Jump to content

OnE_LiKoR

Members
 View Profile  See their activity

  • Posts

    17

  • Joined

  • Last visited

Reputation

0 Neutral
  1. OnE_LiKoR
    Hey Maniac ! Thanks to you things are working well now! A huge THANKS to you man!
  2. OnE_LiKoR
    Thank you for helping me again.
  3. OnE_LiKoR
    Here is the log : All processes killed ========== OTL ========== HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! C:\Users\Utilisateur\AppData\Roaming\uTorrent folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\Utilisateur\Desktop\Anti Malware\cmd.bat deleted successfully. C:\Users\Utilisateur\Desktop\Anti Malware\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default.migrated User: Public User: Utilisateur ->Temp folder emptied: 140103214 bytes ->Temporary Internet Files folder emptied: 6300817 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 5852284 bytes ->Google Chrome cache emptied: 22425968 bytes ->Flash cache emptied: 511 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 245902410 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 203044 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 401,00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 01142014_181727 Files\Folders moved on Reboot... C:\Users\Utilisateur\AppData\Local\Temp\winstore.log moved successfully. C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...
  4. OnE_LiKoR
    And here is the Extras.txt : OTL Extras logfile created on: 13/01/2014 21:26:22 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utilisateur\Desktop\Anti Malware 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16476) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 15,94 Gb Total Physical Memory | 13,37 Gb Available Physical Memory | 83,86% Memory free 31,94 Gb Paging File | 28,98 Gb Available in Paging File | 90,75% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1863,01 Gb Total Space | 1706,85 Gb Free Space | 91,62% Space Free | Partition Type: NTFS Computer Name: DUALSTATION | User Name: Utilisateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BE83E6E-C696-4F7C-93BF-BF0675A1EFD0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{300EC8B4-796E-41EF-8506-8DEB4CA2EC99}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{341669E4-09B8-47DA-B131-3E42A7C91EA8}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{37A611B1-741E-4F85-B24B-8BD1FE09858A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{3F7101D1-A78D-434E-AFBC-D3683375D9DF}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{401BAE3C-8DF9-4ADB-BC14-6917674B745A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{43CC8410-6F31-4010-9093-BCD4E5FFE8A9}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{5B38A1EB-76E1-43A7-91CB-0C9EC54CBE9A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5DE0EC3D-E1ED-4D19-95C0-31F133132BB3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{6056A1A4-B91B-40DF-8126-753FFF573E6A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{732471BC-05C6-481A-A81C-7CD8CF7A7CB5}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{77E4FC2C-4AC3-467B-8F41-467585749E56}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{7E5DB929-4004-4607-9D9A-2B0E4C0EAFD3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{9269FAEB-62C4-4184-903C-A3E8B082660F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{967AAB6D-A35B-48C2-A3DF-A1B6937E0D29}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{B3FEE887-083B-42AF-9335-51DB1B4C3621}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe | "{BABC7E6C-096E-44B7-8E20-33161B0EE85D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{BBC0BE96-9448-4882-8DC4-3DB2CE354A2A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{BC32D5CD-9ED3-4F0F-B94C-EC25E3ADCF04}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{BD81D233-DCCF-45A4-BB03-DFAB7CB71F44}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{C0A7F75E-C606-4483-B7B9-8B705B10FCBB}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{CDD2C97E-DAF0-4ABA-9D9F-8E3AAC689E15}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{CF853095-602F-42AE-8C0B-280D2F41E504}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{D6079187-7E46-4D59-AA3D-231E0BB930AF}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{DF810D73-956D-4C18-B06C-F297EF67A9F2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E4C9587E-0C3D-48DE-8BBD-3A54369075CD}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{FAE34E93-823A-4BA0-B879-DA94AE17AB4A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{FF444128-65D7-4872-9B09-55A3668CFCD1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{006E872A-FB3C-42E0-BC19-40B6D1BD03C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{02126F3B-644A-42FC-9B7D-355C6A779D26}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe | "{038B90CC-8F3E-4A15-BCB6-E1DD87B6086F}" = dir=out | name=check point vpn | "{06195F68-86F0-4445-886E-27330C750504}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{09317127-D8EB-4370-A349-066B0AC30EE5}" = dir=in | name=check point vpn | "{09695FED-710A-45EB-A441-D2B4386709C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{0A4A9E23-504B-488B-889D-F487AF7BC508}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{133BE313-2D01-4AB2-A2B8-7F142A237213}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe | "{14379E85-B9C4-48E7-B49E-18170E81ACC6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{1466086C-7E5C-4510-AC31-B07563D1CC17}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe | "{1CBEEA88-73F2-48E9-837D-F8B559F91430}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro last light\metroll.exe | "{2909EE91-AF0F-4C8B-8A03-AA91C753DC41}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{293DE7F2-31BE-42A2-958F-F2F37846CE36}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{2F2353A1-E5E2-4CC3-A9EC-14ADA88DD360}" = dir=out | name=windows_ie_ac_001 | "{30467047-AF9B-4F20-B454-805181EFE41B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{35F134A7-F424-4A39-9475-686125906149}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{37C3D66C-B70C-4378-BD09-5E8E2331FA50}" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\roaming\utorrent\utorrent.exe | "{3DE1ADD9-1359-4B39-B967-987303C1031F}" = dir=in | name=skype | "{40D9CB4B-A597-46A5-BF7D-DD97465BAD9B}" = dir=in | name=juniper networks junos pulse | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4301373F-CC25-4F6B-AE6F-198B9741FFF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{44337FAC-15F6-4511-BF1A-5C21D51CC7C8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{44544A8E-E877-41DA-B005-6B0B5536F13B}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\asusdms.exe | "{4560E59D-CA2A-4056-BAEA-17A7FAF16FDA}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{4723D1B4-936E-401A-AA9D-4362F3DDD4E8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{4F0EA241-15B0-4FD7-9AF8-E500B7A80632}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4F246815-7A26-43C4-8B1B-EB05CFD9D387}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{59C6A1EB-C430-42EF-82F8-3DE64669005D}" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe | "{5D2B2D5B-4AF9-48A5-8761-2C1A082C2B05}" = dir=out | name=f5 vpn | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{5FC3C037-75AB-4D5E-A85E-D4B7418DC8D8}" = dir=out | name=windows_ie_ac_001 | "{6267B55E-B8DF-487E-A2CD-896CED4760A0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe | "{64EFBC5F-2870-465A-909A-F102C77A9892}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | "{6518D216-A51F-4C2B-825C-8845336B96F2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{67A809D6-2FC4-4FE6-ADFB-B59B804D2522}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat | "{68088AF2-BA96-4B4C-94B9-D032D0BDDA50}" = dir=out | name=sonicwall mobile connect | "{682F0893-AFBF-4B23-B19E-9E1484139C39}" = dir=out | name=skype | "{69B5B34A-4024-4FB4-B645-14C853EF0D5D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe | "{70BC1706-0385-4A3E-9900-D74224610C5A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{713698C4-3522-4135-A940-622355CC6A2C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\assisttools\wifi go! server.exe | "{79185FB7-6E5F-4196-8E90-DD9C6811DC48}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe | "{7C90663B-F11E-432F-87EA-08E985F641C4}" = dir=in | name=sonicwall mobile connect | "{9172D681-6D48-4914-AD3C-96F9B5061E69}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{9475E46F-8CD9-486B-BF16-F8BDB7A0572D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{953A7B6B-575B-47BB-862F-A02CD2B390BC}" = dir=in | name=f5 vpn | "{95A80D8A-A700-4696-A7BF-02276958B0A5}" = dir=out | name=windows_ie_ac_001 | "{95E17BF4-B45E-4133-BE20-48E063B94455}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | "{9E5FA66F-559F-4C28-91AD-DFA0308FFFFF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{A2DDC302-4F97-4D26-BB5F-21E4C79E79A4}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{AA192B84-1566-42C4-A081-13918CC7BAE3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B4D41770-5AE6-422E-9099-78D2F701D2A7}" = dir=out | name=juniper networks junos pulse | "{B8BB0FB1-E7FC-4CBF-81F3-2BDB7677B024}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{BCB9ED97-E63D-4EC3-8D38-8A60C3DB3A59}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe | "{BCDC0188-DE48-457D-9207-021B5B4A84D9}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{C1C76AFB-6065-46D9-B0D3-8AF004A282CB}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "{C300B35A-1F4B-4D4D-A5D5-59AFE09701E7}" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe | "{C3020683-939A-4D0E-917A-E11A013E1598}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{C4D9D97C-9BF6-4800-B28D-3BA12DB336F6}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe | "{C9F06082-5501-4F5B-AC2A-B5D9AA80AE48}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{CCFD251B-D8C3-43B2-9BA6-72C24DE4A179}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{D0F117CA-63A2-44E9-8CD0-442629615E99}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D39035C8-0799-40B0-832C-D78BBFACB148}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\asusdms.exe | "{D616B603-FAFA-43ED-AE8A-17D12AEBDB69}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{D669F700-70A6-4044-9C51-D032DC017A00}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DA6EECBF-0487-4BEE-95A5-0BC7D2B74BEF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{E3C8E8DD-C206-4E80-9802-9AD92287E8AC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{E7B86044-6EF2-4871-9B5F-483243EC9E35}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite iii\wi-fi go!