Jump to content

Recommended Posts

Hi,

 

Here's my problem : I've done a scan of my computer with Malwarebytes Anti-Malware and it founds 25 malware.

Here is the report :

 

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2014.01.07.04

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Utilisateur :: DUALSTATION [administrateur]

Protection: Activé

07/01/2014 18:01:39
MBAM-log-2014-01-07 (18-21-44).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 357430
Temps écoulé: 15 minute(s), 26 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 6
HKCR\CLSID\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> Aucune action effectuée.
HKCR\TypeLib\{15BE519B-2D82-431B-8747-26F9877D1116} (PUP.Optional.InstantSavings) -> Aucune action effectuée.
HKCR\Interface\{6EE7A41D-6050-4DCF-8498-4C70E84BEAE8} (PUP.Optional.InstantSavings) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> Aucune action effectuée.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 6
C:\Program Files (x86)\Bench\NmHost (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\data (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\data\installer (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Users\Utilisateur\AppData\Local\BenchUpdater (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) -> Aucune action effectuée.

Fichier(s) détecté(s): 13
C:\Program Files (x86)\Instant Savings App\FrameworkBHO.dll (PUP.Optional.InstantSavings) -> Aucune action effectuée.
C:\Program Files (x86)\Instant Savings App\FrameworkBHO64.dll (PUP.Optional.InstantSavings) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\1.7.0.0\Updater.exe (PUP.Optional.Adwareplugin) -> Aucune action effectuée.
C:\Users\Utilisateur\Downloads\Start8_v1.0_Cracked.rar (Trojan.Dropper) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\nmhost.exe (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\manifest.json (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\data\installer\achhmapmjlcjlomcbmbicbgkihghgnie (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\NmHost\data\installer\ckdjndgfgjaglgcnllemofeepjeeaofa (PUP.Optional.BenchUpdater) -> Aucune action effectuée.
C:\Windows\Tasks\bench-S-1-5-21-4121640540-4136590292-1234643125-1002.job (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\Users\Utilisateur\AppData\Local\BenchUpdater\products.xml (PUP.Optional.BenchUpdater.A) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) -> Aucune action effectuée.
C:\Program Files (x86)\Bench\Updater\Updater.exe (PUP.Optional.AdwarePlugin) -> Aucune action effectuée.

(end)

 

I'm french so the software is put in french. I did not do anything currently because I don't know what to remove or not.

There is one program that I know I have to delete : the Trojan.Dropper. But I neeld help for the others.

 

Thank you for your help.

 

OnE_LiKoR

Link to post
Share on other sites

Hello OnE_LiKoR and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hi and thank you for your answer.

 

I have to specify that I'm not a paying customer. I followed the instructions in the topic you gave me, but I have a question : "Download DDS from here: dds.scr or here: dds.com and save it to your desktop" is a step only if I've got issues with Malwarebytes Anti-Malware right ? Anyway I can't make it work... it says "DDS is not meant to run in 'Compatibility Mode'. The program shall now exit".

What should I do ? Is that essential I run it ?

 

Thanks again for your answer.

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to post
Share on other sites

Hi,

 

Here is the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Utilisateur (administrator) on DUALSTATION on 09-01-2014 14:31:21
Running from C:\Users\Utilisateur\Desktop
Windows 8.1 Pro (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) \\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-07-02] (Intel Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] - C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [bingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-27] ( (Qualcomm Atheros Commnucations))
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-07] (Electronic Arts)
HKCU\...\Run: [TBPanel] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2160936 2013-07-03] (Gainward Co. Ltd.)
HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ldlc.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ldlc.com
SearchScopes: HKLM - DefaultScope {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
SearchScopes: HKLM - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
SearchScopes: HKLM-x32 - DefaultScope {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
SearchScopes: HKLM-x32 - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP005449E0-A260-48C8-9772-CA8EA346B749&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP005449E0-A260-48C8-9772-CA8EA346B749&q={searchTerms}&SSPV=
SearchScopes: HKCU - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: 54.204.28.26    ckdjndgfgjaglgcnllemofeepjeeaofa
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254

FireFox:
========
FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default

FF SelectedSearchEngine: Google

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: Instant Savings App - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{2A39D365-6906-B62D-BB4C-E544F9440E50}
FF Extension: DownloadHelper - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: NoScript - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

Chrome:
=======


CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Instant Savings App) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa\1.0_1
CHR Extension: (Google Search) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (History Eraser) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm\3.9.7_0
CHR Extension: (Google Wallet) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Click&Clean App) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe [1660728 2013-07-31] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-27] (Windows ® Win 7 DDK provider)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-04] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-11] (Realsil Microelectronics Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-12-20] ()
R2 PnkBstrB; C:\WINDOWS\SysWow64\PnkBstrB.exe [214392 2014-01-08] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-11] (Razer, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203640 2012-08-14] (X-Rite Inc.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-27] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.)
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [47512 2013-01-10] (Asmedia Technology)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (http://www.asmedia.com.tw)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 AsusSensorSimulator; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 asusvad_micarray; C:\Windows\system32\drivers\vmic_x64.sys [38712 2013-02-27] (ASUS SZ provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-27] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-20] (Microsoft Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R3 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-20] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 VDiskBus; C:\Windows\System32\drivers\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-09 14:31 - 2014-01-09 14:31 - 00022342 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2014-01-09 14:31 - 2014-01-09 14:31 - 00000000 ____D C:\FRST
2014-01-09 14:30 - 2014-01-09 14:30 - 01931770 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2014-01-09 14:26 - 2014-01-09 14:26 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-08 00:00 - 2014-01-08 00:00 - 00000318 _____ C:\WINDOWS\Tasks\bench-Updater removing.job
2014-01-07 23:39 - 2014-01-07 23:39 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-01-07 23:39 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-07 23:37 - 2014-01-07 23:38 - 00000039 _____ C:\WINDOWS\setupact.log
2014-01-07 23:37 - 2014-01-07 23:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2014-01-07 23:37 - 2014-01-07 23:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-07 23:37 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-07 23:37 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-01-07 23:37 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-01-07 23:37 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-01-07 23:37 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-01-07 23:37 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D C:\NVIDIA
2014-01-07 19:46 - 2014-01-07 19:46 - 00000864 _____ C:\WINDOWS\PFRO.log
2014-01-07 18:00 - 2014-01-07 18:00 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 18:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-07 17:59 - 2014-01-07 17:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Utilisateur\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 17:32 - 2014-01-07 17:32 - 00001320 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
2014-01-07 17:31 - 2014-01-07 17:31 - 00001093 _____ C:\Users\Utilisateur\Desktop\Kaspersky Security Scan.lnk
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2014-01-07 17:30 - 2014-01-07 17:30 - 00179968 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kss12.0.1.117mlg_en-fr_ru-fr_fr-fr_de-fr.exe
2014-01-06 23:05 - 2014-01-09 14:28 - 00228054 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-31 02:13 - 2014-01-06 22:18 - 00000000 ____D C:\WINDOWS\Minidump
2013-12-26 19:18 - 2013-12-26 19:18 - 00253536 _____ C:\Users\Utilisateur\Documents\favoris_26_12_13.html
2013-12-20 23:46 - 2013-10-11 13:59 - 03894632 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2013-12-20 23:25 - 2014-01-09 14:28 - 00003972 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{17B10CF5-84C5-4EC6-89C9-1F37AE242D24}
2013-12-20 23:18 - 2014-01-09 14:25 - 00000000 __RDO C:\Users\Utilisateur\SkyDrive
2013-12-20 23:10 - 2013-12-20 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-12-20 23:02 - 2013-12-20 23:02 - 04645232 _____ (Piriform Ltd) C:\Users\Utilisateur\Downloads\ccsetup409.exe
2013-12-20 23:02 - 2013-12-20 23:02 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-12-20 23:02 - 2013-12-20 23:02 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-20 23:02 - 2013-12-20 23:02 - 00000000 ____D C:\Program Files\CCleaner
2013-12-20 23:01 - 2014-01-07 19:34 - 00000672 __RSH C:\ProgramData\ntuser.pol
2013-12-20 22:47 - 2013-12-20 22:47 - 00001462 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-20 22:46 - 2013-12-20 22:46 - 00000020 ___SH C:\Users\Utilisateur\ntuser.ini
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Modèles
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2013-12-20 22:40 - 2013-12-20 22:40 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-20 22:32 - 2013-12-20 22:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-20 22:31 - 2013-12-31 05:13 - 00000000 ____D C:\Users\Utilisateur
2013-12-20 22:31 - 2013-12-20 22:32 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-20 22:31 - 2013-12-20 22:32 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage réseau
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage d'impression
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Modèles
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Menu Démarrer
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes vidéos
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes images
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Ma musique
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Local\Historique
2013-12-20 22:31 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-20 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-20 22:30 - 2013-12-20 22:40 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-20 22:30 - 2013-12-20 22:40 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-20 22:27 - 2014-01-09 14:25 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-20 22:27 - 2013-12-20 22:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\Program Files\Realtek
2013-12-20 22:27 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-12-20 22:27 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-12-20 22:27 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-12-20 22:27 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-12-20 22:27 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-12-20 22:27 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-12-20 22:27 - 2013-12-19 06:01 - 03539040 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-12-20 22:26 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files\ASUS
2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-12-20 22:26 - 2013-12-20 22:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2013-12-20 22:26 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2013-12-20 22:26 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2013-12-20 22:24 - 2014-01-06 22:18 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-20 22:24 - 2013-12-20 22:24 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-20 22:24 - 2013-12-20 22:24 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-20 22:23 - 2013-12-20 22:23 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-20 22:23 - 2013-12-20 22:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-20 22:23 - 2013-12-20 22:23 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-20 22:23 - 2013-12-20 22:23 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-20 22:23 - 2013-12-20 22:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-20 22:22 - 2013-12-20 22:22 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\MSBuild
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-20 22:16 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-20 22:16 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-20 22:16 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-20 22:16 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-20 22:16 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-20 22:16 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-20 22:07 - 2013-12-20 22:07 - 00008192 __RSH C:\BOOTSECT.BAK
2013-12-20 17:43 - 2013-12-20 18:26 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet
2013-12-20 14:06 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2013-12-20 14:06 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2013-12-20 14:06 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2013-12-20 02:23 - 2013-12-20 02:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2013-12-17 16:00 - 2013-12-17 16:00 - 00000084 _____ C:\WINDOWS\SysWOW64\prime.txt
2013-12-17 16:00 - 2013-12-17 16:00 - 00000065 _____ C:\WINDOWS\SysWOW64\local.txt
2013-12-16 21:51 - 2013-12-16 21:51 - 01978979 _____ C:\Users\Utilisateur\Documents\asus-pdf.zip

