Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Selma (administrator) on SELMA-VAIO on 16-11-2014 22:41:47
Running from C:\Users\Selma\Desktop
Loaded Profile: Selma (Available profiles: Selma & Invité)
Platform: Windows 7 Home Premium (X64) OS Language: Français (France)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768 2010-08-17] (Avira GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\Run: [Google Update] => C:\Users\Selma\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\MountPoints2: {59cda1bf-502b-11e2-8e1f-c0cb38f1ebe6} - E:\LaunchU3.exe -a
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3F1E8DD1-FEBB-4486-A144-E51CBF4FECE9} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {3F1E8DD1-FEBB-4486-A144-E51CBF4FECE9} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {690828D2-C66E-4466-A136-E142C918E2A5} URL = http://fr.shopping.com/?linkin_id=8056351
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-240529973-2975974449-2026987148-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Selma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-240529973-2975974449-2026987148-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Selma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default\searchplugins\yahoo_ff.xml
FF Extension: Avira Browser Safety - C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default\Extensions\abs@avira.com [2014-11-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-11]
Chrome:
=======
CHR HomePage: Default -> https://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch", "hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EFR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EFR&apn_dbr=cr_35.0.1916.153&apn_uid=5BA77C50-3270-4333-AAB4-534BEBCBE66F&itbv=12.12.2.83&doi=2014-06-29&psv=&pt=tb", "hxxp://start.mysearchdial.com/?f=1&a=tele_14_25_ch&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzy0EzyyD0CyDzz0EyB0ByCtN0D0Tzu0SzzzyzztN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtCtAtCtDtAyB0AtGtCyBtBzztGyDyByD0AtG0CtAtA0CtGtDyD0EyD0BtByCtDyEzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyCyEyEtCyC0EtGtBzzyD0DtGtAzztD0AtGyD0DtCyDtGtCtCyE0CtDyDzzyD0CtAtDtC2Q&cr=2073637894&ir="
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchURL: Default -> https://fr.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Recherche Google) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-12]
CHR Extension: (Skype Click to Call) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-01]
CHR Extension: (Google Wallet) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-07]
CHR Extension: (Gmail) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2012-01-17]
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [135336 2010-08-17] (Avira GmbH)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [267944 2010-08-17] (Avira GmbH)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [81584 2010-08-17] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [116568 2010-08-17] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-25] (Avira Operations GmbH & Co. KG)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-10-21] (Duplex Secure Ltd.)
U3 ab3h5lxg; C:\Windows\System32\Drivers\ab3h5lxg.sys [0 ] (Advanced Micro Devices)
U3 asiiqd8y; C:\Windows\System32\Drivers\asiiqd8y.sys [0 ] (Advanced Micro Devices)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-16 22:41 - 2014-11-16 22:42 - 00016595 _____ () C:\Users\Selma\Desktop\FRST.txt
2014-11-16 22:41 - 2014-11-16 22:41 - 00000000 ____D () C:\Users\Selma\Desktop\FRST-OlderVersion
2014-11-16 22:40 - 2014-11-16 22:40 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA.job
2014-11-16 22:40 - 2014-11-16 22:40 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core.job
2014-11-16 13:22 - 2014-11-16 13:22 - 00116319 _____ () C:\Users\Selma\Desktop\ZHPDiag2.txt
