Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2015
Ran by Baptiste (administrator) on PC-DE-BAPTISTE on 05-07-2015 18:34:29
Running from C:\Users\Baptiste\Desktop
Loaded Profiles: Baptiste (Available Profiles: Baptiste)
Platform: Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) OS Language: Français (France)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2408955341-3784255893-676370202-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2408955341-3784255893-676370202-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-2408955341-3784255893-676370202-1000\...\MountPoints2: {3099ddaa-7306-11df-abf8-00238bf033c1} - F:\Memorybar.exe
HKU\S-1-5-21-2408955341-3784255893-676370202-1000\...\MountPoints2: {7d72f9be-6b05-11e2-8bbe-0023a6a72f8b} - I:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Baptiste\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [Identificateur de superposition d'icônes dans les signatures numériques AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-04-26] (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-29] (Oracle Corporation)
BHO: Programme d'aide de l'Assistant de connexion Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-29] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{49CF6C8C-4349-4B48-9D73-9DACFED0A61D}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{CE4B23C3-1F48-4C4D-B8D4-B2173684FBB0}: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-29] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-19] (Google)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2408955341-3784255893-676370202-1000: @acestream.net/acestreamplugin,version=3.0.9 -> C:\Users\Baptiste\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-2408955341-3784255893-676370202-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Baptiste\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2408955341-3784255893-676370202-1000: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 -> C:\Users\Baptiste\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll [2010-03-04] (Stonetrip)
FF Plugin HKU\S-1-5-21-2408955341-3784255893-676370202-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Baptiste\AppData\Local\Google\Update\1.3.26.7\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2408955341-3784255893-676370202-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Baptiste\AppData\Local\Google\Update\1.3.26.7\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-12-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-12-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-12-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-12-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-12-15] (Apple Inc.)
FF Extension: Ghostery - C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\Extensions\firefox@ghostery.com.xpi [2015-03-20]
FF Extension: VTzilla - C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\Extensions\info@virustotal.com.xpi [2015-03-23]
FF Extension: Lightbeam - C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2015-03-19]
FF Extension: Referrer Control - C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\Extensions\referrercontrol@qixinglu.com.xpi [2015-03-20]
FF Extension: Adblock Plus - C:\Users\Baptiste\AppData\Roaming\Mozilla\Firefox\Profiles\o0fczfgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-13]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-04]

Chrome:
=======
CHR Profile: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Simple Image Resizer) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\bficingcnodlbbildpbnjdgcmbipgnbi [2015-07-04]
CHR Extension: (Audiotool) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-07-04]
CHR Extension: (Adblock Plus) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-04]
CHR Extension: (Adblock for Youtube™) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-07-04]
CHR Extension: (VTchromizer) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-07-04]
CHR Extension: (Disconnect) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-07-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-04]
CHR Extension: (PDFSplit!) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpfokeciojoikllncciaicibmogdeida [2015-07-04]
CHR Extension: (Ghostery) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-07-04]
CHR Extension: (Google Wallet) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-07-04]
CHR Extension: (Camera) - C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [2015-07-04]
CHR Profile: C:\Users\Baptiste\AppData\Local\Google\Chrome\User Data\Profile 1
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-04-26]
StartMenuInternet: Google Chrome - C:\Users\Baptiste\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [825136 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S2 gupdate1ca2edd156d087a; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-11-01] (Google Inc.)
