Inactive Can't open regedit, taskmgr nor execute any program/instal as admin

[parouuu]

Hi,

My name is parouuu, I'm new here and completly desperate, I wish some of you will be able to help me !

I use a Laptop on Windows 8

Since this morning (yesterday everything was fine) I can't run some programs, or instal new ones (wanted to instal spybot/malewarebytes). Everytime I try to instal these get this error:

[CENTER]

[/CENTER]
[CENTER]"ShellExecuteEx failed; code 5. Acces denied"[/CENTER]
[LEFT] [/LEFT]
Then I try to launch it as an admin (I am the only user on my computer, and I am administrator) I get this error:

[CENTER][CENTER]

[/CENTER][/CENTER]
[CENTER]"Windows can't acces the device, the path, or the file.[/CENTER]
[CENTER]You may have not the authorization to acces this element"[/CENTER]
[CENTER] [/CENTER]
[LEFT]This 2nd error happens for other programs like Taskmgr and Regedit too.[/LEFT]
[LEFT] [/LEFT]
[LEFT]When I try to access some stuff like Windows firewall or User accounts in the config panel, nothing happens, so I can't enable my windows firewall, it's off all time now.[/LEFT]
[LEFT] [/LEFT]
[LEFT] [/LEFT]
[LEFT]I wish someone will be able to help me,[/LEFT]
[LEFT]Sorry for the bad english.[/LEFT]
[LEFT] [/LEFT]
[LEFT]Thanks,[/LEFT]
[LEFT]parouuu[/LEFT]

 

[parouuu]

Hi again,

I forgot to say that I couldn't execute DDS.com and DDS.pif too, so I have no logs to post right now.
I'm performing an AVAST scan at the moment but this take a really long time.

All of my AVAST "agents" are enabled except the Web agent, which I can't enable, I don't know why.

 

[parouuu]

Only scan I could run, HIJACKTHIS:

[HJT log removed by Broni]

 

[parouuu]

I've been able to run Windows 8 in safe mode and run DDS but since everything seemed to work I'm not sure the scan will be worth:



DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.40.2
Run by parouuu at 18:12:45 on 2013-10-15
#Option Extended Search is enabled.
Microsoft Windows 8 6.2.9200.0.1252.33.1036.18.8050.6778 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\parouuu\Downloads\mbar-1.07.0.1007.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\parouuu\Desktop\mbar\mbar.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dell13.msn.com
uDefault_Page_URL = hxxp://dell13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [F.lux] "C:\Users\parouuu\Local Settings\Apps\F.lux\flux.exe" /noshow
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
StartupFolder: C:\Users\parouuu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITE~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Envoyer à Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5} : DHCPNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\071627F6575757 : DHCPNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\76F666275656763646 : DHCPNameServer = 10.1.40.166 10.1.40.163
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\C696E6B6379737 : DHCPNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\D647563636C65637 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\D647563636C6563733 : DHCPNameServer = 192.168.30.1
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\E4544574541425 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EF8E9560-81EA-4136-9F5A-C75493372C50} : DHCPNameServer = 10.1.40.163 10.1.40.166 172.18.0.30 172.18.0.2
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-26 651832]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-8-7 30496]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 mbamchameleon;mbamchameleon;C:\Windows\System32\Drivers\mbamchameleon.sys [2013-10-15 91352]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\Drivers\MBAMSwissArmy.sys [2013-10-15 116440]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-22 65336]
S0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-22 204880]
S1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-22 1030952]
S1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-22 378944]
S1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-8-7 92536]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-12-8 753704]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-9-22 33400]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-22 80816]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-22 46808]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-6 1124288]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-3-13 187912]
S2 IAStorDataMgrSvc;Technologie de stockage Intel(R) Rapid;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 14904]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-8-7 2451456]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-8-7 166720]
S2 OfficeSvc;Service Microsoft Office;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-29 1907896]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w --> c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-8-7 1915480]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-8-7 365376]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-12-3 3386160]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;C:\Windows\System32\Drivers\AmpPal.sys [2012-12-8 163880]
S3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;C:\Windows\System32\Drivers\AmpPal.sys [2012-12-8 163880]
S3 BthLEEnum;Pilote Bluetooth Low Energy;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-8-27 121728]
S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-8-29 857472]
S3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 IntcDAud;Son Intel(R) pour écrans;C:\Windows\System32\Drivers\IntcDAud.sys [2013-8-7 342528]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-12-3 272176]
S3 NETwNe64;@oem4.inf,___ %NIC_Service_DispName_WIN8_64%;___ Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows 8 64 bits ;C:\Windows\System32\Drivers\NETwew00.sys [2013-8-7 4358776]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-8-7 447928]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2013-8-7 315536]
S3 RTL8168;Pilote Realtek 8168 NT;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 60 ================
.
2013-10-15 17:13:2925928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-10-15 17:11:39--------d-----w-C:\ProgramData\Malwarebytes
2013-10-15 17:11:36116440----a-w-C:\Windows\System32\drivers\MBAMSwissArmy.sys
2013-10-15 17:11:36--------d-----w-C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 17:11:1991352----a-w-C:\Windows\System32\drivers\mbamchameleon.sys
2013-10-15 11:55:16--------d-----w-C:\Program Files (x86)\Winamax Poker
2013-10-15 00:53:27--------d--h--w-C:\Windows\System32\Settings
2013-10-15 00:32:19--------d-----w-C:\postgreSQL
2013-10-15 00:31:46--------d-----w-C:\Program Files (x86)\PSQLINSTALL
2013-09-30 22:26:28--------d-----w-C:\Program Files (x86)\StarCraft II
2013-09-29 23:33:37--------d-----w-C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 18:36:583767504----a-w-C:\Windows\System32\d3dx9_26.dll
2013-09-29 18:36:582297552----a-w-C:\Windows\SysWow64\d3dx9_26.dll
2013-09-29 15:46:00--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 15:46:00--------d-----r-C:\Users\parouuu\SkyDrive
2013-09-29 15:45:52--------d-----w-C:\ProgramData\Microsoft SkyDrive
2013-09-29 15:43:11566480----a-w-C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-09-29 15:40:26--------d-----w-C:\Program Files\Microsoft Office 15
2013-09-26 22:45:20--------d-----w-C:\Users\parouuu\workspace
2013-09-26 22:44:36973736----a-w-C:\Windows\System32\deployJava1.dll
2013-09-26 22:44:361095080----a-w-C:\Windows\System32\npDeployJava1.dll
2013-09-26 22:44:33108968----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-26 22:38:55--------d-----w-C:\Program Files (x86)\eclipse
2013-09-24 13:10:04--------d-----w-C:\Program Files (x86)\iTunes
2013-09-24 13:06:06--------d-----w-C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 13:06:06--------d-----w-C:\ProgramData\WindSolutions
2013-09-23 10:20:08--------d-----w-C:\ProgramData\Oracle
2013-09-23 10:20:0596168----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-22 21:01:5072016----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2013-09-22 21:01:3865336----a-w-C:\Windows\System32\drivers\aswRvrt.sys
2013-09-22 21:01:38204880----a-w-C:\Windows\System32\drivers\aswVmm.sys
2013-09-22 21:01:381030952----a-w-C:\Windows\System32\drivers\aswSnx.sys
2013-09-22 21:01:3680816----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2013-09-22 21:00:3041664----a-w-C:\Windows\avastSS.scr
2013-09-22 21:00:08--------d-----w-C:\Program Files\AVAST Software
2013-09-22 20:59:02--------d-----w-C:\ProgramData\AVAST Software
2013-09-22 15:42:029311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B98AEB61-C82D-482D-A736-795D560A3955}\mpengine.dll
2013-09-20 13:46:04--------d-----w-C:\ProgramData\KONAMI
2013-09-20 13:46:04--------d-----w-C:\Program Files (x86)\KONAMI
2013-09-18 19:41:40--------d-----w-C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 19:41:09--------d-----w-C:\ProgramData\SplitMediaLabs
2013-09-18 19:41:09--------d-----w-C:\Program Files (x86)\SplitMediaLabs
2013-09-18 19:40:42--------d-----w-C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 17:29:06--------d-----w-C:\Program Files (x86)\Minibar
2013-09-18 17:29:05--------d-----w-C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 17:28:31564824----a-w-C:\Windows\System32\drivers\sptd.sys
2013-09-18 17:28:07--------d-----w-C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 17:27:58--------d-----w-C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 17:26:48--------d-----w-C:\ProgramData\DAEMON Tools Lite
2013-09-18 17:22:21--------d-----w-C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-17 15:19:56--------d-sh--w-C:\ProgramData\DSS
2013-09-16 15:25:18--------d-----w-C:\Users\parouuu\AppData\Local\Overwolf
2013-09-14 22:02:26--------d-----w-C:\Users\parouuu\AppData\Local\ElevatedDiagnostics
2013-09-10 21:47:38256088----a-w-C:\Windows\System32\unrar64.dll
2013-09-10 21:47:38217176----a-w-C:\Windows\SysWow64\unrar.dll
2013-09-10 21:47:33--------d-----w-C:\Program Files (x86)\K-Lite Codec Pack
2013-09-10 21:43:41--------d-----w-C:\Users\parouuu\AppData\Local\Programs
2013-09-09 13:15:06--------d-----w-C:\Program Files (x86)\World of Warcraft
2013-09-06 15:38:353830912----a-w-C:\ProgramData\Microsoft\VisualStudio\11.0\1036\ResourceCache.dll
2013-09-06 15:28:48--------d-----w-C:\Program Files\Microsoft SQL Server Compact Edition
2013-09-06 15:25:20--------d-----w-C:\Program Files\Application Verifier
2013-09-06 15:25:20--------d-----w-C:\Program Files (x86)\Application Verifier
2013-09-06 15:24:40--------d-----w-C:\ProgramData\Windows App Certification Kit
2013-09-06 15:20:20--------d-----w-C:\Program Files (x86)\Common Files\Microsoft
2013-09-06 15:17:21--------d-----w-C:\ProgramData\PreEmptive Solutions
2013-09-06 15:14:14--------d-----w-C:\Program Files (x86)\Microsoft ASP.NET
2013-09-06 15:13:44--------d-----w-C:\Program Files (x86)\Microsoft Web Tools
2013-09-06 15:13:11--------d-----w-C:\Program Files\Microsoft
2013-09-06 15:13:01--------d-----w-C:\Program Files\IIS Express
2013-09-06 15:13:01--------d-----w-C:\Program Files (x86)\IIS Express
2013-09-06 15:12:24--------d-----w-C:\Program Files (x86)\NuGet
2013-09-06 15:11:12--------d-----w-C:\Program Files (x86)\Microsoft WCF Data Services
2013-09-06 15:11:06--------d-----w-C:\Program Files\IIS
2013-09-06 15:11:06--------d-----w-C:\Program Files (x86)\IIS
2013-09-06 15:08:18--------d-----w-C:\Program Files (x86)\Windows Kits
2013-09-06 15:01:56--------d-----w-C:\Program Files (x86)\HTML Help Workshop
2013-09-06 15:01:45--------d-----w-C:\Program Files (x86)\Microsoft Help Viewer
2013-09-06 14:54:16--------d-----w-C:\Windows\SysWow64\1036
2013-09-06 14:54:16--------d-----w-C:\Windows\SysWow64\1033
2013-09-06 14:54:16--------d-----w-C:\Windows\System32\1033
2013-09-06 14:53:03--------d-----w-C:\Program Files\Microsoft SQL Server
2013-09-06 14:53:03--------d-----w-C:\Program Files (x86)\Microsoft SQL Server
2013-09-06 14:41:23--------d-----w-C:\Program Files (x86)\Common Files\Merge Modules
2013-09-06 14:35:11--------d-----w-C:\Program Files (x86)\Microsoft Visual Studio 11.0
2013-09-06 14:34:31--------d-----w-C:\Windows\System32\1036
2013-09-06 14:34:12--------d-----w-C:\Program Files\Microsoft Visual Studio 11.0
2013-09-03 21:18:57790440----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-09-03 21:18:56868264----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-09-01 22:58:12--------d-----w-C:\Users\parouuu\AppData\Roaming\uTorrent
2013-09-01 09:57:06--------d-----w-C:\ProgramData\ManiaPlanet
2013-08-31 23:52:20--------d-----w-C:\Users\parouuu\AppData\Roaming\LolClient
2013-08-30 17:05:04--------d-----w-C:\Users\parouuu\Photos Irlande
2013-08-29 10:51:02--------d--h--w-C:\Users\parouuu\data
2013-08-28 02:11:15290184----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2013-08-28 02:11:11--------d-----w-C:\Users\parouuu\AppData\Local\PunkBuster
2013-08-28 02:10:31--------d-----w-C:\Users\parouuu\AppData\Local\ESN
2013-08-28 02:10:27--------d-----w-C:\Program Files (x86)\Battlelog Web Plugins
2013-08-28 02:08:38--------d-----w-C:\ProgramData\EA Core
2013-08-28 01:42:18--------d-----w-C:\ProgramData\EA Logs
2013-08-28 01:06:27--------d-----w-C:\Users\parouuu\AppData\Roaming\e-academy Inc
2013-08-28 01:06:27--------d-----w-C:\Users\parouuu\AppData\Local\e-academy Inc
2013-08-25 10:56:5974576----a-w-C:\Windows\System32\XAPOFX1_2.dll
2013-08-25 00:30:3368616----a-w-C:\Windows\SysWow64\XAPOFX1_1.dll
2013-08-25 00:30:33509448----a-w-C:\Windows\SysWow64\XAudio2_2.dll
2013-08-25 00:30:33467984----a-w-C:\Windows\SysWow64\d3dx10_39.dll
2013-08-25 00:30:333851784----a-w-C:\Windows\SysWow64\D3DX9_39.dll
2013-08-25 00:30:331493528----a-w-C:\Windows\SysWow64\D3DCompiler_39.dll
2013-08-25 00:30:30--------d-sh--w-C:\Windows\SysWow64\AI_RecycleBin
2013-08-25 00:30:29--------d-----w-C:\Riot Games
2013-08-25 00:29:19--------d-----w-C:\Users\parouuu\AppData\Local\PMB Files
2013-08-25 00:29:18--------d-----w-C:\ProgramData\PMB Files
2013-08-25 00:29:14--------d-----w-C:\Program Files (x86)\Pando Networks
2013-08-25 00:28:46--------d-----w-C:\Users\parouuu\AppData\Roaming\Riot Games
2013-08-25 00:03:35--------d-----w-C:\Program Files (x86)\Common Files\Steam
2013-08-25 00:03:34--------d-----w-C:\Program Files (x86)\Steam
2013-08-24 03:03:10--------d-----w-C:\Users\parouuu\AppData\Roaming\Intel WiDi
2013-08-24 03:03:00--------d-----w-C:\Users\parouuu\AppData\Local\Intel WiDi
2013-08-23 11:21:49--------d-----w-C:\Users\parouuu\AppData\Local\softthinks
2013-08-23 11:21:45--------d-----w-C:\ProgramData\softthinks
2013-08-23 02:12:43--------d-----w-C:\Program Files (x86)\Origin Games
2013-08-23 02:11:38--------d-----w-C:\Users\parouuu\AppData\Roaming\Origin
2013-08-23 02:11:37--------d-----w-C:\Users\parouuu\AppData\Local\Origin
2013-08-23 01:58:24--------d-----w-C:\ProgramData\Origin
2013-08-23 01:58:24--------d-----w-C:\ProgramData\Electronic Arts
2013-08-23 01:58:22--------d-----w-C:\Program Files (x86)\Origin
2013-08-22 22:19:25--------d-----w-C:\Users\parouuu\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2013-08-22 22:19:24--------d-----w-C:\Users\parouuu\AppData\Roaming\wam
2013-08-22 22:18:38--------d-----w-C:\Users\parouuu\AppData\Local\Adobe
2013-08-22 18:24:04--------d-----w-C:\Users\parouuu\AppData\Roaming\IDT
2013-08-22 11:02:25--------d-----r-C:\Program Files (x86)\Skype
2013-08-22 11:00:0217536----a-w-C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-22 07:36:20--------d-----w-C:\ProgramData\Blizzard Entertainment
2013-08-22 07:36:20--------d-----w-C:\Program Files (x86)\Diablo III
2013-08-22 07:36:20--------d-----w-C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-08-22 07:34:57--------d-----w-C:\ProgramData\Battle.net
2013-08-22 07:16:39--------d-----w-C:\Program Files\Classic Shell
2013-08-22 07:14:2811776----a-w-C:\Windows\skipmetrosuite.exe
2013-08-22 04:04:31--------d-----w-C:\Users\parouuu\AppData\Roaming\NVIDIA
2013-08-22 03:55:27--------d-----w-C:\Users\parouuu\AppData\Roaming\TS3Client
2013-08-22 03:51:08--------d-----w-C:\Program Files\TeamSpeak 3 Client
2013-08-22 03:41:43--------d-----w-C:\ProgramData\id Software
2013-08-22 03:16:07--------d-----w-C:\Users\parouuu\AppData\Local\Google
2013-08-22 03:15:42--------d-----w-C:\Users\parouuu\AppData\Local\Deployment
2013-08-22 03:15:42--------d-----w-C:\Users\parouuu\AppData\Local\Apps
2013-08-22 03:03:10--------d-----w-C:\Users\parouuu\AppData\Roaming\Intel Corporation
2013-08-22 03:01:37--------d-----r-C:\Users\parouuu\Searches
2013-08-22 03:01:37--------d-----r-C:\Users\parouuu\Contacts
2013-08-22 03:01:16--------d-----w-C:\Users\parouuu\AppData\Local\Power2Go8
2013-08-22 02:53:09--------d-sh--weC:\Program Files\Fichiers communs
2013-08-22 02:53:08--------d-sh--weC:\ProgramData\Modèles
2013-08-22 02:53:08--------d-sh--weC:\ProgramData\Menu Démarrer
2013-08-22 02:53:08--------d-sh--weC:\ProgramData\Bureau
2013-08-20 23:27:0820128----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1036\VSTOLoaderUI.dll
2013-08-20 23:27:0810896----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1036\VSTOInstallerUI.dll
.
==================== Find6M ====================
.
2013-10-11 11:08:50268435456--sha-w-C:\swapfile.sys
2013-09-16 15:25:44290184----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2013-09-16 15:25:36280904----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2013-09-16 15:07:0376888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2013-08-31 23:32:024411392----a-w-C:\Windows\mplayerc.exe
2013-08-07 16:16:5977824----a-w-C:\Windows\System32\taskhost.exe
2013-08-07 16:15:59888832----a-w-C:\Windows\System32\nshwfp.dll
2013-08-07 07:14:40499712----a-w-C:\Windows\SysWow64\msvcp71.dll
2013-08-07 07:14:40348160----a-w-C:\Windows\SysWow64\msvcr71.dll
2013-08-07 07:14:4029480----a-w-C:\Windows\SysWow64\msxml3a.dll
.
============= FINISH: 18:15:44,38 ===============