2014-11-16 13:04 - 2014-11-16 22:41 - 02117120 _____ (Farbar) C:\Users\Selma\Desktop\FRST64.exe
2014-11-16 13:03 - 2014-11-16 13:03 - 00002465 _____ () C:\Users\Selma\Downloads\fixlist (1).txt
2014-11-16 10:59 - 2014-11-16 11:00 - 00028479 _____ () C:\Users\Selma\Downloads\Addition.txt
2014-11-16 10:58 - 2014-11-16 22:41 - 00000000 ____D () C:\FRST
2014-11-16 10:58 - 2014-11-16 11:00 - 00029721 _____ () C:\Users\Selma\Downloads\FRST.txt
2014-11-16 10:58 - 2014-11-16 10:58 - 02116608 _____ (Farbar) C:\Users\Selma\Downloads\FRST64 (1).exe
2014-11-16 10:56 - 2014-11-16 10:56 - 02116608 _____ (Farbar) C:\Users\Selma\Downloads\FRST64.exe
2014-11-16 10:02 - 2014-11-16 13:16 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-16 09:54 - 2014-11-16 13:09 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\ZHP
2014-11-16 09:54 - 2014-11-16 09:54 - 00001947 _____ () C:\Users\Selma\Desktop\ZHPFix.lnk
2014-11-16 09:54 - 2014-11-16 09:54 - 00001820 _____ () C:\Users\Selma\Desktop\ZHPDiag.lnk
2014-11-16 09:54 - 2014-11-16 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-16 09:54 - 2014-11-16 09:54 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-11-16 09:53 - 2014-11-16 09:53 - 06863988 _____ (Nicolas Coolman ) C:\Users\Selma\Downloads\ZHPDiag2.exe
2014-11-15 23:18 - 2014-11-05 03:48 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 23:18 - 2014-11-05 03:47 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 23:18 - 2014-11-05 03:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 21:53 - 2014-11-11 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-11 17:19 - 2014-11-11 17:17 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-11-11 17:17 - 2014-11-11 17:17 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Avira
2014-11-11 17:16 - 2014-11-11 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-11 17:16 - 2014-11-11 17:16 - 00002026 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-11-11 17:15 - 2014-11-11 22:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-11 17:15 - 2014-11-11 21:53 - 00000000 ____D () C:\ProgramData\Avira
2014-11-11 17:15 - 2014-09-25 17:27 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-11-11 17:15 - 2010-08-17 13:39 - 00116568 _____ (Avira GmbH) C:\Windows\system32\Drivers\avipbb.sys
2014-11-11 17:15 - 2010-08-17 13:39 - 00081584 _____ (Avira GmbH) C:\Windows\system32\Drivers\avgntflt.sys
2014-11-11 17:11 - 2014-11-11 17:13 - 151223664 _____ () C:\Users\Selma\Downloads\avira_free_antivirus_fr.exe
2014-11-11 17:10 - 2014-11-11 17:10 - 00001862 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\Windows\system32\log
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\eCyber
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-11-11 17:10 - 2014-11-05 14:10 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-11-11 17:10 - 2014-11-03 10:04 - 00049320 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2014-11-11 17:09 - 2014-11-11 17:09 - 00911824 _____ (Elex do Brasil Participações Ltda) C:\Users\Selma\Downloads\yet_another_cleaner_mat.exe
2014-11-11 01:46 - 2014-11-11 01:46 - 00812704 _____ ( ) C:\Users\Selma\Downloads\FileExtractorSetup.exe
2014-11-09 15:20 - 2014-11-09 15:22 - 00000000 ____D () C:\Users\Selma\Desktop\kristina
2014-11-09 12:02 - 2014-11-09 12:02 - 15077897 _____ (The GIMP Team ) C:\Users\Selma\Downloads\Non confirmé 89152.crdownload
2014-11-09 11:54 - 2014-11-09 11:54 - 00009127 _____ () C:\Users\Selma\Downloads\gimp-2.8.14-setup-1.exe.torrent
2014-11-09 11:51 - 2014-11-09 11:53 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Scribus
2014-11-09 10:57 - 2014-11-11 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.4
2014-11-09 10:56 - 2014-11-11 01:42 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.4
2014-10-25 22:55 - 2014-10-25 22:55 - 01585904 _____ (SquareClock SAS) C:\Users\Selma\Downloads\HomeByMe.exe
2014-10-24 22:46 - 2014-11-11 01:41 - 00000000 ____D () C:\Users\Selma\Desktop\films téléchargés
