-18] (The Chromium Authors)
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\...\Run: [Google Update] => C:\Users\Phil\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-06-21] (Google Inc.)
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-06] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://th.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-is__alt__ddc_dsssyc_bd_com
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-1295647480-1273392803-2463703881-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> DefaultScope {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {8D1ADE7E-F081-4876-81A5-B4A25D6460D5} URL = http://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1295647480-1273392803-2463703881-1001 -> {B8E50B25-3372-40E7-8C43-F89230416A65} URL = https://th.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-07-13] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-06] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-06] (Avast Software s.r.o.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11] (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{651BCF50-7740-48FD-969B-D9FE2DF203B1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default
FF NewTab: hxxp://th.search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-is__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo Search!
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://th.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-is__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://th.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-is__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-02] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Phil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @talk.google.com/O1DPlugin -> C:\Users\Phil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Phil\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1295647480-1273392803-2463703881-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Phil\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Phil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Phil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Ads Removal - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\adremoveext@adremoveext.net [2015-07-13]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\iobitascsurfingprotection@iobit.com [2015-07-13]
FF Extension: Glass Bottle - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\{762f0906-f55a-470b-8a55-db5137bad752}.xpi [2015-06-01]
FF Extension: Adblock Edge - C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\mfrt4pjt.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-02-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-06]
Chrome:
=======
CHR Profile: C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]
CHR Extension: (Google Docs) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (YouTube) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-06]
CHR Extension: (Google Search) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Avast SafePrice) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-24]
CHR Extension: (Google Sheets) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]
CHR Extension: (Avast Online Security) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-06]
CHR Extension: (Glass Bottle) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchbcdpiplmepnccafoeaiimohjodkm [2015-06-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-06]
CHR Extension: (Google Wallet) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Gmail) - C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-06] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-04] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2904864 2015-06-02] (IObit)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-06] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-06] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-13] (REALiX(tm))
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 00:54 - 2015-07-14 00:56 - 00000000 ____D C:\FRST
2015-07-13 17:30 - 2015-07-13 17:30 - 00000000 ____D C:\Users\Phil\AppData\Roaming\ProductData
2015-07-13 17:29 - 2015-07-13 17:29 - 00001194 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2015-07-13 17:29 - 2015-07-13 17:29 - 00001085 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2015-07-13 17:29 - 2015-07-13 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2015-07-13 17:29 - 2015-07-13 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-07-13 17:29 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2015-07-13 17:29 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-07-13 17:29 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-07-13 17:29 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-07-13 17:28 - 2015-07-14 00:34 - 00002380 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Phil
