Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Raphaël (administrator) on BOJO_HOME on 30-01-2015 22:55:03
Running from M:\Téléchargements
Loaded Profiles: Raphaël (Available profiles: Raphaël)
Platform: Windows 8 Pro (X64) OS Language: Français (France)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\XAMPPLite\srvany.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\XAMPPLite\srvany.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\XAMPPLite\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\drvhandler.exe
(mIRC Co. Ltd.) C:\Windows\spoolsd\spoolv.exe
() C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\sysfile.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1261712 2014-04-30] (Highresolution Enterprises)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [spoolv] => C:\Windows\spoolsd\spoolv.exe [1790464 2007-11-28] (mIRC Co. Ltd.)
HKU\S-1-5-21-1344085083-2285175127-1026456435-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [405504 2012-07-26] (Microsoft Corporation)
HKU\S-1-5-21-1344085083-2285175127-1026456435-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1344085083-2285175127-1026456435-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872672 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1344085083-2285175127-1026456435-1001\...\Run: [sysDrvHandler] => C:\Users\Raphaël\AppData\Roaming\drvhandler.exe [40783 2014-10-10] ()
HKU\S-1-5-18\...\Run: [sysDrvHandler] => C:\Windows\system32\config\systemprofile\AppData\Roaming\drvhandler.exe [40783 2014-10-10] ()
HKU\S-1-5-18\...\Run: [d257087a604d45eb835c05c4e101773e] => C:\Windows\system32\config\systemprofile\AppData\Roaming\svchost\svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\drvhandler.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\sysfile.exe ()
Startup: C:\Users\Raphaël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
ShortcutTarget: MEGAsync.lnk -> C:\Users\Raphaël\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Raphaël\AppData\Local\MEGAsync\ShellExtX32.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1344085083-2285175127-1026456435-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Users\Raphaël\AppData\Roaming\Mozilla\Firefox\Profiles\pcfw8cy0.default
FF Homepage: google.fr
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Firebug - C:\Users\Raphaël\AppData\Roaming\Mozilla\Firefox\Profiles\pcfw8cy0.default\Extensions\firebug@software.joehewitt.com.xpi [2015-01-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-09-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [270336 2012-07-13] (Brother Industries, Ltd.) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 LMBApache; c:\xampplite\srvany.exe [13312 1997-05-14] () [File not signed]
R2 LMBMySQL; c:\xampplite\srvany.exe [13312 1997-05-14] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 22:53 - 2015-01-30 22:55 - 00000000 ____D () C:\FRST
2015-01-30 21:08 - 2015-01-30 21:08 - 00000000 ____D () C:\Users\Raphaël\AppData\Local\Recovery Toolbox for Excel
2015-01-30 21:08 - 2015-01-30 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Toolbox for Excel
2015-01-30 21:08 - 2015-01-30 21:08 - 00000000 ____D () C:\Program Files (x86)\Recovery Toolbox for Excel
2015-01-30 20:44 - 2015-01-30 20:44 - 00000000 ____D () C:\Log
2015-01-30 20:43 - 2015-01-30 20:43 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-30 19:13 - 2015-01-30 20:10 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2015-01-30 18:48 - 2015-01-30 20:21 - 00000000 ____D () C:\AdwCleaner
2015-01-30 16:39 - 2015-01-30 20:10 - 00000000 ____D () C:\Program Files (x86)\ReNamer
2015-01-30 16:36 - 2015-01-30 16:36 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-30 15:34 - 2015-01-30 18:55 - 04910121 _____ () C:\ProgramData\hevssob.html
2015-01-26 03:03 - 2014-04-16 19:20 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-01-26 03:03 - 2014-04-16 19:20 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-01-25 17:44 - 2015-01-25 17:45 - 00811042 _____ () C:\DNSNO.exe
2015-01-23 15:56 - 2015-01-23 15:56 - 00000000 _____ () C:\winxp.exe
2015-01-22 13:13 - 2015-01-22 13:13 - 00000000 _____ () C:\xps.exe
2015-01-21 00:23 - 2015-01-21 00:23 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
2015-01-21 00:23 - 2015-01-21 00:23 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Sublime Text 2
2015-01-21 00:22 - 2015-01-21 00:23 - 00000000 ____D () C:\Program Files\Sublime Text 2