2014-10-24 22:45 - 2014-10-24 22:45 - 00028953 _____ () C:\Users\Selma\Downloads\The Walking Dead S05E02 FASTSUB VOSTFR HDTV XviD [www.OMGTORRENT.com].torrent
2014-10-24 22:45 - 2014-10-24 22:45 - 00028899 _____ () C:\Users\Selma\Downloads\The Walking Dead S05E01 FASTSUB VOSTFR HDTV XviD [www.OMGTORRENT.com].torrent
2014-10-23 21:16 - 2014-10-23 21:16 - 00000000 ____D () C:\Users\Selma\Desktop\Da.Vinci.Code-EXTENDED.CUT-TRUEFRENCH.DVDRIP.XviD.AC3-PoneyClub
2014-10-19 18:41 - 2014-10-19 18:41 - 01230792 _____ () C:\Users\Selma\Downloads\Setup (2).exe
2014-10-19 11:10 - 2014-10-19 11:10 - 01230792 _____ () C:\Users\Selma\Downloads\Setup (1).exe
2014-10-19 11:08 - 2014-10-19 11:08 - 01230784 _____ () C:\Users\Selma\Downloads\Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-16 22:42 - 2014-05-11 09:03 - 01941890 _____ () C:\Windows\WindowsUpdate.log
2014-11-16 22:40 - 2011-04-21 21:22 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA
2014-11-16 22:40 - 2011-04-21 21:22 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core
2014-11-16 22:38 - 2014-09-20 20:20 - 00002520 _____ () C:\Windows\setupact.log
2014-11-16 22:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 13:15 - 2010-08-03 14:14 - 00705166 _____ () C:\Windows\system32\perfh00C.dat
2014-11-16 13:15 - 2010-08-03 14:14 - 00131182 _____ () C:\Windows\system32\perfc00C.dat
2014-11-16 13:15 - 2009-07-14 06:13 - 01551552 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 13:13 - 2009-07-14 05:45 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 13:13 - 2009-07-14 05:45 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 09:54 - 2011-01-29 20:40 - 00003944 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64819CFD-19AD-47A0-B700-E82186C6EDC7}
2014-11-16 09:48 - 2014-07-11 00:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-16 09:47 - 2013-08-15 01:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-15 23:46 - 2011-02-20 09:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 07:13 - 2014-09-20 20:20 - 00232906 _____ () C:\Windows\PFRO.log
2014-11-11 17:08 - 2014-06-02 16:30 - 00001602 _____ () C:\DelFix.txt
2014-11-11 09:18 - 2014-06-01 10:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-11 01:42 - 2014-06-15 23:27 - 00000000 ____D () C:\ProgramData\NCH Software
2014-11-11 01:42 - 2014-06-15 23:27 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-11-11 01:42 - 2014-06-01 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-11 01:42 - 2013-08-29 17:59 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Azureus
2014-11-11 01:42 - 2013-08-29 17:59 - 00000000 ____D () C:\Program Files\Vuze
2014-11-11 01:42 - 2011-10-29 04:02 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-11 01:42 - 2011-03-03 12:15 - 00000000 ____D () C:\Users\Invité
2014-11-11 01:42 - 2011-01-29 20:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-11 01:42 - 2011-01-29 20:35 - 00000000 ____D () C:\Users\Selma
2014-11-11 01:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 01:41 - 2011-01-29 20:41 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\SoftGrid Client
2014-11-11 01:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-28 06:34 - 2011-01-30 19:52 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 14:32 - 2011-02-09 16:00 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\vlc
2014-10-23 22:21 - 2013-01-28 22:55 - 00105706 _____ () C:\test.xml
2014-10-19 08:59 - 2009-07-14 05:45 - 04952960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 08:56 - 2013-08-29 18:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Selma\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:06
==================== End Of Log ============================
Ran by Selma (administrator) on SELMA-VAIO on 16-11-2014 22:41:47
Running from C:\Users\Selma\Desktop
Loaded Profile: Selma (Available profiles: Selma & Invité)
