Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2015 01 Ran by VINCENT (administrator) on VINCENT-PC on 30-06-2015 15:30:45 Running from C:\Users\Robert Jean.VINCENT-PC\Desktop Loaded Profiles: VINCENT & Robert Jean (Available Profiles: VINCENT & Robert Jean & UpdatusUser) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: Français (France) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files\Canon\IJPLM\ijplmsvc.exe (Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (SPAMfighter ApS) C:\Program Files\Fighters\SPAMfighter\sfus.exe (SPAMfighter ApS) C:\Program Files\Fighters\FighterSuiteService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (SPAMfighter ApS) C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) C:\Program Files\Fighters\SPAMfighter\sfagent.exe (Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\stpass.exe (SFR) C:\Program Files\SFR\Kit\9props.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560 2009-07-24] (VIA) HKLM\...\Run: [ATICustomerCare] => C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [307200 2009-06-14] (Advanced Micro Devices, Inc.) HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1352272 2010-10-29] (Logitech, Inc.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2516296 2010-03-25] (CANON INC.) HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM\...\Run: [CommonToolkitTray] => C:\Program Files\Fighters\Tray\FightersTray.exe [1681952 2014-03-24] (SPAMfighter ApS) HKLM\...\Run: [sfagent] => C:\Program Files\Fighters\SPAMfighter\sfagent.exe [1051168 2014-04-30] (SPAMfighter ApS) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28] (Logitech, Inc.) HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\...\Run: [KasperskyPasswordManager] => C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [7458112 2014-06-05] (Kaspersky Lab) HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\...\Run: [Connexion SFR 9props.exe] => C:\Program Files\SFR\Kit\9props.exe [955712 2009-04-21] (SFR) HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\...\MountPoints2: {ae1ef56e-6d26-11e3-8a7f-90e6babb2df2} - J:\DVAP.exe HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Run: [KasperskyPasswordManager] => C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\stpass.exe [7458112 2014-06-05] (Kaspersky Lab) HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Run: [Connexion SFR 9props.exe] => C:\Program Files\SFR\Kit\9props.exe [955712 2009-04-21] (SFR) HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Run: [Nero MediaHome 4] => "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Run: [Driver Tool] => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe /applicationMode:systemTray /showWelcome:false HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\MountPoints2: {ae1ef56e-6d26-11e3-8a7f-90e6babb2df2} - J:\DVAP.exe HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.selexium.fr HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.selexium.fr/ HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKU\S-1-5-21-1493941928-1368555507-2336873601-1000 -> {F7E92161-B288-4910-9819-C8F4D88E4980} URL = SearchScopes: HKU\S-1-5-21-1493941928-1368555507-2336873601-1001 -> {F7E92161-B288-4910-9819-C8F4D88E4980} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.) BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F9248840-737C-4696-B266-7F105137E895}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\VINCENT\AppData\Roaming\Mozilla\Firefox\Profiles\e076c11h.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-24] () FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation) FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-10] () FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-10] () FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-10] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1493941928-1368555507-2336873601-1000: @kaspersky.com/Password Manager -> C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll [2014-06-05] (Kaspersky Lab) FF Plugin HKU\S-1-5-21-1493941928-1368555507-2336873601-1001: @kaspersky.com/Password Manager -> C:\Program Files\Kaspersky Lab\Kaspersky Password Manager\npkpmAutofill.dll [2014-06-05] (Kaspersky Lab) FF Plugin HKU\S-1-5-21-1493941928-1368555507-2336873601-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert Jean.VINCENT-PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-09-24] (Unity Technologies ApS) FF user.js: detected! => C:\Users\VINCENT\AppData\Roaming\Mozilla\Firefox\Profiles\e076c11h.default\user.js [2014-07-20] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.) FF Extension: LavaFox V2 - C:\Users\VINCENT\AppData\Roaming\Mozilla\Firefox\Profiles\e076c11h.default\Extensions\info@djzig.com [2015-06-10] FF Extension: Garmin Communicator - C:\Users\VINCENT\AppData\Roaming\Mozilla\Firefox\Profiles\e076c11h.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-10] FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-06-10] FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-06-10] FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-06-10] FF HKU\S-1-5-21-1493941928-1368555507-2336873601-1000\...