\assisttools\wifi go! server.exe | "{E93FEA8F-DA57-4847-A3B2-BDDCD1072BF1}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{E95E2C2C-F67E-46E3-B420-C6654C21E838}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{F0C1A245-683A-4EDB-8942-ADA5C3FD8FDA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F17190AD-4D1F-482E-AA85-A6075221EA0E}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{FED2920F-1FA3-4255-83FB-B61BDA5F8E38}" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\roaming\utorrent\utorrent.exe | "TCP Query User{14B36160-A4EA-490E-9C71-BEDC94A5DA53}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{9ADA8D7F-D6DF-40A3-9159-2314E139A401}C:\users\utilisateur\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe | "TCP Query User{F1CCE271-E3CF-4C2E-803F-C069BE60245A}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "UDP Query User{C14A70E2-289D-4B6B-B749-825F2B73B151}C:\users\utilisateur\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\utilisateur\appdata\local\temp\gw2.exe | "UDP Query User{FDDBC913-A4E5-46D7-B56B-420A1210381F}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "UDP Query User{FFA95561-2371-47CD-B631-90894869AA30}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support "{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel® Rapid Storage Technology "{44948B6E-F88B-4A5C-9E54-E05CBC81DAC7}" = Intel® Rapid Storage Technology "{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client "{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{644B5296-5B22-40EE-B954-9598E2E1427E}" = Intel® Network Connections 18.1.59.0 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 332.21 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.0725 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.30.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0 "{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "CCleaner" = CCleaner "CPUID ASUS CPU-Z_is1" = CPUID ASUS CPU-Z 1.64 "PROSetDX" = Intel® Network Connections 18.1.59.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0 "{1D5A19F2-DC0D-43C3-BD43-E501AEF3424D}" = Futuremark SystemInfo "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217021F0}" = Java 7 Update 21 "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 45 "{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 "{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1" = EXPERTool v8.9 "{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7AAE9187-C24F-4073-A951-36C370E7A3A5}" = ASUS Boot Setting "{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX "{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Bureau "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office "{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™ "{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1" = Dell Display Manager "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI "{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}" = Disk Unlocker "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}" = ASUS Product Register Program "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}" = AI Suite 3 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 "{E7EB738C-E70A-4E5C-BCFF-0DB2D7251F2B}" = X-Rite Device Services Manager "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI "{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Battlelog Web Plugins" = Battlelog Web Plugins "Dell UltraSharp Color Calibration Solution_is1" = Dell UltraSharp Color Calibration Solution 1.0.0 "Diablo III" = Diablo III "dlancockpit" = devolo dLAN Cockpit "ESN Sonar-0.70.4" = ESN Sonar "Google Chrome" = Google Chrome "Guild Wars 2" = Guild Wars 2 "InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 26.0 (x86 fr)" = Mozilla Firefox 26.0 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "Razer Core" = Razer Core "Steam" = Steam "Steam App 43160" = Metro: Last Light "Steam App 8870" = BioShock Infinite "VLC media player" = VLC media player 2.1.1 "WinLiveSuite" = Windows Live "WinRAR archiver" = WinRAR 5.00 (32 bits) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SkyDriveSetup.exe" = Microsoft SkyDrive "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 6141 Error - 08/01/2014 16:18:19 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 6141 Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 7547 Error - 08/01/2014 16:18:20 | Computer Name = dualstation | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 7547 Error - 08/01/2014 18:36:34 | Computer Name = dualstation | Source = SideBySide | ID = 16842761 Description = La création du contexte d’activation a échoué pour « C:\Program Files\WinZip\adxloader.dll.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files\WinZip\adxloader.dll.Manifest » à la ligne 2. L’élément racine du fichier manifeste doit être assembly. Error - 09/01/2014 09:25:52 | Computer Name = dualstation | Source = NvStreamSvc | ID = 131073 Description = Error - 09/01/2014 09:25:52 | Computer Name = dualstation | Source = NvStreamSvc | ID = 131073 Description = Error - 09/01/2014 09:25:55 | Computer Name = dualstation | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante DipAwayMode.exe, version : 0.0.0.0, horodatage : 0x00000000 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408, horodatage : 0x523d4548 Code d’exception : 0x40010006 Décalage d’erreur : 0x00012eec ID du processus défaillant : 0xddc Heure de début de l’application défaillante : 0x01cf0d3e51349795 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\KERNELBASE.dll ID de rapport : 915257a8-7931-11e3-beb7-240a641d2aa5 Nom complet du package défaillant : ID de l’application relative au package défaillant : [ System Events ] Error - 30/12/2013 21:14:00 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error - 30/12/2013 21:14:39 | Computer Name = dualstation | Source = Schannel | ID = 36888 Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error - 30/12/2013 21:19:57 | Computer Name = dualstation | Source = DCOM | ID = 10016 Description = Error - 31/12/2013 10:42:05 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error - 31/12/2013 10:42:35 | Computer Name = dualstation | Source = Schannel | ID = 36888 Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error - 31/12/2013 10:49:05 | Computer Name = dualstation | Source = DCOM | ID = 10016 Description = Error - 01/01/2014 19:09:44 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error - 01/01/2014 19:10:10 | Computer Name = dualstation | Source = Schannel | ID = 36888 Description = Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error - 01/01/2014 19:12:44 | Computer Name = dualstation | Source = DCOM | ID = 10016 Description = Error - 02/01/2014 12:44:40 | Computer Name = dualstation | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. < End of report >
  5. OnE_LiKoR
    Here is the OTL.txt : OTL logfile created on: 13/01/2014 21:29:00 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utilisateur\Desktop\Anti Malware 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16476) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 15,94 Gb Total Physical Memory | 13,34 Gb Available Physical Memory | 83,71% Memory free 31,94 Gb Paging File | 28,95 Gb Available in Paging File | 90,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1863,01 Gb Total Space | 1706,85 Gb Free Space | 91,62% Space Free | Partition Type: NTFS Computer Name: DUALSTATION | User Name: Utilisateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014/01/13 21:20:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\Anti Malware\OTL.exe PRC - [2013/12/20 23:46:58 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013/12/10 03:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe PRC - [2013/11/17 20:06:00 | 000,442,712 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe PRC - [2013/11/08 21:46:18 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe PRC - [2013/08/27 11:49:16 | 003,526,136 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe PRC - [2013/08/01 11:10:32 | 001,431,184 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe PRC - [2013/08/01 03:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe PRC - [2013/07/31 16:20:46 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe PRC - [2013/07/31 16:20:46 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe PRC - [2013/07/31 09:21:44 | 001,660,728 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe PRC - [2013/07/18 16:39:16 | 000,967,480 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe PRC - [2013/07/04 03:32:08 | 000,936,728 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe PRC - [2013/07/03 16:12:02 | 002,160,936 | ---- | M] (Gainward Co. Ltd.) -- C:\Program Files (x86)\EXPERTool\TBPanel.exe PRC - [2013/07/02 17:49:26 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2013/07/02 17:49:26 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2013/06/21 14:09:56 | 000,671,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe PRC - [2013/05/27 21:07:44 | 000,323,584 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe PRC - [2013/01/28 15:58:52 | 000,550,272 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe PRC - [2013/01/02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe PRC - [2012/12/07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe PRC - [2012/08/14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ========== Modules (No Company Name) ========== MOD - [2013/09/13 19:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2013/09/13 19:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2013/08/01 10:57:04 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll MOD - [2013/08/01 10:57:04 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll MOD - [2013/08/01 10:57:04 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll MOD - [2013/08/01 10:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll MOD - [2013/07/31 16:26:44 | 002,743,808 