 

[parouuu]

Malwarebytes Fast Scan on Windows 8 safe mode again (sorry for the french version):


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows 8 x64 NTFS (Safe mode)
Internet Explorer 10.0.9200.16580
parouuu :: PAROUUU-PC [administrateur]

15/10/2013 18:15:18
mbam-log-2013-10-15 (18-15-18).txt

Type d'examen: Fast scan
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 261651
Temps écoulé: 6 minute(s), 20 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(end)

 

[parouuu]

A Malwarebyte's full scan after updating the database:


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.15.05

Windows 8 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16580
parouuu :: PAROUUU-PC [administrator]

15/10/2013 18:53:25
mbam-log-2013-10-15 (18-53-25).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 499319
Time elapsed: 54 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MINIBAR (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Minibar|NoDns (PUP.Optional.MiniBar.A) -> Data: true -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 7
C:\Program Files (x86)\Minibar (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.

Files Detected: 52
C:\$Recycle.Bin\S-1-5-21-3687278544-3320412002-2415371330-1002\$R24Q52D.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\Minibar.dll (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Users\parouuu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0GDXP95M\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Users\parouuu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AHZ5UZD2\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\parouuu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X25A7J03\BiTool[1].dll (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\parouuu\Downloads\DTLite4471-0337.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\initial_config.json (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\config.xml (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\extension_info.json (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\main.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon128.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon16.ico (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon19.ico (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon19.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon32.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\icons\icon48.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\browser.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\console.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\event_listener.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\initialize.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\io.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\json.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\jsonstorage.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\kango.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\lang.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\md5.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\messaging.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\storage.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\userscript_engine.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\utils.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango\xhr.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\commandbar_button.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\toolbar.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\toolbar_stub.html (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\ui.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-left.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-middle.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\bottom-right.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\middle-left.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\middle-right.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-bottom.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-left.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-right.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\tail-top.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-left.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-middle.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\kango-ui\theme\bubble\top-right.png (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar\actions.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar\cachedxhr.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar\config.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar\macros.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Minibar\minibar\minibar.js (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.

(end)

 

[parouuu]

I also have a Blackscreen without any icons and desktop when Windows 8 starts now;

 

[Broni]

Welcome aboard

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

Please observe forum rules.
All logs have to be pasted not attached.
I'll expect pasted Attach.txt from DDS in your next reply.

Next....

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

 

[parouuu]

Hi,
Thanks for your help ! Sorry for the attach.txt !
I couldn't run Farbar Recovery Scan Tool so I had to restart Windows 8 in safe mode.




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by parouuu at 2013-10-16 01:51:51
Running from C:\Users\parouuu\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

Tools for .Net 3.5 - FRA Lang Pack (x32 Version: 3.11.50727)
Tools for .Net 3.5 (x32 Version: 3.11.50727)
µTorrent (HKCU Version: 3.3.1.30017)
Adobe AIR (x32 Version: 3.8.0.1430)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.7)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0)
Blend for Visual Studio 2012 FRA resources (x32 Version: 5.0.30709.0)
Classic Shell (Version: 3.6.8)
Composants requis pour SSDT (x32 Version: 11.0.2100.60)
CopyTrans Suite désinstallation uniquement (HKCU Version: 2.37)
Counter-Strike: Global Offensive (x32)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2417)
CyberLink Media Suite Essentials (x32 Version: 10.0)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.2413)
CyberLink PowerDVD 10 (x32 Version: 10.0.4828.52)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0337)
Dell Backup and Recovery - Support Software (x32 Version: 1.5.0.0)
Dell Backup and Recovery (x32 Version: 1.5.0.0)
Dell Custom Help (Version: 15.06.0000.0090)
Dell Digital Delivery (x32 Version: 2.5.1400.0)
Dell Touchpad (Version: 8.1200.101.217)
Diablo III (x32 Version: 1.0.8.16603)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298)
DSC/AA Factory Installer (Version: 3.3.6261.27)
Entity Framework Designer pour Visual Studio 2012 - FRA (x32 Version: 11.1.20702.00)
ESN Sonar (x32 Version: 0.70.4)
F.lux (HKCU)
Galerie de photos (x32 Version: 16.4.3505.0912)
Google Chrome (x32 Version: 30.0.1599.69)
Google Drive (x32 Version: 1.11.4865.2530)
Google Update Helper (x32 Version: 1.3.21.165)
Holdem Manager 2 (x32)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2867)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.6.0.0519)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.6.1209.0268)
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.06.0000.0133)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel(R) WiDi (Version: 3.5.40.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.0000.0090)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 40 (64-bit) (Version: 7.0.400)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java SE Development Kit 7 Update 40 (64-bit) (Version: 1.7.0.400)
K-Lite Codec Pack 10.0.0 Standard (x32 Version: 10.0.0)
League of Legends (x32 Version: 3.0.1)
LocalESPC (x32 Version: 8.59.25584)
LocalESPCui for fr-fr (x32 Version: 8.59.25584)
Logiciel Intel® PROSet/Wireless (x32 Version: 15.6.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK - Module linguistique FRA (x32 Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (x32 Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 3 - FRA (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - FRA (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (x32 Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - FRA (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime - FRA (x32 Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - FRA (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - FRA (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (x32 Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - FRA (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime - FRA (x32 Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20710.0)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727)
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727)
Microsoft LightSwitch pour Visual Studio 2012 CoreRes - FRA (x32 Version: 11.0.50727)
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003)
Microsoft Office 365 Famille Premium - fr-fr (Version: 15.0.4535.1511)
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - fra (x32 Version: 11.0.50709.17929)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16)
Microsoft Silverlight (x32 Version: 5.1.10411.0)
Microsoft Silverlight 4 SDK - Français (x32 Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK - FRA (x32 Version: 5.0.61118.0)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2012 Data-Tier App Framework (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Data-Tier App Framework (x32 Version: 11.0.2316.0)
Microsoft SQL Server Compact 4.0 SP1 x64 FRA (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - FRA (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - FRA (11.1.20627.00) (x32 Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Express LocalDB (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x32 Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client (Version: 11.0.2100.60)
Microsoft System CLR Types pour SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - FRA Resources (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - FRA (Version: 11.0.50727)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31125)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31130)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA (Version: 10.0.31125)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - FRA (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools pour SQL Server Compact 4.0 SP1 FRA (x32 Version: 4.0.8876.1)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727.26)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer fra Resources (x32 Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - FRA (x32 Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - FRA (x32 Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 - FRA (x32 Version: 1.0.30710.0)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Mirror's Edge (x32)
Mises à jour NVIDIA 1.11.3 (Version: 1.11.3)
Module linguistique de Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298)
Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA (x32 Version: 2.0.50727)
Module linguistique de Microsoft Visual Studio Team Foundation Server 2012 Team Explorer - FRA (x32 Version: 11.0.50727)
Module linguistique des outils de développement SharePoint de Microsoft Visual Studio 2012 - FRA (x32 Version: 11.0.50727)
Module linguistique du modèle objet Microsoft Visual Studio Team Foundation Server 2012 - FRA (Version: 11.0.50727)
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA (Version: 10.0.31125)
Module Microsoft Report Viewer pour Visual Studio 2012 (x32 Version: 11.1.2802.16)
Moniteur de la technologie Intel® Turbo Boost 2.6 (Version: 2.6.2.0)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
My Dell (Version: 3.3.6261.27)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)
NVIDIA Pilote graphique 311.00 (Version: 311.00)
NVIDIA Update Components (Version: 1.11.3)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1511)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1511)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1511)
Origin (x32 Version: 9.3.1.4482)
Pando Media Booster (x32 Version: 2.6.0.7)
Panneau de configuration NVIDIA 311.00 (Version: 311.00)
Photo Gallery (x32 Version: 16.4.3505.0912)
PreEmptive Analytics Client French Language Pack (x32 Version: 1.0.2180.1)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1)
Pro Evolution Soccer 2014 (x32 Version: 1.01.0000)
PunkBuster Services (x32 Version: 0.991)
Quake Live Mozilla Plugin (x32 Version: 1.0.520)
Quickset64 (Version: 11.1.37)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
Ressources de Microsoft Visual Studio 2012 Shell (minimum) (x32 Version: 11.0.50727)
Ressources Devenv de Microsoft Visual Studio 2012 (x32 Version: 11.0.50727)
Secure Download Manager (x32 Version: 3.1.10)
Service de langage T-SQL Microsoft SQL Server 2012 (x32 Version: 11.0.2100.60)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Spybot - Search & Destroy (x32 Version: 2.1.21)
StarCraft II (x32 Version: 2.0.11.26825)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.13)
TrackMania² Stadium (x32)
Types CLR du système Microsoft pour SQL Server 2012 (x32 Version: 11.0.2100.60)
Update for (KB2504637) (x32 Version: 1)
Utilitaires ligne de comm. Microsoft SQL Server 2012 (Version: 11.0.2100.60)
Veetle TV (x32 Version: 0.9.19)
Version préparatoire de Microsoft Visual Studio 2012 (x32 Version: 11.0.50727)
Visual Studio 2012 Prerequisites - FRA Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0)
WCF Data Services 5.0 (for OData v3) FRA Language Pack (x32 Version: 5.0.50628.0)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0)
WCF Data Services Tools for Visual Studio 11 FRA Language Pack (x32 Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (x32 Version: 4.1.61829.0)
Winamax Poker (x32 Version: 2.11.2)
Winamax Poker (x32 Version: 2.11.2.1381763880)
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (x32 Version: 8.59.25584)
Windows Live (x32 Version: 16.4.3505.0912)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Runtime Intellisense Content - fr-fr (x32 Version: 8.59.25584)
Windows Software Development Kit (x32 Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584)
WinRAR 5.00 (64-bit) (Version: 5.00.0)
World of Warcraft (x32 Version: 5.4.0.17371)
XSplit Broadcaster (x32 Version: 1.3.1309.1602)

==================== Restore Points =========================

29-09-2013 18:36:21 DirectX est installé
07-10-2013 02:02:05 Point de contrôle planifié

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {051F4DE1-E10E-4B89-8781-54E8C7406F6A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {197F8C8E-D338-47F5-A51F-A8E478EAAAC6} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {3632BF19-DF7B-40B2-BB8A-58B0B866D239} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-22] (Google Inc.)
Task: {5F2E8859-2F14-45D3-99CC-A4BC3FA776B4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-06] (Microsoft Corporation)
Task: {67B7B63B-B874-45BF-94C6-09E4024F879A} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {72F1B4AC-A987-4E01-8665-6B660D7A13CA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-06-06] (PC-Doctor, Inc.)
Task: {836D2547-809C-4204-B85F-74697BFF9D3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-22] (Google Inc.)
Task: {896AA4BA-881C-4960-997B-CFCC55DD29DD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-10-11] (Microsoft Corporation)
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {D7165C29-B0BD-4402-9285-325B935B5670} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {FD49A854-BEBD-401F-A7DC-CC6863AB7BB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-08-07 08:19 - 2013-04-19 14:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-08-07 08:19 - 2013-04-19 14:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-08-07 08:19 - 2013-04-19 14:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2013 01:43:54 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:57 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:55 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:53 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:46 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:25 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:21 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:17 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:32:05 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (10/16/2013 01:23:01 AM) (Source: Windows Search Service) (User: )
Description: Le service Windows Search n’a pas pu créer le nouvel index de recherche. Erreur interne <4, 0x80070005, Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.


System errors:
=============
Error: (10/16/2013 01:51:30 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/16/2013 01:51:29 AM) (Source: DCOM) (User: parouuu-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (10/16/2013 01:50:53 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084Bluetooth Device MonitorNon disponible{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (10/16/2013 01:50:53 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/16/2013 01:50:41 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/16/2013 01:50:10 AM) (Source: DCOM) (User: AUTORITE NT)
Description: 1084Bluetooth Device MonitorNon disponible{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (10/16/2013 01:50:10 AM) (Source: DCOM) (User: AUTORITE NT)
Description: 1084Bluetooth Device MonitorNon disponible{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (10/16/2013 01:49:51 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/16/2013 01:49:46 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084ShellHWDetectionNon disponible{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/16/2013 01:49:44 AM) (Source: DCOM) (User: parouuu-PC)
Description: 1084WSearchNon disponible{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (10/16/2013 01:43:54 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:57 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:55 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:53 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:46 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:25 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:21 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:17 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:32:05 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (10/16/2013 01:23:01 AM) (Source: Windows Search Service)(User: )
Description: 40x80070005Impossible d’ajouter le projet : C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 8049.71 MB
Available physical RAM: 6582.22 MB
Total Pagefile: 8049.71 MB
Available Pagefile: 6630.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.38 GB) (Free:698.68 GB) NTFS
Drive d: (PES2014_R1) (CDROM) (Total:5.08 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: CD170250)

Partition: GPT Partition Type
==================== End Of Log ============================

 