2015-07-13 17:28 - 2015-07-14 00:34 - 00000282 _____ C:\Windows\Tasks\Uninstaller_SkipUac_Phil.job
2015-07-13 17:28 - 2015-07-13 17:28 - 00002362 _____ C:\Windows\System32\Tasks\ASC8_SkipUac_Système
2015-07-13 17:28 - 2015-07-13 17:28 - 00002096 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-07-13 17:28 - 2015-07-13 17:28 - 00001143 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-07-13 17:28 - 2015-07-13 17:28 - 00000258 _____ C:\Windows\Tasks\ASC8_SkipUac_Système.job
2015-07-13 17:28 - 2015-07-13 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-07-13 17:28 - 2015-07-13 17:28 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-07-13 17:27 - 2015-07-14 00:35 - 00000000 ____D C:\ProgramData\ProductData
2015-07-13 17:27 - 2015-07-13 17:27 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-07-13 17:27 - 2015-07-13 17:27 - 00002059 _____ C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-07-13 17:27 - 2015-07-13 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-13 17:26 - 2015-07-14 00:34 - 00000000 ____D C:\ProgramData\IObit
2015-07-13 17:25 - 2015-07-13 17:30 - 00000000 ____D C:\Users\Phil\AppData\Roaming\IObit
2015-07-13 17:25 - 2015-07-13 17:29 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-13 17:25 - 2015-07-13 17:25 - 00001164 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-07-13 17:25 - 2015-07-13 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-07-13 16:47 - 2015-07-13 16:47 - 00000000 ____D C:\Users\Phil\Tracing
2015-07-10 17:55 - 2015-07-12 14:02 - 735547392 ____R C:\Users\Phil\Downloads\Indiana.jones.et.le.royaume.du.crane.de.cristal.FRENCH.DVDRIP.REPACK.1.CD.XVID-SYR.Upload.(Steph53).Mininova.org..avi
2015-07-10 17:53 - 2015-07-12 14:18 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.And.The.Last.Crusade.1989.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-10 17:53 - 2015-07-10 17:56 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.And.The.Kingdom.Of.The.Crystal.Skull.2008.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-09 18:56 - 2015-07-13 23:56 - 00001624 _____ C:\Windows\setupact.log
2015-07-09 18:56 - 2015-07-09 18:56 - 00000000 _____ C:\Windows\setuperr.log
2015-07-08 15:54 - 2015-07-14 00:22 - 01437438 _____ C:\Windows\WindowsUpdate.log
2015-07-08 15:50 - 2015-07-08 15:51 - 00000000 ____D C:\AdwCleaner
2015-07-08 15:49 - 2015-07-08 15:49 - 02244096 _____ C:\Users\Phil\Downloads\adwcleaner_4.207.exe
2015-07-08 15:13 - 2015-07-08 15:13 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-08 09:13 - 2015-07-08 09:13 - 00002560 _____ C:\Windows\_MSRSTRT.EXE
2015-07-07 09:52 - 2015-07-13 21:36 - 00000000 ____D C:\Users\Phil\Downloads\Trilogie mission impossible.French.DVDrip.Xvid.AC3-FwD
2015-07-07 09:27 - 2015-07-07 09:46 - 00000000 ____D C:\Users\Phil\Downloads\[ www.Cpasbien.pw ] Sin.City.A.Dame.To.Kill.For.2014.TRUEFRENCH.BRRip.XviD-DesTroY
2015-07-07 09:24 - 2015-07-07 09:51 - 733974528 ____R C:\Users\Phil\Downloads\Contre_Enquete.avi
2015-07-06 15:38 - 2015-07-06 15:38 - 00000950 _____ C:\Users\Public\Desktop\ZedTV.lnk
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\Users\Phil\Documents\ZedTV
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZedTV
2015-07-06 15:38 - 2015-07-06 15:38 - 00000000 ____D C:\Program Files (x86)\ZedTV
2015-07-06 15:16 - 2015-07-06 15:16 - 00001062 _____ C:\Users\Public\Desktop\FastStone Capture.lnk
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\Users\Phil\AppData\Roaming\FastStone
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2015-07-06 15:16 - 2015-07-06 15:16 - 00000000 ____D C:\Program Files (x86)\FastStone Capture
2015-07-05 20:23 - 2015-07-06 11:46 - 00000000 ____D C:\Users\Phil\Downloads\Top.Gun.1986.TRUEFRENCH.DVDRip.XviD.AC3-LiberTeam
2015-07-05 20:23 - 2015-07-06 11:45 - 00000000 ____D C:\Users\Phil\Downloads\Benjamin.Gates.Et.Le.Tresor.Des.Templiers.2004.FRENCH.BRRiP.XViD.AC3-HuSh
2015-07-05 20:23 - 2015-07-06 02:27 - 731024690 ____R C:\Users\Phil\Downloads\gladiator.avi
2015-07-05 18:32 - 2015-07-06 01:27 - 746243022 ____R C:\Users\Phil\Downloads\Avatar.Truefrench.Subforced.Dvdrip.Repack.1CD-RiPPER.avi
2015-07-05 18:31 - 2015-07-06 02:43 - 1466443776 ____R C:\Users\Phil\Downloads\The Secret Life of Walter Mitty 2013 FRENCH BDRiP XviD AC3-CARPEDIEM.avi
2015-07-05 18:29 - 2015-07-05 22:20 - 1412635654 ____R C:\Users\Phil\Downloads\Master and Commander.avi
2015-07-05 18:27 - 2015-07-06 11:46 - 00000000 ____D C:\Users\Phil\Downloads\Pirates des Caraibes
2015-07-05 18:25 - 2015-07-13 21:27 - 00000000 ____D C:\Users\Phil\Downloads\Indiana.Jones.Raiders.Of.The.Lost.Ark.1981.FRENCH.DVDRiP.XViD.AC3-SADe
