Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by rene (administrator) on YUZUDESFORGES on 29-01-2014 17:49:20
Running from C:\Users\rene\Desktop
Windows 8 (X64) OS Language: French Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Yontoo LLC) C:\Users\rene\AppData\Roaming\Yontoo\YontooDesktop.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Discount Dragon\FrameworkEngine.exe
() C:\Program Files (x86)\Discount Dragon\FrameworkEngine.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-09-26] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-09-26] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-01] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [fst_ca_17] - [x]
HKLM-x32\...\RunOnce: [Discount Dragon-repairJob] - wscript.exe "C:\Users\rene\AppData\Local\Discount Dragon\repair.js" "Discount Dragon-repairJob" [1846 2013-12-18] ()
HKLM-x32\...\Runonce: [Discount Dragon] - [x]
HKLM-x32\...\Runonce: [SpUninstallCleanUp] - REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f [x]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Yontoo Desktop] - C:\Users\rene\AppData\Roaming\Yontoo\YontooDesktop.exe [47392 2013-05-21] (Yontoo LLC)
MountPoints2: {b3665f2c-07b3-11e2-be69-806e6f6e6963} - "E:\Launcher.exe" 
Startup: C:\Users\rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3320052&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP9DF1C477-6259-4F14-881E-2546DF3FDEE6&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
URLSearchHook: HKLM-x32 - MixiDJ V45 Toolbar - {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - C:\Program Files (x86)\MixiDJ_V45\prxtbMixi.dll (Conduit Ltd.)
URLSearchHook: HKCU - MixiDJ V45 Toolbar - {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - C:\Program Files (x86)\MixiDJ_V45\prxtbMixi.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {E382E0E1-804D-4CAB-82EC-DE673803BFA5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {E382E0E1-804D-4CAB-82EC-DE673803BFA5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {636C5B05-1E69-4DCE-B3D3-3205C0959B70} URL = 
SearchScopes: HKLM-x32 - {E382E0E1-804D-4CAB-82EC-DE673803BFA5} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {636C5B05-1E69-4DCE-B3D3-3205C0959B70} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298581&CUI=UN27990567942420911&UM=2
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {636C5B05-1E69-4DCE-B3D3-3205C0959B70} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3298581&CUI=UN27990567942420911&UM=2
SearchScopes: HKCU - {E382E0E1-804D-4CAB-82EC-DE673803BFA5} URL = 
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO64.dll ()
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: MixiDJ V45 Toolbar - {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - C:\Program Files (x86)\MixiDJ_V45\prxtbMixi.dll (Conduit Ltd.)
BHO-x32: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO.dll ()
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - MixiDJ V45 Toolbar - {d2cf9842-af95-48cd-b873-bfbb48cd7f5e} - C:\Program Files (x86)\MixiDJ_V45\prxtbMixi.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {D2CF9842-AF95-48CD-B873-BFBB48CD7F5E} - No File
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) =================

U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
U2 Yontoo Desktop Updater; C:\Users\rene\AppData\Roaming\Yontoo\YontooDesktop.exe [47392 2013-05-21] (Yontoo LLC)