[parouuu]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by parouuu (administrator) on PAROUUU-PC on 16-10-2013 01:50:33
Running from C:\Users\parouuu\Desktop
Windows 8 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [692208 2012-12-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-09] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-05-30] ()
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [F.lux] - C:\Users\parouuu\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
MountPoints2: {654f94c1-ff2a-11e2-be66-806e6f6e6963} - "D:\autorun.exe"
MountPoints2: {96a19d25-0ff2-11e3-be72-5cf9dd6303e4} - "F:\HTC_Sync_Manager_PC.exe"
MountPoints2: {e6f64e8e-1342-11e3-be74-5cf9dd6303e4} - "E:\HTC_Sync_Manager_PC.exe"
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)
Startup: C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.6.lnk
ShortcutTarget: Moniteur de la technologie Intel® Turbo Boost 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com
SearchScopes: HKLM - DefaultScope {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM - {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - DefaultScope {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKLM-x32 - {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MDDCJS
SearchScopes: HKCU - DefaultScope {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL =
SearchScopes: HKCU - {8FAAA095-9689-4A72-BE1F-CE1A270CCCAE} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://moodle.gcd.ie/moodle/login/index.php"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (LoL Stream Browser) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp\1.2.0.6_0
CHR Extension: (AdBlock) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0
CHR Extension: (avast! Online Security) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Starcraft 2 Stream Browser) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkbpkejknkdjpnkpbjlhedmicnjmbka\1.2.0.6_0
CHR Extension: (Refresh Monkey) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd\1.2_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (DebrideurStreaming - Add-On) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipaffcpmobohfilpejhaciheebhaaej\2.1_0
CHR Extension: (Gmail) - C:\Users\parouuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-16] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-23] (SoftThinks SAS)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-08-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
S2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-10-15] (Malwarebytes Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-10-15] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4358776 2013-01-31] (Intel Corporation)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-16 01:46 - 2013-10-16 01:46 - 01954124 _____ (Farbar) C:\Users\parouuu\Desktop\FRST64.exe
2013-10-15 22:48 - 2013-10-15 22:48 - 20312373 _____ C:\Users\parouuu\Downloads\Psql-cant-connect1.wmv
2013-10-15 22:44 - 2013-10-15 22:44 - 00000000 ____D C:\Users\parouuu\AppData\Local\IsolatedStorage
2013-10-15 22:44 - 2013-10-15 22:44 - 00000000 ____D C:\ProgramData\XHEO INC
2013-10-15 22:43 - 2013-10-15 22:46 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\HoldemManager
2013-10-15 22:43 - 2013-10-15 22:43 - 00018061 _____ C:\Users\parouuu\Downloads\install.log
2013-10-15 22:43 - 2013-10-15 22:43 - 00001094 _____ C:\Users\Public\Desktop\HoldemManager2.lnk
2013-10-15 22:43 - 2013-10-15 22:43 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2
2013-10-15 22:39 - 2013-10-15 22:39 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-10-15 21:46 - 2013-10-15 21:46 - 00001638 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_214613.txt
2013-10-15 21:45 - 2013-10-15 21:45 - 00001660 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_214518.txt
2013-10-15 20:17 - 2013-10-15 20:17 - 00000000 ____D C:\Users\parouuu\Downloads\Windows 7 Professional with Service Pack 1 (x64) - DVD (French)
2013-10-15 20:08 - 2013-10-15 20:08 - 00720896 _____ C:\Users\parouuu\Downloads\SDM_FR (1).msi
2013-10-15 20:08 - 2013-10-15 20:08 - 00000183 _____ C:\Users\parouuu\Downloads\100229553383.sdx
2013-10-15 19:59 - 2013-10-15 19:59 - 04868376 _____ (Veetle Inc) C:\Users\parouuu\Downloads\veetle-0.9.19.exe
2013-10-15 18:46 - 2013-10-15 18:46 - 00010525 _____ C:\Users\parouuu\Downloads\attach.txt
2013-10-15 18:16 - 2013-10-15 18:16 - 00010525 _____ C:\Users\parouuu\Desktop\attach.txt
2013-10-15 18:16 - 2013-10-15 18:15 - 00027313 _____ C:\Users\parouuu\Desktop\dds.txt
2013-10-15 18:15 - 2013-10-15 18:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-15 18:15 - 2013-10-15 18:15 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-15 18:15 - 2013-10-15 18:15 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 18:15 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-10-15 18:13 - 2013-10-15 18:13 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Malwarebytes
2013-10-15 18:13 - 2013-10-15 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 18:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-15 18:11 - 2013-10-15 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 18:11 - 2013-10-15 18:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-15 18:11 - 2013-10-15 18:11 - 00001377 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_181121.txt
2013-10-15 18:11 - 2013-10-15 18:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 18:10 - 2013-10-15 18:11 - 00000000 ____D C:\Users\parouuu\Desktop\mbar
2013-10-15 18:09 - 2013-10-15 18:09 - 00002112 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_180928.txt
2013-10-15 18:09 - 2013-10-15 18:09 - 00001947 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_180908.txt
2013-10-15 18:07 - 2013-10-15 21:46 - 00000000 ____D C:\Users\parouuu\Desktop\RK_Quarantine
2013-10-15 17:56 - 2013-10-15 17:56 - 02218636 _____ C:\Users\parouuu\Downloads\tdsskiller.zip
2013-10-15 17:55 - 2013-10-15 17:55 - 03987968 _____ C:\Users\parouuu\Downloads\RogueKillerX64.exe
2013-10-15 15:10 - 2013-10-15 15:10 - 12576792 _____ (Malwarebytes Corp.) C:\Users\parouuu\Downloads\mbar-1.07.0.1007.exe
2013-10-15 15:05 - 2013-10-15 15:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\parouuu\Desktop\HijackThis.exe
2013-10-15 15:05 - 2013-10-15 15:05 - 00028758 _____ C:\Users\parouuu\Downloads\hijackthis.log
2013-10-15 15:02 - 2013-10-15 15:03 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\parouuu\Downloads\tdsskiller.exe
2013-10-15 14:32 - 2013-10-15 14:32 - 00688992 _____ (Swearware) C:\Users\parouuu\Downloads\dds.scr
2013-10-15 14:31 - 2013-10-15 14:31 - 00688992 ____R (Swearware) C:\Users\parouuu\Downloads\dds.com
2013-10-15 13:55 - 2013-10-15 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\parouuu\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 13:40 - 2013-10-15 13:40 - 00009830 _____ C:\Users\parouuu\Downloads\exefix.reg
2013-10-15 13:26 - 2013-10-15 13:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\parouuu\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-15 12:59 - 2013-10-15 12:59 - 00000020 ___SH C:\Users\postgres\ntuser.ini
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Voisinage réseau
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Voisinage d'impression
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Modèles
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Menu Démarrer
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes vidéos
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes images
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Ma musique
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Historique
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 ____D C:\Users\postgres
2013-10-15 12:59 - 2013-09-29 16:46 - 00002251 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-10-15 12:59 - 2013-08-22 23:18 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia
2013-10-15 12:59 - 2013-08-07 17:19 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-15 12:59 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-15 12:59 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-15 12:59 - 2012-07-26 09:13 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-15 12:55 - 2013-10-15 12:55 - 00000000 ____D C:\Program Files (x86)\Winamax Poker
2013-10-15 01:53 - 2013-10-15 01:53 - 00000000 ___HD C:\Windows\system32\Settings
2013-10-15 01:32 - 2013-10-15 01:34 - 00000000 ____D C:\postgreSQL
2013-10-15 01:31 - 2013-10-15 22:43 - 00000000 ____D C:\Program Files (x86)\PSQLINSTALL
2013-10-13 19:49 - 2013-10-13 19:49 - 88885640 _____ C:\Users\parouuu\Downloads\7907_HoldemManager2Setup.exe
2013-10-10 23:42 - 2013-10-10 23:42 - 00648160 _____ (Unity Technologies ApS) C:\Users\parouuu\Downloads\UnityWebPlayer.exe
2013-10-08 00:53 - 2013-10-08 00:53 - 00000038 _____ C:\Users\parouuu\Desktop\mumble.txt
2013-10-05 01:51 - 2013-10-05 01:54 - 00000000 ____D C:\Users\parouuu\Desktop\Dexter S08
2013-10-03 12:23 - 2013-10-03 12:23 - 01739264 _____ C:\Users\parouuu\Downloads\Humour.ppt
2013-10-03 01:54 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E10.720p.HDTV.x264-EVOLVE[rarbg]
2013-10-03 01:48 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E06.PROPER.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-03 01:41 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E07.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-02 23:26 - 2013-10-04 02:44 - 00000000 ____D C:\Users\parouuu\Desktop\Séries
2013-10-02 23:22 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E02.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-02 23:21 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E03.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-02 23:21 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E01.720p.HDTV.x264-EVOLVE [PublicHD]
2013-10-01 13:49 - 2013-10-09 22:54 - 00000000 ____D C:\Users\parouuu\Desktop\gui
2013-09-30 23:26 - 2013-10-01 12:09 - 00000000 ____D C:\Users\parouuu\Documents\StarCraft II
2013-09-30 23:26 - 2013-09-30 23:35 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-09-30 23:26 - 2013-09-30 23:26 - 00001105 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-30 23:24 - 2013-09-30 23:24 - 54085656 _____ (Blizzard Entertainment) C:\Users\parouuu\Downloads\StarCraft-II-Setup-frFR.exe
2013-09-30 01:10 - 2013-09-30 01:10 - 00001171 _____ C:\Users\parouuu\Downloads\zipcity.jnlp
2013-09-30 00:33 - 2013-09-30 00:33 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 19:38 - 2013-09-29 19:38 - 00000000 ____D C:\Users\parouuu\Documents\EA Games
2013-09-29 19:37 - 2013-09-29 19:37 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2013-09-29 19:37 - 2013-09-29 19:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-29 19:37 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2013-09-29 19:37 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2013-09-29 19:37 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-09-29 19:37 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2013-09-29 19:37 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2013-09-29 19:37 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-09-29 19:37 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2013-09-29 19:37 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-09-29 19:37 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2013-09-29 19:37 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-09-29 19:37 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2013-09-29 19:37 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-09-29 19:37 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2013-09-29 19:37 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-09-29 19:37 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2013-09-29 19:37 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-09-29 19:37 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2013-09-29 19:37 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-09-29 19:37 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2013-09-29 19:37 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-09-29 19:37 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-09-29 19:37 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2013-09-29 19:37 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2013-09-29 19:37 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-09-29 19:37 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2013-09-29 19:37 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-09-29 19:37 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2013-09-29 19:37 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-09-29 19:37 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-09-29 19:37 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2013-09-29 19:37 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2013-09-29 19:37 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2013-09-29 19:37 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-09-29 19:37 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-09-29 19:37 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-09-29 19:37 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2013-09-29 19:37 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2013-09-29 19:37 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-09-29 19:37 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2013-09-29 19:37 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-09-29 19:37 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2013-09-29 19:37 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-09-29 19:37 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2013-09-29 19:37 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-09-29 19:37 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2013-09-29 19:37 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-09-29 19:37 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2013-09-29 19:37 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-09-29 19:37 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2013-09-29 19:37 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-09-29 19:36 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-09-29 19:36 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-09-29 19:36 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2013-09-29 19:36 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-09-29 19:36 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2013-09-29 19:36 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-09-29 19:36 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2013-09-29 19:36 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-09-29 16:46 - 2013-09-29 16:46 - 00002275 _____ C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00002251 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00002251 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00000000 ___RD C:\Users\parouuu\SkyDrive
2013-09-29 16:46 - 2013-09-29 16:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 16:45 - 2013-09-29 16:45 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-09-29 16:41 - 2013-09-29 16:41 - 01351264 _____ C:\Windows\NIRMALA.tt2
2013-09-29 16:41 - 2013-09-29 16:41 - 01303396 _____ C:\Windows\NIRMALAB.tt2
2013-09-29 16:40 - 2013-10-11 12:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-09-29 16:40 - 2013-09-29 16:40 - 00574664 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\Setup.X86.fr-FR_O365HomePremRetail_35ff5941-0c92-48b7-9f6d-27afc1ee3816_TX_DB_.exe
2013-09-28 21:47 - 2013-09-28 21:48 - 00002634 _____ C:\Users\parouuu\Mon premier programme en Java.jar
2013-09-26 23:45 - 2013-10-08 13:49 - 00000000 ____D C:\Users\parouuu\workspace
2013-09-26 23:44 - 2013-09-26 23:44 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-26 23:44 - 2013-09-26 23:44 - 00973736 _____ (Oracle Corporation)

 

[parouuu]

C:\Windows\system32\deployJava1.dll
2013-09-26 23:44 - 2013-09-26 23:44 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-09-26 23:43 - 2013-09-26 23:44 - 00000000 ____D C:\Program Files\Java
2013-09-26 23:42 - 2013-09-26 23:42 - 131337120 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jdk-7u40-windows-x64.exe
2013-09-26 23:38 - 2013-10-08 13:47 - 00000000 ____D C:\Program Files (x86)\eclipse
2013-09-26 23:34 - 2013-09-26 23:35 - 208636499 _____ C:\Users\parouuu\Downloads\eclipse-standard-kepler-R-win32-x86_64.zip
2013-09-24 14:11 - 2013-09-24 14:11 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Apple Computer
2013-09-24 14:10 - 2013-09-24 14:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-24 14:09 - 2013-09-24 14:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-24 14:08 - 2013-09-24 14:09 - 00000000 ____D C:\ProgramData\Apple
2013-09-24 14:07 - 2013-09-24 14:07 - 03580808 _____ C:\Users\parouuu\Downloads\CopyTransDriversInstallerFRv1.027.zip
2013-09-24 14:06 - 2013-09-24 14:20 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 14:06 - 2013-09-24 14:20 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-24 14:06 - 2013-09-24 14:06 - 00001360 _____ C:\Users\parouuu\Desktop\CopyTrans Control Center.lnk
2013-09-24 14:06 - 2013-09-24 14:06 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-09-23 15:19 - 2013-09-25 11:09 - 00000100 _____ C:\Users\parouuu\Desktop\HCI & GUI.txt
2013-09-23 11:20 - 2013-09-23 11:20 - 00000000 ____D C:\ProgramData\Oracle
2013-09-23 11:20 - 2013-09-23 11:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-23 11:20 - 2013-09-23 11:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-23 11:20 - 2013-09-23 11:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-23 11:20 - 2013-09-23 11:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-23 11:19 - 2013-09-23 11:19 - 29036456 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jre-7u40-windows-i586.exe
2013-09-23 11:19 - 2013-09-23 11:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-22 22:01 - 2013-10-15 15:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-22 22:01 - 2013-10-15 13:20 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-22 22:01 - 2013-08-30 08:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-22 22:01 - 2013-08-30 08:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-22 22:01 - 2013-08-30 08:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-22 22:00 - 2013-09-22 22:00 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-22 22:00 - 2013-08-30 08:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-22 21:59 - 2013-09-22 22:00 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-22 13:22 - 2013-09-22 14:35 - 131918888 _____ C:\Users\parouuu\Downloads\avast_free_antivirus_setup.exe
2013-09-20 15:00 - 2013-09-20 15:00 - 00000000 ____D C:\Users\parouuu\Documents\KONAMI
2013-09-20 14:46 - 2013-09-20 14:46 - 00000000 ____D C:\ProgramData\KONAMI
2013-09-20 14:46 - 2013-09-20 14:46 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-09-20 00:09 - 2013-09-20 00:34 - 00000000 ____D C:\Users\parouuu\Downloads\The Lone Ranger 2013 TS XViD UNiQUE
2013-09-19 13:26 - 2013-09-19 13:26 - 00001755 _____ C:\Users\parouuu\Desktop\PES 2014.lnk
2013-09-19 13:25 - 2013-09-19 13:25 - 12792920 _____ (CyberGhost S.R.L. ) C:\Users\parouuu\Downloads\CGWebInstall-fr.exe
2013-09-19 08:04 - 2013-09-19 08:04 - 18938891 _____ C:\Users\parouuu\Downloads\PES2014Patch101.zip
2013-09-18 23:35 - 2013-09-18 23:37 - 21419274 _____ C:\Users\parouuu\Downloads\abj209.zip
2013-09-18 23:35 - 2013-09-18 23:35 - 00214952 _____ (Deposit Files) C:\Users\parouuu\Downloads\dfdownloader_IUfTTH_.exe
2013-09-18 23:28 - 2013-09-18 23:36 - 27232235 _____ C:\Users\parouuu\Downloads\AC669.rar
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-09-18 20:40 - 2013-09-18 20:40 - 40054488 _____ (SplitMediaLabs) C:\Users\parouuu\Downloads\xsplit_installer_v1.3.1309.1602.exe
2013-09-18 20:40 - 2013-09-18 20:40 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 19:02 - 2013-09-18 19:02 - 00316976 _____ (Disc Soft Ltd) C:\Users\parouuu\Downloads\DTLite4471-0337 (2).exe
2013-09-18 18:42 - 2013-09-18 18:42 - 00029284 _____ C:\Users\parouuu\Downloads\pes2014mi.rar
2013-09-18 18:29 - 2013-09-18 18:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 18:28 - 2013-09-18 18:34 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 18:28 - 2013-09-18 18:28 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-09-18 18:27 - 2013-09-18 18:28 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 18:26 - 2013-09-18 18:34 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-09-18 18:22 - 2013-09-18 18:22 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-18 18:21 - 2013-09-18 18:21 - 05829256 _____ (TeamViewer GmbH) C:\Users\parouuu\Downloads\TeamViewer_Setup_fr.exe
2013-09-17 19:34 - 2013-09-17 19:34 - 00889416 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\dotNetFx40_Full_setup.exe
2013-09-17 16:19 - 2013-09-17 16:20 - 00000000 ____D C:\Users\parouuu\Documents\FIFA 14 Demo
2013-09-17 16:19 - 2013-09-17 16:19 - 00000000 __SHD C:\ProgramData\DSS
2013-09-16 16:25 - 2013-09-16 16:25 - 00000000 ____D C:\Users\parouuu\AppData\Local\Overwolf