2015-01-21 00:06 - 2015-01-30 20:10 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-01-21 00:06 - 2015-01-21 00:06 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Notepad++
2015-01-21 00:06 - 2015-01-21 00:06 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-01-21 00:06 - 2015-01-21 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-01-18 14:54 - 2015-01-18 14:54 - 00000600 _____ () C:\Users\Raphaël\AppData\Local\PUTTY.RND
2015-01-18 14:52 - 2015-01-18 14:56 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\FileZilla
2015-01-18 14:52 - 2015-01-18 14:52 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-18 14:52 - 2015-01-18 14:52 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-01-16 22:38 - 2014-12-19 10:30 - 00000035 _____ () C:\Windows\sys.bat
2015-01-16 22:38 - 2014-12-19 10:22 - 01013985 _____ () C:\Windows\sys.exe
2015-01-16 22:38 - 2014-12-01 19:40 - 00851084 ____R () C:\Windows\geox.exe
2015-01-16 22:38 - 2014-03-19 18:57 - 00000115 ___RH () C:\Windows\run.bat
2015-01-13 23:33 - 2014-11-27 03:40 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-13 23:33 - 2014-11-27 02:28 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-13 23:33 - 2014-11-15 07:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-13 23:33 - 2014-11-15 06:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-13 23:33 - 2014-11-15 06:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-13 23:33 - 2014-11-15 06:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-01-13 23:33 - 2014-11-15 04:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-13 23:33 - 2014-11-15 04:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-13 23:33 - 2014-11-15 04:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-13 23:33 - 2014-11-15 04:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-13 23:32 - 2014-12-19 07:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 23:32 - 2014-12-19 05:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 23:32 - 2014-12-11 08:35 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 23:32 - 2014-12-11 07:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 23:32 - 2014-12-06 08:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-13 23:32 - 2014-12-06 08:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-13 23:32 - 2014-12-06 08:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-13 23:32 - 2014-12-06 08:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 23:32 - 2014-12-06 08:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-13 23:32 - 2014-12-06 08:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-13 23:32 - 2014-12-06 08:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-13 23:32 - 2014-12-06 08:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-13 23:32 - 2014-12-06 07:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-13 23:32 - 2014-12-06 07:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-13 23:32 - 2014-12-06 07:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-13 23:32 - 2014-12-06 07:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 23:32 - 2014-11-05 07:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-13 23:32 - 2014-11-05 07:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-13 23:32 - 2014-11-01 07:28 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-13 23:32 - 2014-10-29 15:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-01-13 23:32 - 2014-10-27 23:10 - 00390841 _____ () C:\Windows\system32\ApnDatabase.xml
2015-01-05 11:55 - 2015-01-05 11:59 - 00000000 ____D () C:\Users\Raphaël\AppData\Local\Google
2015-01-05 11:55 - 2015-01-05 11:59 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-05 11:52 - 2015-01-30 20:17 - 00003858 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420455121
2015-01-05 11:52 - 2015-01-30 20:17 - 00001045 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-01-05 11:52 - 2015-01-05 11:52 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Opera Software
2015-01-05 11:52 - 2015-01-05 11:52 - 00000000 ____D () C:\Users\Raphaël\AppData\Local\Opera Software
2015-01-05 11:51 - 2015-01-30 20:17 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-03 20:21 - 2015-01-20 22:17 - 00000132 _____ () C:\Users\Raphaël\AppData\Roaming\Préfs Format PNG Adobe CS6