==================== Drivers (Whitelisted) ====================

U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-26] (Synaptics Incorporated)
U3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
U3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-29 17:36 - 2014-01-29 17:49 - 00010656 _____ C:\Users\rene\Desktop\FRST.txt
2014-01-29 17:36 - 2014-01-29 17:49 - 00000000 ____D C:\FRST
2014-01-29 17:36 - 2014-01-29 17:36 - 00012327 _____ C:\Users\rene\Desktop\Addition.txt
2014-01-29 17:34 - 2014-01-29 17:35 - 02079744 _____ (Farbar) C:\Users\rene\Desktop\FRST64.exe
2014-01-29 17:31 - 2014-01-29 11:43 - 00155812 _____ C:\Users\rene\Desktop\cheque gouv.jpeg
2014-01-28 20:38 - 2014-01-28 20:38 - 00000000 ____D C:\Program Files (x86)\predm
2014-01-28 20:36 - 2014-01-29 17:42 - 00000370 _____ C:\windows\Tasks\bench-sys.job
2014-01-28 20:36 - 2014-01-29 16:02 - 00000370 _____ C:\windows\Tasks\bench-S-1-5-21-798951511-1121599436-749478866-1001.job
2014-01-28 20:36 - 2014-01-28 20:36 - 00003240 _____ C:\windows\System32\Tasks\bench-sys
2014-01-28 20:36 - 2014-01-28 20:36 - 00003216 _____ C:\windows\System32\Tasks\bench-S-1-5-21-798951511-1121599436-749478866-1001
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Users\rene\AppData\Local\Discount Dragon
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Users\rene\AppData\Local\BenchUpdater
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Program Files (x86)\Discount Dragon
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Program Files (x86)\Bench
2014-01-28 20:33 - 2014-01-28 20:33 - 00000000 ____D C:\Users\rene\Documents\Optimizer Pro
2014-01-20 09:08 - 2014-01-20 09:08 - 00307832 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-14 23:21 - 2013-12-07 01:37 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-01-14 23:21 - 2013-12-07 01:37 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 23:21 - 2013-12-07 00:15 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-01-14 23:21 - 2013-12-07 00:15 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 23:21 - 2013-10-31 00:56 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2014-01-14 23:21 - 2013-10-31 00:56 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2014-01-14 23:21 - 2013-10-30 23:01 - 00550400 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2014-01-14 23:21 - 2013-10-30 22:42 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2014-01-14 23:21 - 2013-10-28 00:50 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-01-14 23:21 - 2013-10-27 23:05 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-01-14 23:21 - 2013-10-13 15:49 - 00100696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2014-01-14 23:21 - 2013-08-27 00:21 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2014-01-14 23:21 - 2013-08-27 00:19 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2014-01-14 23:21 - 2013-08-26 17:29 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2014-01-14 23:21 - 2013-08-26 17:28 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2013-12-31 16:35 - 2013-12-31 16:35 - 00513561 _____ C:\Users\rene\Documents\Menu-sans-gluten_merged (1).oxps