==================== One Month Modified Files and Folders =======

2013-10-16 01:48 - 2013-08-07 07:30 - 01438659 _____ C:\Windows\WindowsUpdate.log
2013-10-16 01:46 - 2013-10-16 01:46 - 01954124 _____ (Farbar) C:\Users\parouuu\Desktop\FRST64.exe
2013-10-16 00:55 - 2012-07-26 11:08 - 00841762 _____ C:\Windows\system32\perfh00C.dat
2013-10-16 00:55 - 2012-07-26 11:08 - 00173532 _____ C:\Windows\system32\perfc00C.dat
2013-10-16 00:55 - 2012-07-26 08:28 - 01904858 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-15 23:07 - 2013-08-22 04:23 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3687278544-3320412002-2415371330-1002
2013-10-15 23:04 - 2013-08-07 08:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-10-15 22:59 - 2013-08-25 01:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-15 22:58 - 2013-09-12 17:04 - 00000000 ___RD C:\Users\parouuu\Desktop\Google Drive
2013-10-15 22:55 - 2013-08-07 07:27 - 00025148 _____ C:\Windows\PFRO.log
2013-10-15 22:48 - 2013-10-15 22:48 - 20312373 _____ C:\Users\parouuu\Downloads\Psql-cant-connect1.wmv
2013-10-15 22:46 - 2013-10-15 22:43 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\HoldemManager
2013-10-15 22:44 - 2013-10-15 22:44 - 00000000 ____D C:\Users\parouuu\AppData\Local\IsolatedStorage
2013-10-15 22:44 - 2013-10-15 22:44 - 00000000 ____D C:\ProgramData\XHEO INC
2013-10-15 22:43 - 2013-10-15 22:43 - 00018061 _____ C:\Users\parouuu\Downloads\install.log
2013-10-15 22:43 - 2013-10-15 22:43 - 00001094 _____ C:\Users\Public\Desktop\HoldemManager2.lnk
2013-10-15 22:43 - 2013-10-15 22:43 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2
2013-10-15 22:43 - 2013-10-15 01:31 - 00000000 ____D C:\Program Files (x86)\PSQLINSTALL
2013-10-15 22:39 - 2013-10-15 22:39 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-10-15 21:46 - 2013-10-15 21:46 - 00001638 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_214613.txt
2013-10-15 21:46 - 2013-10-15 18:07 - 00000000 ____D C:\Users\parouuu\Desktop\RK_Quarantine
2013-10-15 21:45 - 2013-10-15 21:45 - 00001660 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_214518.txt
2013-10-15 21:21 - 2013-08-22 12:02 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Skype
2013-10-15 20:17 - 2013-10-15 20:17 - 00000000 ____D C:\Users\parouuu\Downloads\Windows 7 Professional with Service Pack 1 (x64) - DVD (French)
2013-10-15 20:08 - 2013-10-15 20:08 - 00720896 _____ C:\Users\parouuu\Downloads\SDM_FR (1).msi
2013-10-15 20:08 - 2013-10-15 20:08 - 00000183 _____ C:\Users\parouuu\Downloads\100229553383.sdx
2013-10-15 20:08 - 2013-08-28 02:06 - 00003153 _____ C:\Users\parouuu\Desktop\Secure Download Manager.lnk
2013-10-15 20:08 - 2013-08-28 02:06 - 00000000 _____ C:\Users\parouuu\Downloads\SecureDownloadManager.log
2013-10-15 19:59 - 2013-10-15 19:59 - 04868376 _____ (Veetle Inc) C:\Users\parouuu\Downloads\veetle-0.9.19.exe
2013-10-15 18:46 - 2013-10-15 18:46 - 00010525 _____ C:\Users\parouuu\Downloads\attach.txt
2013-10-15 18:19 - 2013-10-15 18:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-15 18:16 - 2013-10-15 18:16 - 00010525 _____ C:\Users\parouuu\Desktop\attach.txt
2013-10-15 18:15 - 2013-10-15 18:16 - 00027313 _____ C:\Users\parouuu\Desktop\dds.txt
2013-10-15 18:15 - 2013-10-15 18:15 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-15 18:15 - 2013-10-15 18:15 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-15 18:15 - 2013-10-15 18:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 18:13 - 2013-10-15 18:13 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Malwarebytes
2013-10-15 18:13 - 2013-10-15 18:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 18:12 - 2013-10-15 18:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 18:11 - 2013-10-15 18:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-10-15 18:11 - 2013-10-15 18:11 - 00001377 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_181121.txt
2013-10-15 18:11 - 2013-10-15 18:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 18:11 - 2013-10-15 18:10 - 00000000 ____D C:\Users\parouuu\Desktop\mbar
2013-10-15 18:09 - 2013-10-15 18:09 - 00002112 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_180928.txt
2013-10-15 18:09 - 2013-10-15 18:09 - 00001947 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_180908.txt
2013-10-15 17:56 - 2013-10-15 17:56 - 02218636 _____ C:\Users\parouuu\Downloads\tdsskiller.zip
2013-10-15 17:55 - 2013-10-15 17:55 - 03987968 _____ C:\Users\parouuu\Downloads\RogueKillerX64.exe
2013-10-15 15:32 - 2013-09-22 22:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-15 15:10 - 2013-10-15 15:10 - 12576792 _____ (Malwarebytes Corp.) C:\Users\parouuu\Downloads\mbar-1.07.0.1007.exe
2013-10-15 15:05 - 2013-10-15 15:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\parouuu\Desktop\HijackThis.exe
2013-10-15 15:05 - 2013-10-15 15:05 - 00028758 _____ C:\Users\parouuu\Downloads\hijackthis.log
2013-10-15 15:05 - 2013-08-22 04:00 - 00000000 ____D C:\Users\parouuu\AppData\Local\VirtualStore
2013-10-15 15:03 - 2013-10-15 15:02 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\parouuu\Downloads\tdsskiller.exe
2013-10-15 14:32 - 2013-10-15 14:32 - 00688992 _____ (Swearware) C:\Users\parouuu\Downloads\dds.scr
2013-10-15 14:31 - 2013-10-15 14:31 - 00688992 ____R (Swearware) C:\Users\parouuu\Downloads\dds.com
2013-10-15 13:55 - 2013-10-15 13:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\parouuu\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 13:43 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-15 13:40 - 2013-10-15 13:40 - 00009830 _____ C:\Users\parouuu\Downloads\exefix.reg
2013-10-15 13:26 - 2013-10-15 13:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\parouuu\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-15 13:20 - 2013-09-22 22:01 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-15 12:59 - 2013-10-15 12:59 - 00000020 ___SH C:\Users\postgres\ntuser.ini
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Voisinage réseau
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Voisinage d'impression
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Modèles
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Menu Démarrer
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes vidéos
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes images
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\Documents\Ma musique
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Historique
2013-10-15 12:59 - 2013-10-15 12:59 - 00000000 ____D C:\Users\postgres
2013-10-15 12:57 - 2013-08-22 04:55 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TS3Client
2013-10-15 12:55 - 2013-10-15 12:55 - 00000000 ____D C:\Program Files (x86)\Winamax Poker
2013-10-15 12:55 - 2013-08-22 23:19 - 00000790 _____ C:\Users\Public\Desktop\Winamax Poker.lnk
2013-10-15 12:46 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2013-10-15 12:33 - 2013-08-22 04:16 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 12:07 - 2013-08-22 04:16 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 12:05 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-15 01:53 - 2013-10-15 01:53 - 00000000 ___HD C:\Windows\system32\Settings
2013-10-15 01:34 - 2013-10-15 01:32 - 00000000 ____D C:\postgreSQL
2013-10-14 14:05 - 2013-08-25 01:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\PMB Files
2013-10-14 14:05 - 2013-08-25 01:29 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-14 13:33 - 2013-08-22 04:00 - 00000000 ____D C:\Users\parouuu
2013-10-13 19:49 - 2013-10-13 19:49 - 88885640 _____ C:\Users\parouuu\Downloads\7907_HoldemManager2Setup.exe
2013-10-12 15:59 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-11 12:21 - 2013-09-29 16:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-10-11 12:09 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 23:42 - 2013-10-10 23:42 - 00648160 _____ (Unity Technologies ApS) C:\Users\parouuu\Downloads\UnityWebPlayer.exe
2013-10-09 22:54 - 2013-10-01 13:49 - 00000000 ____D C:\Users\parouuu\Desktop\gui
2013-10-08 19:21 - 2013-08-22 04:16 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 19:21 - 2013-08-22 04:16 - 00003828 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 13:49 - 2013-09-26 23:45 - 00000000 ____D C:\Users\parouuu\workspace
2013-10-08 13:47 - 2013-09-26 23:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2013-10-08 13:45 - 2012-07-26 08:21 - 00026357 _____ C:\Windows\setupact.log
2013-10-08 00:53 - 2013-10-08 00:53 - 00000038 _____ C:\Users\parouuu\Desktop\mumble.txt
2013-10-05 01:55 - 2013-09-01 23:58 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\uTorrent
2013-10-05 01:54 - 2013-10-05 01:51 - 00000000 ____D C:\Users\parouuu\Desktop\Dexter S08
2013-10-05 01:51 - 2013-10-03 01:54 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E10.720p.HDTV.x264-EVOLVE[rarbg]
2013-10-05 01:51 - 2013-10-03 01:48 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E06.PROPER.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-05 01:51 - 2013-10-03 01:41 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E07.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-05 01:51 - 2013-10-02 23:22 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E02.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-05 01:51 - 2013-10-02 23:21 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E03.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-05 01:51 - 2013-10-02 23:21 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E01.720p.HDTV.x264-EVOLVE [PublicHD]
2013-10-04 11:08 - 2013-08-22 04:00 - 00000000 ____D C:\Users\parouuu\AppData\Local\Packages
2013-10-04 02:44 - 2013-10-02 23:26 - 00000000 ____D C:\Users\parouuu\Desktop\Séries
2013-10-03 12:23 - 2013-10-03 12:23 - 01739264 _____ C:\Users\parouuu\Downloads\Humour.ppt
2013-10-01 12:09 - 2013-09-30 23:26 - 00000000 ____D C:\Users\parouuu\Documents\StarCraft II
2013-10-01 11:47 - 2013-08-22 04:51 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-09-30 23:35 - 2013-09-30 23:26 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-09-30 23:26 - 2013-09-30 23:26 - 00001105 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-30 23:26 - 2013-08-22 08:36 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-09-30 23:24 - 2013-09-30 23:24 - 54085656 _____ (Blizzard Entertainment) C:\Users\parouuu\Downloads\StarCraft-II-Setup-frFR.exe
2013-09-30 01:10 - 2013-09-30 01:10 - 00001171 _____ C:\Users\parouuu\Downloads\zipcity.jnlp
2013-09-30 01:03 - 2013-08-07 07:27 - 00434680 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-30 00:33 - 2013-09-30 00:33 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 19:38 - 2013-09-29 19:38 - 00000000 ____D C:\Users\parouuu\Documents\EA Games
2013-09-29 19:37 - 2013-09-29 19:37 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2013-09-29 19:37 - 2013-09-29 19:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-29 19:37 - 2013-08-07 08:20 - 00248180 _____ C:\Windows\DirectX.log
2013-09-29 16:46 - 2013-10-15 12:59 - 00002251 _____ C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00002275 _____ C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00002251 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00002251 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-09-29 16:46 - 2013-09-29 16:46 - 00000000 ___RD C:\Users\parouuu\SkyDrive
2013-09-29 16:46 - 2013-09-29 16:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 16:45 - 2013-09-29 16:45 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-09-29 16:45 - 2013-08-07 08:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-09-29 16:41 - 2013-09-29 16:41 - 01351264 _____ C:\Windows\NIRMALA.tt2
2013-09-29 16:41 - 2013-09-29 16:41 - 01303396 _____ C:\Windows\NIRMALAB.tt2
2013-09-29 16:40 - 2013-09-29 16:40 - 00574664 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\Setup.X86.fr-FR_O365HomePremRetail_35ff5941-0c92-48b7-9f6d-27afc1ee3816_TX_DB_.exe
2013-09-28 21:48 - 2013-09-28 21:47 - 00002634 _____ C:\Users\parouuu\Mon premier programme en Java.jar
2013-09-28 17:00 - 2013-09-06 16:36 - 00000000 ____D C:\Users\parouuu\Documents\Visual Studio 2012
2013-09-27 11:39 - 2013-08-07 08:09 - 00000000 ____D C:\Program Files\My Dell
2013-09-26 23:44 - 2013-09-26 23:44 - 01095080 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-09-26 23:44 - 2013-09-26 23:44 - 00973736 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-26 23:44 - 2013-09-26 23:44 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-26 23:44 - 2013-09-26 23:44 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-09-26 23:44 - 2013-09-26 23:43 - 00000000 ____D C:\Program Files\Java
2013-09-26 23:42 - 2013-09-26 23:42 - 131337120 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jdk-7u40-windows-x64.exe
2013-09-26 23:35 - 2013-09-26 23:34 - 208636499 _____ C:\Users\parouuu\Downloads\eclipse-standard-kepler-R-win32-x86_64.zip
2013-09-25 11:09 - 2013-09-23 15:19 - 00000100 _____ C:\Users\parouuu\Desktop\HCI & GUI.txt
2013-09-24 14:20 - 2013-09-24 14:06 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 14:20 - 2013-09-24 14:06 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-24 14:11 - 2013-09-24 14:11 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Apple Computer
2013-09-24 14:10 - 2013-09-24 14:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-24 14:09 - 2013-09-24 14:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-24 14:09 - 2013-09-24 14:08 - 00000000 ____D C:\ProgramData\Apple
2013-09-24 14:07 - 2013-09-24 14:07 - 03580808 _____ C:\Users\parouuu\Downloads\CopyTransDriversInstallerFRv1.027.zip
2013-09-24 14:06 - 2013-09-24 14:06 - 00001360 _____ C:\Users\parouuu\Desktop\CopyTrans Control Center.lnk
2013-09-24 14:06 - 2013-09-24 14:06 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-09-23 17:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-23 14:10 - 2013-08-23 11:27 - 00000000 ____D C:\Users\parouuu\Desktop\CorePlusField V8.1
2013-09-23 11:20 - 2013-09-23 11:20 - 00000000 ____D C:\ProgramData\Oracle
2013-09-23 11:19 - 2013-09-23 11:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-23 11:19 - 2013-09-23 11:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-23 11:19 - 2013-09-23 11:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-23 11:19 - 2013-09-23 11:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-23 11:19 - 2013-09-23 11:19 - 29036456 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jre-7u40-windows-i586.exe
2013-09-23 11:19 - 2013-09-23 11:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-23 11:19 - 2013-09-03 22:18 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-23 11:19 - 2013-09-03 22:18 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-22 22:00 - 2013-09-22 22:00 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-22 22:00 - 2013-09-22 21:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-22 14:35 - 2013-09-22 13:22 - 131918888 _____ C:\Users\parouuu\Downloads\avast_free_antivirus_setup.exe
2013-09-22 13:19 - 2013-08-07 08:22 - 00000000 ____D C:\ProgramData\McAfee
2013-09-22 13:14 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-20 15:00 - 2013-09-20 15:00 - 00000000 ____D C:\Users\parouuu\Documents\KONAMI
2013-09-20 14:46 - 2013-09-20 14:46 - 00000000 ____D C:\ProgramData\KONAMI
2013-09-20 14:46 - 2013-09-20 14:46 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-09-20 00:34 - 2013-09-20 00:09 - 00000000 ____D C:\Users\parouuu\Downloads\The Lone Ranger 2013 TS XViD UNiQUE
2013-09-19 13:26 - 2013-09-19 13:26 - 00001755 _____ C:\Users\parouuu\Desktop\PES 2014.lnk
2013-09-19 13:25 - 2013-09-19 13:25 - 12792920 _____ (CyberGhost S.R.L. ) C:\Users\parouuu\Downloads\CGWebInstall-fr.exe
2013-09-19 08:04 - 2013-09-19 08:04 - 18938891 _____ C:\Users\parouuu\Downloads\PES2014Patch101.zip
2013-09-18 23:37 - 2013-09-18 23:35 - 21419274 _____ C:\Users\parouuu\Downloads\abj209.zip
2013-09-18 23:36 - 2013-09-18 23:28 - 27232235 _____ C:\Users\parouuu\Downloads\AC669.rar
2013-09-18 23:35 - 2013-09-18 23:35 - 00214952 _____ (Deposit Files) C:\Users\parouuu\Downloads\dfdownloader_IUfTTH_.exe
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-09-18 20:41 - 2013-09-18 20:41 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-09-18 20:41 - 2013-08-25 01:30 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-18 20:40 - 2013-09-18 20:40 - 40054488 _____ (SplitMediaLabs) C:\Users\parouuu\Downloads\xsplit_installer_v1.3.1309.1602.exe
2013-09-18 20:40 - 2013-09-18 20:40 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 19:02 - 2013-09-18 19:02 - 00316976 _____ (Disc Soft Ltd) C:\Users\parouuu\Downloads\DTLite4471-0337 (2).exe
2013-09-18 18:42 - 2013-09-18 18:42 - 00029284 _____ C:\Users\parouuu\Downloads\pes2014mi.rar
2013-09-18 18:34 - 2013-09-18 18:28 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 18:34 - 2013-09-18 18:26 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-09-18 18:29 - 2013-09-18 18:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 18:28 - 2013-09-18 18:28 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2013-09-18 18:28 - 2013-09-18 18:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 18:22 - 2013-09-18 18:22 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-18 18:21 - 2013-09-18 18:21 - 05829256 _____ (TeamViewer GmbH) C:\Users\parouuu\Downloads\TeamViewer_Setup_fr.exe
2013-09-17 19:34 - 2013-09-17 19:34 - 00889416 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\dotNetFx40_Full_setup.exe
2013-09-17 17:07 - 2013-08-23 03:12 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-17 16:20 - 2013-09-17 16:19 - 00000000 ____D C:\Users\parouuu\Documents\FIFA 14 Demo
2013-09-17 16:19 - 2013-09-17 16:19 - 00000000 __SHD C:\ProgramData\DSS
2013-09-17 16:19 - 2013-08-23 02:58 - 00000000 ____D C:\ProgramData\Origin
2013-09-17 16:10 - 2013-08-23 02:58 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-16 23:39 - 2013-09-09 14:15 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-09-16 16:25 - 2013-09-16 16:25 - 00000000 ____D C:\Users\parouuu\AppData\Local\Overwolf
2013-09-16 16:25 - 2013-08-28 03:11 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-16 16:25 - 2013-08-25 11:57 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-16 16:25 - 2013-08-25 11:57 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-16 16:07 - 2013-08-25 11:57 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-16 13:49 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\parouuu\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 14:21

==================== End Of Log ============================

 

[Broni]

I don't see anything malicious there but let's see if we can bring your computer back to normal.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
See if you can start your computer normally.