S3 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 hpqcxs08; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S2 hpqddsvc; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S4 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-11-02] ()
S4 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-17] ()
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe [68760 2008-09-05] (SiSoftware) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170 2009-06-03] (IDT, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [15968 2013-03-14] (Advanced Micro Devices, Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108448 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-07-30] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136728 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-04-10] (DT Soft Ltd)
S3 iscFlash; C:\SwSetup\sp54629\iscflash.sys [13312 2009-08-25] (Insyde Software) [File not signed]
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [23128 2011-11-30] (JMicron Technology Corp.)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 MODBDA2; C:\Windows\System32\Drivers\yuanmodbda2.sys [32256 2006-10-13] (DiBcom SA)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x86\Sandra.sys [23112 2009-08-08] (SiSoftware)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [83320 2007-02-08] (Protection Technology (StarForce))
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
S3 udsstub; system32\DRIVERS\udsstub.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 18:34 - 2015-07-05 18:35 - 00022144 _____ C:\Users\Baptiste\Desktop\FRST.txt
2015-07-05 10:14 - 2015-07-05 10:15 - 00072956 _____ C:\Users\Baptiste\Downloads\Addition.txt
2015-07-05 10:12 - 2015-07-05 10:15 - 00039816 _____ C:\Users\Baptiste\Downloads\FRST.txt
2015-07-05 10:11 - 2015-07-05 10:11 - 01636352 _____ (Farbar) C:\Users\Baptiste\Desktop\FRST.exe
2015-07-04 17:08 - 2015-07-04 17:08 - 00000819 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-07-04 17:08 - 2015-07-04 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-04 16:54 - 2015-07-04 20:02 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\vlc
2015-07-03 15:00 - 2015-07-03 15:00 - 06644420 _____ C:\Users\Baptiste\Downloads\Startups-vf.chm
2015-07-03 14:27 - 2015-07-03 14:27 - 00001740 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-07-03 14:27 - 2015-07-03 14:27 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-02 14:00 - 2015-07-04 11:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-01 14:25 - 2015-07-01 14:26 - 00000322 _____ C:\Windows\SecuniaPackage.log
2015-07-01 14:12 - 2015-07-01 14:40 - 00000680 _____ C:\Users\Baptiste\AppData\Local\d3d9caps.dat
2015-06-30 22:13 - 2015-06-30 22:13 - 02244096 _____ C:\Users\Baptiste\Downloads\adwcleaner_4.207.exe
2015-06-30 18:33 - 2015-07-04 11:46 - 00010048 _____ C:\Windows\PFRO.log
2015-06-30 18:33 - 2015-06-30 18:34 - 00498568 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-30 18:05 - 2015-06-30 18:05 - 00147224 _____ C:\Users\Baptiste\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-29 22:19 - 2015-06-29 22:19 - 00000000 ____D C:\Program Files\Common Files\Java
2015-06-29 22:19 - 2015-06-29 22:18 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-06-28 12:49 - 2015-06-28 12:49 - 00001897 _____ C:\Users\Baptiste\Desktop\RKreport_SCN_06282015_124443.log
2015-06-27 19:09 - 2015-06-27 19:09 - 00000000 ___HD C:\Users\Baptiste\Documents\ShadowEditFiles
2015-06-27 19:09 - 2015-06-27 19:09 - 00000000 ____D C:\Users\Baptiste\Documents\CyberLink
2015-06-25 18:48 - 2015-06-25 22:52 - 00000371 _____ C:\Users\Baptiste\Documents\barbe.txt
2015-06-18 13:47 - 2015-06-18 13:48 - 38887468 _____ C:\Users\Baptiste\Downloads\Jerry Reed Hallelujah I Love Her So & Mountain Dew Country Carnival 1969.mp4
2015-06-11 15:46 - 2015-04-24 17:54 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 15:44 - 2015-05-21 16:22 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 15:44 - 2015-05-09 01:08 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 14:56 - 2015-05-05 00:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 14:55 - 2015-05-05 00:51 - 10628608 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 14:55 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 14:55 - 2015-05-05 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 14:55 - 2015-05-04 23:21 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 14:54 - 2015-05-31 02:03 - 12385280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 14:54 - 2015-05-31 01:55 - 01809920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 14:54 - 2015-05-31 01:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 14:54 - 2015-05-31 01:53 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 14:54 - 2015-05-31 01:50 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 14:54 - 2015-05-31 01:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 14:54 - 2015-05-31 01:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 14:54 - 2015-05-31 01:49 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 14:54 - 2015-05-31 01:49 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 14:54 - 2015-05-31 01:48 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 14:54 - 2015-05-31 01:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-11 14:54 - 2015-05-31 01:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 14:54 - 2015-05-31 01:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 14:54 - 2015-05-31 01:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 14:54 - 2015-05-31 01:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-11 14:54 - 2015-05-31 01:47 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 18:34 - 2015-03-24 22:37 - 00000000 ____D C:\FRST