==================== One Month Modified Files and Folders =======

2014-01-29 17:49 - 2014-01-29 17:36 - 00010656 _____ C:\Users\rene\Desktop\FRST.txt
2014-01-29 17:49 - 2014-01-29 17:36 - 00000000 ____D C:\FRST
2014-01-29 17:42 - 2014-01-28 20:36 - 00000370 _____ C:\windows\Tasks\bench-sys.job
2014-01-29 17:41 - 2013-05-22 14:55 - 00000000 ____D C:\Users\rene\AppData\Roaming\Yontoo
2014-01-29 17:36 - 2014-01-29 17:36 - 00012327 _____ C:\Users\rene\Desktop\Addition.txt
2014-01-29 17:35 - 2014-01-29 17:34 - 02079744 _____ (Farbar) C:\Users\rene\Desktop\FRST64.exe
2014-01-29 17:32 - 2013-11-07 11:32 - 00410624 _____ C:\Users\rene\Desktop\Horaire Gestion Yuzu.xls
2014-01-29 17:31 - 2013-09-11 08:27 - 00192512 ___SH C:\Users\rene\Desktop\Thumbs.db
2014-01-29 17:00 - 2012-07-26 03:12 - 00000000 ____D C:\windows\system32\sru
2014-01-29 16:02 - 2014-01-28 20:36 - 00000370 _____ C:\windows\Tasks\bench-S-1-5-21-798951511-1121599436-749478866-1001.job
2014-01-29 13:58 - 2012-09-26 03:59 - 01893741 _____ C:\windows\WindowsUpdate.log
2014-01-29 13:40 - 2012-09-26 04:23 - 11110428 _____ C:\windows\system32\perfh00C.dat
2014-01-29 13:40 - 2012-09-26 04:23 - 03406906 _____ C:\windows\system32\perfc00C.dat
2014-01-29 13:40 - 2012-07-26 02:28 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-29 11:43 - 2014-01-29 17:31 - 00155812 _____ C:\Users\rene\Desktop\cheque gouv.jpeg
2014-01-28 21:51 - 2013-08-18 20:52 - 00087040 _____ C:\Users\rene\Desktop\Ventes Yuzu Des Forges 2013.xls
2014-01-28 20:48 - 2013-01-28 11:44 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-798951511-1121599436-749478866-1001
2014-01-28 20:38 - 2014-01-28 20:38 - 00000000 ____D C:\Program Files (x86)\predm
2014-01-28 20:37 - 2013-01-28 11:38 - 00000000 ___RD C:\Users\rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-28 20:36 - 2014-01-28 20:36 - 00003240 _____ C:\windows\System32\Tasks\bench-sys
2014-01-28 20:36 - 2014-01-28 20:36 - 00003216 _____ C:\windows\System32\Tasks\bench-S-1-5-21-798951511-1121599436-749478866-1001
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Users\rene\AppData\Local\Discount Dragon
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Users\rene\AppData\Local\BenchUpdater
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Program Files (x86)\Discount Dragon
2014-01-28 20:36 - 2014-01-28 20:36 - 00000000 ____D C:\Program Files (x86)\Bench
2014-01-28 20:33 - 2014-01-28 20:33 - 00000000 ____D C:\Users\rene\Documents\Optimizer Pro
2014-01-24 20:50 - 2012-07-26 03:12 - 00000000 ____D C:\windows\AUInstallAgent
2014-01-22 09:08 - 2013-05-30 09:47 - 00077824 _____ C:\Users\rene\Desktop\pourboire 2013 DF.xls
2014-01-20 09:33 - 2012-07-26 03:12 - 00000000 ____D C:\windows\rescache
2014-01-20 09:08 - 2014-01-20 09:08 - 00307832 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-20 09:08 - 2012-07-26 02:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-20 09:07 - 2012-08-01 10:51 - 00006042 _____ C:\windows\PFRO.log
2014-01-20 09:07 - 2012-07-26 00:26 - 00262144 ___SH C:\windows\system32\config\BBI
2014-01-20 09:06 - 2012-07-26 03:12 - 00000000 ____D C:\windows\WinStore
2014-01-19 02:33 - 2013-02-02 10:51 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-01-15 03:02 - 2013-07-30 10:44 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 03:01 - 2013-02-10 20:01 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-09 16:40 - 2013-10-09 21:49 - 00085601 _____ C:\Users\rene\Desktop\Rapport-d�pot-2013.ods
2014-01-09 14:50 - 2013-05-22 14:55 - 00000000 ____D C:\Program Files (x86)\Yontoo
2014-01-09 03:02 - 2013-02-22 23:41 - 00694240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 03:02 - 2013-02-22 23:41 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 16:35 - 2013-12-31 16:35 - 00513561 _____ C:\Users\rene\Documents\Menu-sans-gluten_merged (1).oxps

Some content of TEMP:
====================
C:\Users\rene\AppData\Local\Temp\BackupSetup.exe
C:\Users\rene\AppData\Local\Temp\checktbexist.exe
C:\Users\rene\AppData\Local\Temp\GenericUninstall.exe
C:\Users\rene\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\rene\AppData\Local\Temp\mgsqlite3.dll
C:\Users\rene\AppData\Local\Temp\nscCE0B.exe
C:\Users\rene\AppData\Local\Temp\nsg4BBE.exe
C:\Users\rene\AppData\Local\Temp\nsm1729.exe
C:\Users\rene\AppData\Local\Temp\nsu4292.exe
C:\Users\rene\AppData\Local\Temp\nsuAF08.exe
C:\Users\rene\AppData\Local\Temp\nszB6BF.exe
C:\Users\rene\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\rene\AppData\Local\Temp\SPSetup.exe
C:\Users\rene\AppData\Local\Temp\SPStub.exe
C:\Users\rene\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\rene\AppData\Local\Temp\uninstaller.exe
C:\Users\rene\AppData\Local\Temp\vcredist_x64.exe
C:\Users\rene\AppData\Local\Temp\WhiteLabelSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-27 10:05

==================== End Of Log ============================