 

[parouuu]

I'm thinking nothing malicious shows because we're in safe mode ?





Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by parouuu at 2013-10-16 02:27:20 Run:1
Running from C:\Users\parouuu\Desktop
Boot Mode: Safe Mode (with Networking)
==============================================

Content of fixlist:
*****************
LastRegBack: 2013-10-09 14:21
*****************

Error: The restore operation should be done in the recovery mode.

==== End of Fixlog ====

 

[Broni]

I'm thinking nothing malicious shows because we're in safe mode ?

It doesn't matter.

However I gave you wrong instructions.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

• Startup Repair
• System Restore
• Windows Complete PC Restore
• Windows Memory Diagnostic Tool
• Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

[parouuu]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Système on MININT-3LD6SCA on 16-10-2013 02:48:07
Running from D:\
Windows 8 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [692208 2012-12-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-06] (IDT, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [4391072 2012-11-09] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4123 2012-05-30] ()
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-29] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\parouuu\...\Run: [F.lux] - C:\Users\parouuu\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-28] ()
HKU\parouuu\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)
HKU\parouuu\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKU\parouuu\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)
Startup: C:\Users\parouuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur de la technologie Intel® Turbo Boost 2.6.lnk
ShortcutTarget: Moniteur de la technologie Intel® Turbo Boost 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
S2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-16] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915480 2013-05-22] (SoftThinks SAS)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-08-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
S2 postgresql-8.4; c:/postgreSQL/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "c:/postgreSQL/data" -w [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-29] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-29] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-26] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-28] (Motorola Solutions, Inc.)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-10-15] (Malwarebytes Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-10-15] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4358776 2013-01-30] (Intel Corporation)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-18] (Duplex Secure Ltd.)
S3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 17:40 - 2013-10-15 17:40 - 01954124 _____ (Farbar) C:\Users\parouuu\Downloads\FRST64.exe
2013-10-15 17:39 - 2013-10-15 17:39 - 01954124 _____ (Farbar) C:\Users\parouuu\Desktop\FRST64.exe
2013-10-15 16:52 - 2013-10-15 16:52 - 00062929 _____ C:\Users\parouuu\Desktop\FRST.txt
2013-10-15 16:51 - 2013-10-15 16:52 - 00028680 _____ C:\Users\parouuu\Desktop\Addition.txt
2013-10-15 13:48 - 2013-10-15 13:48 - 20312373 _____ C:\Users\parouuu\Downloads\Psql-cant-connect1.wmv
2013-10-15 13:44 - 2013-10-15 13:44 - 00000000 ____D C:\Users\parouuu\AppData\Local\IsolatedStorage
2013-10-15 13:44 - 2013-10-15 13:44 - 00000000 ____D C:\ProgramData\XHEO INC
2013-10-15 13:43 - 2013-10-15 13:46 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\HoldemManager
2013-10-15 13:43 - 2013-10-15 13:43 - 00018061 _____ C:\Users\parouuu\Downloads\install.log
2013-10-15 13:43 - 2013-10-15 13:43 - 00001094 _____ C:\Users\Public\Desktop\HoldemManager2.lnk
2013-10-15 13:43 - 2013-10-15 13:43 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2
2013-10-15 13:39 - 2013-10-15 13:39 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-10-15 12:46 - 2013-10-15 12:46 - 00001638 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_214613.txt
2013-10-15 12:45 - 2013-10-15 12:45 - 00001660 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_214518.txt
2013-10-15 11:17 - 2013-10-15 11:17 - 00000000 ____D C:\Users\parouuu\Downloads\Windows 7 Professional with Service Pack 1 (x64) - DVD (French)
2013-10-15 11:08 - 2013-10-15 11:08 - 00720896 _____ C:\Users\parouuu\Downloads\SDM_FR (1).msi
2013-10-15 11:08 - 2013-10-15 11:08 - 00000183 _____ C:\Users\parouuu\Downloads\100229553383.sdx
2013-10-15 10:59 - 2013-10-15 10:59 - 04868376 _____ (Veetle Inc) C:\Users\parouuu\Downloads\veetle-0.9.19.exe
2013-10-15 09:46 - 2013-10-15 09:46 - 00010525 _____ C:\Users\parouuu\Downloads\attach.txt
2013-10-15 09:16 - 2013-10-15 09:16 - 00010525 _____ C:\Users\parouuu\Desktop\attach.txt
2013-10-15 09:16 - 2013-10-15 09:15 - 00027313 _____ C:\Users\parouuu\Desktop\dds.txt
2013-10-15 09:15 - 2013-10-15 09:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-15 09:15 - 2013-10-15 09:15 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-15 09:15 - 2013-10-15 09:15 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 09:15 - 2009-01-25 04:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-10-15 09:13 - 2013-10-15 09:13 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Malwarebytes
2013-10-15 09:13 - 2013-10-15 09:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 09:13 - 2013-04-04 05:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-10-15 09:11 - 2013-10-15 09:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 09:11 - 2013-10-15 09:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2013-10-15 09:11 - 2013-10-15 09:11 - 00001377 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_181121.txt
2013-10-15 09:11 - 2013-10-15 09:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 09:10 - 2013-10-15 09:11 - 00000000 ____D C:\Users\parouuu\Desktop\mbar
2013-10-15 09:09 - 2013-10-15 09:09 - 00002112 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_180928.txt
2013-10-15 09:09 - 2013-10-15 09:09 - 00001947 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_180908.txt
2013-10-15 09:07 - 2013-10-15 12:46 - 00000000 ____D C:\Users\parouuu\Desktop\RK_Quarantine
2013-10-15 08:56 - 2013-10-15 08:56 - 02218636 _____ C:\Users\parouuu\Downloads\tdsskiller.zip
2013-10-15 08:55 - 2013-10-15 08:55 - 03987968 _____ C:\Users\parouuu\Downloads\RogueKillerX64.exe
2013-10-15 06:10 - 2013-10-15 06:10 - 12576792 _____ (Malwarebytes Corp.) C:\Users\parouuu\Downloads\mbar-1.07.0.1007.exe
2013-10-15 06:05 - 2013-10-15 06:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\parouuu\Desktop\HijackThis.exe
2013-10-15 06:05 - 2013-10-15 06:05 - 00028758 _____ C:\Users\parouuu\Downloads\hijackthis.log
2013-10-15 06:02 - 2013-10-15 06:03 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\parouuu\Downloads\tdsskiller.exe
2013-10-15 05:32 - 2013-10-15 05:32 - 00688992 _____ (Swearware) C:\Users\parouuu\Downloads\dds.scr
2013-10-15 05:31 - 2013-10-15 05:31 - 00688992 ____R (Swearware) C:\Users\parouuu\Downloads\dds.com
2013-10-15 04:55 - 2013-10-15 04:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\parouuu\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 04:40 - 2013-10-15 04:40 - 00009830 _____ C:\Users\parouuu\Downloads\exefix.reg
2013-10-15 04:26 - 2013-10-15 04:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\parouuu\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-15 03:59 - 2013-10-15 03:59 - 00000020 ___SH C:\Users\postgres\ntuser.ini
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Voisinage réseau
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Voisinage d'impression
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Modèles
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Menu Démarrer
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes vidéos
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes images
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Ma musique
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Historique
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 ____D C:\users\postgres
2013-10-15 03:59 - 2013-08-22 14:18 - 00000000 ____D C:\Users\postgres\AppData\Roaming\Macromedia
2013-10-15 03:55 - 2013-10-15 03:55 - 00000000 ____D C:\Program Files (x86)\Winamax Poker
2013-10-14 16:53 - 2013-10-14 16:53 - 00000000 ___HD C:\Windows\System32\Settings
2013-10-14 16:31 - 2013-10-15 13:43 - 00000000 ____D C:\Program Files (x86)\PSQLINSTALL
2013-10-13 10:49 - 2013-10-13 10:49 - 88885640 _____ C:\Users\parouuu\Downloads\7907_HoldemManager2Setup.exe
2013-10-10 14:42 - 2013-10-10 14:42 - 00648160 _____ (Unity Technologies ApS) C:\Users\parouuu\Downloads\UnityWebPlayer.exe
2013-10-07 15:53 - 2013-10-07 15:53 - 00000038 _____ C:\Users\parouuu\Desktop\mumble.txt
2013-10-04 16:51 - 2013-10-04 16:54 - 00000000 ____D C:\Users\parouuu\Desktop\Dexter S08
2013-10-03 03:23 - 2013-10-03 03:23 - 01739264 _____ C:\Users\parouuu\Downloads\Humour.ppt
2013-10-02 16:54 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E10.720p.HDTV.x264-EVOLVE[rarbg]
2013-10-02 16:48 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E06.PROPER.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-02 16:41 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E07.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-02 14:26 - 2013-10-03 17:44 - 00000000 ____D C:\Users\parouuu\Desktop\Séries
2013-10-02 14:22 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E02.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-02 14:21 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E03.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-02 14:21 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E01.720p.HDTV.x264-EVOLVE [PublicHD]
2013-10-01 04:49 - 2013-10-09 13:54 - 00000000 ____D C:\Users\parouuu\Desktop\gui
2013-09-30 14:26 - 2013-10-01 03:09 - 00000000 ____D C:\Users\parouuu\Documents\StarCraft II
2013-09-30 14:26 - 2013-09-30 14:35 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-09-30 14:26 - 2013-09-30 14:26 - 00001105 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-30 14:24 - 2013-09-30 14:24 - 54085656 _____ (Blizzard Entertainment) C:\Users\parouuu\Downloads\StarCraft-II-Setup-frFR.exe
2013-09-29 16:10 - 2013-09-29 16:10 - 00001171 _____ C:\Users\parouuu\Downloads\zipcity.jnlp
2013-09-29 15:33 - 2013-09-29 15:33 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 10:38 - 2013-09-29 10:38 - 00000000 ____D C:\Users\parouuu\Documents\EA Games
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-29 10:37 - 2007-07-19 15:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_9.dll
2013-09-29 10:37 - 2007-07-19 15:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_35.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_35.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_35.dll
2013-09-29 10:37 - 2007-07-19 09:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2013-09-29 10:37 - 2007-06-20 11:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_8.dll
2013-09-29 10:37 - 2007-06-20 11:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_34.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_34.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_34.dll
2013-09-29 10:37 - 2007-05-16 07:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2013-09-29 10:37 - 2007-04-04 09:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_7.dll
2013-09-29 10:37 - 2007-04-04 09:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2013-09-29 10:37 - 2007-04-04 09:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_3.dll
2013-09-29 10:37 - 2007-04-04 09:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2013-09-29 10:37 - 2007-03-15 07:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10_33.dll
2013-09-29 10:37 - 2007-03-15 07:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2013-09-29 10:37 - 2007-03-12 07:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_33.dll
2013-09-29 10:37 - 2007-03-12 07:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2013-09-29 10:37 - 2007-03-12 07:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_33.dll
2013-09-29 10:37 - 2007-03-12 07:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-09-29 10:37 - 2007-03-05 03:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_1.dll
2013-09-29 10:37 - 2007-03-05 03:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2013-09-29 10:37 - 2007-01-24 06:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_6.dll
2013-09-29 10:37 - 2007-01-24 06:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2013-09-29 10:37 - 2006-12-08 03:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2013-09-29 10:37 - 2006-12-08 03:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_5.dll
2013-09-29 10:37 - 2006-11-29 04:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_32.dll
2013-09-29 10:37 - 2006-11-29 04:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2013-09-29 10:37 - 2006-11-29 04:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\System32\d3dx10.dll
2013-09-29 10:37 - 2006-11-29 04:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2013-09-29 10:37 - 2006-09-28 07:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_31.dll
2013-09-29 10:37 - 2006-09-28 07:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2013-09-29 10:37 - 2006-09-28 07:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2013-09-29 10:37 - 2006-09-28 07:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_4.dll
2013-09-29 10:37 - 2006-07-28 00:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_2.dll
2013-09-29 10:37 - 2006-07-28 00:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_3.dll
2013-09-29 10:37 - 2006-07-28 00:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2013-09-29 10:37 - 2006-07-28 00:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2013-09-29 10:37 - 2006-05-30 22:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2013-09-29 10:37 - 2006-05-30 22:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_2.dll
2013-09-29 10:37 - 2006-03-31 03:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_30.dll
2013-09-29 10:37 - 2006-03-31 03:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2013-09-29 10:37 - 2006-03-31 03:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_1.dll
2013-09-29 10:37 - 2006-03-31 03:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2013-09-29 10:37 - 2006-03-31 03:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\System32\xinput1_1.dll
2013-09-29 10:37 - 2006-03-31 03:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2013-09-29 10:37 - 2006-02-02 23:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_29.dll
2013-09-29 10:37 - 2006-02-02 23:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2013-09-29 10:37 - 2006-02-02 23:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\System32\xactengine2_0.dll
2013-09-29 10:37 - 2006-02-02 23:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2013-09-29 10:37 - 2006-02-02 23:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\System32\x3daudio1_0.dll
2013-09-29 10:37 - 2006-02-02 23:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2013-09-29 10:37 - 2005-12-05 09:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_28.dll
2013-09-29 10:37 - 2005-12-05 09:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2013-09-29 10:36 - 2005-07-22 10:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-09-29 10:36 - 2005-07-22 10:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-09-29 10:36 - 2005-05-26 06:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_26.dll
2013-09-29 10:36 - 2005-05-26 06:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2013-09-29 10:36 - 2005-03-18 08:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_25.dll
2013-09-29 10:36 - 2005-03-18 08:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2013-09-29 10:36 - 2005-02-05 10:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\System32\d3dx9_24.dll
2013-09-29 10:36 - 2005-02-05 10:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2013-09-29 07:46 - 2013-09-29 07:46 - 00000000 ___RD C:\Users\parouuu\SkyDrive
2013-09-29 07:46 - 2013-09-29 07:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 07:45 - 2013-09-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-09-29 07:41 - 2013-09-29 07:41 - 01351264 _____ C:\Windows\NIRMALA.tt2
2013-09-29 07:41 - 2013-09-29 07:41 - 01303396 _____ C:\Windows\NIRMALAB.tt2
2013-09-29 07:40 - 2013-10-11 03:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-09-29 07:40 - 2013-09-29 07:40 - 00574664 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\Setup.X86.fr-FR_O365HomePremRetail_35ff5941-0c92-48b7-9f6d-27afc1ee3816_TX_DB_.exe
2013-09-28 12:47 - 2013-09-28 12:48 - 00002634 _____ C:\Users\parouuu\Mon premier programme en Java.jar
2013-09-26 14:45 - 2013-10-08 04:49 - 00000000 ____D C:\Users\parouuu\workspace
2013-09-26 14:44 - 2013-09-26 14:44 - 01095080 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-09-26 14:44 - 2013-09-26 14:44 - 00973736 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-09-26 14:44 - 2013-09-26 14:44 - 00312744 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00189352 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00189352 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00108968 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-26 14:43 - 2013-09-26 14:44 - 00000000 ____D C:\Program Files\Java
2013-09-26 14:42 - 2013-09-26 14:42 - 131337120 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jdk-7u40-windows-x64.exe
2013-09-26 14:38 - 2013-10-08 04:47 - 00000000 ____D C:\Program Files (x86)\eclipse
2013-09-26 14:34 - 2013-09-26 14:35 - 208636499 _____ C:\Users\parouuu\Downloads\eclipse-standard-kepler-R-win32-x86_64.zip
2013-09-24 05:11 - 2013-09-24 05:11 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Apple Computer
2013-09-24 05:10 - 2013-09-24 05:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-24 05:09 - 2013-09-24 05:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-24 05:08 - 2013-09-24 05:09 - 00000000 ____D C:\ProgramData\Apple
2013-09-24 05:07 - 2013-09-24 05:07 - 03580808 _____ C:\Users\parouuu\Downloads\CopyTransDriversInstallerFRv1.027.zip
2013-09-24 05:06 - 2013-09-24 05:20 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 05:06 - 2013-09-24 05:20 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-24 05:06 - 2013-09-24 05:06 - 00001360 _____ C:\Users\parouuu\Desktop\CopyTrans Control Center.lnk
2013-09-23 06:19 - 2013-09-25 02:09 - 00000100 _____ C:\Users\parouuu\Desktop\HCI & GUI.txt
2013-09-23 02:20 - 2013-09-23 02:20 - 00000000 ____D C:\ProgramData\Oracle
2013-09-23 02:20 - 2013-09-23 02:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-23 02:20 - 2013-09-23 02:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-23 02:20 - 2013-09-23 02:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-23 02:20 - 2013-09-23 02:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-23 02:19 - 2013-09-23 02:19 - 29036456 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jre-7u40-windows-i586.exe
2013-09-23 02:19 - 2013-09-23 02:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-22 13:01 - 2013-10-15 06:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-22 13:01 - 2013-10-15 04:20 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-22 13:01 - 2013-08-29 23:48 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00204880 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00080816 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00072016 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00065336 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00064288 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-09-22 13:01 - 2013-08-29 23:48 - 00033400 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-09-22 13:01 - 2013-08-29 23:47 - 00287840 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-09-22 13:00 - 2013-09-22 13:00 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-22 13:00 - 2013-08-29 23:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-22 12:59 - 2013-09-22 13:00 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-22 04:22 - 2013-09-22 05:35 - 131918888 _____ C:\Users\parouuu\Downloads\avast_free_antivirus_setup.exe
2013-09-20 06:00 - 2013-09-20 06:00 - 00000000 ____D C:\Users\parouuu\Documents\KONAMI
2013-09-20 05:46 - 2013-09-20 05:46 - 00000000 ____D C:\ProgramData\KONAMI
2013-09-20 05:46 - 2013-09-20 05:46 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-09-19 15:09 - 2013-09-19 15:34 - 00000000 ____D C:\Users\parouuu\Downloads\The Lone Ranger 2013 TS XViD UNiQUE
2013-09-19 04:26 - 2013-09-19 04:26 - 00001755 _____ C:\Users\parouuu\Desktop\PES 2014.lnk
2013-09-19 04:25 - 2013-09-19 04:25 - 12792920 _____ (CyberGhost S.R.L. ) C:\Users\parouuu\Downloads\CGWebInstall-fr.exe
2013-09-18 23:04 - 2013-09-18 23:04 - 18938891 _____ C:\Users\parouuu\Downloads\PES2014Patch101.zip