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll MOD - [2013/07/31 16:21:38 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll MOD - [2013/07/31 16:20:48 | 000,904,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll MOD - [2013/07/31 16:20:48 | 000,825,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll MOD - [2013/07/31 16:20:48 | 000,776,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll MOD - [2013/07/31 16:20:48 | 000,765,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll MOD - [2013/07/31 16:20:48 | 000,685,056 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll MOD - [2013/07/31 16:20:48 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\IccHelper.dll MOD - [2013/07/31 16:20:46 | 001,225,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe MOD - [2013/07/31 16:20:46 | 001,221,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe MOD - [2013/07/12 12:56:54 | 000,175,616 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll MOD - [2013/06/24 17:48:46 | 002,055,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll MOD - [2013/06/24 15:59:32 | 001,173,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll MOD - [2013/06/24 13:45:54 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll MOD - [2013/06/19 16:47:44 | 001,129,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll MOD - [2013/06/13 18:50:06 | 002,462,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.dll MOD - [2013/06/13 17:37:48 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll MOD - [2013/06/11 12:06:06 | 000,425,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.dll MOD - [2013/06/04 10:41:00 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll MOD - [2013/03/21 19:38:04 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll MOD - [2013/03/13 17:12:00 | 000,870,912 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll MOD - [2012/12/07 15:15:16 | 007,422,392 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll MOD - [2012/12/07 15:15:12 | 002,126,264 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll MOD - [2012/12/07 15:15:12 | 001,270,200 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll MOD - [2012/12/07 15:15:12 | 000,192,952 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll MOD - [2012/12/07 15:15:10 | 002,453,944 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll MOD - [2012/12/07 15:15:10 | 000,795,064 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll MOD - [2012/05/02 18:04:30 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll MOD - [2012/04/25 14:47:54 | 000,659,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll MOD - [2012/01/12 16:44:02 | 000,475,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll MOD - [2011/09/05 19:36:52 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qgif4.dll MOD - [2011/09/05 19:36:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats\qjpeg4.dll MOD - [2010/12/14 17:46:32 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll MOD - [2010/10/29 18:58:02 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.dll MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsZip.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/12/20 22:23:06 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2013/12/10 03:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc) SRV:64bit: - [2013/11/14 08:36:58 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2013/11/14 08:36:58 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2013/11/14 08:36:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013/11/14 08:36:55 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2013/11/14 08:30:52 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2013/11/14 08:30:51 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013/11/14 08:30:49 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc) SRV:64bit: - [2013/11/14 08:30:49 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013/11/14 08:16:43 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2013/11/14 08:16:43 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter) SRV:64bit: - [2013/08/22 13:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc) SRV:64bit: - [2013/08/22 13:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2013/08/22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2013/08/22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2013/08/22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2013/08/22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2013/08/22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2013/08/22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2013/08/22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2013/08/22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2013/08/22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2013/08/22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2013/08/22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013/08/22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2013/08/22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2013/08/22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013/08/22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013/08/22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2013/08/22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2013/08/22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2013/08/22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2013/08/22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013/08/22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2013/07/02 17:49:26 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV:64bit: - [2013/02/13 12:47:04 | 000,820,184 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel® SRV:64bit: - [2013/02/13 12:46:48 | 000,731,648 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel® SRV:64bit: - [2013/01/03 14:38:52 | 000,183,200 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® SRV:64bit: - [2012/10/02 07:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc) SRV - [2013/12/20 23:46:58 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013/12/20 02:23:59 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/12/11 01:24:37 | 000,032,960 | ---- | M] (Razer, Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe -- (RzOvlMon) SRV - [2013/12/10 19:50:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/12/10 03:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService) SRV - [2013/11/14 08:30:48 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc) SRV - [2013/10/04 14:10:12 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2013/08/27 11:49:16 | 003,526,136 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService) SRV - [2013/08/22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2013/08/22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2013/08/22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2013/08/01 03:57:22 | 000,954,648 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe -- (asHmComSvc) SRV - [2013/07/31 09:21:44 | 001,660,728 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe -- (AsusFanControlService) SRV - [2013/07/04 03:32:08 | 000,936,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe -- (asComSvc) SRV - [2013/06/20 11:29:38 | 000,173,192 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate) SRV - [2013/05/27 22:03:58 | 000,310,912 | ---- | M] (Windows ® Win 7 DDK provider) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2013/05/27 21:07:44 | 000,323,584 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/03/12 13:20:08 | 000,366,552 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2013/03/12 13:19:38 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2013/01/02 17:11:16 | 000,171,632 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012/12/07 15:16:00 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS) SRV - [2012/09/11 15:18:00 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012/08/14 08:47:18 | 000,203,640 | ---- | M] (X-Rite Inc.) [Auto | Running] -- C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe -- (xrdd.exe) SRV - [2012/06/18 16:39:00 | 000,262,816 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker) SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/12/20 22:23:06 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013/12/20 22:23:06 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013/12/20 22:23:06 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2013/12/20 22:23:06 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2013/12/20 22:23:06 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2013/12/05 09:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) DRV:64bit: - [2013/11/28 14:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2013/11/15 07:37:14 | 000,149,160 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd) DRV:64bit: - [2013/11/14 08:36:55 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2013/11/14 08:30:48 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013/11/14 08:30:48 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013/11/14 08:30:48 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2013/11/14 08:27:05 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2013/11/14 08:16:45 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr) DRV:64bit: - [2013/11/14 08:16:44 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2013/11/14 08:16:34 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid) DRV:64bit: - [2013/11/14 08:16:34 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2013/11/14 08:16:34 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2013/11/14 08:16:34 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2013/11/14 08:16:34 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2013/10/25 07:57:01 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk) DRV:64bit: - [2013/10/25 07:57:01 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter) DRV:64bit: - [2013/08/22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2013/08/22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2013/08/22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2013/08/22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2013/08/22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2013/08/22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2013/08/22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2013/08/22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2013/08/22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2013/08/22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2013/08/22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2013/08/22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2013/08/22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3) DRV:64bit: - [2013/08/22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2013/08/22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2013/08/22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2013/08/22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2013/08/22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2013/08/22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2013/08/22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2013/08/22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2013/08/22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2013/08/22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2013/08/22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2013/08/22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2013/08/22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2013/08/22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2013/08/22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2013/08/22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2013/08/22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2013/08/22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2013/08/22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:64bit: - [2013/08/22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2013/08/22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2013/08/22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2013/08/22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013/08/22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2013/08/22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013/08/22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2013/08/22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2013/08/22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2013/08/22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2013/08/22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2013/08/22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2013/08/22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2013/08/22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013/08/22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2013/08/22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2013/08/22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2013/08/22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2013/08/22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2013/08/22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2013/08/22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2013/08/22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013/08/22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2013/08/22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2013/08/22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc) DRV:64bit: - [2013/08/22 12:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2013/08/22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2013/08/22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2013/08/22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2013/08/22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2013/08/22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2013/08/13 00:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2013/08/10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV) DRV:64bit: - [2013/07/30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2013/07/25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2013/07/02 17:49:14 | 000,667,496 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2013/06/18 15:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress) DRV:64bit: - [2013/05/27 21:09:12 | 000,586,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2013/05/27 21:09:12 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2013/05/27 21:09:12 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2013/05/27 21:09:12 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2013/05/27 21:09:12 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2013/05/27 21:09:10 | 000,347,336 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2013/05/27 21:09:10 | 000,115,912 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV:64bit: - [2013/05/27 21:09:10 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2013/05/16 20:49:12 | 003,847,168 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr) DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013/03/12 13:19:38 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2013/02/27 17:07:48 | 000,038,712 | ---- | M] (ASUS SZ provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmic_x64.sys -- (asusvad_micarray) DRV:64bit: - [2013/02/21 04:40:38 | 000,032,840 | R--- | M] (NT Kernel Resources) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd) DRV:64bit: - [2013/01/25 11:51:38 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap) DRV:64bit: - [2013/01/10 11:11:04 | 000,047,512 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64) DRV:64bit: - [2012/09/11 15:17:58 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/06/01 10:04:44 | 000,042,656 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus) DRV:64bit: - [2012/04/18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb) DRV - [2013/08/21 16:49:02 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo) DRV - [2010/09/16 20:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.com" FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.11 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.1: C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/03 00:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions [2014/01/13 21:01:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\tfctyu6p.default\extensions [2013/11/18 00:18:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\tfctyu6p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014/01/11 00:21:38 | 000,536,010 | ---- | M] () (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013/12/20 02:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2013/12/20 02:23:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.com CHR - Extension: Google\u00A0Drive = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\ CHR - Extension: Recherche Google = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: History Eraser = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm\3.9.7_0\ CHR - Extension: Google\u00A0Wallet = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: Click&Clean App = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\ CHR - Extension: Gmail = C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2014/01/07 19:34:22 | 000,000,871 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [shadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUS WiFi GO! FileTransfer Execute] C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.) O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) O4 - HKU\S-1-5-21-4121640540-4136590292-1234643125-1002..\Run: [TBPanel] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co. Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA560108-E9CA-4146-8C4B-B394D609D7E1}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/01/13 16:49:05 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2014/01/11 18:48:08 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\Desktop\Anti Malware [2014/01/11 18:31:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014/01/11 18:28:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2014/01/09 14:31:11 | 000,000,000 | ---D | C] -- C:\FRST [2014/01/07 23:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2014/01/07 23:36:39 | 000,000,000 | ---D | C] -- C:\NVIDIA [2014/01/07 18:00:33 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Malwarebytes [2014/01/07 18:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2014/01/07 18:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2014/01/07 18:00:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2014/01/07 18:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2014/01/07 17:59:54 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Programs [2014/01/07 17:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2014/01/07 17:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013/12/31 02:13:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013/12/20 23:18:21 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\SkyDrive [2013/12/20 23:10:34 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2013/12/20 23:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013/12/20 23:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/12/20 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Identities [2013/12/20 22:31:58 | 000,000,000 | --SD | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Favorites [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Documents [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\Desktop [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013/12/20 22:31:58 | 000,000,000 | R--D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Voisinage réseau [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Voisinage d'impression [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Temporary Internet Files [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\SendTo [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Recent [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Modèles [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Mes vidéos [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Mes images [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Mes documents [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Menu Démarrer [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Documents\Ma musique [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Local Settings [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Historique [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Cookies [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\Application Data [2013/12/20 22:31:58 | 000,000,000 | -HSD | C] -- C:\Users\Utilisateur\AppData\Local\Application Data [2013/12/20 22:31:58 | 000,000,000 | -H-D | C] -- C:\Users\Utilisateur\AppData [2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Temp [2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Microsoft [2013/12/20 22:31:58 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013/12/20 22:27:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2013/12/20 22:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013/12/20 22:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2013/12/20 22:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2013/12/20 22:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013/12/20 22:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2013/12/20 22:26:48 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\WINDOWS\SysWow64\AsIO.dll [2013/12/20 22:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS [2013/12/20 22:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS [2013/12/20 22:26:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013/12/20 22:24:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2013/12/20 22:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2013/12/20 22:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013/12/20 22:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013/12/20 17:43:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet [2013/12/20 02:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014/01/13 21:24:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014/01/13 20:52:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014/01/13 19:50:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014/01/13 16:55:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Path.idx [2014/01/13 16:54:30 | 001,827,432 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2014/01/13 16:54:30 | 000,812,146 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat [2014/01/13 16:54:30 | 000,723,316 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2014/01/13 16:54:30 | 000,159,742 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat [2014/01/13 16:54:30 | 000,135,930 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2014/01/13 16:50:30 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/01/13 16:49:58 | 001,048,576 | ---- | M] () -- C:\WINDOWS\PE_Rom.dll [2014/01/13 16:49:11 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014/01/13 16:48:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2014/01/13 16:48:07 | 806,744,061 | -HS- | M] () -- C:\hiberfil.sys [2014/01/13 00:24:02 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2014/01/11 19:08:42 | 000,214,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0 [2014/01/11 18:19:11 | 000,001,197 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2014/01/11 18:19:11 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Dell Display Manager.lnk [2014/01/07 23:39:13 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2014/01/07 19:34:22 | 000,000,672 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2013/12/26 19:18:28 | 000,253,536 | ---- | M] () -- C:\Users\Utilisateur\Documents\favoris_26_12_13.html [2013/12/20 23:46:58 | 000,076,888 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2013/12/20 22:40:40 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2013/12/20 22:40:40 | 000,022,863 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2013/12/20 22:40:33 | 000,023,108 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2013/12/20 22:39:17 | 001,851,286 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2013/12/20 22:36:00 | 000,362,480 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013/12/20 22:26:53 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf [2013/12/20 22:07:26 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013/12/19 21:33:31 | 000,357,152 | ---- | M] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll [2013/12/19 21:33:31 | 000,314,656 | ---- | M] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll [2013/12/19 21:33:31 | 000,061,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2013/12/19 21:33:31 | 000,053,024 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2013/12/19 21:33:31 | 000,023,754 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb [2013/12/19 06:01:48 | 003,539,040 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2013/12/16 21:51:16 | 001,978,979 | ---- | M] () -- C:\Users\Utilisateur\Documents\asus-pdf.zip [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2014/01/07 23:39:13 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2014/01/07 23:37:31 | 000,357,152 | ---- | C] () -- C:\WINDOWS\SysNative\NvIFROpenGL.dll [2014/01/07 23:37:31 | 000,314,656 | ---- | C] () -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll [2014/01/07 17:32:11 | 000,001,320 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk [2013/12/26 19:18:28 | 000,253,536 | ---- | C] () -- C:\Users\Utilisateur\Documents\favoris_26_12_13.html [2013/12/20 23:46:57 | 003,894,632 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe [2013/12/20 23:01:07 | 000,000,672 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2013/12/20 22:47:23 | 000,001,462 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/12/20 22:40:33 | 000,023,108 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2013/12/20 22:33:50 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2013/12/20 22:31:58 | 000,000,352 | ---- | C] () -- C:\Users\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2013/12/20 22:31:58 | 000,000,334 | ---- | C] () -- C:\Users\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2013/12/20 22:30:00 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2013/12/20 22:30:00 | 000,022,863 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2013/12/20 22:27:16 | 003,539,040 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2013/12/20 22:26:53 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_ASMBSW_01_11_00.Wdf [2013/12/20 22:26:48 | 000,015,232 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys [2013/12/20 22:07:26 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013/12/16 21:51:15 | 001,978,979 | ---- | C] () -- C:\Users\Utilisateur\Documents\asus-pdf.zip [2013/11/14 23:57:54 | 000,000,022 | ---- | C] () -- C:\WINDOWS\GPU-Z.INI [2013/11/11 19:17:18 | 001,048,576 | ---- | C] () -- C:\WINDOWS\PE_Rom.dll [2013/11/11 19:13:05 | 000,014,464 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsUpIO.sys [2013/11/03 01:40:46 | 000,214,392 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2013/11/03 01:40:45 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2013/10/30 17:43:53 | 001,851,286 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2013/10/30 17:31:36 | 000,057,973 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2013/10/30 17:31:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ascd_err.ini [2013/10/30 17:29:55 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2013/10/30 17:29:54 | 000,043,440 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2013/10/30 17:29:52 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS [2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2013/08/22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2013/07/10 10:00:00 | 000,008,097 | ---- | C] () -- C:\WINDOWS\cadx2.ini [2013/02/13 12:27:54 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/11/14 08:52:35 | 021,196,664 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/11/14 08:52:36 | 018,642,504 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/11/04 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Guild Wars 2 [2014/01/02 20:14:26 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Origin [2014/01/13 20:11:26 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\TS3Client [2013/11/23 20:05:24 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\uTorrent [2013/11/05 20:56:42 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\X-Rite ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 220 bytes -> C:\Users\Utilisateur\SkyDrive:ms-properties < End of report >
  6. OnE_LiKoR
    I'm a little bit desparate I don't know what to do but to format my hard drive in order to get things working again...
  7. OnE_LiKoR
    Hi Maniac, Anti Malwares don't find anything when at all quick scanning but I still got some issues with Google Chrome. When I'm on Youtube for example I've got an unwanted page telling me I have to update Java... (this one : http://www.jdfhnjsvmdk.com/FR/?s1=E54PGx3EUADDW3UBAAAAAAGDcAAAAAAAAgAAAAIAAAAAAP8AAAABGCNOYQAAAAAASA-GAAAAAACCPIoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7qxoAAAAAAAIAAwAAgD8Aq-aTiEMBAAAAAAAAADI0ZDYwZGE0LTdiZDktMTFlMy05YTFmLTc4ZTNiNTE5ZmZhMgAAAAAAAAA=&s2=&s3=FR&s4=152412&s5=9059458) That's a bit strange because it's only happening when using Chrome and not Firefox so I decided to do a complete scan with MBAM in order to see if it finds anything. It's finished now and it founds only 1 Malware Here is the log : Malwarebytes Anti-Malware (Essai) 1.75.0.1300www.malwarebytes.org Version de la base de données: v2014.01.12.05 Windows 8 x64 NTFSInternet Explorer 11.0.9600.16476Utilisateur :: DUALSTATION [administrateur] Protection: Activé 12/01/2014 23:26:39MBAM-log-2014-01-12 (23-48-18).txt Type d'examen: Examen complet (C:\|)Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUMOptions d'examen désactivées: P2PElément(s) analysé(s): 359146Temps écoulé: 20 minute(s), 27 seconde(s) Processus mémoire détecté(s): 0(Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0(Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0(Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0(Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0(Aucun élément nuisible détecté) Dossier(s) détecté(s): 0(Aucun élément nuisible détecté) Fichier(s) détecté(s): 1C:\AdwCleaner\Quarantine\C\Program Files (x86)\Bench\Updater\1.7.0.0\Updater.exe.vir (PUP.Optional.Adwareplugin) -> Aucune action effectuée. (fin)
  8. OnE_LiKoR
    Thank you for your support, MBAM was finding only 2 malwares at least.