2015-07-05 11:26 - 2015-07-08 15:58 - 00003490 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-04 10:32 - 2015-07-04 11:10 - 733538304 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Lazarus.Effect.2015.TRUEFRENCH.BDRiP.XViD-AViTECH.avi
2015-07-04 10:31 - 2015-07-04 11:14 - 734676486 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Forbidden.Dimensions.2013.TRUEFRENCH.BDRip.XviD.avi
2015-07-04 10:30 - 2015-07-04 12:06 - 1468088335 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Monsters.Dark.Continent.2014.TRUEFRENCH.BDRiP.XViD-AViTECH.avi
2015-07-03 20:51 - 2015-07-14 00:53 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-03 20:51 - 2015-07-09 18:53 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-03 12:22 - 2015-07-09 22:55 - 00005028 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for PC-Phil PC
2015-07-03 08:22 - 2015-07-04 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 20:33 - 2015-07-03 08:19 - 733480960 ____R C:\Users\Phil\Downloads\Clash.of.the.Titans.2010.FRENCH.DVDRip.XviD-FF.avi
2015-07-02 20:30 - 2015-07-03 08:28 - 1452350534 ____R C:\Users\Phil\Downloads\Harry.Potter.And.The.Deathly.Hallows.Part.2.2011.FRENCH.BRRip.XviD-LKT.avi
2015-07-02 20:29 - 2015-07-02 22:24 - 729079304 ____R C:\Users\Phil\Downloads\Harry.Potter.And.The.Deathly.Hallows.Part.1.2010.TRUEFRENCH BRRiP XviD LKT.avi
2015-07-02 17:36 - 2015-07-02 17:36 - 00000000 ____D C:\output
2015-07-02 17:32 - 2015-07-02 17:32 - 00000631 _____ C:\Users\Public\Desktop\Free JPG To PDF Converter.lnk
2015-07-02 17:32 - 2015-07-02 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free JPG To PDF Converter
2015-07-02 17:32 - 2015-07-02 17:32 - 00000000 ____D C:\FreeJPG2PDF
2015-07-01 12:21 - 2015-07-01 12:21 - 00000000 ____D C:\Users\Phil\Documents\btn01
2015-06-30 09:46 - 2015-06-30 10:19 - 1466026006 ____R C:\Users\Phil\Downloads\Frozen 2013.avi
2015-06-28 22:35 - 2015-06-29 09:28 - 2199603790 ____R C:\Users\Phil\Downloads\The.Dark.Knight.Rises.2012.FRENCH.BRRip.XviD.AC3.FUZION.AVI
2015-06-28 11:57 - 2015-07-06 15:38 - 00036352 ___SH C:\Users\Phil\Downloads\Thumbs.db
2015-06-28 10:09 - 2015-06-28 10:54 - 734319526 ____R C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Bis.2015.FRENCH.DVDrip.XviD-UTT.avi
2015-06-28 09:20 - 2015-06-28 11:33 - 737734768 ____R C:\Users\Phil\Downloads\[ www.Cpasbien.pw ] The.Imitation.Game.2014.FRENCH.BRRip.XviD-SVR.avi
2015-06-28 09:17 - 2015-06-28 09:57 - 714453713 _____ C:\Users\Phil\Downloads\[ www.CpasBien.pw ] The.Night.Crew.2015.FRENCH.BDRip.x264-PRiDEHD.mkv
2015-06-27 22:56 - 2015-06-28 05:42 - 1470665262 _____ C:\Users\Phil\Downloads\[ www.CpasBien.pw ] Saint.Seiya.Legend.of.Sanctuary.2014.FRENCH.BRRip.XviD.AC3-S.V.avi
2015-06-27 14:01 - 2015-06-27 14:01 - 00000000 ____D C:\Users\Phil\Documents\SelfMV
2015-06-27 11:22 - 2015-06-27 11:22 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2015-06-27 11:21 - 2015-06-27 11:21 - 00001993 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-06-27 11:21 - 2015-06-27 11:21 - 00001983 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\Documents\samsung
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Samsung
2015-06-27 11:21 - 2015-06-27 11:21 - 00000000 ____D C:\Users\Phil\AppData\Local\Samsung
2015-06-27 11:18 - 2014-10-13 12:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-06-27 11:18 - 2014-10-13 12:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-06-27 11:17 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-06-27 11:17 - 2015-06-27 11:17 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2015-06-27 11:13 - 2015-06-27 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-27 11:12 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2015-06-27 11:12 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-06-27 11:11 - 2015-06-27 11:18 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-27 11:11 - 2015-06-27 11:17 - 00000000 ____D C:\ProgramData\Samsung
2015-06-27 11:08 - 2015-06-27 11:08 - 00000000 ____D C:\Users\Phil\AppData\Local\Downloaded Installations
2015-06-27 11:03 - 2015-06-27 11:07 - 77663392 _____ (Samsung Electronics Co., Ltd.) C:\Users\Phil\Downloads\KiesSetup.exe
2015-06-27 10:01 - 2015-06-29 08:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-27 10:00 - 2015-06-27 10:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-27 10:00 - 2015-06-27 10:00 - 00002038 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-06-27 10:00 - 2015-06-27 10:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-27 09:59 - 2015-06-27 10:02 - 00000000 ____D C:\ProgramData\Adobe
2015-06-21 17:55 - 2015-07-14 00:00 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001UA.job
2015-06-21 17:55 - 2015-07-13 18:00 - 00001028 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001Core.job