 

[parouuu]

2013-09-18 14:35 - 2013-09-18 14:37 - 21419274 _____ C:\Users\parouuu\Downloads\abj209.zip
2013-09-18 14:35 - 2013-09-18 14:35 - 00214952 _____ (Deposit Files) C:\Users\parouuu\Downloads\dfdownloader_IUfTTH_.exe
2013-09-18 14:28 - 2013-09-18 14:36 - 27232235 _____ C:\Users\parouuu\Downloads\AC669.rar
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-09-18 11:40 - 2013-09-18 11:40 - 40054488 _____ (SplitMediaLabs) C:\Users\parouuu\Downloads\xsplit_installer_v1.3.1309.1602.exe
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 10:02 - 2013-09-18 10:02 - 00316976 _____ (Disc Soft Ltd) C:\Users\parouuu\Downloads\DTLite4471-0337 (2).exe
2013-09-18 09:42 - 2013-09-18 09:42 - 00029284 _____ C:\Users\parouuu\Downloads\pes2014mi.rar
2013-09-18 09:29 - 2013-09-18 09:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 09:28 - 2013-09-18 09:34 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 09:28 - 2013-09-18 09:28 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2013-09-18 09:27 - 2013-09-18 09:28 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 09:26 - 2013-09-18 09:34 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-09-18 09:22 - 2013-09-18 09:22 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-18 09:21 - 2013-09-18 09:21 - 05829256 _____ (TeamViewer GmbH) C:\Users\parouuu\Downloads\TeamViewer_Setup_fr.exe
2013-09-17 10:34 - 2013-09-17 10:34 - 00889416 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\dotNetFx40_Full_setup.exe
2013-09-17 07:19 - 2013-09-17 07:20 - 00000000 ____D C:\Users\parouuu\Documents\FIFA 14 Demo
2013-09-17 07:19 - 2013-09-17 07:19 - 00000000 __SHD C:\ProgramData\DSS
2013-09-16 07:25 - 2013-09-16 07:25 - 00000000 ____D C:\Users\parouuu\AppData\Local\Overwolf

==================== One Month Modified Files and Folders =======

2013-10-15 17:40 - 2013-10-15 17:40 - 01954124 _____ (Farbar) C:\Users\parouuu\Downloads\FRST64.exe
2013-10-15 17:40 - 2012-07-26 02:08 - 00840520 _____ C:\Windows\System32\perfh00C.dat
2013-10-15 17:40 - 2012-07-26 02:08 - 00173326 _____ C:\Windows\System32\perfc00C.dat
2013-10-15 17:40 - 2012-07-25 23:28 - 01904858 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-15 17:39 - 2013-10-15 17:39 - 01954124 _____ (Farbar) C:\Users\parouuu\Desktop\FRST64.exe
2013-10-15 17:01 - 2013-08-21 19:51 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-10-15 16:52 - 2013-10-15 16:52 - 00062929 _____ C:\Users\parouuu\Desktop\FRST.txt
2013-10-15 16:52 - 2013-10-15 16:51 - 00028680 _____ C:\Users\parouuu\Desktop\Addition.txt
2013-10-15 16:48 - 2013-08-06 22:30 - 01438659 _____ C:\Windows\WindowsUpdate.log
2013-10-15 14:07 - 2013-08-21 19:23 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3687278544-3320412002-2415371330-1002
2013-10-15 14:04 - 2013-08-06 23:18 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-10-15 13:59 - 2013-08-24 16:03 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-15 13:58 - 2013-09-12 08:04 - 00000000 ___RD C:\Users\parouuu\Desktop\Google Drive
2013-10-15 13:55 - 2013-08-06 22:27 - 00025148 _____ C:\Windows\PFRO.log
2013-10-15 13:48 - 2013-10-15 13:48 - 20312373 _____ C:\Users\parouuu\Downloads\Psql-cant-connect1.wmv
2013-10-15 13:46 - 2013-10-15 13:43 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\HoldemManager
2013-10-15 13:44 - 2013-10-15 13:44 - 00000000 ____D C:\Users\parouuu\AppData\Local\IsolatedStorage
2013-10-15 13:44 - 2013-10-15 13:44 - 00000000 ____D C:\ProgramData\XHEO INC
2013-10-15 13:43 - 2013-10-15 13:43 - 00018061 _____ C:\Users\parouuu\Downloads\install.log
2013-10-15 13:43 - 2013-10-15 13:43 - 00001094 _____ C:\Users\Public\Desktop\HoldemManager2.lnk
2013-10-15 13:43 - 2013-10-15 13:43 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2
2013-10-15 13:43 - 2013-10-14 16:31 - 00000000 ____D C:\Program Files (x86)\PSQLINSTALL
2013-10-15 13:39 - 2013-10-15 13:39 - 00000000 ____D C:\Program Files (x86)\Veetle
2013-10-15 12:46 - 2013-10-15 12:46 - 00001638 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_214613.txt
2013-10-15 12:46 - 2013-10-15 09:07 - 00000000 ____D C:\Users\parouuu\Desktop\RK_Quarantine
2013-10-15 12:45 - 2013-10-15 12:45 - 00001660 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_214518.txt
2013-10-15 12:21 - 2013-08-22 03:02 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Skype
2013-10-15 11:17 - 2013-10-15 11:17 - 00000000 ____D C:\Users\parouuu\Downloads\Windows 7 Professional with Service Pack 1 (x64) - DVD (French)
2013-10-15 11:08 - 2013-10-15 11:08 - 00720896 _____ C:\Users\parouuu\Downloads\SDM_FR (1).msi
2013-10-15 11:08 - 2013-10-15 11:08 - 00000183 _____ C:\Users\parouuu\Downloads\100229553383.sdx
2013-10-15 11:08 - 2013-08-27 17:06 - 00003153 _____ C:\Users\parouuu\Desktop\Secure Download Manager.lnk
2013-10-15 11:08 - 2013-08-27 17:06 - 00000000 _____ C:\Users\parouuu\Downloads\SecureDownloadManager.log
2013-10-15 10:59 - 2013-10-15 10:59 - 04868376 _____ (Veetle Inc) C:\Users\parouuu\Downloads\veetle-0.9.19.exe
2013-10-15 09:46 - 2013-10-15 09:46 - 00010525 _____ C:\Users\parouuu\Downloads\attach.txt
2013-10-15 09:19 - 2013-10-15 09:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-15 09:16 - 2013-10-15 09:16 - 00010525 _____ C:\Users\parouuu\Desktop\attach.txt
2013-10-15 09:15 - 2013-10-15 09:16 - 00027313 _____ C:\Users\parouuu\Desktop\dds.txt
2013-10-15 09:15 - 2013-10-15 09:15 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-10-15 09:15 - 2013-10-15 09:15 - 00000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000628 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000458 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-10-15 09:15 - 2013-10-15 09:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 09:13 - 2013-10-15 09:13 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Malwarebytes
2013-10-15 09:13 - 2013-10-15 09:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 09:12 - 2013-10-15 09:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 09:11 - 2013-10-15 09:11 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2013-10-15 09:11 - 2013-10-15 09:11 - 00001377 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_181121.txt
2013-10-15 09:11 - 2013-10-15 09:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-15 09:11 - 2013-10-15 09:10 - 00000000 ____D C:\Users\parouuu\Desktop\mbar
2013-10-15 09:09 - 2013-10-15 09:09 - 00002112 _____ C:\Users\parouuu\Desktop\RKreport[0]_D_10152013_180928.txt
2013-10-15 09:09 - 2013-10-15 09:09 - 00001947 _____ C:\Users\parouuu\Desktop\RKreport[0]_S_10152013_180908.txt
2013-10-15 08:56 - 2013-10-15 08:56 - 02218636 _____ C:\Users\parouuu\Downloads\tdsskiller.zip
2013-10-15 08:55 - 2013-10-15 08:55 - 03987968 _____ C:\Users\parouuu\Downloads\RogueKillerX64.exe
2013-10-15 06:32 - 2013-09-22 13:01 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-15 06:10 - 2013-10-15 06:10 - 12576792 _____ (Malwarebytes Corp.) C:\Users\parouuu\Downloads\mbar-1.07.0.1007.exe
2013-10-15 06:05 - 2013-10-15 06:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\parouuu\Desktop\HijackThis.exe
2013-10-15 06:05 - 2013-10-15 06:05 - 00028758 _____ C:\Users\parouuu\Downloads\hijackthis.log
2013-10-15 06:05 - 2013-08-21 19:00 - 00000000 ____D C:\Users\parouuu\AppData\Local\VirtualStore
2013-10-15 06:03 - 2013-10-15 06:02 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\parouuu\Downloads\tdsskiller.exe
2013-10-15 05:32 - 2013-10-15 05:32 - 00688992 _____ (Swearware) C:\Users\parouuu\Downloads\dds.scr
2013-10-15 05:31 - 2013-10-15 05:31 - 00688992 ____R (Swearware) C:\Users\parouuu\Downloads\dds.com
2013-10-15 04:55 - 2013-10-15 04:55 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\parouuu\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-15 04:43 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-10-15 04:40 - 2013-10-15 04:40 - 00009830 _____ C:\Users\parouuu\Downloads\exefix.reg
2013-10-15 04:26 - 2013-10-15 04:26 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\parouuu\Downloads\spybotsd-2.1.21-SR2.exe
2013-10-15 04:20 - 2013-09-22 13:01 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-15 03:59 - 2013-10-15 03:59 - 00000020 ___SH C:\Users\postgres\ntuser.ini
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Voisinage réseau
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Voisinage d'impression
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Modèles
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Menu Démarrer
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes vidéos
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Mes images
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\Documents\Ma musique
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 _SHDL C:\Users\postgres\AppData\Local\Historique
2013-10-15 03:59 - 2013-10-15 03:59 - 00000000 ____D C:\users\postgres
2013-10-15 03:57 - 2013-08-21 19:55 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TS3Client
2013-10-15 03:55 - 2013-10-15 03:55 - 00000000 ____D C:\Program Files (x86)\Winamax Poker
2013-10-15 03:55 - 2013-08-22 14:19 - 00000790 _____ C:\Users\Public\Desktop\Winamax Poker.lnk
2013-10-15 03:46 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\NDF
2013-10-15 03:33 - 2013-08-21 19:16 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 03:07 - 2013-08-21 19:16 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-15 03:05 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-10-14 16:53 - 2013-10-14 16:53 - 00000000 ___HD C:\Windows\System32\Settings
2013-10-14 05:05 - 2013-08-24 16:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\PMB Files
2013-10-14 05:05 - 2013-08-24 16:29 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-14 04:33 - 2013-08-21 19:00 - 00000000 ____D C:\users\parouuu
2013-10-13 10:49 - 2013-10-13 10:49 - 88885640 _____ C:\Users\parouuu\Downloads\7907_HoldemManager2Setup.exe
2013-10-12 06:59 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-11 03:21 - 2013-09-29 07:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-10-11 03:09 - 2012-07-25 23:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-10 14:42 - 2013-10-10 14:42 - 00648160 _____ (Unity Technologies ApS) C:\Users\parouuu\Downloads\UnityWebPlayer.exe
2013-10-09 13:54 - 2013-10-01 04:49 - 00000000 ____D C:\Users\parouuu\Desktop\gui
2013-10-08 10:21 - 2013-08-21 19:16 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 10:21 - 2013-08-21 19:16 - 00003828 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 04:49 - 2013-09-26 14:45 - 00000000 ____D C:\Users\parouuu\workspace
2013-10-08 04:47 - 2013-09-26 14:38 - 00000000 ____D C:\Program Files (x86)\eclipse
2013-10-08 04:45 - 2012-07-25 23:21 - 00026357 _____ C:\Windows\setupact.log
2013-10-07 15:53 - 2013-10-07 15:53 - 00000038 _____ C:\Users\parouuu\Desktop\mumble.txt
2013-10-04 16:55 - 2013-09-01 14:58 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\uTorrent
2013-10-04 16:54 - 2013-10-04 16:51 - 00000000 ____D C:\Users\parouuu\Desktop\Dexter S08
2013-10-04 16:51 - 2013-10-02 16:54 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E10.720p.HDTV.x264-EVOLVE[rarbg]
2013-10-04 16:51 - 2013-10-02 16:48 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E06.PROPER.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-04 16:51 - 2013-10-02 16:41 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E07.720p.HDTV.x264-IMMERSE[rarbg]
2013-10-04 16:51 - 2013-10-02 14:22 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E02.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-04 16:51 - 2013-10-02 14:21 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E03.720p.HDTV.x264-IMMERSE [PublicHD]
2013-10-04 16:51 - 2013-10-02 14:21 - 00000000 ____D C:\Users\parouuu\Downloads\Dexter.S08E01.720p.HDTV.x264-EVOLVE [PublicHD]
2013-10-04 02:08 - 2013-08-21 19:00 - 00000000 ____D C:\Users\parouuu\AppData\Local\Packages
2013-10-03 17:44 - 2013-10-02 14:26 - 00000000 ____D C:\Users\parouuu\Desktop\Séries
2013-10-03 03:23 - 2013-10-03 03:23 - 01739264 _____ C:\Users\parouuu\Downloads\Humour.ppt
2013-10-01 03:09 - 2013-09-30 14:26 - 00000000 ____D C:\Users\parouuu\Documents\StarCraft II
2013-09-30 14:35 - 2013-09-30 14:26 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-09-30 14:26 - 2013-09-30 14:26 - 00001105 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2013-09-30 14:26 - 2013-08-21 23:36 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-09-30 14:24 - 2013-09-30 14:24 - 54085656 _____ (Blizzard Entertainment) C:\Users\parouuu\Downloads\StarCraft-II-Setup-frFR.exe
2013-09-29 16:10 - 2013-09-29 16:10 - 00001171 _____ C:\Users\parouuu\Downloads\zipcity.jnlp
2013-09-29 16:03 - 2013-08-06 22:27 - 00434680 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-29 15:33 - 2013-09-29 15:33 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 10:38 - 2013-09-29 10:38 - 00000000 ____D C:\Users\parouuu\Documents\EA Games
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\Windows\SysWOW64\AGEIA
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-29 10:37 - 2013-08-06 23:20 - 00248180 _____ C:\Windows\DirectX.log
2013-09-29 07:46 - 2013-09-29 07:46 - 00000000 ___RD C:\Users\parouuu\SkyDrive
2013-09-29 07:46 - 2013-09-29 07:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 07:45 - 2013-09-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-09-29 07:45 - 2013-08-06 23:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-09-29 07:41 - 2013-09-29 07:41 - 01351264 _____ C:\Windows\NIRMALA.tt2
2013-09-29 07:41 - 2013-09-29 07:41 - 01303396 _____ C:\Windows\NIRMALAB.tt2
2013-09-29 07:40 - 2013-09-29 07:40 - 00574664 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\Setup.X86.fr-FR_O365HomePremRetail_35ff5941-0c92-48b7-9f6d-27afc1ee3816_TX_DB_.exe
2013-09-28 12:48 - 2013-09-28 12:47 - 00002634 _____ C:\Users\parouuu\Mon premier programme en Java.jar
2013-09-28 08:00 - 2013-09-06 07:36 - 00000000 ____D C:\Users\parouuu\Documents\Visual Studio 2012
2013-09-27 02:39 - 2013-08-06 23:09 - 00000000 ____D C:\Program Files\My Dell
2013-09-26 14:44 - 2013-09-26 14:44 - 01095080 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-09-26 14:44 - 2013-09-26 14:44 - 00973736 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-09-26 14:44 - 2013-09-26 14:44 - 00312744 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00189352 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00189352 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2013-09-26 14:44 - 2013-09-26 14:44 - 00108968 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-26 14:44 - 2013-09-26 14:43 - 00000000 ____D C:\Program Files\Java
2013-09-26 14:42 - 2013-09-26 14:42 - 131337120 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jdk-7u40-windows-x64.exe
2013-09-26 14:35 - 2013-09-26 14:34 - 208636499 _____ C:\Users\parouuu\Downloads\eclipse-standard-kepler-R-win32-x86_64.zip
2013-09-25 02:09 - 2013-09-23 06:19 - 00000100 _____ C:\Users\parouuu\Desktop\HCI & GUI.txt
2013-09-24 05:20 - 2013-09-24 05:06 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 05:20 - 2013-09-24 05:06 - 00000000 ____D C:\ProgramData\WindSolutions
2013-09-24 05:11 - 2013-09-24 05:11 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\Apple Computer
2013-09-24 05:10 - 2013-09-24 05:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-24 05:09 - 2013-09-24 05:09 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-24 05:09 - 2013-09-24 05:08 - 00000000 ____D C:\ProgramData\Apple
2013-09-24 05:07 - 2013-09-24 05:07 - 03580808 _____ C:\Users\parouuu\Downloads\CopyTransDriversInstallerFRv1.027.zip
2013-09-24 05:06 - 2013-09-24 05:06 - 00001360 _____ C:\Users\parouuu\Desktop\CopyTrans Control Center.lnk
2013-09-23 08:44 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-09-23 05:10 - 2013-08-23 02:27 - 00000000 ____D C:\Users\parouuu\Desktop\CorePlusField V8.1
2013-09-23 02:20 - 2013-09-23 02:20 - 00000000 ____D C:\ProgramData\Oracle
2013-09-23 02:19 - 2013-09-23 02:20 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-23 02:19 - 2013-09-23 02:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-23 02:19 - 2013-09-23 02:20 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-23 02:19 - 2013-09-23 02:20 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-23 02:19 - 2013-09-23 02:19 - 29036456 _____ (Oracle Corporation) C:\Users\parouuu\Downloads\jre-7u40-windows-i586.exe
2013-09-23 02:19 - 2013-09-23 02:19 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-23 02:19 - 2013-09-03 13:18 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-23 02:19 - 2013-09-03 13:18 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-22 13:00 - 2013-09-22 13:00 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-22 13:00 - 2013-09-22 12:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-22 05:35 - 2013-09-22 04:22 - 131918888 _____ C:\Users\parouuu\Downloads\avast_free_antivirus_setup.exe
2013-09-22 04:19 - 2013-08-06 23:22 - 00000000 ____D C:\ProgramData\McAfee
2013-09-22 04:14 - 2012-07-26 00:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-20 06:00 - 2013-09-20 06:00 - 00000000 ____D C:\Users\parouuu\Documents\KONAMI
2013-09-20 05:46 - 2013-09-20 05:46 - 00000000 ____D C:\ProgramData\KONAMI
2013-09-20 05:46 - 2013-09-20 05:46 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-09-19 15:34 - 2013-09-19 15:09 - 00000000 ____D C:\Users\parouuu\Downloads\The Lone Ranger 2013 TS XViD UNiQUE
2013-09-19 04:26 - 2013-09-19 04:26 - 00001755 _____ C:\Users\parouuu\Desktop\PES 2014.lnk
2013-09-19 04:25 - 2013-09-19 04:25 - 12792920 _____ (CyberGhost S.R.L. ) C:\Users\parouuu\Downloads\CGWebInstall-fr.exe
2013-09-18 23:04 - 2013-09-18 23:04 - 18938891 _____ C:\Users\parouuu\Downloads\PES2014Patch101.zip
2013-09-18 14:37 - 2013-09-18 14:35 - 21419274 _____ C:\Users\parouuu\Downloads\abj209.zip
2013-09-18 14:36 - 2013-09-18 14:28 - 27232235 _____ C:\Users\parouuu\Downloads\AC669.rar
2013-09-18 14:35 - 2013-09-18 14:35 - 00214952 _____ (Deposit Files) C:\Users\parouuu\Downloads\dfdownloader_IUfTTH_.exe
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\ProgramData\SplitMediaLabs
2013-09-18 11:41 - 2013-09-18 11:41 - 00000000 ____D C:\Program Files (x86)\SplitMediaLabs
2013-09-18 11:41 - 2013-08-24 16:30 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-18 11:40 - 2013-09-18 11:40 - 40054488 _____ (SplitMediaLabs) C:\Users\parouuu\Downloads\xsplit_installer_v1.3.1309.1602.exe
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 10:02 - 2013-09-18 10:02 - 00316976 _____ (Disc Soft Ltd) C:\Users\parouuu\Downloads\DTLite4471-0337 (2).exe
2013-09-18 09:42 - 2013-09-18 09:42 - 00029284 _____ C:\Users\parouuu\Downloads\pes2014mi.rar
2013-09-18 09:34 - 2013-09-18 09:28 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 09:34 - 2013-09-18 09:26 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-09-18 09:29 - 2013-09-18 09:29 - 00000000 ____D C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 09:28 - 2013-09-18 09:28 - 00564824 _____ (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys
2013-09-18 09:28 - 2013-09-18 09:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 09:22 - 2013-09-18 09:22 - 00000000 ____D C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-18 09:21 - 2013-09-18 09:21 - 05829256 _____ (TeamViewer GmbH) C:\Users\parouuu\Downloads\TeamViewer_Setup_fr.exe
2013-09-17 10:34 - 2013-09-17 10:34 - 00889416 _____ (Microsoft Corporation) C:\Users\parouuu\Downloads\dotNetFx40_Full_setup.exe
2013-09-17 08:07 - 2013-08-22 18:12 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-17 07:20 - 2013-09-17 07:19 - 00000000 ____D C:\Users\parouuu\Documents\FIFA 14 Demo
2013-09-17 07:19 - 2013-09-17 07:19 - 00000000 __SHD C:\ProgramData\DSS
2013-09-17 07:19 - 2013-08-22 17:58 - 00000000 ____D C:\ProgramData\Origin
2013-09-17 07:10 - 2013-08-22 17:58 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-16 14:39 - 2013-09-09 05:15 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2013-09-16 07:25 - 2013-09-16 07:25 - 00000000 ____D C:\Users\parouuu\AppData\Local\Overwolf
2013-09-16 07:25 - 2013-08-27 18:11 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-16 07:25 - 2013-08-25 02:57 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-16 07:25 - 2013-08-25 02:57 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-16 07:07 - 2013-08-25 02:57 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-16 04:49 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\parouuu\AppData\Local\Temp\ntdll_dump.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