2015-07-05 17:37 - 2015-03-30 00:55 - 00000000 ____D C:\AdwCleaner
2015-07-05 16:41 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-05 16:41 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-05 08:59 - 2014-06-22 15:12 - 01791439 _____ C:\Windows\WindowsUpdate.log
2015-07-04 22:22 - 2014-04-13 11:59 - 00000000 ____D C:\Users\Baptiste\AppData\Local\CrashDumps
2015-07-04 20:58 - 2006-11-02 12:33 - 01662460 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 17:26 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-04 17:24 - 2006-11-02 15:01 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-04 17:07 - 2009-08-22 16:15 - 00000000 ____D C:\Program Files\VideoLAN
2015-07-04 17:04 - 2015-03-24 19:30 - 00000000 ____D C:\Users\Baptiste\Desktop\Logiciels
2015-07-04 15:58 - 2009-08-25 21:21 - 00185344 _____ C:\Users\Baptiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 11:46 - 2015-03-19 20:18 - 00000000 ____D C:\Program Files\Secunia
2015-07-04 11:46 - 2012-08-09 23:06 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-03 22:21 - 2014-12-16 23:57 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\uTorrent
2015-07-03 17:31 - 2011-08-19 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2015-07-03 17:31 - 2011-07-17 15:26 - 00000000 ____D C:\Program Files\DivX
2015-07-03 17:31 - 2011-07-17 15:22 - 00000000 ____D C:\ProgramData\DivX
2015-07-03 16:54 - 2012-11-02 21:58 - 00291496 _____ C:\Windows\system32\PnkBstrB.exe
2015-07-03 16:54 - 2012-11-02 21:58 - 00138576 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2015-07-03 16:54 - 2012-11-02 21:58 - 00138576 _____ C:\Users\Baptiste\AppData\Roaming\PnkBstrK.sys
2015-07-03 16:48 - 2009-08-25 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software
2015-07-02 13:25 - 2015-04-08 23:18 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-02 13:23 - 2015-05-19 21:37 - 00000859 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-02 13:23 - 2015-04-08 23:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-02 13:23 - 2015-04-08 23:17 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-01 14:25 - 2014-12-15 01:58 - 00000806 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-01 14:25 - 2011-08-26 22:04 - 00000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-01 13:44 - 2015-03-23 15:22 - 00000000 ____D C:\Program Files\Defraggler
2015-06-30 22:04 - 2012-07-09 14:53 - 00000000 ____D C:\Users\Baptiste\Documents\Tablatures
2015-06-30 20:09 - 2012-07-22 19:25 - 00000000 ___RD C:\Users\Baptiste\Documents\Notes
2015-06-30 17:16 - 2014-09-28 18:34 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\Skype
2015-06-30 17:05 - 2014-09-28 18:34 - 00000000 ____D C:\ProgramData\Skype
2015-06-30 17:05 - 2010-12-21 19:58 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\skypePM
2015-06-30 16:41 - 2012-11-21 02:16 - 00000000 ____D C:\Windows\Minidump
2015-06-30 16:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2015-06-30 15:34 - 2015-04-16 00:51 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2015-06-29 22:20 - 2013-10-20 11:14 - 00000000 ____D C:\ProgramData\Oracle
2015-06-29 22:18 - 2013-10-20 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-29 22:18 - 2009-01-21 00:33 - 00000000 ____D C:\Program Files\Java
2015-06-29 22:02 - 2012-08-01 22:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-29 22:02 - 2011-05-28 16:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-29 22:02 - 2009-08-22 19:07 - 00000000 ____D C:\Users\Baptiste\AppData\Local\Adobe
2015-06-29 17:17 - 2015-03-25 20:41 - 00000000 ____D C:\Users\Baptiste\AppData\Local\K-Meleon
2015-06-29 13:41 - 2009-01-20 23:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-06-28 15:54 - 2015-03-21 01:57 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-28 12:23 - 2015-03-23 01:58 - 00035064 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-28 00:50 - 2009-01-21 00:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-06-28 00:50 - 2009-01-21 00:37 - 00000000 ____D C:\Program Files\HP
2015-06-28 00:32 - 2012-11-02 12:03 - 00000000 ____D C:\Program Files\EA GAMES
2015-06-27 22:09 - 2013-01-31 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2015-06-27 20:18 - 2009-01-20 23:08 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-06-27 20:04 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-27 19:20 - 2014-06-22 15:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-27 19:08 - 2009-08-22 16:25 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\CyberLink
2015-06-27 19:05 - 2009-10-11 17:59 - 00000000 ____D C:\ProgramData\HP