2015-06-21 17:55 - 2015-06-21 17:55 - 00004024 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001UA
2015-06-21 17:55 - 2015-06-21 17:55 - 00003644 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1295647480-1273392803-2463703881-1001Core
2015-06-21 17:54 - 2015-06-21 17:54 - 00931408 _____ (Google Inc.) C:\Users\Phil\Downloads\GoogleVoiceAndVideoSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 00:59 - 2015-03-31 12:41 - 00000000 ____D C:\Users\Phil\AppData\Roaming\uTorrent
2015-07-14 00:56 - 2015-02-08 11:40 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Skype
2015-07-14 00:23 - 2015-02-02 15:12 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d03ebfff03d709.job
2015-07-14 00:17 - 2014-09-09 01:07 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 00:00 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-13 19:52 - 2015-02-02 15:03 - 00003908 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{29F663F4-7520-45F2-B45A-E6BCB8F0EB6F}
2015-07-13 17:33 - 2015-02-02 15:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1295647480-1273392803-2463703881-1001
2015-07-13 17:28 - 2015-02-04 21:28 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Apple Computer
2015-07-13 17:23 - 2014-09-09 01:06 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-13 16:57 - 2015-03-31 22:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 16:51 - 2014-09-09 01:07 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 16:47 - 2015-01-24 01:31 - 00000000 ____D C:\Users\Phil
2015-07-13 07:51 - 2013-08-22 22:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-13 07:36 - 2015-02-08 18:59 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 07:28 - 2015-02-08 18:59 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-09 21:02 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-09 20:55 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-07-09 18:47 - 2015-05-20 07:54 - 00000000 ____D C:\Users\Phil\OneDrive
2015-07-08 16:03 - 2015-02-09 12:16 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieBrowserModeList
2015-07-08 16:03 - 2015-02-02 15:03 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieUserList
2015-07-08 16:03 - 2015-02-02 15:03 - 00000000 __SHD C:\Users\Phil\AppData\Local\EmieSiteList
2015-07-08 15:52 - 2013-08-22 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 15:52 - 2013-08-22 20:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-08 15:16 - 2014-05-06 21:37 - 00812350 _____ C:\Windows\system32\perfh00C.dat
2015-07-08 15:16 - 2014-05-06 21:37 - 00159412 _____ C:\Windows\system32\perfc00C.dat
2015-07-08 15:16 - 2014-03-18 16:53 - 01824010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 15:13 - 2015-02-08 11:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-08 13:22 - 2015-06-01 16:24 - 00000000 ____D C:\ProgramData\51603d73-31f4-492f-a43e-5b71fef2ce15
2015-07-08 09:14 - 2015-06-01 16:27 - 00000000 ____D C:\Program Files (x86)\Capture Express
2015-07-08 06:25 - 2015-06-06 07:23 - 00002172 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-07 04:24 - 2015-06-10 14:33 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-07 04:24 - 2015-06-10 14:33 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 11:47 - 2015-05-15 09:43 - 00000000 ____D C:\Users\Phil\Documents\Fichiers4
2015-07-04 11:31 - 2015-02-02 15:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 20:51 - 2015-02-08 11:18 - 00000000 ____D C:\Users\Phil\AppData\Local\Adobe
2015-06-27 11:12 - 2014-09-09 01:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-27 10:03 - 2015-01-24 01:31 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Adobe
2015-06-27 10:01 - 2014-10-30 14:17 - 00000000 ____D C:\ProgramData\McAfee
2015-06-27 07:23 - 2015-06-06 07:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 10:53 - 2015-06-06 07:23 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-21 17:55 - 2015-02-02 15:05 - 00000000 ____D C:\Users\Phil\AppData\Roaming\Mozilla
2015-06-21 17:55 - 2015-01-24 01:35 - 00000000 ____D C:\Users\Phil\AppData\Local\Google
2015-06-18 17:18 - 2014-09-09 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-18 13:05 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-17 21:26 - 2013-08-22 22:36 - 00000000 ____D C:\Windows\rescache
2015-06-14 16:17 - 2015-02-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-14 16:15 - 2015-02-08 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
==================== Files in the root of some directories =======
2014-10-30 13:52 - 2014-10-30 13:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Phil\AppData\Local\Temp\Quarantine.exe
C:\Users\Phil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-08 03:47
==================== End of log ============================