  9. OnE_LiKoR
    And finally here is the last report from MBAM : Malwarebytes Anti-Malware (Essai) 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2014.01.11.06 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16476 Utilisateur :: DUALSTATION [administrateur] Protection: Activé 11/01/2014 18:45:30 mbam-log-2014-01-11 (18-45-30).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 226334 Temps écoulé: 2 minute(s), 57 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 2 C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Mis en quarantaine et supprimé avec succès. C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Mis en quarantaine et supprimé avec succès. (fin)
  10. OnE_LiKoR
    And here is the log from AdwCleaner : # AdwCleaner v3.016 - Rapport créé le 11/01/2014 à 18:39:55 # Mis à jour le 23/12/2013 par Xplode # Système d'exploitation : Windows 8.1 Pro (64 bits) # Nom d'utilisateur : Utilisateur - DUALSTATION # Exécuté depuis : C:\Users\Utilisateur\Downloads\AdwCleaner.exe # Option : Nettoyer ***** [ Services ] ***** ***** [ Fichiers / Dossiers ] ***** Dossier Supprimé : C:\Program Files (x86)\Bench Dossier Supprimé : C:\WINDOWS\SysWOW64\Searchprotect Fichier Supprimé : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\searchplugins\conduit-search.xml ***** [ Raccourcis ] ***** ***** [ Registre ] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Clé Supprimée : HKLM\Software\installedbrowserextensions ***** [ Navigateurs ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v26.0 (fr) [ Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\prefs.js ] -\\ Google Chrome v31.0.1650.63 [ Fichier : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1394 octets] - [11/01/2014 18:31:59] AdwCleaner[s0].txt - [1325 octets] - [11/01/2014 18:39:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1385 octets] ##########
  11. OnE_LiKoR
    Here is the JRT.txt : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Windows 8.1 Pro x64 Ran by Utilisateur on 11/01/2014 at 18:28:46,07 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted the following from C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\prefs.js Emptied folder: C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\tfctyu6p.default\minidumps [3 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 11/01/2014 at 18:31:18,56 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  12. OnE_LiKoR
    Here is the fixlog : Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014 Ran by Utilisateur at 2014-01-11 00:30:19 Run:1 Running from C:\Users\Utilisateur\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Start CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION End ***************** HKLM\SOFTWARE\Policies\Google => Key deleted successfully. ==== End of Fixlog ==== Thank you for being so patient.
  13. OnE_LiKoR
    And here is the Addition.txt : Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014 01 Ran by Utilisateur at 2014-01-09 14:31:47 Running from C:\Users\Utilisateur\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) MUI (x32 Version: 10.1.3 - Adobe Systems Incorporated) AI Suite 3 (x32 Version: 1.00.55 - ASUSTeK Computer Inc.) Apple Application Support (x32 Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.3.4.001 - Asmedia Technology) ASUS Boot Setting (x32 Version: 1.00.09 - ASUSTeK Computer Inc.) ASUS Product Register Program (x32 Version: 1.0.020 - ASUSTek Computer Inc.) Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts) Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB) Bing Bureau (x32 Version: 1.3.171.0 - Microsoft Corporation) BioShock Infinite (x32 Version: - Irrational Games) Bonjour (Version: 3.0.0.10 - Apple Inc.) CCleaner (Version: 4.09 - Piriform) CPUID ASUS CPU-Z 1.64 (Version: 1.64 - CPUID, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Display Manager (x32 Version: - EnTech Taiwan) Dell UltraSharp Color Calibration Solution 1.0.0 (x32 Version: - X-Rite) devolo dLAN Cockpit (x32 Version: 4.1.3.0 - devolo AG) Diablo III (x32 Version: - Blizzard Entertainment) Disk Unlocker (x32 Version: 2.1.3 - ASUSTek Computer Inc.) ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB) EXPERTool v8.9 (x32 Version: 8.9.5.0 - Gainward Co. Ltd.) Futuremark SystemInfo (x32 Version: 4.21.201 - Futuremark) Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden Guild Wars 2 (x32 Version: - NCsoft Corporation, Ltd.) Intel® Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation) Intel® Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Intel® Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden Intel® Rapid Storage Technology (Version: 12.7.0.1036 - Intel Corporation) Intel® Rapid Storage Technology (Version: 12.7.0.1036 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 21 (x32 Version: 7.0.210 - Oracle) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 12.0.1.340 - Kaspersky Lab) Hidden Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Metro: Last Light (x32 Version: - 4A Games) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Mises à jour NVIDIA 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 26.0 (x86 fr) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Logiciel système PhysX 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA Pilote 3D Vision 332.21 (Version: 332.21 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 332.21 (Version: 332.21 - NVIDIA Corporation) NVIDIA Pilote graphique 332.21 (Version: 332.21 - NVIDIA Corporation) NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation) Origin (x32 Version: 9.3.10.4710 - Electronic Arts, Inc.) Panneau de configuration NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.228 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros) QuickTime (x32 Version: 7.74.80.86 - Apple Inc.) Razer Core (x32 Version: 1.0.1.56 - Razer Inc) Razer Synapse 2.0 (x32 Version: 1.16.6 - Razer Inc.) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6971 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (x32 Version: 6.2.8400.30143 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden Steam (x32 Version: - Valve Corporation) System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC) TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden VLC media player 2.1.1 (x32 Version: 2.1.1 - VideoLAN) Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden WinRAR 5.00 (32 bits) (x32 Version: 5.00.0 - win.rar GmbH) WinZip 17.0 (Version: 17.0.10283 - WinZip Computing, S.L. ) X-Rite Device Services Manager (x32 Version: 2.2.61 - X-Rite) ==================== Restore Points ========================= 20-12-2013 22:10:17 Windows Update 29-12-2013 18:14:32 Point de contrôle planifié 05-01-2014 19:21:59 Point de contrôle planifié ==================== Hosts content: ========================== 2013-08-22 14:25 - 2014-01-07 19:34 - 00000871 ____A C:\WINDOWS\system32\Drivers\etc\hosts 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {07576E7A-0A61-4205-9521-A5413B219753} - System32\Tasks\XRDeviceServicesSoftwareUpdate => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2012-08-14] (X-Rite Inc.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {26EFEF99-817A-4F10-AB9A-E1F702B3223B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {3487A643-3DBC-46DB-9310-9FBD49700EE6} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-01] (ASUSTeK Computer Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5064D371-D284-4161-BED2-B46CF467A979} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.) Task: {63033491-DC34-4AE4-8A4B-BE3E315AB74A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-02] (Google Inc.) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {722C4303-0555-4F17-8EA1-A3E106738F53} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-08] () <==== ATTENTION Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {82D1B69E-C5C4-410D-93B6-4DA620EE58D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {907C5B1D-A768-4DC1-8C4E-67FEB4987685} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated) Task: {98A9084B-F146-4B9B-AE49-5847EF3C0AD8} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2013-07-18] (ASUSTeK Computer Inc.) Task: {99D00425-AD28-46D8-9E1C-F7E9814363DC} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A722F64F-31A8-4038-84FF-5C6ACD886032} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2013-07-31] () Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F854EEFD-8090-4243-990B-CE3E70B97CC6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-01-25] (ASUSTek Computer Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ? Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-05-27 21:40 - 2013-05-27 21:40 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-05-27 21:36 - 2013-05-27 21:36 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2013-05-27 22:09 - 2013-05-27 22:09 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2013-05-27 21:30 - 2013-05-27 21:30 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\fr-FR\BtTray.fr-FR.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-20 22:26 - 2014-01-09 14:25 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2013-12-20 22:26 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2012-08-14 08:46 - 2012-08-14 08:46 - 01614712 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll 2012-08-14 08:47 - 2012-08-14 08:47 - 02639736 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll 2013-11-11 19:12 - 2013-08-01 10:57 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2013-11-11 19:40 - 2013-03-13 17:12 - 00870912 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll 2013-11-11 19:12 - 2013-07-31 16:26 - 02743808 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2013-11-11 19:13 - 2013-06-19 16:47 - 01129984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2013-11-11 19:41 - 2013-06-24 15:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\Network iControl.dll 2013-11-11 19:42 - 2013-06-24 17:48 - 02055168 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\WiFiGO.dll 2013-11-11 19:11 - 2013-06-04 10:41 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2013-11-11 19:12 - 2013-08-01 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll 2013-11-11 19:12 - 2013-07-31 16:21 - 00010240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\IccHelper.dll 2013-11-11 19:42 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll 2013-11-11 19:12 - 2013-08-01 10:57 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll 2013-11-11 19:12 - 2013-08-01 10:57 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll 2013-11-11 19:43 - 2013-06-24 13:45 - 00062976 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi Engine\IsSupported.dll 2013-11-11 19:42 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\AsIdxParser.dll 2013-11-11 19:42 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll 2013-11-11 19:12 - 2013-07-31 16:20 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2013-11-11 19:12 - 2013-07-31 16:20 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2013-11-11 19:12 - 2013-07-31 16:20 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2013-11-11 19:12 - 2013-07-31 16:20 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2013-11-11 19:12 - 2013-07-31 16:20 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\UsbPowerManager.dll 2013-11-11 19:42 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\AudioProjection.dll 2013-11-11 19:42 - 2013-07-12 12:56 - 00175616 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\DLCapPP.dll 2013-11-11 19:42 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\CoreAudioCap.dll 2013-11-11 19:42 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\awiscale.DLL 2013-11-11 19:42 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\JpegCD.DLL 2013-11-11 19:42 - 2013-06-13 18:50 - 02462208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\xH264E.DLL 2013-11-11 19:42 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll 2013-11-11 19:14 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{1DF11DAD-D427-4E1D-ABB6-04CB881EBE06}\CloudAPI\CloudAPI.dll 2013-11-11 19:42 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiMoveHelp.dll 2013-11-11 19:42 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll 2013-11-02 19:23 - 2014-01-07 14:40 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02126264 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 07422392 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 02453944 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 01270200 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00192952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll 2012-12-07 15:15 - 2012-12-07 15:15 - 00795064 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll 2013-11-11 20:05 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2013-12-20 02:23 - 2013-12-20 02:23 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Utilisateur\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/09/2014 02:25:55 PM) (Source: Application Error) (User: ) Description: Nom de l’application défaillante DipAwayMode.exe, version : 0.0.0.0, horodatage : 0x00000000 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408, horodatage : 0x523d4548 Code d’exception : 0x40010006 Décalage d’erreur : 0x00012eec ID du processus défaillant : 0xddc Heure de début de l’application défaillante : 0xDipAwayMode.exe0 Chemin d’accès de l’application défaillante : DipAwayMode.exe1 Chemin d’accès du module défaillant: DipAwayMode.exe2 ID de rapport : DipAwayMode.exe3 Nom complet du package défaillant : DipAwayMode.exe4 ID de l’application relative au package défaillant : DipAwayMode.exe5 Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/08/2014 11:36:34 PM) (Source: SideBySide) (User: ) Description: La création du contexte d’activation a échoué pour « 1 ». Erreur dans le fichier de manifeste ou de stratégie « 2 » à la ligne 3. L’élément racine du fichier manifeste doit être assembly. Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7547 Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7547 Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6141 Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6141 Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (01/09/2014 02:28:30 PM) (Source: DCOM) (User: AUTORITE NT) Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (01/09/2014 02:25:28 PM) (Source: Service Control Manager) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error: (01/08/2014 06:46:34 PM) (Source: Schannel) (User: AUTORITE NT) Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error: (01/08/2014 05:11:21 PM) (Source: DCOM) (User: AUTORITE NT) Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (01/08/2014 05:08:20 PM) (Source: Service Control Manager) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error: (01/07/2014 08:47:57 PM) (Source: Schannel) (User: AUTORITE NT) Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error: (01/07/2014 07:49:18 PM) (Source: DCOM) (User: AUTORITE NT) Description: par défaut de l’ordinateurLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}AUTORITE NTSERVICE LOCALS-1-5-19LocalHost (avec LRPC)Non disponibleNon disponible Error: (01/07/2014 07:46:56 PM) (Source: Schannel) (User: AUTORITE NT) Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Error: (01/07/2014 07:46:17 PM) (Source: Service Control Manager) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Bing Desktop Update service. Error: (01/07/2014 02:40:36 PM) (Source: Schannel) (User: AUTORITE NT) Description: Une alerte irrécupérable a été générée et envoyée au point de terminaison distant. Ceci peut entraîner l’arrêt de la connexion. Le code d’erreur irrécupérable défini par le protocole TLS est 43. L’état d’erreur de Windows SChannel est 252. Microsoft Office Sessions: ========================= Error: (01/09/2014 02:25:55 PM) (Source: Application Error)(User: ) Description: DipAwayMode.exe0.0.0.000000000KERNELBASE.dll6.3.9600.16408523d45484001000600012eecddc01cf0d3e51349795C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll915257a8-7931-11e3-beb7-240a641d2aa5 Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (01/09/2014 02:25:52 PM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (01/08/2014 11:36:34 PM) (Source: SideBySide)(User: ) Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2 Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7547 Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7547 Error: (01/08/2014 09:18:20 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6141 Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6141 Error: (01/08/2014 09:18:19 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2014-01-08 18:00:19.628 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 18:00:16.226 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 18:00:16.189 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 18:00:16.150 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 18:00:15.554 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 17:58:29.928 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 17:58:29.916 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 17:58:29.903 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 17:54:31.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-01-08 17:54:31.308 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 16321.71 MB Available physical RAM: 13773.47 MB Total Pagefile: 32705.71 MB Available Pagefile: 29743.36 MB Total Virtual: 131072 MB Available Virtual: 131071.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:1863.01 GB) (Free:1705.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2053DC7B) Partition 1: (Active) - (Size=-198626508800) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 238 GB) (Disk ID: 00000000) Partition: GPT Partition Type ======================================================== Disk: 2 (Size: 2795 GB) (Disk ID: 00000000) Partition: GPT Partition Type ==================== End Of Log ============================ Thank you for your help