\Thunderbird\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\VINCENT\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill FF Extension: Password Manager Autofill Engine - C:\Users\VINCENT\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2011-02-21] FF HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Firefox\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\Robert Jean.VINCENT-PC\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill FF Extension: Password Manager Autofill Engine - C:\Users\Robert Jean.VINCENT-PC\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill [2011-01-03] FF HKU\S-1-5-21-1493941928-1368555507-2336873601-1001\...\Thunderbird\Extensions: [{72CA2996-F580-47DF-98FF-0B853D09CEC8}] - C:\Users\Robert Jean.VINCENT-PC\AppData\Roaming\Kaspersky Lab\Kaspersky Password Manager\kpmAutofill Chrome: ======= CHR Profile: C:\Users\VINCENT\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO) R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] () S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed] R2 SPAMfighter Update Service; C:\Program Files\Fighters\SPAMfighter\sfus.exe [216608 2014-04-30] (SPAMfighter ApS) R2 Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [1282592 2014-03-14] (SPAMfighter ApS) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-23] (Kaspersky Lab UK Ltd) R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed] S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [35992 2015-06-25] () R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-23] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-06-23] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-23] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-06-30] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [705208 2015-06-23] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-06-23] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-06-23] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-06-23] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-23] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-23] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [72560 2015-06-23] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-06-23] (Kaspersky Lab ZAO) S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28624 2010-08-24] (Logitech, Inc.) R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] () S3 QCDonner; C:\Windows\System32\DRIVERS\LVCD.sys [474304 2004-04-27] (Logitech Inc.) R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software) R3 TotRec7; C:\Windows\System32\drivers\TotRec7.sys [131152 2010-04-12] (High Criteria inc.) R3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [91216 2010-04-12] (High Criteria inc.) S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [579840 2009-09-01] (eMPIA Technology, Inc.) S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [551424 2009-09-02] (eMPIA Technology, Inc.) R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1067008 2009-07-10] (VIA Technologies, Inc.) S3 catchme; \??\C:\Users\VINCENT\AppData\Local\Temp\catchme.sys [X] S3 StarOpen; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 15:30 - 2015-06-30 15:31 - 00020520 _____ C:\Users\Robert Jean.VINCENT-PC\Desktop\FRST.txt 2015-06-30 15:30 - 2015-06-30 15:30 - 00000000 ____D C:\FRST 2015-06-30 15:28 - 2015-06-30 15:28 - 01636352 _____ (Farbar) C:\Users\Robert Jean.VINCENT-PC\Desktop\FRST.exe 2015-06-25 08:43 - 2015-06-25 08:43 - 00035992 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2015-06-16 11:19 - 2015-06-30 15:11 - 00862157 ____N C:\Windows\WindowsUpdate.log 2015-06-12 08:50 - 2015-06-25 08:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-06-12 08:49 - 2015-06-12 08:53 - 00001024 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-06-12 08:49 - 2015-06-12 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-06-12 08:49 - 2015-06-12 08:53 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-06-12 08:49 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-06-12 08:49 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-06-12 08:49 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-06-11 08:58 - 2015-06-11 08:59 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2015-06-10 20:02 - 2015-06-10 20:02 - 00002240 _____ C:\Users\Robert Jean.VINCENT-PC\Desktop\Protection bancaire.lnk 2015-06-10 18:33 - 2015-06-10 18:33 - 00002240 _____ C:\Users\VINCENT\Desktop\Protection bancaire.lnk 2015-06-10 18:32 - 2015-06-10 18:32 - 00002068 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk 2015-06-10 18:32 - 2015-06-10 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2015-06-10 18:31 - 2015-06-10 18:31 - 00000000 ____D C:\Windows\ELAMBKUP 2015-06-10 08:27 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-06-10 08:27 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-06-10 08:27 