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-30 22:47 - 2014-08-28 16:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-30 22:46 - 2014-08-29 07:41 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Skype
2015-01-30 22:37 - 2014-08-28 16:11 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1344085083-2285175127-1026456435-1001
2015-01-30 22:28 - 2014-08-28 15:37 - 01577930 _____ () C:\Windows\WindowsUpdate.log
2015-01-30 22:19 - 2014-08-28 23:43 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-30 22:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2015-01-30 20:55 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-30 20:43 - 2012-07-26 11:09 - 00799736 _____ () C:\Windows\system32\perfh00C.dat
2015-01-30 20:43 - 2012-07-26 11:09 - 00155444 _____ () C:\Windows\system32\perfc00C.dat
2015-01-30 20:43 - 2012-07-26 08:28 - 01793362 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 20:36 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-30 20:21 - 2014-08-28 13:24 - 00013412 _____ () C:\Windows\PFRO.log
2015-01-30 20:21 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-30 20:12 - 2014-08-28 15:37 - 00000000 ____D () C:\Users\Raphaël
2015-01-30 20:11 - 2014-10-30 03:00 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2015-01-30 20:11 - 2014-09-19 12:38 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\BitTorrent
2015-01-30 20:11 - 2014-09-19 02:00 - 00000000 __SHD () C:\Windows\init
2015-01-30 20:11 - 2014-08-30 11:02 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\vlc
2015-01-30 20:11 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-30 20:10 - 2014-08-30 10:39 - 00000000 ____D () C:\Users\Raphaël\AppData\Roaming\Raptr
2015-01-30 20:10 - 2014-08-30 10:39 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-30 20:10 - 2014-08-29 07:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-01-30 20:10 - 2014-08-28 23:38 - 00000000 ____D () C:\XAMPPLite
2015-01-30 20:10 - 2014-08-28 16:10 - 00000000 ____D () C:\Users\Raphaël\AppData\Local\Mozilla
2015-01-30 20:10 - 2014-08-28 16:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-30 20:10 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2015-01-30 19:11 - 2012-07-26 08:21 - 00031940 _____ () C:\Windows\setupact.log
2015-01-30 15:36 - 2014-08-30 10:37 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-30 15:32 - 2014-08-30 10:43 - 00000000 ____D () C:\ProgramData\ATI
2015-01-30 02:19 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-26 15:47 - 2014-08-30 10:48 - 00000348 _____ () C:\Windows\BRRBCOM.INI
2015-01-25 17:45 - 2014-09-07 17:00 - 00000000 __SHD () C:\Windows\spoolsd
2015-01-24 21:20 - 2012-07-26 09:14 - 00714176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2012-07-26 09:14 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 21:19 - 2014-08-28 23:43 - 00003890 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 13:48 - 2014-08-28 23:48 - 00000000 ____D () C:\Users\Raphaël\AppData\Local\MEGAsync
2015-01-17 02:58 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2015-01-14 02:16 - 2014-08-29 21:40 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 02:13 - 2014-08-29 21:40 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 21:36 - 2014-12-28 13:59 - 00811042 _____ () C:\NO89.exe
2015-01-05 15:54 - 2006-12-15 20:27 - 00107152 _____ () C:\img2-001.RAW.elwsfwj
2015-01-04 20:37 - 2014-09-17 11:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-04 20:37 - 2014-08-29 07:41 - 00000000 ____D () C:\ProgramData\Skype
2015-01-04 20:36 - 2014-10-24 06:53 - 05073104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-31 12:14 - 2014-08-29 21:05 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-10-12 04:26 - 2014-10-10 14:55 - 0040783 _____ () C:\Users\Raphaël\AppData\Roaming\drvhandler.exe
2015-01-03 20:21 - 2015-01-20 22:17 - 0000132 _____ () C:\Users\Raphaël\AppData\Roaming\Préfs Format PNG Adobe CS6
2015-01-18 14:54 - 2015-01-18 14:54 - 0000600 _____ () C:\Users\Raphaël\AppData\Local\PUTTY.RND
2015-01-30 15:34 - 2015-01-30 18:55 - 4910121 _____ () C:\ProgramData\hevssob.html

Some zero byte size files/folders:
==========================
C:\Windows\12x.exe
C:\Windows\fjghCmvnd.exe
C:\Windows\iexplode.exe
C:\Windows\kajmak.exe
C:\Windows\microsoftx.exe
C:\Windows\stdx.exe
C:\Windows\VbnCx.exe
C:\Windows\vCbnVcdf.exe
C:\Windows\VNmxSdF.exe
C:\Windows\xvcdn.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 03:03

==================== End Of Log ============================