2015-06-27 19:05 - 2009-01-21 00:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-06-27 19:05 - 2009-01-20 23:22 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2015-06-27 18:41 - 2015-05-24 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-06-27 18:41 - 2014-04-23 23:25 - 00001013 _____ C:\Users\Baptiste\Desktop\4K Video Downloader.lnk
2015-06-27 18:35 - 2009-01-21 00:23 - 00000000 ____D C:\Program Files\CyberLink
2015-06-27 18:33 - 2009-08-22 13:35 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-06-27 18:33 - 2009-01-21 00:24 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-06-27 18:33 - 2009-01-21 00:24 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2015-06-27 18:22 - 2009-01-20 23:50 - 00000000 ____D C:\ProgramData\WildTangent
2015-06-27 18:20 - 2006-11-02 14:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-27 17:48 - 2009-08-22 19:15 - 00000000 ____D C:\Users\Public\CyberLink
2015-06-27 17:28 - 2014-05-31 19:23 - 00000000 ____D C:\ProgramData\Origin
2015-06-27 17:28 - 2014-05-31 19:23 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-06-26 21:53 - 2015-01-11 23:17 - 00000000 ____D C:\Users\Baptiste\AppData\Roaming\ZHP
2015-06-26 21:37 - 2015-04-13 09:37 - 00000739 _____ C:\Users\Baptiste\Desktop\ZHPCleaner.lnk
2015-06-18 12:56 - 2014-05-13 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-18 12:53 - 2014-05-13 17:32 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-18 12:53 - 2014-05-13 17:32 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\ssmdrv.sys
2015-06-18 12:53 - 2009-10-30 20:37 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-18 08:41 - 2015-04-08 23:17 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-04-08 23:17 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-04-08 23:17 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-16 19:19 - 2015-03-02 17:56 - 00000000 ____D C:\Users\Baptiste\Documents\Lettres de motivation et CV
2015-06-11 20:12 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2015-06-11 15:46 - 2009-01-21 00:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 15:44 - 2013-08-14 00:58 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 15:21 - 2006-11-02 12:24 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-06-11 15:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2015-06-11 14:22 - 2014-05-13 17:32 - 00000000 ____D C:\Program Files\Avira

==================== Files in the root of some directories =======

2010-08-28 20:13 - 2002-07-26 17:02 - 0153088 ____N () C:\Program Files\UNWISE.EXE
2011-07-26 15:49 - 2011-07-30 18:30 - 0001659 _____ () C:\Users\Baptiste\AppData\Roaming\mainhst.zgh
2012-11-02 21:58 - 2015-07-03 16:54 - 0138576 _____ () C:\Users\Baptiste\AppData\Roaming\PnkBstrK.sys
2015-03-20 19:05 - 2015-03-31 19:36 - 11624448 _____ () C:\Users\Baptiste\AppData\Roaming\Sandra.mdb
2010-04-23 19:01 - 2010-04-23 19:01 - 0031007 _____ () C:\Users\Baptiste\AppData\Roaming\UserTile.png
2011-03-31 20:37 - 2012-01-20 15:21 - 0000138 _____ () C:\Users\Baptiste\AppData\Roaming\wklnhst.dat
2009-08-22 13:46 - 2009-08-22 13:46 - 0000000 _____ () C:\Users\Baptiste\AppData\Local\AtStart.txt
2015-07-01 14:12 - 2015-07-01 14:40 - 0000680 _____ () C:\Users\Baptiste\AppData\Local\d3d9caps.dat
2009-08-25 21:21 - 2015-07-04 15:58 - 0185344 _____ () C:\Users\Baptiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-08-22 13:46 - 2009-08-22 13:46 - 0000000 _____ () C:\Users\Baptiste\AppData\Local\DSwitch.txt
2009-08-22 13:46 - 2009-08-22 13:46 - 0000000 _____ () C:\Users\Baptiste\AppData\Local\QSwitch.txt
2011-02-17 17:05 - 2011-02-17 17:05 - 3952844 _____ () C:\Users\Baptiste\AppData\Local\tmpKEVINWESTENBERG_COL11.FINAL_.0
2011-02-17 17:05 - 2011-02-17 17:05 - 1025634 _____ () C:\Users\Baptiste\AppData\Local\tmpKEVINWESTENBERG_COL11.FINAL_.JPG
2011-07-07 21:11 - 2011-07-07 21:11 - 0000000 _____ () C:\Users\Baptiste\AppData\Local\{6A796DEB-3EC9-44DA-AB8D-6CC392030E67}
2009-08-22 13:46 - 2012-08-15 16:32 - 13869506 _____ () C:\ProgramData\HPWALog.txt
2013-07-29 21:21 - 2015-06-04 15:40 - 0001540 _____ () C:\ProgramData\hpzinstall.log
2010-08-30 11:24 - 2010-08-30 11:24 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2009-06-15 04:14 - 2009-06-15 04:14 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-01-21 00:30 - 2009-01-21 00:30 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-06-15 04:13 - 2009-06-15 04:13 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-01-21 00:24 - 2009-01-21 00:26 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-06-15 04:12 - 2009-06-15 04:12 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-06-15 04:14 - 2009-06-15 04:14 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2009-01-21 00:23 - 2009-01-21 00:24 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-01-21 00:26 - 2009-01-21 00:30 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-06-15 04:15 - 2009-06-15 04:15 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Files to move or delete:
====================
C:\Users\Baptiste\ZHPCleaner.exe


Some files in TEMP:
====================
C:\Users\Baptiste\AppData\Local\Temp\avgnt.exe
C:\Users\Baptiste\AppData\Local\Temp\HitmanPro.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 17:36

==================== End of log ============================