==================== One Month Modified Files and Folders =======

2014-01-09 14:31 - 2014-01-09 14:31 - 00022342 _____ C:\Users\Utilisateur\Desktop\FRST.txt
2014-01-09 14:31 - 2014-01-09 14:31 - 00000000 ____D C:\FRST
2014-01-09 14:31 - 2013-11-14 08:31 - 01827432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-09 14:31 - 2013-11-14 08:13 - 00812146 _____ C:\WINDOWS\system32\perfh00C.dat
2014-01-09 14:31 - 2013-11-14 08:13 - 00159742 _____ C:\WINDOWS\system32\perfc00C.dat
2014-01-09 14:30 - 2014-01-09 14:30 - 01931770 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe
2014-01-09 14:30 - 2013-11-02 18:46 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4121640540-4136590292-1234643125-1002
2014-01-09 14:28 - 2014-01-06 23:05 - 00228054 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-09 14:28 - 2013-12-20 23:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{17B10CF5-84C5-4EC6-89C9-1F37AE242D24}
2014-01-09 14:27 - 2013-11-02 19:14 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-09 14:26 - 2014-01-09 14:26 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-01-09 14:26 - 2013-11-11 19:17 - 01048576 _____ C:\WINDOWS\PE_Rom.dll
2014-01-09 14:25 - 2013-12-20 23:18 - 00000000 __RDO C:\Users\Utilisateur\SkyDrive
2014-01-09 14:25 - 2013-12-20 22:27 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-09 14:25 - 2013-11-02 19:14 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-09 14:25 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-09 03:35 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-09 03:24 - 2013-11-02 19:14 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 03:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-09 02:50 - 2013-11-05 18:52 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-09 00:00 - 2013-11-04 23:09 - 00000366 _____ C:\WINDOWS\Tasks\bench-sys.job
2014-01-08 23:49 - 2013-11-03 01:40 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-01-08 23:43 - 2013-11-05 19:01 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\TS3Client
2014-01-08 18:52 - 2013-11-03 01:40 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-01-08 18:46 - 2013-11-02 19:22 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-08 17:14 - 2013-11-11 19:22 - 00000000 _____ C:\WINDOWS\Path.idx
2014-01-08 00:00 - 2014-01-08 00:00 - 00000318 _____ C:\WINDOWS\Tasks\bench-Updater removing.job
2014-01-07 23:39 - 2014-01-07 23:39 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-01-07 23:39 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-07 23:39 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-07 23:38 - 2014-01-07 23:37 - 00000039 _____ C:\WINDOWS\setupact.log
2014-01-07 23:38 - 2014-01-07 23:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2014-01-07 23:37 - 2014-01-07 23:37 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D C:\NVIDIA
2014-01-07 19:46 - 2014-01-07 19:46 - 00000864 _____ C:\WINDOWS\PFRO.log
2014-01-07 19:34 - 2013-12-20 23:01 - 00000672 __RSH C:\ProgramData\ntuser.pol
2014-01-07 19:34 - 2013-11-04 23:09 - 00000000 ____D C:\Program Files (x86)\Bench
2014-01-07 18:00 - 2014-01-07 18:00 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-07 17:59 - 2014-01-07 17:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Utilisateur\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-07 17:32 - 2014-01-07 17:32 - 00001320 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
2014-01-07 17:31 - 2014-01-07 17:31 - 00001093 _____ C:\Users\Utilisateur\Desktop\Kaspersky Security Scan.lnk
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2014-01-07 17:30 - 2014-01-07 17:30 - 00179968 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kss12.0.1.117mlg_en-fr_ru-fr_fr-fr_de-fr.exe
2014-01-07 14:38 - 2013-11-17 19:02 - 00015872 ___SH C:\Users\Utilisateur\Desktop\Thumbs.db
2014-01-06 22:18 - 2013-12-31 02:13 - 00000000 ____D C:\WINDOWS\Minidump
2014-01-06 22:18 - 2013-12-20 22:24 - 00000000 ___DC C:\WINDOWS\Panther
2014-01-06 22:18 - 2013-11-17 19:16 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-06 22:18 - 2013-11-04 20:56 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps
2014-01-02 20:14 - 2013-11-02 19:23 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Origin
2013-12-31 05:13 - 2013-12-20 22:31 - 00000000 ____D C:\Users\Utilisateur
2013-12-26 19:18 - 2013-12-26 19:18 - 00253536 _____ C:\Users\Utilisateur\Documents\favoris_26_12_13.html
2013-12-24 20:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-22 23:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-20 23:46 - 2013-11-03 01:40 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-20 23:27 - 2013-11-02 15:02 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Packages
2013-12-20 23:18 - 2013-11-02 19:12 - 00000000 ___RD C:\Users\Utilisateur\SkyDrive.old
2013-12-20 23:10 - 2013-12-20 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-12-20 23:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-12-20 23:02 - 2013-12-20 23:02 - 04645232 _____ (Piriform Ltd) C:\Users\Utilisateur\Downloads\ccsetup409.exe
2013-12-20 23:02 - 2013-12-20 23:02 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2013-12-20 23:02 - 2013-12-20 23:02 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-20 23:02 - 2013-12-20 23:02 - 00000000 ____D C:\Program Files\CCleaner
2013-12-20 23:01 - 2013-11-04 23:09 - 00003236 _____ C:\WINDOWS\System32\Tasks\bench-sys
2013-12-20 23:01 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2013-12-20 23:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2013-12-20 22:48 - 2013-11-02 15:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-20 22:47 - 2013-12-20 22:47 - 00001462 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-20 22:47 - 2013-11-02 15:03 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-20 22:47 - 2013-11-02 15:03 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-20 22:46 - 2013-12-20 22:46 - 00000020 ___SH C:\Users\Utilisateur\ntuser.ini
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage réseau
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Modèles
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Menu Démarrer
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes images
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique
2013-12-20 22:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-20 22:41 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-12-20 22:41 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-20 22:40 - 2013-12-20 22:40 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-20 22:40 - 2013-12-20 22:30 - 00022863 _____ C:\WINDOWS\diagwrn.xml
2013-12-20 22:40 - 2013-12-20 22:30 - 00022863 _____ C:\WINDOWS\diagerr.xml
2013-12-20 22:39 - 2013-10-30 17:43 - 01851286 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-12-20 22:39 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-20 22:39 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-20 22:36 - 2013-08-22 15:44 - 00362480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-20 22:34 - 2013-11-05 19:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2013-12-20 22:34 - 2013-11-02 23:17 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-20 22:34 - 2013-09-05 09:57 - 00000000 ____D C:\WINDOWS\fr
2013-12-20 22:34 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-20 22:34 - 2013-08-22 14:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-20 22:33 - 2013-12-20 22:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files\ASUS
2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-20 22:33 - 2013-11-06 17:57 - 00000000 ____D C:\WINDOWS\SysWOW64\SearchProtect
2013-12-20 22:33 - 2013-11-04 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-12-20 22:33 - 2013-09-05 09:57 - 00000000 ____D C:\ProgramData\PRICache