2
Restore point made on: 2013-09-29 10:36:35
Restore point made on: 2013-10-06 18:02:15

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 8049.71 MB
Available physical RAM: 7124.71 MB
Total Pagefile: 8049.71 MB
Available Pagefile: 7151.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive d: (USB DISK) (Removable) (Total:3.73 GB) (Free:1.83 GB) FAT32
Drive e: (PES2014_R1) (CDROM) (Total:5.08 GB) (Free:0 GB) UDF
Drive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
Drive g: (DIAGS) (Fixed) (Total:0.04 GB) (Free:0.04 GB) FAT32
Drive I: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.19 GB) NTFS
Drive j: (PBR Image) (Fixed) (Total:12 GB) (Free:0.7 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: CD170250)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-10-09 05:21

==================== End Of Log ============================

 

[Broni]

Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the OTLPE CD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
See if you can start normally.

 

[parouuu]

Blackscreen is gone at the boot, but I still cant open taskmgr, regedit et some other programs. Plus I still can't enable one Avast agent and acces some options in the config panel like firewall or manage user accounts.




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by Système at 2013-10-16 14:15:21 Run:1
Running from D:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
LastRegBack: 2013-10-09 05:21
*****************

DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====

 

[Broni]

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

 

[parouuu]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.40.2
Run by parouuu at 0:48:14 on 2013-10-17
Microsoft Windows 8 6.2.9200.0.1252.33.1036.18.8050.6505 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dell13.msn.com
uDefault_Page_URL = hxxp://dell13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [F.lux] "C:\Users\parouuu\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
StartupFolder: C:\Users\parouuu\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITE~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Envoyer à Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5} : DHCPNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\071627F6575757 : DHCPNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\76F666275656763646 : DHCPNameServer = 10.1.40.166 10.1.40.163
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\C696E6B6379737 : DHCPNameServer = 89.101.160.4 89.101.160.5
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\D647563636C65637 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\D647563636C6563733 : DHCPNameServer = 192.168.30.1
TCP: Interfaces\{9B05E1C0-CE03-44B5-B282-668E191209F5}\E4544574541425 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{EF8E9560-81EA-4136-9F5A-C75493372C50} : DHCPNameServer = 10.1.40.163 10.1.40.166 172.18.0.30 172.18.0.2
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\windows\syswow64\nvinit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Windows\skipmetrosuite.exe,
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-26 651832]
R0 nvpciflt;nvpciflt;C:\Windows\System32\Drivers\nvpciflt.sys [2013-8-7 30496]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-10-9 25568]
R3 NETwNe64;@oem4.inf,___ %NIC_Service_DispName_WIN8_64%;___ Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows 8 64 bits ;C:\Windows\System32\Drivers\NETwew00.sys [2013-8-7 4358776]
R3 RTL8168;Pilote Realtek 8168 NT;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-9-22 65336]
S0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-9-22 204880]
S1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-9-22 1030952]
S1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-9-22 378944]
S1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-8-7 92536]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-12-8 753704]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-9-22 33400]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-9-22 80816]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-22 46808]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-6 1124288]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-3-13 187912]
S2 IAStorDataMgrSvc;Technologie de stockage Intel(R) Rapid;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 14904]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-8-7 2451456]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-8-7 166720]
S2 OfficeSvc;Service Microsoft Office;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-29 1907896]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-8-7 1915480]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-7-25 162672]
S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-8-7 365376]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-12-3 3386160]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;C:\Windows\System32\Drivers\AmpPal.sys [2012-12-8 163880]
S3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;C:\Windows\System32\Drivers\AmpPal.sys [2012-12-8 163880]
S3 BthLEEnum;Pilote Bluetooth Low Energy;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-8-27 121728]
S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-8-29 857472]
S3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-10-9 35296]
S3 IntcDAud;Son Intel(R) pour écrans;C:\Windows\System32\Drivers\IntcDAud.sys [2013-8-7 342528]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-12-3 272176]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\Drivers\nvstusb.sys [2013-8-7 447928]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2013-8-7 315536]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-7-25 126976]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-10-9 47072]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-10-9 188896]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-10-16 12:46:18--------d-----w-C:\Users\parouuu\AppData\Local\FluxSoftware
2013-10-16 10:47:57--------d-----w-C:\FRST
2013-10-15 21:44:16--------d-----w-C:\Users\parouuu\AppData\Local\IsolatedStorage
2013-10-15 21:44:16--------d-----w-C:\ProgramData\XHEO INC
2013-10-15 21:43:53--------d-----w-C:\Users\parouuu\AppData\Roaming\HoldemManager
2013-10-15 21:43:19--------d-----w-C:\Program Files (x86)\Holdem Manager 2
2013-10-15 21:39:33--------d-----w-C:\Program Files (x86)\Veetle
2013-10-15 17:15:26--------d-----w-C:\ProgramData\Spybot - Search & Destroy
2013-10-15 17:15:1017272----a-w-C:\Windows\System32\sdnclean64.exe
2013-10-15 17:15:05--------d-----w-C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-10-15 17:13:46--------d-----w-C:\Users\parouuu\AppData\Roaming\Malwarebytes
2013-10-15 17:13:2925928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-10-15 17:13:29--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-15 17:11:39--------d-----w-C:\ProgramData\Malwarebytes
2013-10-15 17:11:36--------d-----w-C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-10-15 17:11:1991352----a-w-C:\Windows\System32\drivers\mbamchameleon.sys
2013-10-15 11:55:16--------d-----w-C:\Program Files (x86)\Winamax Poker
2013-10-15 00:53:27--------d--h--w-C:\Windows\System32\Settings
2013-10-15 00:32:19--------d-----w-C:\postgreSQL
2013-10-15 00:31:46--------d-----w-C:\Program Files (x86)\PSQLINSTALL
2013-09-30 22:26:28--------d-----w-C:\Program Files (x86)\StarCraft II
2013-09-29 23:33:37--------d-----w-C:\Users\parouuu\AppData\Roaming\Microsoft FxCop
2013-09-29 18:36:583767504----a-w-C:\Windows\System32\d3dx9_26.dll
2013-09-29 18:36:582297552----a-w-C:\Windows\SysWow64\d3dx9_26.dll
2013-09-29 15:46:00--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
2013-09-29 15:46:00--------d-----r-C:\Users\parouuu\SkyDrive
2013-09-29 15:45:52--------d-----w-C:\ProgramData\Microsoft SkyDrive
2013-09-29 15:43:11566480----a-w-C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-09-29 15:40:26--------d-----w-C:\Program Files\Microsoft Office 15
2013-09-26 22:45:20--------d-----w-C:\Users\parouuu\workspace
2013-09-26 22:44:36973736----a-w-C:\Windows\System32\deployJava1.dll
2013-09-26 22:44:361095080----a-w-C:\Windows\System32\npDeployJava1.dll
2013-09-26 22:44:33108968----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-26 22:38:55--------d-----w-C:\Program Files (x86)\eclipse
2013-09-24 13:10:04--------d-----w-C:\Program Files (x86)\iTunes
2013-09-24 13:06:06--------d-----w-C:\Users\parouuu\AppData\Roaming\WindSolutions
2013-09-24 13:06:06--------d-----w-C:\ProgramData\WindSolutions
2013-09-23 10:20:08--------d-----w-C:\ProgramData\Oracle
2013-09-23 10:20:0596168----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-22 21:01:5072016----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2013-09-22 21:01:3865336----a-w-C:\Windows\System32\drivers\aswRvrt.sys
2013-09-22 21:01:38204880----a-w-C:\Windows\System32\drivers\aswVmm.sys
2013-09-22 21:01:381030952----a-w-C:\Windows\System32\drivers\aswSnx.sys
2013-09-22 21:01:3680816----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2013-09-22 21:00:3041664----a-w-C:\Windows\avastSS.scr
2013-09-22 21:00:08--------d-----w-C:\Program Files\AVAST Software
2013-09-22 20:59:02--------d-----w-C:\ProgramData\AVAST Software
2013-09-22 15:42:029311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B98AEB61-C82D-482D-A736-795D560A3955}\mpengine.dll
2013-09-20 13:46:04--------d-----w-C:\ProgramData\KONAMI
2013-09-20 13:46:04--------d-----w-C:\Program Files (x86)\KONAMI
2013-09-18 19:41:40--------d-----w-C:\Users\parouuu\AppData\Local\SplitMediaLabs
2013-09-18 19:41:09--------d-----w-C:\ProgramData\SplitMediaLabs
2013-09-18 19:41:09--------d-----w-C:\Program Files (x86)\SplitMediaLabs
2013-09-18 19:40:42--------d-----w-C:\Users\parouuu\AppData\Roaming\SplitMediaLabs
2013-09-18 17:29:05--------d-----w-C:\Users\parouuu\AppData\Local\Minibar
2013-09-18 17:28:31564824----a-w-C:\Windows\System32\drivers\sptd.sys
2013-09-18 17:28:07--------d-----w-C:\Users\parouuu\AppData\Roaming\DAEMON Tools Lite
2013-09-18 17:27:58--------d-----w-C:\Program Files (x86)\DAEMON Tools Lite
2013-09-18 17:26:48--------d-----w-C:\ProgramData\DAEMON Tools Lite
2013-09-18 17:22:21--------d-----w-C:\Users\parouuu\AppData\Roaming\TeamViewer
2013-09-17 15:19:56--------d-sh--w-C:\ProgramData\DSS
.
==================== Find3M ====================
.
2013-10-11 11:08:50268435456--sha-w-C:\swapfile.sys
2013-09-23 10:19:58868264----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-09-23 10:19:58790440----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-09-16 15:25:44290184----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2013-09-16 15:25:44290184----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2013-09-16 15:25:36280904----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2013-09-16 15:07:0376888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2013-08-31 23:32:024411392----a-w-C:\Windows\mplayerc.exe
2013-08-22 07:14:2811776----a-w-C:\Windows\skipmetrosuite.exe
2013-08-07 16:16:5977824----a-w-C:\Windows\System32\taskhost.exe
2013-08-07 16:15:59888832----a-w-C:\Windows\System32\nshwfp.dll
2013-08-07 07:14:40499712----a-w-C:\Windows\SysWow64\msvcp71.dll
2013-08-07 07:14:40348160----a-w-C:\Windows\SysWow64\msvcr71.dll
2013-08-07 07:14:4029480----a-w-C:\Windows\SysWow64\msxml3a.dll
2013-08-02 17:29:58256088----a-w-C:\Windows\System32\unrar64.dll
2013-08-02 17:29:58217176----a-w-C:\Windows\SysWow64\unrar.dll
.
============= FINISH: 0:50:48,16 ===============