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-06-10 08:27 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-06-10 08:27 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-06-10 08:27 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-06-10 08:27 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-06-10 08:27 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-06-10 08:27 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-06-10 08:27 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys 2015-06-10 08:26 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-06-10 08:26 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-06-10 08:26 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-06-10 08:26 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-06-10 08:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-06-10 08:26 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-06-10 08:26 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-06-10 08:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-06-10 08:26 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-06-10 08:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-06-10 08:26 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-06-10 08:26 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-06-10 08:26 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-06-10 08:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-06-10 08:26 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-06-10 08:26 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-06-10 08:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-06-10 08:26 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-06-10 08:26 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-06-10 08:26 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-06-10 08:26 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-06-10 08:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-06-10 08:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-06-10 08:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-06-10 08:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-06-10 08:26 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-06-10 08:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-06-10 08:26 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-06-10 08:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-06-10 08:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-06-10 08:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-06-10 08:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-06-10 08:25 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-06-10 08:25 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-06-10 08:25 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-06-10 08:25 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-06-10 08:25 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-06-10 08:25 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-06-10 08:25 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-06-10 08:25 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-06-10 08:25 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-06-10 08:25 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-06-10 08:25 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-06-10 08:25 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-06-10 08:25 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-06-10 08:24 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-06-10 08:24 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-06-10 08:24 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-06-10 08:24 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-06-10 08:24 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-10 08:24 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-10 08:24 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-06-10 08:24 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-06-10 08:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-06-10 08:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-06-10 08:24 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-06-10 08:24 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-06-09 07:16 - 2009-06-10 23:39 - 00000824 _____ C:\Windows\system32\Drivers\etc\2015-06-09_07-16_hosts.bak 2015-06-08 11:00 - 2015-06-08 11:00 - 00005659 _____ C:\Users\VINCENT\Documents\update.txt 2015-06-04 20:53 - 2015-06-04 20:53 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2015-06-04 18:50 - 2015-06-04 18:50 - 00000000 ____D C:\Users\VINCENT\AppData\Local\GWX 2015-06-04 15:07 - 2015-06-04 15:07 - 00000000 ____D C:\Users\Robert Jean.VINCENT-PC\AppData\Local\GWX ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-30 15:26 - 2010-02-10 08:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-06-30 15:05 - 2012-08-04 07:38 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-30 15:05 - 2009-07-14 06:34 - 00014864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-30 15:05 - 2009-07-14 06:34 - 00014864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-30 14:59 - 2010-02-13 20:16 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-30 14:50 - 2010-02-13 20:16 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-30 14:15 - 2010-02-10 07:54 - 00000000 ____D C:\VueScan 2015-06-30 13:57 - 2010-02-04 18:52 - 00848712 _____ C:\Windows\system32\PerfStringBackup.INI 2015-06-30 13:17 - 2010-02-09 17:30 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs 2015-06-30 11:35 - 2014-10-22 21:13 - 00044208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys 2015-06-30 11:20 - 2010-02-04 18:56 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-30 11:20 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-06-30 07:11 - 2011-01-08 22:38 - 00000000 ___SD C:\Users\VINCENT\Documents\Passwords Database 2015-06-30 07:07 - 2011-01-03 21:47 - 00000000 ___SD C:\Users\Robert Jean.VINCENT-PC\Documents\Passwords Database 2015-06-30 06:56 - 2013-08-15 12:04 - 00000000 ____D C:\Windows\system32\MRT 2015-06-26 14:21 - 2010-11-14 22:06 - 00000929 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-06-26 14:21 - 2010-02-10 21:42 - 00000000 ____D C:\Program Files\CCleaner 2015-06-24 14:05 - 2012-04-03 06:56 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-06-24 14:05 - 2011-05-26 11:23 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-06-23 15:58 - 2014-11-22 14:12 - 00072560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys 2015-06-23 15:58 - 2014-11-10 17:48 - 00157240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys 2015-06-23 15:58 - 2014-10-10 17:02 - 00034160 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys 2015-06-23 15:58 - 2014-10-09 12:31 - 00054328 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys 2015-06-23 15:58 - 2014-08-19 12:31 - 00054640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys 2015-06-23 15:58 - 2014-03-31 10:47 - 00153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2015-06-23 15:58 - 2013-04-12 14:34 - 00023920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys 2015-06-23 15:57 - 2014-12-13 18:21 - 00705208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2015-06-23 15:57 - 2014-11-28 18:19 - 00128728 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2015-06-23 15:57 - 2014-10-30 04:22 - 00036208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2015-06-23 15:57 - 2013-08-08 16:10 - 00035696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys 2015-06-23 15:57 - 2013-01-14 20:10 - 00197864 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys 2015-06-22 16:02 - 2010-02-07 10:49 - 00000000 ____D C:\Users\VINCENT 2015-06-21 18:39 - 2014-02-10 22:19 - 10113976 _____ (SurfRight B.V.) C:\Users\VINCENT\Desktop\HitmanPro35.exe 2015-06-21 16:45 - 2009-07-14 06:53 - 00032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-06-19 10:58 - 2010-02-08 10:05 - 00000000 ____D C:\Users\Robert Jean.VINCENT-PC 2015-06-19 08:45 - 2014-09-21 15:36 - 00000000 ____D C:\Users\VINCENT\AppData\Local\Adobe 2015-06-17 14:20 - 2011-10-06 14:05 - 00000000 ____D C:\ProgramData\CanonIJPLM 2015-06-11 13:49 - 2012-08-20 20:00 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-06-10 18:31 - 2010-08-06 10:09 - 00000000 ____D C:\Program Files\Kaspersky Lab 2015-06-10 15:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2015-06-10 13:39 - 2009-07-14 06:33 - 00528704 _____ C:\Windows\system32\FNTCACHE.DAT 2015-06-10 13:37 - 2015-04-16 10:20 - 00000000 ____D C:\Windows\system32\appraiser 2015-06-10 13:37 - 2014-05-06 10:38 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-06-10 13:37 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR 2015-06-09 21:26 - 2010-02-10 18:21 - 00000000 ____D C:\Users\VINCENT\AppData\Local\Thunderbird 2015-06-05 07:48 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-06-04 20:53 - 2010-02-11 21:20 - 00000000 ____D C:\Program Files\Google ==================== Files in the root of some directories ======= 2012-05-08 14:15 - 2012-05-08 14:15 - 0000005 _____ () C:\Program Files\basis-link 2012-08-13 10:57 - 2012-08-13 10:57 - 0012927 _____ () C:\Program Files\readme.html 2012-08-13 10:57 - 2012-08-13 10:57 - 0012558 _____ () C:\Program Files\readme.txt 2010-08-04 21:33 - 2010-08-04 21:40 - 0010568 _____ () C:\Users\VINCENT\AppData\Roaming\docXConverter.ini 2013-12-25 11:10 - 2013-12-25 11:10 - 0000038 _____ () C:\Users\VINCENT\AppData\Roaming\DVAP.set 2011-07-11 08:54 - 2011-07-11 08:54 - 0028160 _____ () C:\Users\VINCENT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-04-22 07:19 - 2013-09-25 21:09 - 0007666 _____ () C:\Users\VINCENT\AppData\Local\Resmon.ResmonCfg 2011-07-27 09:50 - 2011-07-27 09:50 - 0017408 _____ () C:\Users\VINCENT\AppData\Local\WebpageIcons.db 2010-02-10 22:44 - 2010-02-10 22:44 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2010-02-07 16:38 - 2011-10-06 13:33 - 0009523 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-23 12:30 ==================== End of log ============================