Platform: Windows 7 Home Premium (X64) OS Language: Français (France)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768 2010-08-17] (Avira GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\Run: [Google Update] => C:\Users\Selma\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\...\MountPoints2: {59cda1bf-502b-11e2-8e1f-c0cb38f1ebe6} - E:\LaunchU3.exe -a
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-240529973-2975974449-2026987148-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {3F1E8DD1-FEBB-4486-A144-E51CBF4FECE9} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {3F1E8DD1-FEBB-4486-A144-E51CBF4FECE9} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {690828D2-C66E-4466-A136-E142C918E2A5} URL = http://fr.shopping.com/?linkin_id=8056351
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-240529973-2975974449-2026987148-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Selma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-240529973-2975974449-2026987148-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Selma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default\searchplugins\yahoo_ff.xml
FF Extension: Avira Browser Safety - C:\Users\Selma\AppData\Roaming\Mozilla\Firefox\Profiles\felro8r7.default\Extensions\abs@avira.com [2014-11-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-11]
Chrome:
=======
CHR HomePage: Default -> https://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://fr.search.yahoo.com/?type=994519&fr=yo-yhp-ch", "hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11412&pf=V7&trgb=CR&p2=%5EBBK%5EOSJ000%5EYY%5EFR&gct=hp&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EFR&apn_dbr=cr_35.0.1916.153&apn_uid=5BA77C50-3270-4333-AAB4-534BEBCBE66F&itbv=12.12.2.83&doi=2014-06-29&psv=&pt=tb", "hxxp://start.mysearchdial.com/?f=1&a=tele_14_25_ch&cd=2XzuyEtN2Y1L1QzuyDyEyEtByEzy0EzyyD0CyDzz0EyB0ByCtN0D0Tzu0SzzzyzztN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCtCtAtCtDtAyB0AtGtCyBtBzztGyDyByD0AtG0CtAtA0CtGtDyD0EyD0BtByCtDyEzz0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyCyEyEtCyC0EtGtBzzyD0DtGtAzztD0AtGyD0DtCyDtGtCtCyE0CtDyDzzyD0CtAtDtC2Q&cr=2073637894&ir="
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSearchURL: Default -> https://fr.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16]
CHR Extension: (Recherche Google) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-12]
CHR Extension: (Skype Click to Call) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-01]
CHR Extension: (Google Wallet) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-07]
CHR Extension: (Gmail) - C:\Users\Selma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2012-01-17]
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [135336 2010-08-17] (Avira GmbH)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [267944 2010-08-17] (Avira GmbH)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [81584 2010-08-17] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [116568 2010-08-17] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-25] (Avira Operations GmbH & Co. KG)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-10-21] (Duplex Secure Ltd.)
U3 ab3h5lxg; C:\Windows\System32\Drivers\ab3h5lxg.sys [0 ] (Advanced Micro Devices)
U3 asiiqd8y; C:\Windows\System32\Drivers\asiiqd8y.sys [0 ] (Advanced Micro Devices)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-16 22:41 - 2014-11-16 22:42 - 00016595 _____ () C:\Users\Selma\Desktop\FRST.txt
2014-11-16 22:41 - 2014-11-16 22:41 - 00000000 ____D () C:\Users\Selma\Desktop\FRST-OlderVersion
2014-11-16 22:40 - 2014-11-16 22:40 - 00001078 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA.job
2014-11-16 22:40 - 2014-11-16 22:40 - 00001026 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core.job
2014-11-16 13:22 - 2014-11-16 13:22 - 00116319 _____ () C:\Users\Selma\Desktop\ZHPDiag2.txt
2014-11-16 13:04 - 2014-11-16 22:41 - 02117120 _____ (Farbar) C:\Users\Selma\Desktop\FRST64.exe
2014-11-16 13:03 - 2014-11-16 13:03 - 00002465 _____ () C:\Users\Selma\Downloads\fixlist (1).txt
2014-11-16 10:59 - 2014-11-16 11:00 - 00028479 _____ () C:\Users\Selma\Downloads\Addition.txt
2014-11-16 10:58 - 2014-11-16 22:41 - 00000000 ____D () C:\FRST
2014-11-16 10:58 - 2014-11-16 11:00 - 00029721 _____ () C:\Users\Selma\Downloads\FRST.txt
2014-11-16 10:58 - 2014-11-16 10:58 - 02116608 _____ (Farbar) C:\Users\Selma\Downloads\FRST64 (1).exe
2014-11-16 10:56 - 2014-11-16 10:56 - 02116608 _____ (Farbar) C:\Users\Selma\Downloads\FRST64.exe
2014-11-16 10:02 - 2014-11-16 13:16 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-16 09:54 - 2014-11-16 13:09 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\ZHP
2014-11-16 09:54 - 2014-11-16 09:54 - 00001947 _____ () C:\Users\Selma\Desktop\ZHPFix.lnk
2014-11-16 09:54 - 2014-11-16 09:54 - 00001820 _____ () C:\Users\Selma\Desktop\ZHPDiag.lnk
2014-11-16 09:54 - 2014-11-16 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-16 09:54 - 2014-11-16 09:54 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-11-16 09:53 - 2014-11-16 09:53 - 06863988 _____ (Nicolas Coolman ) C:\Users\Selma\Downloads\ZHPDiag2.exe
2014-11-15 23:18 - 2014-11-05 03:48 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-15 23:18 - 2014-11-05 03:47 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-15 23:18 - 2014-11-05 03:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 21:53 - 2014-11-11 22:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-11 17:19 - 2014-11-11 17:17 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-11-11 17:17 - 2014-11-11 17:17 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Avira
2014-11-11 17:16 - 2014-11-11 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-11 17:16 - 2014-11-11 17:16 - 00002026 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-11-11 17:15 - 2014-11-11 22:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-11 17:15 - 2014-11-11 21:53 - 00000000 ____D () C:\ProgramData\Avira
2014-11-11 17:15 - 2014-09-25 17:27 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-11-11 17:15 - 2010-08-17 13:39 - 00116568 _____ (Avira GmbH) C:\Windows\system32\Drivers\avipbb.sys
2014-11-11 17:15 - 2010-08-17 13:39 - 00081584 _____ (Avira GmbH) C:\Windows\system32\Drivers\avgntflt.sys
2014-11-11 17:11 - 2014-11-11 17:13 - 151223664 _____ () C:\Users\Selma\Downloads\avira_free_antivirus_fr.exe
2014-11-11 17:10 - 2014-11-11 17:10 - 00001862 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\Windows\system32\log
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\eCyber
2014-11-11 17:10 - 2014-11-11 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2014-11-11 17:10 - 2014-11-05 14:10 - 00045224 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2014-11-11 17:10 - 2014-11-03 10:04 - 00049320 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2014-11-11 17:09 - 2014-11-11 17:09 - 00911824 _____ (Elex do Brasil Participações Ltda) C:\Users\Selma\Downloads\yet_another_cleaner_mat.exe
2014-11-11 01:46 - 2014-11-11 01:46 - 00812704 _____ ( ) C:\Users\Selma\Downloads\FileExtractorSetup.exe
2014-11-09 15:20 - 2014-11-09 15:22 - 00000000 ____D () C:\Users\Selma\Desktop\kristina
2014-11-09 12:02 - 2014-11-09 12:02 - 15077897 _____ (The GIMP Team ) C:\Users\Selma\Downloads\Non confirmé 89152.crdownload
2014-11-09 11:54 - 2014-11-09 11:54 - 00009127 _____ () C:\Users\Selma\Downloads\gimp-2.8.14-setup-1.exe.torrent
2014-11-09 11:51 - 2014-11-09 11:53 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Scribus
2014-11-09 10:57 - 2014-11-11 01:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.4
2014-11-09 10:56 - 2014-11-11 01:42 - 00000000 ____D () C:\Program Files (x86)\Scribus 1.4.4
2014-10-25 22:55 - 2014-10-25 22:55 - 01585904 _____ (SquareClock SAS) C:\Users\Selma\Downloads\HomeByMe.exe
2014-10-24 22:46 - 2014-11-11 01:41 - 00000000 ____D () C:\Users\Selma\Desktop\films téléchargés
2014-10-24 22:45 - 2014-10-24 22:45 - 00028953 _____ () C:\Users\Selma\Downloads\The Walking Dead S05E02 FASTSUB VOSTFR HDTV XviD [www.OMGTORRENT.com].torrent
2014-10-24 22:45 - 2014-10-24 22:45 - 00028899 _____ () C:\Users\Selma\Downloads\The Walking Dead S05E01 FASTSUB VOSTFR HDTV XviD [www.OMGTORRENT.com].torrent
2014-10-23 21:16 - 2014-10-23 21:16 - 00000000 ____D () C:\Users\Selma\Desktop\Da.Vinci.Code-EXTENDED.CUT-TRUEFRENCH.DVDRIP.XviD.AC3-PoneyClub
2014-10-19 18:41 - 2014-10-19 18:41 - 01230792 _____ () C:\Users\Selma\Downloads\Setup (2).exe
2014-10-19 11:10 - 2014-10-19 11:10 - 01230792 _____ () C:\Users\Selma\Downloads\Setup (1).exe
2014-10-19 11:08 - 2014-10-19 11:08 - 01230784 _____ () C:\Users\Selma\Downloads\Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-16 22:42 - 2014-05-11 09:03 - 01941890 _____ () C:\Windows\WindowsUpdate.log
2014-11-16 22:40 - 2011-04-21 21:22 - 00004052 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA
2014-11-16 22:40 - 2011-04-21 21:22 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core
2014-11-16 22:38 - 2014-09-20 20:20 - 00002520 _____ () C:\Windows\setupact.log
2014-11-16 22:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-16 13:15 - 2010-08-03 14:14 - 00705166 _____ () C:\Windows\system32\perfh00C.dat
2014-11-16 13:15 - 2010-08-03 14:14 - 00131182 _____ () C:\Windows\system32\perfc00C.dat
2014-11-16 13:15 - 2009-07-14 06:13 - 01551552 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 13:13 - 2009-07-14 05:45 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 13:13 - 2009-07-14 05:45 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 09:54 - 2011-01-29 20:40 - 00003944 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{64819CFD-19AD-47A0-B700-E82186C6EDC7}
2014-11-16 09:48 - 2014-07-11 00:41 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-16 09:47 - 2013-08-15 01:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-15 23:46 - 2011-02-20 09:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 07:13 - 2014-09-20 20:20 - 00232906 _____ () C:\Windows\PFRO.log
2014-11-11 17:08 - 2014-06-02 16:30 - 00001602 _____ () C:\DelFix.txt
2014-11-11 09:18 - 2014-06-01 10:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-11 01:42 - 2014-06-15 23:27 - 00000000 ____D () C:\ProgramData\NCH Software
2014-11-11 01:42 - 2014-06-15 23:27 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-11-11 01:42 - 2014-06-01 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-11 01:42 - 2013-08-29 17:59 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\Azureus
2014-11-11 01:42 - 2013-08-29 17:59 - 00000000 ____D () C:\Program Files\Vuze
2014-11-11 01:42 - 2011-10-29 04:02 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-11 01:42 - 2011-03-03 12:15 - 00000000 ____D () C:\Users\Invité
2014-11-11 01:42 - 2011-01-29 20:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-11-11 01:42 - 2011-01-29 20:35 - 00000000 ____D () C:\Users\Selma
2014-11-11 01:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 01:41 - 2011-01-29 20:41 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\SoftGrid Client
2014-11-11 01:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-28 06:34 - 2011-01-30 19:52 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-24 14:32 - 2011-02-09 16:00 - 00000000 ____D () C:\Users\Selma\AppData\Roaming\vlc
2014-10-23 22:21 - 2013-01-28 22:55 - 00105706 _____ () C:\test.xml
2014-10-19 08:59 - 2009-07-14 05:45 - 04952960 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 08:56 - 2013-08-29 18:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Selma\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 13:06
==================== End Of Log ============================