2013-12-20 22:33 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-20 22:33 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-20 22:33 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-20 22:33 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-20 22:32 - 2013-12-20 22:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-20 22:32 - 2013-12-20 22:31 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-20 22:32 - 2013-12-20 22:31 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-20 22:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage réseau
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage d'impression
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Modèles
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Menu Démarrer
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes vidéos
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes images
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Ma musique
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Local\Historique
2013-12-20 22:28 - 2013-11-02 13:19 - 00000000 __SHD C:\Recovery
2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\Program Files\Realtek
2013-12-20 22:26 - 2013-12-20 22:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2013-12-20 22:24 - 2013-12-20 22:24 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-20 22:24 - 2013-12-20 22:24 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-20 22:24 - 2013-12-20 22:24 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-20 22:24 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-20 22:23 - 2013-12-20 22:23 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-20 22:23 - 2013-12-20 22:23 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-20 22:23 - 2013-12-20 22:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-20 22:23 - 2013-12-20 22:23 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-20 22:23 - 2013-12-20 22:23 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-20 22:23 - 2013-12-20 22:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-20 22:23 - 2013-12-20 22:23 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-20 22:23 - 2013-12-20 22:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-20 22:23 - 2013-12-20 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-20 22:22 - 2013-12-20 22:22 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\MSBuild
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-20 22:07 - 2013-12-20 22:07 - 00008192 __RSH C:\BOOTSECT.BAK
2013-12-20 21:47 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-20 18:26 - 2013-12-20 17:43 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet
2013-12-20 17:48 - 2013-11-03 00:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 02:23 - 2013-12-20 02:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 21:33 - 2014-01-07 23:37 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-12-19 21:33 - 2014-01-07 23:37 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-12-19 21:33 - 2014-01-07 23:37 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 03071656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 02698272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-12-19 21:33 - 2013-11-20 01:40 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb
2013-12-19 21:33 - 2013-11-01 12:07 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2013-12-19 21:33 - 2013-11-01 12:07 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2013-12-19 19:53 - 2013-12-20 22:27 - 06671648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:53 - 2013-12-20 22:27 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-12-19 19:53 - 2013-12-20 22:27 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-12-19 19:53 - 2013-12-20 22:27 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-12-19 19:53 - 2013-12-20 22:27 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:53 - 2013-12-20 22:27 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2013-12-19 06:01 - 2013-12-20 22:27 - 03539040 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-12-18 18:05 - 2013-11-02 23:44 - 00000000 ____D C:\WINDOWS\Razer Core
2013-12-17 16:00 - 2013-12-17 16:00 - 00000084 _____ C:\WINDOWS\SysWOW64\prime.txt
2013-12-17 16:00 - 2013-12-17 16:00 - 00000065 _____ C:\WINDOWS\SysWOW64\local.txt
2013-12-16 21:51 - 2013-12-16 21:51 - 01978979 _____ C:\Users\Utilisateur\Documents\asus-pdf.zip
2013-12-13 02:06 - 2013-11-02 19:22 - 00000000 ____D C:\ProgramData\Origin
2013-12-12 03:19 - 2013-11-02 19:14 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 03:19 - 2013-11-02 19:14 - 00003824 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-11 22:42 - 2013-09-05 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-11 22:41 - 2013-09-05 10:11 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-10 19:50 - 2013-11-05 18:52 - 00003890 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-10 18:48 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2013-12-10 03:13 - 2013-11-04 19:20 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2013-12-10 03:13 - 2013-11-04 19:20 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

Some content of TEMP:
====================
C:\Users\Utilisateur\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Utilisateur\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Utilisateur\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-08 20:08

==================== End Of Log ============================

Link to post
Share on other sites

And here is the Addition.txt :

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014 01
Ran by Utilisateur at 2014-01-09 14:31:47
Running from C:\Users\Utilisateur\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (x32 Version: 10.1.3 - Adobe Systems Incorporated)
AI Suite 3 (x32 Version: 1.00.55 - ASUSTeK Computer Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.4.001 - Asmedia Technology)
ASUS Boot Setting (x32 Version: 1.00.09 - ASUSTeK Computer Inc.)
ASUS Product Register Program (x32 Version: 1.0.020 - ASUSTek Computer Inc.)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Bing Bureau (x32 Version: 1.3.171.0 - Microsoft Corporation)
BioShock Infinite (x32 Version:  - Irrational Games)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CCleaner (Version: 4.09 - Piriform)
CPUID ASUS CPU-Z 1.64 (Version: 1.64 - CPUID, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Display Manager (x32 Version:  - EnTech Taiwan)
Dell UltraSharp Color Calibration Solution 1.0.0 (x32 Version:  - X-Rite)
devolo dLAN Cockpit (x32 Version: 4.1.3.0 - devolo AG)
Diablo III (x32 Version:  - Blizzard Entertainment)
Disk Unlocker (x32 Version: 2.1.3 - ASUSTek Computer Inc.)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
EXPERTool v8.9 (x32 Version: 8.9.5.0 - Gainward Co. Ltd.)
Futuremark SystemInfo (x32 Version: 4.21.201 - Futuremark)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)
Intel® Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel)
Intel® Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden
Intel® Rapid Storage Technology (Version: 12.7.0.1036 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.7.0.1036 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 21 (x32 Version: 7.0.210 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro: Last Light (x32 Version:  - 4A Games)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mises à jour NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 fr) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Logiciel système PhysX 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA Pilote 3D Vision 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Pilote graphique 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Origin (x32 Version: 9.3.10.4710 - Electronic Arts, Inc.)
Panneau de configuration NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Razer Core (x32 Version: 1.0.1.56 - Razer Inc)
Razer Synapse 2.0 (x32 Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.2.8400.30143 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Steam (x32 Version:  - Valve Corporation)
System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 (32 bits) (x32 Version: 5.00.0 - win.rar GmbH)
WinZip 17.0 (Version: 17.0.10283 - WinZip Computing, S.L. )
X-Rite Device Services Manager (x32 Version: 2.2.61 - X-Rite)

==================== Restore Points  =========================

20-12-2013 22:10:17 Windows Update
29-12-2013 18:14:32 Point de contrôle planifié
05-01-2014 19:21:59 Point de contrôle planifié

==================== Hosts content: ==========================

2013-08-22 14:25 - 2014-01-07 19:34 - 00000871 ____A C:\WINDOWS\system32\Drivers\etc\hosts
54.204.28.26    ckdjndgfgjaglgcnllemofeepjeeaofa

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {07576E7A-0A61-4205-9521-A5413B219753} - System32\Tasks\XRDeviceServicesSoftwareUpdate => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2012-08-14] (X-Rite Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26EFEF99-817A-4F10-AB9A-E1F702B3223B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {3487A643-3DBC-46DB-9310-9FBD49700EE6} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-01] (ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5064D371-D284-4161-BED2-B46CF467A979} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
Task: {63033491-DC34-4AE4-8A4B-BE3E315AB74A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {722C4303-0555-4F17-8EA1-A3E106738F53} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-08] () <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82D1B69E-C5C4-410D-93B6-4DA620EE58D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {907C5B1D-A768-4DC1-8C4E-67FEB4987685} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {98A9084B-F146-4B9B-AE49-5847EF3C0AD8} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-07-18] (ASUSTeK Computer Inc.)
Task: {99D00425-AD28-46D8-9E1C-F7E9814363DC} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A722F64F-31A8-4038-84FF-5C6ACD886032} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-07-31] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F854EEFD-8090-4243-990B-CE3E70B97CC6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-01-25] (ASUSTek Computer Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-27 21:40 - 2013-05-27 21:40 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-27 21:36 - 2013-05-27 21:36 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-27 22:09 - 2013-05-27 22:09 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-05-27 21:30 - 2013-05-27 21:30 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\fr-FR\BtTray.fr-FR.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-20 22:26 - 2014-01-09 14:25 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2013-12-20 22:26 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2012-08-14 08:46 - 2012-08-14 08:46 - 01614712 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2012-08-14 08:47 - 2012-08-14 08:47 - 02639736 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2013-11-11 19:12 - 2013-08-01 10:57 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2013-11-11 19:40 - 2013-03-13 17:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2013-11-11 19:12 - 2013-07-31 16:26 - 02743808 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2013-11-11 19:13 - 2013-06-19 16:47 - 01129984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
2013-11-11 19:41 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
2013-11-11 19:42 - 2013-06-24 17:48 - 02055168 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
2013-11-11 19:11 - 2013-06-04 10:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2013-11-11 19:12 - 2013-08-01 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
2013-11-11 19:12 - 2013-07-31 16:21 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
2013-11-11 19:42 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2013-11-11 19:12 - 2013-08-01 10:57 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2013-11-11 19:12 - 2013-08-01 10:57 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2013-11-11 19:43 - 2013-06-24 13:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
2013-11-11 19:42 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
2013-11-11 19:42 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2013-11-11 19:12 - 2013-07-31 16:20 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2013-11-11 19:12 - 2013-07-31 16:20 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2013-11-11 19:12 - 2013-07-31 16:20 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2013-11-11 19:12 - 2013-07-31 16:20 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2013-11-11 19:12 - 2013-07-31 16:20 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
2013-11-11 19:42 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
2013-11-11 19:42 - 2013-07-12 12:56 - 00175616 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
2013-11-11 19:42 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2013-11-11 19:42 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL
2013-11-11 19:42 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL
2013-11-11 19:42 - 2013-06-13 18:50 - 02462208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL
2013-11-11 19:42 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2013-11-11 19:14 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
2013-11-11 19:42 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2013-11-11 19:42 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2013-11-02 19:23 - 2014-01-07 14:40 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll
2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll
2013-11-11 20:05 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-12-20 02:23 - 2013-12-20 02:23 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Utilisateur\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2014 02:25:55 PM) (Source: Application Error) (User: )
Description: Nom de l’application défaillante DipAwayMode.exe, version : 0.0.0.0, horodatage : 0x00000000
Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408, horodatage : 0x523d4548
Code d’exception : 0x40010006
Décalage d’erreur : 0x00012eec
ID du processus défaillant : 0xddc
Heure de début de l’application défaillante : 0xDipAwayMode.exe0
Chemin d’accès de l’application défaillante : DipAwayMode.exe1
Chemin d’accès du module défaillant: DipAwayMode.exe2
ID de rapport : DipAwayMode.exe3
Nom complet du package défaillant : DipAwayMode.exe4
ID de l’application relative au package défaillant : DipAwayMode.exe5

Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/08/2014 11:36:34 PM) (Source: SideBySide) (User: )
Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3.
L’élément racine du fichier manifeste doit être assembly.

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7547

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7547

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6141

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6141

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/09/2014 02:28:30 PM) (Source: DCOM) (User: AUTORITE NT)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (01/09/2014 02:25:28 PM) (Source: Service Control Manager) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service.

Error: (01/08/2014 06:46:34 PM) (Source: Schannel) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.

Error: (01/08/2014 05:11:21 PM) (Source: DCOM) (User: AUTORITE NT)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (01/08/2014 05:08:20 PM) (Source: Service Control Manager) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service.

Error: (01/07/2014 08:47:57 PM) (Source: Schannel) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.

Error: (01/07/2014 07:49:18 PM) (Source: DCOM) (User: AUTORITE NT)
Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible

Error: (01/07/2014 07:46:56 PM) (Source: Schannel) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.

Error: (01/07/2014 07:46:17 PM) (Source: Service Control Manager) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service.

Error: (01/07/2014 02:40:36 PM) (Source: Schannel) (User: AUTORITE NT)
Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.


Microsoft Office Sessions:
=========================
Error: (01/09/2014 02:25:55 PM) (Source: Application Error)(User: )
Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.16408523d45484001000600012eecddc01cf0d3e51349795C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll915257a8-7931-11e3-beb7-240a641d2aa5

Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/08/2014 11:36:34 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7547

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7547

Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6141

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6141

Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-01-08 18:00:19.628
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 18:00:16.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 18:00:16.189
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 18:00:16.150
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 18:00:15.554
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 17:58:29.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 17:58:29.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 17:58:29.903
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 17:54:31.320
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-08 17:54:31.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 16321.71 MB
Available physical RAM: 13773.47 MB
Total Pagefile: 32705.71 MB
Available Pagefile: 29743.36 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1863.01 GB) (Free:1705.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2053DC7B)
Partition 1: (Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 238 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 2795 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
==================== End Of Log ============================

 

 

Thank you for your help

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Here is the fixlog :

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014
Ran by Utilisateur at 2014-01-11 00:30:19 Run:1
Running from C:\Users\Utilisateur\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
End

*****************

HKLM\SOFTWARE\Policies\Google => Key deleted successfully.

==== End of Fixlog ====

 

 

Thank you for being so patient.

Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Here is the JRT.txt :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 Pro x64
Ran by Utilisateur on 11/01/2014 at 18:28:46,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\prefs.js


Emptied folder: C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2014 at 18:31:18,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

And here is the log from AdwCleaner :

 

# AdwCleaner v3.016 - Rapport créé le 11/01/2014 à 18:39:55
# Mis à jour le 23/12/2013 par Xplode
# Système d'exploitation : Windows 8.1 Pro  (64 bits)
# Nom d'utilisateur : Utilisateur - DUALSTATION
# Exécuté depuis : C:\Users\Utilisateur\Downloads\AdwCleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files (x86)\Bench
Dossier Supprimé : C:\WINDOWS\SysWOW64\Searchprotect
Fichier Supprimé : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\searchplugins\conduit-search.xml

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clé Supprimée : HKLM\Software\installedbrowserextensions

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v26.0 (fr)

[ Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1394 octets] - [11/01/2014 18:31:59]
AdwCleaner[s0].txt - [1325 octets] - [11/01/2014 18:39:55]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1385 octets] ##########
 

Link to post
Share on other sites

And finally here is the last report from MBAM :

 

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2014.01.11.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Utilisateur :: DUALSTATION [administrateur]

Protection: Activé

11/01/2014 18:45:30
mbam-log-2014-01-11 (18-45-30).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 226334
Temps écoulé: 2 minute(s), 57 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 2
C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Mis en quarantaine et supprimé avec succès.

(fin)
 

Link to post
Share on other sites

Hi Maniac,

 

Anti Malwares don't find anything when at all quick scanning but I still got some issues with Google Chrome. When I'm on Youtube for example I've got an unwanted page telling me I have to update Java...

(this one : http://www.jdfhnjsvmdk.com/FR/?s1=E54PGx3EUADDW3UBAAAAAAGDcAAAAAAAAgAAAAIAAAAAAP8AAAABGCNOYQAAAAAASA-GAAAAAACCPIoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7qxoAAAAAAAIAAwAAgD8Aq-aTiEMBAAAAAAAAADI0ZDYwZGE0LTdiZDktMTFlMy05YTFmLTc4ZTNiNTE5ZmZhMgAAAAAAAAA=&s2=&s3=FR&s4=152412&s5=9059458)

That's a bit strange because it's only happening when using Chrome and not Firefox so I decided to do a complete scan with MBAM in order to see if it finds anything.

It's finished now and it founds only 1 Malware

 

Here is the log :

 

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
 
Version de la base de données: v2014.01.12.05
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Utilisateur :: DUALSTATION [administrateur]
 
Protection: Activé
 
12/01/2014 23:26:39
MBAM-log-2014-01-12 (23-48-18).txt
 
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 359146
Temps écoulé: 20 minute(s), 27 seconde(s)
 
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
 
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
 
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
 
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
 
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
 
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
 
Fichier(s) détecté(s): 1
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\Updater\1.7.0.0\Updater.exe.vir (PUP.Optional.Adwareplugin) -> Aucune action effectuée.
 
(fin)
Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

Here is the OTL.txt :

 

OTL logfile created on: 13/01/2014 21:29:00 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Utilisateur\Desktop\Anti Malware
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
15,94 Gb Total Physical Memory | 13,34 Gb Available Physical Memory | 83,71% Memory free
31,94 Gb Paging File | 28,95 Gb Available in Paging File | 90,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1863,01 Gb Total Space | 1706,85 Gb Free Space | 91,62% Space Free | Partition Type: NTFS
 
Computer Name: DUALSTATION | User Name: Utilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/01/13 21:20:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\Anti Malware\OTL.exe
PRC - [2013/12/20 23:46:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/17 20:06:00 | 000,442,712 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2013/11/08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/08/27 11:49:16 | 003,526,136 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
PRC - [2013/08/01 11:10:32 | 001,431,184 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
PRC - [2013/08/01 03:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
PRC - [2013/07/31 16:20:46 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
PRC - [2013/07/31 16:20:46 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
PRC - [2013/07/31 09:21:44 | 001,660,728 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe
PRC - [2013/07/18 16:39:16 | 000,967,480 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
PRC - [2013/07/04 03:32:08 | 000,936,728 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
PRC - [2013/07/03 16:12:02 | 002,160,936 | ---- | M] (Gainward Co. Ltd.) -- C:\Program Files (x86)\EXPERTool\TBPanel.exe
PRC - [2013/07/02 17:49:26 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/07/02 17:49:26 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2013/06/21 14:09:56 | 000,671,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe
PRC - [2013/05/27 21:07:44 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2013/01/28 15:58:52 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2013/01/02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2012/12/07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
PRC - [2012/08/14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/08/01 10:57:04 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
MOD - [2013/08/01 10:57:04 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
MOD - [2013/08/01 10:57:04 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
MOD - [2013/08/01 10:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll
MOD - [2013/07/31 16:26:44 | 002,743,808 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
MOD - [2013/07/31 16:21:38 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll
MOD - [2013/07/31 16:20:48 | 000,904,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll
MOD - [2013/07/31 16:20:48 | 000,825,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
MOD - [2013/07/31 16:20:48 | 000,776,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
MOD - [2013/07/31 16:20:48 | 000,765,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
MOD - [2013/07/31 16:20:48 | 000,685,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
MOD - [2013/07/31 16:20:48 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll
MOD - [2013/07/31 16:20:46 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
MOD - [2013/07/31 16:20:46 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe
MOD - [2013/07/12 12:56:54 | 000,175,616 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll
MOD - [2013/06/24 17:48:46 | 002,055,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll
MOD - [2013/06/24 15:59:32 | 001,173,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll
MOD - [2013/06/24 13:45:54 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll
MOD - [2013/06/19 16:47:44 | 001,129,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll
MOD - [2013/06/13 18:50:06 | 002,462,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.dll
MOD - [2013/06/13 17:37:48 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll
MOD - [2013/06/11 12:06:06 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.dll
MOD - [2013/06/04 10:41:00 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
MOD - [2013/03/21 19:38:04 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
MOD - [2013/03/13 17:12:00 | 000,870,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
MOD - [2012/12/07 15:15:16 | 007,422,392 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll
MOD - [2012/12/07 15:15:12 | 002,126,264 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll
MOD - [2012/12/07 15:15:12 | 001,270,200 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll
MOD - [2012/12/07 15:15:12 | 000,192,952 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll
MOD - [2012/12/07 15:15:10 | 002,453,944 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll
MOD - [2012/12/07 15:15:10 | 000,795,064 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll
MOD - [2012/05/02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll
MOD - [2012/04/25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
MOD - [2012/01/12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
MOD - [2011/09/05 19:36:52 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll
MOD - [2011/09/05 19:36:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll
MOD - [2010/12/14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
MOD - [2010/10/29 18:58:02 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.dll
MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll
MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsZip.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013/12/20 22:23:06 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/12/10 03:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/14 08:36:58 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/14 08:36:58 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 08:36:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/14 08:36:55 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/14 08:30:52 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/11/14 08:30:51 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/11/14 08:30:49 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/11/14 08:30:49 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/14 08:16:43 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2013/11/14 08:16:43 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/07/02 17:49:26 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/02/13 12:47:04 | 000,820,184 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV:64bit: - [2013/02/13 12:46:48 | 000,731,648 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2013/01/03 14:38:52 | 000,183,200 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2012/10/02 07:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
SRV - [2013/12/20 23:46:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/12/20 02:23:59 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/11 01:24:37 | 000,032,960 | ---- | M] (Razer, Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe -- (RzOvlMon)
SRV - [2013/12/10 19:50:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/14 08:30:48 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/10/04 14:10:12 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013/08/27 11:49:16 | 003,526,136 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/01 03:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe -- (asHmComSvc)
SRV - [2013/07/31 09:21:44 | 001,660,728 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2013/07/04 03:32:08 | 000,936,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe -- (asComSvc)
SRV - [2013/06/20 11:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/05/27 22:03:58 | 000,310,912 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/05/27 21:07:44 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2013/01/02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2012/12/07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012/09/11 15:18:00 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/08/14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) [Auto | Running] -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe -- (xrdd.exe)
SRV - [2012/06/18 16:39:00 | 000,262,816 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/12/20 22:23:06 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/12/20 22:23:06 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/12/20 22:23:06 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/12/20 22:23:06 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/12/20 22:23:06 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 14:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/11/15 07:37:14 | 000,149,160 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2013/11/14 08:36:55 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 08:30:48 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/11/14 08:30:48 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/11/14 08:30:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 08:27:05 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/14 08:16:45 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2013/11/14 08:16:44 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 08:16:34 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2013/11/14 08:16:34 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2013/11/14 08:16:34 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2013/11/14 08:16:34 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2013/11/14 08:16:34 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/10/25 07:57:01 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:64bit: - [2013/10/25 07:57:01 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/02 17:49:14 | 000,667,496 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/06/18 15:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013/05/27 21:09:12 | 000,586,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/05/27 21:09:12 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/05/27 21:09:12 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/05/27 21:09:12 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/05/27 21:09:12 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/05/27 21:09:10 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/05/27 21:09:10 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/05/27 21:09:10 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/05/16 20:49:12 | 003,847,168 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/12 13:19:38 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013/02/27 17:07:48 | 000,038,712 | ---- | M] (ASUS SZ provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmic_x64.sys -- (asusvad_micarray)
DRV:64bit: - [2013/02/21 04:40:38 | 000,032,840 | R--- | M] (NT Kernel Resources) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2013/01/25 11:51:38 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:64bit: - [2013/01/10 11:11:04 | 000,047,512 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2012/09/11 15:17:58 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/01 10:04:44 | 000,042,656 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2012/04/18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2013/08/21 16:49:02 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010/09/16 20:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS;
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.11
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013/11/03 00:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions
[2014/01/13 21:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\tfctyu6p.default\extensions
[2013/11/18 00:18:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\tfctyu6p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/01/11 00:21:38 | 000,536,010 | ---- | M] () (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/12/20 02:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/20 02:23:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - Extension: Google\u00A0Drive = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Recherche Google = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: History Eraser = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm\3.9.7_0\
CHR - Extension: Google\u00A0Wallet = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Click&Clean App = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\
CHR - Extension: Gmail = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2014/01/07 19:34:22 | 000,000,871 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 54.204.28.26    ckdjndgfgjaglgcnllemofeepjeeaofa
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [TBPanel] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co. Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA560108-E9CA-4146-8C4B-B394D609D7E1}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/13 16:49:05 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/01/11 18:48:08 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\Desktop\Anti Malware
[2014/01/11 18:31:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/11 18:28:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/01/09 14:31:11 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/07 23:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/01/07 23:36:39 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/01/07 18:00:33 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes
[2014/01/07 18:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/07 18:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/07 18:00:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/01/07 18:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/07 17:59:54 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Programs
[2014/01/07 17:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/01/07 17:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/12/31 02:13:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/12/20 23:18:21 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\SkyDrive
[2013/12/20 23:10:34 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013/12/20 23:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/12/20 23:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/12/20 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Identities
[2013/12/20 22:31:58 | 000,000,000 | --SD | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Favorites
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Documents
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Desktop
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Voisinage réseau
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Voisinage d'impression
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Temporary Internet Files
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\SendTo
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Recent
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Modèles
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Mes vidéos
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Mes images
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Mes documents
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Menu Démarrer
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Ma musique
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Local Settings
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Historique
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Cookies
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Application Data
[2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Application Data
[2013/12/20 22:31:58 | 000,000,000 | -H-D | C] -- C:\Users\Utilisateur\AppData
[2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Temp
[2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Microsoft
[2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/12/20 22:27:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/12/20 22:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/12/20 22:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/12/20 22:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/12/20 22:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/12/20 22:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/12/20 22:26:48 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\WINDOWS\SysWow64\AsIO.dll
[2013/12/20 22:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013/12/20 22:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2013/12/20 22:26:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/12/20 22:24:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/12/20 22:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/12/20 22:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/12/20 17:43:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet
[2013/12/20 02:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/13 21:24:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/13 20:52:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/13 19:50:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/13 16:55:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Path.idx
[2014/01/13 16:54:30 | 001,827,432 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/01/13 16:54:30 | 000,812,146 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2014/01/13 16:54:30 | 000,723,316 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/01/13 16:54:30 | 000,159,742 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2014/01/13 16:54:30 | 000,135,930 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/01/13 16:50:30 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/13 16:49:58 | 001,048,576 | ---- | M] () -- C:\WINDOWS\PE_Rom.dll
[2014/01/13 16:49:11 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/13 16:48:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/13 16:48:07 | 806,744,061 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/13 00:24:02 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014/01/11 19:08:42 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014/01/11 18:19:11 | 000,001,197 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk
[2014/01/11 18:19:11 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Dell Display Manager.lnk
[2014/01/07 23:39:13 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2014/01/07 19:34:22 | 000,000,672 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/12/26 19:18:28 | 000,253,536 | ---- | M] () -- C:\Users\Utilisateur\Documents\favoris_26_12_13.html
[2013/12/20 23:46:58 | 000,076,888 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013/12/20 22:40:40 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/12/20 22:40:40 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/12/20 22:40:33 | 000,023,108 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/12/20 22:39:17 | 001,851,286 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/12/20 22:36:00 | 000,362,480 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/12/20 22:26:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
[2013/12/20 22:07:26 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/12/19 21:33:31 | 000,357,152 | ---- | M] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2013/12/19 21:33:31 | 000,314,656 | ---- | M] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2013/12/19 21:33:31 | 000,061,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2013/12/19 21:33:31 | 000,053,024 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2013/12/19 21:33:31 | 000,023,754 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013/12/19 06:01:48 | 003,539,040 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013/12/16 21:51:16 | 001,978,979 | ---- | M] () -- C:\Users\Utilisateur\Documents\asus-pdf.zip
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/01/07 23:39:13 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
[2014/01/07 23:37:31 | 000,357,152 | ---- | C] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014/01/07 23:37:31 | 000,314,656 | ---- | C] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014/01/07 17:32:11 | 000,001,320 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk
[2013/12/26 19:18:28 | 000,253,536 | ---- | C] () -- C:\Users\Utilisateur\Documents\favoris_26_12_13.html
[2013/12/20 23:46:57 | 003,894,632 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2013/12/20 23:01:07 | 000,000,672 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/12/20 22:47:23 | 000,001,462 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/20 22:40:33 | 000,023,108 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/12/20 22:33:50 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/12/20 22:31:58 | 000,000,352 | ---- | C] () -- C:\Users\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/12/20 22:31:58 | 000,000,334 | ---- | C] () -- C:\Users\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/12/20 22:30:00 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/12/20 22:30:00 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/12/20 22:27:16 | 003,539,040 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013/12/20 22:26:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf
[2013/12/20 22:26:48 | 000,015,232 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
[2013/12/20 22:07:26 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2013/12/16 21:51:15 | 001,978,979 | ---- | C] () -- C:\Users\Utilisateur\Documents\asus-pdf.zip
[2013/11/14 23:57:54 | 000,000,022 | ---- | C] () -- C:\WINDOWS\GPU-Z.INI
[2013/11/11 19:17:18 | 001,048,576 | ---- | C] () -- C:\WINDOWS\PE_Rom.dll
[2013/11/11 19:13:05 | 000,014,464 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsUpIO.sys
[2013/11/03 01:40:46 | 000,214,392 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2013/11/03 01:40:45 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2013/10/30 17:43:53 | 001,851,286 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/10/30 17:31:36 | 000,057,973 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2013/10/30 17:31:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ascd_err.ini
[2013/10/30 17:29:55 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2013/10/30 17:29:54 | 000,043,440 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2013/10/30 17:29:52 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/07/10 10:00:00 | 000,008,097 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/14 08:52:35 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/14 08:52:36 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/11/04 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Guild Wars 2
[2014/01/02 20:14:26 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Origin
[2014/01/13 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\TS3Client
[2013/11/23 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\uTorrent
[2013/11/05 20:56:42 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\X-Rite
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Utilisateur\SkyDrive:ms-properties

< End of report >
 

Link to post
Share on other sites

And here is the Extras.txt :

 

OTL Extras logfile created on: 13/01/2014 21:26:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Utilisateur\Desktop\Anti Malware
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
15,94 Gb Total Physical Memory | 13,37 Gb Available Physical Memory | 83,86% Memory free
31,94 Gb Paging File | 28,98 Gb Available in Paging File | 90,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1863,01 Gb Total Space | 1706,85 Gb Free Space | 91,62% Space Free | Partition Type: NTFS
 
Computer Name: DUALSTATION | User Name: Utilisateur | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE83E6E-C696-4F7C-93BF-BF0675A1EFD0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{300EC8B4-796E-41EF-8506-8DEB4CA2EC99}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{341669E4-09B8-47DA-B131-3E42A7C91EA8}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
"{37A611B1-741E-4F85-B24B-8BD1FE09858A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3F7101D1-A78D-434E-AFBC-D3683375D9DF}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe |
"{401BAE3C-8DF9-4ADB-BC14-6917674B745A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{43CC8410-6F31-4010-9093-BCD4E5FFE8A9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5B38A1EB-76E1-43A7-91CB-0C9EC54CBE9A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5DE0EC3D-E1ED-4D19-95C0-31F133132BB3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6056A1A4-B91B-40DF-8126-753FFF573E6A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{732471BC-05C6-481A-A81C-7CD8CF7A7CB5}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{77E4FC2C-4AC3-467B-8F41-467585749E56}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7E5DB929-4004-4607-9D9A-2B0E4C0EAFD3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9269FAEB-62C4-4184-903C-A3E8B082660F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{967AAB6D-A35B-48C2-A3DF-A1B6937E0D29}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B3FEE887-083B-42AF-9335-51DB1B4C3621}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BABC7E6C-096E-44B7-8E20-33161B0EE85D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BBC0BE96-9448-4882-8DC4-3DB2CE354A2A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BC32D5CD-9ED3-4F0F-B94C-EC25E3ADCF04}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{BD81D233-DCCF-45A4-BB03-DFAB7CB71F44}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C0A7F75E-C606-4483-B7B9-8B705B10FCBB}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CDD2C97E-DAF0-4ABA-9D9F-8E3AAC689E15}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{CF853095-602F-42AE-8C0B-280D2F41E504}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D6079187-7E46-4D59-AA3D-231E0BB930AF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DF810D73-956D-4C18-B06C-F297EF67A9F2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E4C9587E-0C3D-48DE-8BBD-3A54369075CD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{FAE34E93-823A-4BA0-B879-DA94AE17AB4A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FF444128-65D7-4872-9B09-55A3668CFCD1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{006E872A-FB3C-42E0-BC19-40B6D1BD03C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{02126F3B-644A-42FC-9B7D-355C6A779D26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |
"{038B90CC-8F3E-4A15-BCB6-E1DD87B6086F}" = dir=out | name=check point vpn |
"{06195F68-86F0-4445-886E-27330C750504}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{09317127-D8EB-4370-A349-066B0AC30EE5}" = dir=in | name=check point vpn |
"{09695FED-710A-45EB-A441-D2B4386709C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0A4A9E23-504B-488B-889D-F487AF7BC508}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{133BE313-2D01-4AB2-A2B8-7F142A237213}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{14379E85-B9C4-48E7-B49E-18170E81ACC6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{1466086C-7E5C-4510-AC31-B07563D1CC17}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |


"{1CBEEA88-73F2-48E9-837D-F8B559F91430}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe |

"{2909EE91-AF0F-4C8B-8A03-AA91C753DC41}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{293DE7F2-31BE-42A2-958F-F2F37846CE36}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2F2353A1-E5E2-4CC3-A9EC-14ADA88DD360}" = dir=out | name=windows_ie_ac_001 |
"{30467047-AF9B-4F20-B454-805181EFE41B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |


"{35F134A7-F424-4A39-9475-686125906149}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{37C3D66C-B70C-4378-BD09-5E8E2331FA50}" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\roaming\utorrent\utorrent.exe |

"{3DE1ADD9-1359-4B39-B967-987303C1031F}" = dir=in | name=skype |
"{40D9CB4B-A597-46A5-BF7D-DD97465BAD9B}" = dir=in | name=juniper networks junos pulse |

"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4301373F-CC25-4F6B-AE6F-198B9741FFF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{44337FAC-15F6-4511-BF1A-5C21D51CC7C8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{44544A8E-E877-41DA-B005-6B0B5536F13B}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\asusdms.exe |
"{4560E59D-CA2A-4056-BAEA-17A7FAF16FDA}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{4723D1B4-936E-401A-AA9D-4362F3DDD4E8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |


"{4F0EA241-15B0-4FD7-9AF8-E500B7A80632}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F246815-7A26-43C4-8B1B-EB05CFD9D387}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |


"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |


"{59C6A1EB-C430-42EF-82F8-3DE64669005D}" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe |

"{5D2B2D5B-4AF9-48A5-8761-2C1A082C2B05}" = dir=out | name=f5 vpn |

"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |

"{5FC3C037-75AB-4D5E-A85E-D4B7418DC8D8}" = dir=out | name=windows_ie_ac_001 |
"{6267B55E-B8DF-487E-A2CD-896CED4760A0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{64EFBC5F-2870-465A-909A-F102C77A9892}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{6518D216-A51F-4C2B-825C-8845336B96F2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{67A809D6-2FC4-4FE6-ADFB-B59B804D2522}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{68088AF2-BA96-4B4C-94B9-D032D0BDDA50}" = dir=out | name=sonicwall mobile connect |
"{682F0893-AFBF-4B23-B19E-9E1484139C39}" = dir=out | name=skype |
"{69B5B34A-4024-4FB4-B645-14C853EF0D5D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |

"{70BC1706-0385-4A3E-9900-D74224610C5A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{713698C4-3522-4135-A940-622355CC6A2C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\assisttools\wifi go! server.exe |
"{79185FB7-6E5F-4196-8E90-DD9C6811DC48}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{7C90663B-F11E-432F-87EA-08E985F641C4}" = dir=in | name=sonicwall mobile connect |



"{9172D681-6D48-4914-AD3C-96F9B5061E69}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9475E46F-8CD9-486B-BF16-F8BDB7A0572D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{953A7B6B-575B-47BB-862F-A02CD2B390BC}" = dir=in | name=f5 vpn |
"{95A80D8A-A700-4696-A7BF-02276958B0A5}" = dir=out | name=windows_ie_ac_001 |
"{95E17BF4-B45E-4133-BE20-48E063B94455}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |

"{9E5FA66F-559F-4C28-91AD-DFA0308FFFFF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{A2DDC302-4F97-4D26-BB5F-21E4C79E79A4}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |

"{AA192B84-1566-42C4-A081-13918CC7BAE3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |



"{B4D41770-5AE6-422E-9099-78D2F701D2A7}" = dir=out | name=juniper networks junos pulse |
"{B8BB0FB1-E7FC-4CBF-81F3-2BDB7677B024}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |


"{BCB9ED97-E63D-4EC3-8D38-8A60C3DB3A59}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{BCDC0188-DE48-457D-9207-021B5B4A84D9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |

"{C1C76AFB-6065-46D9-B0D3-8AF004A282CB}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{C300B35A-1F4B-4D4D-A5D5-59AFE09701E7}" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe |
"{C3020683-939A-4D0E-917A-E11A013E1598}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C4D9D97C-9BF6-4800-B28D-3BA12DB336F6}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{C9F06082-5501-4F5B-AC2A-B5D9AA80AE48}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{CCFD251B-D8C3-43B2-9BA6-72C24DE4A179}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{D0F117CA-63A2-44E9-8CD0-442629615E99}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D39035C8-0799-40B0-832C-D78BBFACB148}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\asusdms.exe |

"{D616B603-FAFA-43ED-AE8A-17D12AEBDB69}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D669F700-70A6-4044-9C51-D032DC017A00}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA6EECBF-0487-4BEE-95A5-0BC7D2B74BEF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E3C8E8DD-C206-4E80-9802-9AD92287E8AC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |



"{E7B86044-6EF2-4871-9B5F-483243EC9E35}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\assisttools\wifi go! server.exe |
"{E93FEA8F-DA57-4847-A3B2-BDDCD1072BF1}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E95E2C2C-F67E-46E3-B420-C6654C21E838}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |

"{F0C1A245-683A-4EDB-8942-ADA5C3FD8FDA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F17190AD-4D1F-482E-AA85-A6075221EA0E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FED2920F-1FA3-4255-83FB-B61BDA5F8E38}" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\roaming\utorrent\utorrent.exe |

"TCP Query User{14B36160-A4EA-490E-9C71-BEDC94A5DA53}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{9ADA8D7F-D6DF-40A3-9159-2314E139A401}C:\users\utilisateur\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe |
"TCP Query User{F1CCE271-E3CF-4C2E-803F-C069BE60245A}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{C14A70E2-289D-4B6B-B749-825F2B73B151}C:\users\utilisateur\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe |
"UDP Query User{FDDBC913-A4E5-46D7-B56B-420A1210381F}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{FFA95561-2371-47CD-B631-90894869AA30}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology
"{44948B6E-F88B-4A5C-9E54-E05CBC81DAC7}" = Intel® Rapid Storage Technology
"{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{644B5296-5B22-40EE-B954-9598E2E1427E}" = Intel® Network Connections 18.1.59.0
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"CPUID ASUS CPU-Z_is1" = CPUID ASUS CPU-Z 1.64
"PROSetDX" = Intel® Network Connections 18.1.59.0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1D5A19F2-DC0D-43C3-BD43-E501AEF3424D}" = Futuremark SystemInfo
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021F0}" = Java 7 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 45
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1" = EXPERTool v8.9
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AAE9187-C24F-4073-A951-36C370E7A3A5}" = ASUS Boot Setting
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Bureau
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1" = Dell Display Manager
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}" = Disk Unlocker
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}" = AI Suite 3
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E7EB738C-E70A-4E5C-BCFF-0DB2D7251F2B}" = X-Rite Device Services Manager
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"Dell UltraSharp Color Calibration Solution_is1" = Dell UltraSharp Color Calibration Solution 1.0.0
"Diablo III" = Diablo III
"dlancockpit" = devolo dLAN Cockpit
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 fr)" = Mozilla Firefox 26.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Razer Core" = Razer Core
"Steam" = Steam
"Steam App 43160" = Metro: Last Light
"Steam App 8870" = BioShock Infinite
"VLC media player" = VLC media player 2.1.1
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 5.00 (32 bits)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6141
 
Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6141
 
Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7547
 
Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7547
 
Error - 08/01/2014 18:36:34 | Computer Name = dualstation | Source = SideBySide | ID = 16842761
Description = La création du contexte d’activation a échoué pour « C:\Program Files\WinZip\adxloader.dll.Manifest ».
 Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files\WinZip\adxloader.dll.Manifest »
 à la ligne 2.  L’élément racine du fichier manifeste doit être assembly.
 
Error - 09/01/2014 09:25:52 | Computer Name = dualstation | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 09/01/2014 09:25:52 | Computer Name = dualstation | Source = NvStreamSvc | ID = 131073
Description =
 
Error - 09/01/2014 09:25:55 | Computer Name = dualstation | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante DipAwayMode.exe, version : 0.0.0.0,
 horodatage : 0x00000000  Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408,
 horodatage : 0x523d4548  Code d’exception : 0x40010006  Décalage d’erreur : 0x00012eec
ID
 du processus défaillant : 0xddc  Heure de début de l’application défaillante : 0x01cf0d3e51349795
Chemin
 d’accès de l’application défaillante : C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Chemin
 d’accès du module défaillant: C:\WINDOWS\SYSTEM32\KERNELBASE.dll  ID de rapport :
 915257a8-7931-11e3-beb7-240a641d2aa5  Nom complet du package défaillant :   ID de l’application
 relative au package défaillant :
 
[ System Events ]
Error - 30/12/2013 21:14:00 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
 l’attente de la connexion du service Bing Desktop Update service.
 
Error - 30/12/2013 21:14:39 | Computer Name = dualstation | Source = Schannel | ID = 36888
Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
 distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
 défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.
 
Error - 30/12/2013 21:19:57 | Computer Name = dualstation | Source = DCOM | ID = 10016
Description =
 
Error - 31/12/2013 10:42:05 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
 l’attente de la connexion du service Bing Desktop Update service.
 
Error - 31/12/2013 10:42:35 | Computer Name = dualstation | Source = Schannel | ID = 36888
Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
 distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
 défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.
 
Error - 31/12/2013 10:49:05 | Computer Name = dualstation | Source = DCOM | ID = 10016
Description =
 
Error - 01/01/2014 19:09:44 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
 l’attente de la connexion du service Bing Desktop Update service.
 
Error - 01/01/2014 19:10:10 | Computer Name = dualstation | Source = Schannel | ID = 36888
Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison
 distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable
 défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252.
 
Error - 01/01/2014 19:12:44 | Computer Name = dualstation | Source = DCOM | ID = 10016
Description =
 
Error - 02/01/2014 12:44:40 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
 l’attente de la connexion du service Bing Desktop Update service.
 
 
< End of report >
 

Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    [2013/11/23 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\uTorrent

    :files

    ipconfig /flushdns /c

    :Commands

    [emptytemp]

    [resethosts]

    [clearallrestorepoints]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.
Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles
Link to post
Share on other sites

Here is the log :

 

All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
C:\Users\Utilisateur\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuration IP de Windows
Cache de r‚solution DNS vid‚.
C:\Users\Utilisateur\Desktop\Anti Malware\cmd.bat deleted successfully.
C:\Users\Utilisateur\Desktop\Anti Malware\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default.migrated
 
User: Public
 
User: Utilisateur
->Temp folder emptied: 140103214 bytes
->Temporary Internet Files folder emptied: 6300817 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5852284 bytes
->Google Chrome cache emptied: 22425968 bytes
->Flash cache emptied: 511 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 245902410 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 203044 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 401,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 01142014_181727

Files\Folders moved on Reboot...
C:\Users\Utilisateur\AppData\Local\Temp\winstore.log moved successfully.
C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.