 

[parouuu]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 22/08/2013 04:00:08
System Uptime: 17/10/2013 00:43:01 (0 hours ago)
.
Motherboard: Dell Inc. | | 04M3YM
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz | CPU Socket - U3E1 | 2594/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 688,454 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Device ID: USB\VID_8087&PID_07DA\6&8959E51&0&5
Manufacturer: Intel Corporation
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
PNP Device ID: USB\VID_8087&PID_07DA\6&8959E51&0&5
Service: BTHUSB
.
==== System Restore Points ===================
.
RP17: 29/09/2013 19:36:21 - DirectX est installé
RP18: 07/10/2013 03:02:05 - Point de contrôle planifié
.
==== Installed Programs ======================
.
Tools for .Net 3.5
Tools for .Net 3.5 - FRA Lang Pack
Adobe AIR
Apple Application Support
Apple Mobile Device Support
µTorrent
avast! Free Antivirus
Battlefield 3™
Battlelog Web Plugins
Blend for Visual Studio 2012
Blend for Visual Studio 2012 FRA resources
Classic Shell
Composants requis pour SSDT
CopyTrans Suite désinstallation uniquement
Counter-Strike: Global Offensive
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 10
D3DX10
DAEMON Tools Lite
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Custom Help
Dell Digital Delivery
Dell Touchpad
Diablo III
Dotfuscator and Analytics Community Edition
DSC/AA Factory Installer
Entity Framework Designer pour Visual Studio 2012 - FRA
ESN Sonar
f.lux
Galerie de photos
Google Chrome
Google Drive
Google Update Helper
IIS 8.0 Express
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) PROSet/Wireless WiFi Software Driver
Intel(R) Rapid Storage Technology
Intel(R) WiDi
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Java 7 Update 40
Java 7 Update 40 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 40 (64-bit)
K-Lite Codec Pack 10.0.0 Standard
League of Legends
LocalESPC
LocalESPCui for fr-fr
Logiciel Intel® PROSet/Wireless
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5 SDK
Microsoft .NET Framework 4.5 SDK - Module linguistique FRA
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 3
Microsoft ASP.NET MVC 3 - FRA
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - FRA
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - FRA
Microsoft ASP.NET MVC 4 Runtime
Microsoft ASP.NET MVC 4 Runtime - FRA
Microsoft ASP.NET Web Pages
Microsoft ASP.NET Web Pages - FRA
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - FRA
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - FRA
Microsoft ASP.NET Web Pages 2 Runtime
Microsoft ASP.NET Web Pages 2 Runtime - FRA
Microsoft Help Viewer 2.0
Microsoft LightSwitch for Visual Studio 2012 Core
Microsoft LightSwitch pour Visual Studio 2012 CoreRes - FRA
Microsoft NuGet - Visual Studio 2012
Microsoft Office 365 Famille Premium - fr-fr
Microsoft Portable Library Multi-Targeting Pack
Microsoft Portable Library Multi-Targeting Pack Language Pack - fra
Microsoft Report Viewer Add-On for Visual Studio 2012
Microsoft Silverlight
Microsoft Silverlight 4 SDK - Français
Microsoft Silverlight 5 SDK - FRA
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2012 Data-Tier App Framework
Microsoft SQL Server Compact 4.0 SP1 x64 FRA
Microsoft SQL Server Data Tools - FRA (11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - FRA (11.1.20627.00)
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server 2012 Transact-SQL Compiler Service
Microsoft SQL Server 2012 Transact-SQL ScriptDom
Microsoft SQL Server 2012 Express LocalDB
Microsoft SQL Server 2012 Management Objects
Microsoft SQL Server 2012 Management Objects (x64)
Microsoft SQL Server 2012 Native Client
Microsoft System CLR Types pour SQL Server 2012 (x64)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
Microsoft Visual C++ 2012 Compilers
Microsoft Visual C++ 2012 Compilers - FRA Resources
Microsoft Visual C++ 2012 Core Libraries
Microsoft Visual C++ 2012 Extended Libraries
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - FRA
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA
Microsoft Visual Studio 2012 Devenv
Microsoft Visual Studio 2012 Performance Collection Tools
Microsoft Visual Studio 2012 Performance Collection Tools - FRA
Microsoft Visual Studio 2012 SharePoint Developer Tools
Microsoft Visual Studio 2012 Shell (Minimum)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
Microsoft Visual Studio 2012 Tools pour SQL Server Compact 4.0 SP1 FRA
Microsoft Visual Studio Professional 2012
Microsoft Visual Studio Professional 2012
Microsoft Visual Studio Team Foundation Server 2012 Object Model
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
Microsoft Visual Studio Ultimate 2012 XAML UI Designer fra Resources
Microsoft Visual Studio Professional 2012 - FRA
Microsoft Web Deploy 3.0
Microsoft Web Deploy dbSqlPackage Provider - FRA
Microsoft Web Developer Tools - Visual Studio 2012
Microsoft Web Developer Tools - Visual Studio 2012 - FRA
Microsoft Web Platform Installer 4.0
Mirror's Edge
Mises à jour NVIDIA 1.11.3
Module linguistique de Dotfuscator and Analytics Community Edition
Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA
Module linguistique de Microsoft Visual Studio Team Foundation Server 2012 Team Explorer - FRA
Module linguistique des outils de développement SharePoint de Microsoft Visual Studio 2012 - FRA
Module linguistique du modèle objet Microsoft Visual Studio Team Foundation Server 2012 - FRA
Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA
Module Microsoft Report Viewer pour Visual Studio 2012
Moniteur de la technologie Intel® Turbo Boost 2.6
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
My Dell
NVIDIA Install Application
NVIDIA Optimus 1.11.3
NVIDIA PhysX v8.10.17
NVIDIA Pilote graphique 311.00
NVIDIA Update Components
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Origin
Pando Media Booster
Panneau de configuration NVIDIA 311.00
Photo Common
Photo Gallery
PreEmptive Analytics Client French Language Pack
PreEmptive Analytics Visual Studio Components
Pro Evolution Soccer 2014
PunkBuster Services
Quake Live Mozilla Plugin
Quickset64
Realtek USB 2.0 Card Reader
Ressources de Microsoft Visual Studio 2012 Shell (minimum)
Ressources Devenv de Microsoft Visual Studio 2012
Secure Download Manager
Service de langage T-SQL Microsoft SQL Server 2012
Shared C Run-time for x64
Skype™ 6.7
StarCraft II
Steam
TeamSpeak 3 Client
TrackMania² Stadium
Types CLR du système Microsoft pour SQL Server 2012
Update for (KB2504637)
Utilitaires ligne de comm. Microsoft SQL Server 2012
Version préparatoire de Microsoft Visual Studio 2012
Visual Studio 2012 Prerequisites
Visual Studio 2012 Prerequisites - FRA Language Pack
Visual Studio Extensions for Windows Library for JavaScript
WCF Data Services 5.0 (for OData v3) FRA Language Pack
WCF Data Services 5.0 (for OData v3) Primary Components
WCF Data Services Tools for Microsoft Visual Studio 2012
WCF Data Services Tools for Visual Studio 11 FRA Language Pack
WCF RIA Services V1.0 SP2
Winamax Poker
Windows App Certification Kit Native Components
Windows App Certification Kit x64
Windows Live
Windows Live Communications Platform
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Runtime Intellisense Content - fr-fr
Windows Software Development Kit
Windows Software Development Kit DirectX x64 Remote
Windows Software Development Kit DirectX x86 Remote
Windows Software Development Kit for Windows Store Apps
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
WinRAR 5.00 (64-bit)
World of Warcraft
XSplit Broadcaster
.
==== End Of File ===========================

 

[parouuu]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.16.14

Windows 8 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16580
parouuu :: PAROUUU-PC [administrator]

17/10/2013 00:46:57
mbam-log-2013-10-17 (00-46-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248531
Time elapsed: 6 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MINIBAR (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Minibar|NoDns (PUP.Optional.MiniBar.A) -> Data: true -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[Broni]

Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[parouuu]

RogueKiller V8.7.4 _x64_ [Oct 16 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 8 (6.2.9200 ) 64 bits version
Demarrage : Safe mode with network
Utilisateur : parouuu [Admin rights]
Mode : Suppression -- Date : 10/17/2013 01:12:10
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 7 ¤¤¤
[SHELL][SUSP PATH] HKLM\[...]\Winlogon : userinit (C:\Windows\system32\userinit.exe,C:\Windows\skipmetrosuite.exe, [-][-]) -> REPLACED (C:\Windows\system32\userinit.exe,)
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> [0x2] Can't find the file.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Can't find the file.
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) - REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) - REPLACED (0)

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Lecteurs de disque standard) - WDC WD10JPVX-75JC3T0 +++++
--- User ---
[MBR] b63c337caa99860851e5239d3e8ca5df
[BSP] ad6416e7ae443f240973262b6992477d : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_10172013_011210.txt >>
RKreport[0]_D_10152013_180928.txt;RKreport[0]_D_10152013_214613.txt;RKreport[0]_S_10152013_180908.txt
RKreport[0]_S_10152013_181121.txt;RKreport[0]_S_10152013_214518.txt;RKreport[0]_S_10172013_011131.txt

 

[parouuu]

No malware were found by the rootkit:


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 10.0.9200.16580

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.594000 GHz
Memory total: 8440737792, free: 6694944768

DNS error
DNS error
=======================================
Initializing...
------------ Kernel report ------------
10/15/2013 18:11:36
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\viaide.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\lsi_scsi.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSR.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\adp94xx.sys
\SystemRoot\System32\drivers\adpahci.sys
\SystemRoot\System32\drivers\adpu320.sys
\SystemRoot\System32\drivers\arc.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\iirsp.sys
\SystemRoot\System32\drivers\nfrd960.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\gagp30kx.sys
\SystemRoot\System32\drivers\uagp35.sys
\SystemRoot\System32\drivers\agp440.sys
\SystemRoot\System32\drivers\nv_agp.sys
\SystemRoot\System32\drivers\uliagpkx.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\Apfiltr.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\usbaapl64.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80092d0740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003e\
Lower Device Object: 0xfffffa80079ad060
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80092d0740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80092d01f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80092d0740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80079ad060, DeviceName: \Device\0000003e\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CD170250

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1492163752
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid f3430f18-85bc-4015-b198-9830a261f21e
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 1492163752
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid f3430f18-85bc-4015-b198-9830a261f21e
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID c2c2f4d3-b2a3-4932-aea0-748549b2aa1b
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
Partition ID dc0f38f-975c-4b06-9224-9153c03d5822
FirstLBA 1026048 Last LBA 1107967
Attributes 1
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 3b25e572-d1f2-4ce9-919f-67a2844357d
FirstLBA 1107968 Last LBA 1370111
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a7ab2d3f-5fae-4e53-98b1-b4119010c693
FirstLBA 1370112 Last LBA 2373631
Attributes 1
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 4cce3478-b47b-41e4-a39e-2e9e26a82acb
FirstLBA 2373632 Last LBA 1928366079
Attributes 0
Partition Name Basic data partition

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID f9fffd92-35db-4a74-af43-cdd767dacad1
FirstLBA 1928366080 Last LBA 1953523119
Attributes 1
Partition Name Microsoft recovery partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 10.0.9200.16580

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.594000 GHz
Memory total: 8440737792, free: 6693883904

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 10.0.9200.16580

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.594000 GHz
Memory total: 8440737792, free: 6746685440

Downloaded database version: v2013.10.16.14
Downloaded database version: v2013.10.11.02
Initializing...
======================
------------ Kernel report ------------
10/17/2013 01:22:07
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\System32\drivers\isapnp.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\vmbus.sys
\SystemRoot\System32\drivers\vmbkmcl.sys
\SystemRoot\System32\drivers\winhv.sys
\SystemRoot\System32\drivers\nvraid.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\viaide.sys
\SystemRoot\System32\drivers\bxvbda.sys
\SystemRoot\System32\drivers\evbda.sys
\SystemRoot\System32\drivers\sdbus.sys
\SystemRoot\System32\drivers\pcmcia.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorV.sys
\SystemRoot\System32\drivers\nvstor.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\lsi_sas.sys
\SystemRoot\System32\drivers\lsi_sas2.sys
\SystemRoot\System32\drivers\lsi_sss.sys
\SystemRoot\System32\drivers\3ware.sys
\SystemRoot\System32\drivers\mvumis.sys
\SystemRoot\System32\drivers\vstxraid.sys
\SystemRoot\System32\drivers\lsi_scsi.sys
\SystemRoot\System32\drivers\megasas.sys
\SystemRoot\System32\drivers\MegaSR.sys
\SystemRoot\System32\drivers\amdsata.sys
\SystemRoot\System32\drivers\amdxata.sys
\SystemRoot\System32\drivers\amdsbs.sys
\SystemRoot\System32\drivers\adp94xx.sys
\SystemRoot\System32\drivers\adpahci.sys
\SystemRoot\System32\drivers\adpu320.sys
\SystemRoot\System32\drivers\arc.sys
\SystemRoot\System32\drivers\arcsas.sys
\SystemRoot\System32\drivers\iirsp.sys
\SystemRoot\System32\drivers\nfrd960.sys
\SystemRoot\System32\drivers\vsmraid.sys
\SystemRoot\System32\drivers\SiSRaid2.sys
\SystemRoot\System32\drivers\sisraid4.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\stexstor.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\HpSAMD.sys
\SystemRoot\System32\drivers\EhStorTcgDrv.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\storvsc.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\gagp30kx.sys
\SystemRoot\System32\drivers\uagp35.sys
\SystemRoot\System32\drivers\agp440.sys
\SystemRoot\System32\drivers\nv_agp.sys
\SystemRoot\System32\drivers\uliagpkx.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\uaspstor.sys
\SystemRoot\System32\drivers\sdstor.sys
\SystemRoot\System32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\NETwew00.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\Apfiltr.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\usbaapl64.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80092b0630
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003e\
Lower Device Object: 0xfffffa80079ab060
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80092b0630, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80092af040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80092b0630, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa80079ab060, DeviceName: \Device\0000003e\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: CD170250

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1492163752
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid f3430f18-85bc-4015-b198-9830a261f21e
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 1492163752
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid f3430f18-85bc-4015-b198-9830a261f21e
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID c2c2f4d3-b2a3-4932-aea0-748549b2aa1b
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
Partition ID dc0f38f-975c-4b06-9224-9153c03d5822
FirstLBA 1026048 Last LBA 1107967
Attributes 1
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 3b25e572-d1f2-4ce9-919f-67a2844357d
FirstLBA 1107968 Last LBA 1370111
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a7ab2d3f-5fae-4e53-98b1-b4119010c693
FirstLBA 1370112 Last LBA 2373631
Attributes 1
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 4cce3478-b47b-41e4-a39e-2e9e26a82acb
FirstLBA 2373632 Last LBA 1928366079
Attributes 0
Partition Name Basic data partition

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID f9fffd92-35db-4a74-af43-cdd767dacad1
FirstLBA 1928366080 Last LBA 1953523119
Attributes 1
Partition Name Microsoft recovery partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished