Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Maison (administrator) on ALEXIS (09-02-2016 15:59:57)
Running from C:\Users\Maison\Desktop
Loaded Profiles: Maison & postgres (Available Profiles: Maison & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Flux Software LLC) C:\Users\Maison\AppData\Local\FluxSoftware\Flux\flux.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Maison\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Maison\Winamax\Winamax Poker\Winamax Poker.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4733\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6734\Battle.net.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() Q:\140066.enu\Office14\EXCELC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() Q:\140066.enu\Office14\OffSpon.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [636520 2012-02-07] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\Run: [f.lux] => C:\Users\Maison\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\Run: [Spotify Web Helper] => C:\Users\Maison\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-02-08] (Spotify Ltd)
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\MountPoints2: {01e0e651-a4ce-11e5-9465-f80f4156bfa2} - H:\AutoRun.exe
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\...\MountPoints2: {a834d213-d9c7-11e3-91e2-f80f4156bfa2} - G:\setup.exe
HKU\S-1-5-21-3609916030-4228407385-2350324724-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3609916030-4228407385-2350324724-1002\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-3609916030-4228407385-2350324724-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C54F6205-EFD2-4A50-8475-365838D8AC11}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E6CD5C59-743A-4591-8B6C-AFBBBE1EE888}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3609916030-4228407385-2350324724-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Maison\AppData\Roaming\Mozilla\Firefox\Profiles\egzt9zpb.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-01-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Maison\AppData\Roaming\Mozilla\Firefox\Profiles\egzt9zpb.default\extensions\2020Player_IKEA@2020Technologies.com [2015-11-03]

Chrome: 
=======
CHR Profile: C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Recherche Google) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]
CHR Extension: (AdBlock Pro) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-01-15]
CHR Extension: (Gmail) - C:\Users\Maison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199272 2012-02-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2013-11-21] (The OpenVPN Project)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [81920 2013-04-02] (PostgreSQL Global Development Group) [File not signed]
R2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-12] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [100912 2012-02-22] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
S3 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-09 15:59 - 2016-02-09 16:00 - 00019524 _____ C:\Users\Maison\Desktop\FRST.txt
2016-02-09 15:59 - 2016-02-09 15:59 - 02370560 _____ (Farbar) C:\Users\Maison\Desktop\FRST64.exe
2016-02-09 15:59 - 2016-02-09 15:59 - 00000000 ____D C:\FRST
2016-02-09 15:32 - 2016-02-09 15:32 - 00000165 ____H C:\Users\Maison\Desktop\~$StartGlory.xlsx
2016-02-08 20:57 - 2016-02-08 20:57 - 01504384 _____ (Skype Technologies S.A.) C:\Users\Maison\Downloads\SkypeSetup (1).exe
2016-02-08 17:44 - 2016-02-08 17:44 - 00176031 _____ C:\Users\Maison\Documents\epic.odt
2016-02-07 20:37 - 2016-02-07 21:05 - 370475632 ____R C:\Users\Maison\Downloads\[ www.CpasBien.io ] The.Blacklist.S03E13.FASTSUB.VOSTFR.HDTV.XviD-ZT.avi
2016-02-07 20:37 - 2016-02-07 21:00 - 375574946 ____R C:\Users\Maison\Downloads\[ www.CpasBien.io ] Suits.S05E12.FASTSUB.VOSTFR.HDTV.XviD-ZT.avi
2016-02-07 20:36 - 2016-02-07 20:36 - 00031257 _____ C:\Users\Maison\Downloads\suits-s05e12-vostfr-hdtv.torrent
2016-02-07 20:36 - 2016-02-07 20:36 - 00030885 _____ C:\Users\Maison\Downloads\the-blacklist-s03e13-vostfr-hdtv.torrent
2016-02-05 08:54 - 2016-02-05 08:56 - 00000000 ____D C:\Users\Maison\Downloads\[www.Cpasbien.pe] Akhenaton-Je_Suis_En_Vie_(Edition_Limitee)-3CD-FR-2014-SPANK
2016-02-05 08:53 - 2016-02-05 08:53 - 00027259 _____ C:\Users\Maison\Downloads\akhenaton-je-suis-en-vie-edition-limitee-3cd-2014.torrent
2016-02-04 23:26 - 2016-02-04 23:26 - 00001103 _____ C:\Users\Public\Desktop\Winamax Poker.lnk
2016-02-04 23:26 - 2016-02-04 23:26 - 00001043 _____ C:\Users\Public\Desktop\WinaChat.lnk
2016-02-04 14:34 - 2016-02-04 14:35 - 00000000 ____D C:\Users\Maison\Downloads\Steve.Jobs.2015.FRENCH.BDRip.XviD-ViVi
2016-02-04 14:33 - 2016-02-04 14:33 - 00107963 _____ C:\Users\Maison\Downloads\steve-jobs-french-dvdrip-2016.torrent
2016-02-03 21:10 - 2016-02-03 21:10 - 00000000 ____D C:\Users\Maison\Downloads\[www.Cpasbien.me] Now.You.See.Me.2013.FRENCH.DVDRip.XviD-TMB
2016-02-03 21:09 - 2016-02-03 21:09 - 00114726 _____ C:\Users\Maison\Downloads\insaisissables-now-you-see-me-french-dvdrip-2013.torrent
2016-02-03 12:40 - 2016-02-03 12:40 - 00031157 _____ C:\Users\Maison\Downloads\suits-s05e11-vostfr-hdtv (1).torrent
2016-02-02 17:27 - 2016-02-02 17:27 - 00056197 _____ C:\Users\Maison\Downloads\DOC147.pdf
2016-02-02 17:23 - 2016-02-02 17:23 - 00022977 _____ C:\Users\Maison\Downloads\Copie de DETAIL CALCUL PRIX jean roch.xlsx
2016-02-02 12:06 - 2016-02-02 12:11 - 294960084 ____R C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Kaerizaki-Fansub]_One_Piece_728_[VOSTFR][HD_1280x720].mp4
2016-02-02 12:06 - 2016-02-02 12:06 - 00025131 _____ C:\Users\Maison\Downloads\one-piece-728-vostfr.torrent
2016-02-01 20:44 - 2016-02-01 20:51 - 351910580 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] The.Blacklist.S03E12.FASTSUB.VOSTFR.HDTV.XviD-ZT.avi
2016-02-01 20:44 - 2016-02-01 20:44 - 00029465 _____ C:\Users\Maison\Downloads\the-blacklist-s03e12-vostfr-hdtv.torrent
2016-02-01 18:18 - 2016-02-01 18:18 - 00000000 ____D C:\Users\Maison\AppData\Local\Hold'em_Manager
2016-02-01 18:15 - 2016-02-01 18:15 - 00133970 _____ C:\Users\Maison\Desktop\ZHPDiag1.txt
2016-02-01 17:55 - 2016-02-01 17:56 - 121045992 _____ C:\Users\Maison\Downloads\8415_HoldemManager2Setup.exe
2016-02-01 17:53 - 2016-02-09 15:56 - 00000000 ____D C:\Users\Maison\AppData\Roaming\HoldemManager
2016-02-01 17:52 - 2016-02-01 17:52 - 02105344 _____ C:\Users\Maison\Downloads\ZHPDiag3(1).exe
2016-02-01 17:50 - 2016-02-01 17:50 - 00001092 _____ C:\Users\Maison\Desktop\ZHPFixReport.txt
2016-02-01 15:30 - 2016-02-01 15:30 - 00003146 _____ C:\Windows\System32\Tasks\{A80464B1-CBE8-4D82-96AE-2529F1DE9AA2}
2016-02-01 15:15 - 2016-02-01 15:16 - 03673705 _____ C:\Users\Maison\Downloads\Principaux Tarifs  Entreprise au départ de France métropolitaine à compter du 1er janvier 2016.pdf
2016-02-01 14:59 - 2016-02-01 14:59 - 00001857 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2016-02-01 14:59 - 2016-02-01 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2016-02-01 14:59 - 2016-02-01 14:59 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2016-02-01 14:57 - 2016-02-01 14:58 - 03521617 _____ (Nicolas Coolman ) C:\Users\Maison\Downloads\ZHPFix.exe
2016-02-01 09:31 - 2016-02-01 09:31 - 00054297 _____ C:\Users\Maison\Downloads\AttestationDroits.pdf
2016-01-30 22:06 - 2016-01-30 22:15 - 374181972 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] Suits.S05E11.FASTSUB.VOSTFR.HDTV.XviD-ZT.avi
2016-01-30 22:05 - 2016-01-30 22:05 - 00031157 _____ C:\Users\Maison\Downloads\suits-s05e11-vostfr-hdtv.torrent
2016-01-30 15:46 - 2016-02-01 17:58 - 00133967 _____ C:\Users\Maison\Desktop\ZHPDiag.txt
2016-01-30 15:36 - 2016-01-30 15:36 - 02100736 _____ C:\Users\Maison\Downloads\ZHPDiag3 (1).exe
2016-01-30 15:33 - 2016-02-01 17:52 - 00000823 _____ C:\Users\Maison\Desktop\ZHPDiag.lnk
2016-01-30 15:33 - 2016-02-01 17:51 - 02105344 _____ C:\Users\Maison\ZHPDiag3.exe
2016-01-30 15:33 - 2016-01-30 15:33 - 01901056 _____ C:\Users\Maison\Downloads\ZHPDiag3.exe
2016-01-30 11:31 - 2016-01-30 11:31 - 00030005 _____ C:\Users\Maison\Downloads\=_UTF-8_B_Q291cGUgQ291cnTDqHMgTWVzc2lldXJzIEVxIDEuZG9jeA==_=
2016-01-29 16:25 - 2016-01-29 16:29 - 207578625 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Fansub-Resistance]Naruto Shippuuden 446 (1280x720).mp4
2016-01-25 17:48 - 2016-02-09 16:00 - 00023598 _____ C:\Users\Maison\Desktop\StartGlory.xlsx
2016-01-24 22:58 - 2016-01-24 23:06 - 294172839 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Kaerizaki-Fansub]_One_Piece_727_[VOSTFR][HD_1280x720].mp4
2016-01-23 19:58 - 2016-01-23 21:42 - 1825425883 _____ C:\Users\Maison\Downloads\En Quête De Sens avec bonus-www.zone-telechargement.com.mp4
2016-01-22 12:41 - 2016-01-22 12:44 - 00000000 ____D C:\Users\Maison\Downloads\Grand Corps Malade - Il nous restera ça (2015) Mp3.www.Cpasbien.io
2016-01-21 21:52 - 2016-01-21 21:53 - 00000000 ____D C:\Users\Maison\Downloads\[ www.CpasBien.io ] Deutschland 83 - Saison 1 [Complete]
2016-01-21 21:51 - 2016-01-21 22:04 - 207798696 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Fansub-Resistance]Naruto Shippuuden 445 (1280x720).mp4
2016-01-19 12:54 - 2016-01-19 12:54 - 00000000 ____D C:\Users\Maison\AppData\Local\OWG
2016-01-19 12:53 - 2016-02-02 13:42 - 00000000 ____D C:\Program Files (x86)\OWG
2016-01-19 12:53 - 2016-01-19 12:53 - 00002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OWG.lnk
2016-01-19 12:53 - 2016-01-19 12:53 - 00002469 _____ C:\Users\Public\Desktop\OWG.lnk
2016-01-19 12:53 - 2016-01-19 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OWG
2016-01-19 12:52 - 2016-01-19 12:52 - 01294336 _____ C:\Users\Maison\Downloads\Installer_en.msi
2016-01-17 23:58 - 2016-01-18 00:07 - 294755248 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Kaerizaki-Fansub]_One_Piece_726_[VOSTFR][HD_1280x720].mp4
2016-01-15 00:41 - 2016-01-15 00:41 - 00109568 _____ C:\Users\Maison\Desktop\range de call.xls
2016-01-15 00:30 - 2016-01-15 00:34 - 207532649 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Fansub-Resistance]Naruto Shippuuden 443 (1280x720).mp4
2016-01-14 23:11 - 2016-01-14 23:15 - 207627817 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Fansub-Resistance]Naruto Shippuuden 444 (1280x720).mp4
2016-01-12 22:37 - 2016-01-12 22:37 - 00626612 _____ C:\Users\Maison\Downloads\Perspective-1alexis (1).pdf
2016-01-12 17:19 - 2016-01-12 17:19 - 00000000 ____D C:\Users\Maison\Downloads\[ www.CpasBien.io ] Babysitting.2.2015.FRENCH.MD.WEBRip.XViD-BzB
2016-01-12 15:07 - 2016-01-12 15:07 - 00626612 _____ C:\Users\Maison\Downloads\Perspective-1alexis.pdf
2016-01-12 11:42 - 2016-01-12 11:47 - 00000000 ____D C:\Users\Maison\Downloads\[www.Cpasbien.pe] Wish.I.Was.Here.2014.FRENCH.DVDRip.x264-FUTiL
2016-01-10 23:39 - 2016-01-10 23:45 - 294898262 _____ C:\Users\Maison\Downloads\[ www.CpasBien.io ] [Kaerizaki-Fansub]_One_Piece_725_[VOSTFR][HD_1280x720].mp4
2016-01-10 12:42 - 2016-01-10 12:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-10 12:42 - 2016-01-10 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-09 15:59 - 2014-01-21 23:21 - 00000000 ____D C:\Users\Maison\AppData\Roaming\Skype
2016-02-09 15:58 - 2015-04-20 11:12 - 00000000 ____D C:\Users\Maison\AppData\Local\Battle.net
2016-02-09 15:32 - 2014-01-28 18:44 - 00000000 ____D C:\Users\Maison\AppData\Roaming\SoftGrid Client
2016-02-09 15:30 - 2014-01-21 19:11 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-09 15:17 - 2012-03-07 07:59 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 12:26 - 2015-04-20 11:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-02-09 12:12 - 2014-01-26 16:42 - 00000000 ____D C:\Users\Maison\AppData\Local\PokerStars.FR
2016-02-09 12:12 - 2014-01-26 16:42 - 00000000 ____D C:\Program Files (x86)\PokerStars.FR
2016-02-09 11:52 - 2014-01-21 19:25 - 00000000 ____D C:\Users\Maison\Documents\Winamax Poker
2016-02-09 11:11 - 2014-01-21 18:48 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-02-09 09:21 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-09 09:21 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-09 09:13 - 2014-04-17 00:51 - 00000000 ____D C:\ProgramData\Serveur Média
2016-02-09 09:13 - 2014-04-17 00:51 - 00000000 ____D C:\Program Files (x86)\Serveur Media
2016-02-09 09:12 - 2014-01-21 19:11 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-09 09:12 - 2014-01-21 18:48 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-02-09 09:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-08 20:59 - 2012-03-07 07:26 - 00000000 ____D C:\ProgramData\Skype
2016-02-08 17:44 - 2015-12-01 23:55 - 00000000 ____D C:\Users\Maison\AppData\Local\WEB2Print
2016-02-08 16:49 - 2015-05-11 11:09 - 00000000 ____D C:\Users\Maison\AppData\Local\Spotify
2016-02-08 16:48 - 2015-05-11 11:08 - 00000000 ____D C:\Users\Maison\AppData\Roaming\Spotify
2016-02-08 13:45 - 2009-07-14 06:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-08 13:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-08 13:44 - 2015-01-03 19:29 - 00000000 ____D C:\Users\Maison\AppData\Roaming\uTorrent
2016-02-08 08:10 - 2014-01-21 19:41 - 00000000 ____D C:\Users\postgres
2016-02-05 00:44 - 2014-02-04 17:55 - 00000000 ____D C:\Users\Maison\AppData\Roaming\vlc
2016-02-04 23:32 - 2014-01-21 19:15 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 23:26 - 2015-02-09 20:20 - 00000000 ____D C:\Users\Maison\Winamax
2016-02-04 10:58 - 2014-01-26 00:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-04 10:58 - 2014-01-26 00:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-03 21:43 - 2014-01-26 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-02 11:13 - 2015-01-24 14:17 - 00000000 ____D C:\Users\Maison\Desktop\excel poker
2016-02-01 19:25 - 2014-01-21 19:11 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 19:25 - 2014-01-21 19:11 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 18:15 - 2015-01-26 18:24 - 00000000 ____D C:\Users\Maison\AppData\Roaming\ZHP
2016-02-01 17:51 - 2014-01-21 10:10 - 00000000 ____D C:\Users\Maison
2016-01-31 13:40 - 2014-06-12 14:39 - 00000000 ____D C:\AdwCleaner
2016-01-31 13:17 - 2014-01-30 23:21 - 00000000 ____D C:\Poker
2016-01-30 12:59 - 2014-05-27 22:10 - 00000000 ____D C:\Program Files (x86)\epson
2016-01-30 12:59 - 2014-01-22 00:10 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-30 12:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-30 12:51 - 2014-05-27 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-01-30 12:51 - 2012-03-07 07:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-30 12:50 - 2014-02-25 22:54 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-30 12:44 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2016-01-30 12:34 - 2015-07-01 09:49 - 00000000 ____D C:\Users\Maison\Desktop\log cusine
2016-01-30 12:34 - 2014-11-03 14:35 - 00000000 ____D C:\Users\Maison\Desktop\Docs Alexia
2016-01-27 17:55 - 2015-02-01 13:46 - 00001096 _____ C:\Users\Public\Desktop\HoldemManager2.lnk
2016-01-27 17:55 - 2014-01-21 19:41 - 00000000 ____D C:\Program Files (x86)\Holdem Manager 2
2016-01-20 16:17 - 2012-03-07 07:59 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 16:17 - 2012-03-07 07:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 16:17 - 2012-03-07 07:59 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-18 14:22 - 2014-01-25 23:58 - 00000000 ____D C:\Users\Maison\AppData\Local\ElevatedDiagnostics
2016-01-18 14:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-13 14:21 - 2015-04-20 11:15 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-01-13 11:37 - 2014-12-30 14:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-11 10:31 - 2015-09-22 19:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-07-30 20:04 - 2014-11-18 00:04 - 0000094 _____ () C:\Users\Maison\AppData\Roaming\WB.CFG
2015-09-02 15:45 - 2015-09-02 15:45 - 0000011 _____ () C:\ProgramData\.tv5
2012-03-07 07:59 - 2014-01-21 18:55 - 0002472 _____ () C:\ProgramData\clear.fiSDK20.log
2015-01-09 14:46 - 2015-01-09 14:46 - 0004946 _____ () C:\ProgramData\flwjycbm.bab
2012-03-07 08:01 - 2014-01-21 18:54 - 0000032 _____ () C:\ProgramData\PS.log

Files to move or delete:
====================
C:\Users\Maison\ZHPDiag3.exe


Some files in TEMP:
====================
C:\Users\Maison\AppData\Local\Temp\WinamaxInstall.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 08:40

==================== End of FRST.txt ============================