  14. OnE_LiKoR
    Hi, Here is the FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01 Ran by Utilisateur (administrator) on DUALSTATION on 09-01-2014 14:31:21 Running from C:\Users\Utilisateur\Desktop Windows 8.1 Pro (X64) OS Language: French Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe (Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Windows\SysWOW64\PnkBstrB.exe (Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe (X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AsDLNAServerReal.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Microsoft Corporation) \\?\C:\WINDOWS\system32\wbem\WMIADAP.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-11-08] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] - C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-07-02] (Intel Corporation) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] - C:\Program Files (x86)\ASUS\AI Suite III\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [bingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.) HKLM\...\Policies\Explorer\Run: [btvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133248 2013-05-27] ( (Qualcomm Atheros Commnucations)) HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2014-01-07] (Electronic Arts) HKCU\...\Run: [TBPanel] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2160936 2013-07-03] (Gainward Co. Ltd.) HKCU\...\Run: [KSS] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.ldlc.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.ldlc.com SearchScopes: HKLM - DefaultScope {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; SearchScopes: HKLM - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; SearchScopes: HKLM-x32 - DefaultScope {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; SearchScopes: HKLM-x32 - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS; SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP005449E0-A260-48C8-9772-CA8EA346B749&q={searchTerms}&SSPV= SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP005449E0-A260-48C8-9772-CA8EA346B749&q={searchTerms}&SSPV= SearchScopes: HKCU - {9D4E95EC-C16B-411E-AFD9-203C8FCCBC8D} URL = BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Hosts: 54.204.28.26 ckdjndgfgjaglgcnllemofeepjeeaofa Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 FireFox: ======== FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml FF Extension: Instant Savings App - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{2A39D365-6906-B62D-BB4C-E544F9440E50} FF Extension: DownloadHelper - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} FF Extension: NoScript - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\tfctyu6p.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi Chrome: ======= CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Instant Savings App) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdjndgfgjaglgcnllemofeepjeeaofa\1.0_1 CHR Extension: (Google Search) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (History Eraser) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm\3.9.7_0 CHR Extension: (Google Wallet) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (Click&Clean App) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0 CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.) R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.03.03\AsusFanControlService.exe [1660728 2013-07-31] (ASUSTeK Computer Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310912 2013-05-27] (Windows ® Win 7 DDK provider) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-04] (Futuremark) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-07-02] (Intel Corporation) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-11] (Realsil Microelectronics Inc.) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\SysWow64\PnkBstrA.exe [76888 2013-12-20] () R2 PnkBstrB; C:\WINDOWS\SysWow64\PnkBstrB.exe [214392 2014-01-08] () R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-11] (Razer, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203640 2012-08-14] (X-Rite Inc.) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-05-27] (Atheros) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.) R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [47512 2013-01-10] (Asmedia Technology) R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R3 ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [21400 2013-01-28] (http://www.asmedia.com.tw) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] () R3 AsusSensorSimulator; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) R3 asusvad_micarray; C:\Windows\system32\drivers\vmic_x64.sys [38712 2013-02-27] (ASUS SZ provider) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-27] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-20] (Microsoft Corporation) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-11-14] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.) R3 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.) R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-20] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) R1 VDiskBus; C:\Windows\System32\drivers\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-09 14:31 - 2014-01-09 14:31 - 00022342 _____ C:\Users\Utilisateur\Desktop\FRST.txt 2014-01-09 14:31 - 2014-01-09 14:31 - 00000000 ____D C:\FRST 2014-01-09 14:30 - 2014-01-09 14:30 - 01931770 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe 2014-01-09 14:26 - 2014-01-09 14:26 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-01-08 00:00 - 2014-01-08 00:00 - 00000318 _____ C:\WINDOWS\Tasks\bench-Updater removing.job 2014-01-07 23:39 - 2014-01-07 23:39 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2014-01-07 23:39 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2014-01-07 23:37 - 2014-01-07 23:38 - 00000039 _____ C:\WINDOWS\setupact.log 2014-01-07 23:37 - 2014-01-07 23:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2014-01-07 23:37 - 2014-01-07 23:37 - 00000000 _____ C:\WINDOWS\setuperr.log 2014-01-07 23:37 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2014-01-07 23:37 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2014-01-07 23:37 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2014-01-07 23:37 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2014-01-07 23:37 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2014-01-07 23:37 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D C:\NVIDIA 2014-01-07 19:46 - 2014-01-07 19:46 - 00000864 _____ C:\WINDOWS\PFRO.log 2014-01-07 18:00 - 2014-01-07 18:00 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Malwarebytes 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-07 18:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-01-07 17:59 - 2014-01-07 17:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Utilisateur\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-07 17:32 - 2014-01-07 17:32 - 00001320 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk 2014-01-07 17:31 - 2014-01-07 17:31 - 00001093 _____ C:\Users\Utilisateur\Desktop\Kaspersky Security Scan.lnk 2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2014-01-07 17:30 - 2014-01-07 17:30 - 00179968 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kss12.0.1.117mlg_en-fr_ru-fr_fr-fr_de-fr.exe 2014-01-06 23:05 - 2014-01-09 14:28 - 00228054 _____ C:\WINDOWS\WindowsUpdate.log 2013-12-31 02:13 - 2014-01-06 22:18 - 00000000 ____D C:\WINDOWS\Minidump 2013-12-26 19:18 - 2013-12-26 19:18 - 00253536 _____ C:\Users\Utilisateur\Documents\favoris_26_12_13.html 2013-12-20 23:46 - 2013-10-11 13:59 - 03894632 _____ C:\WINDOWS\SysWOW64\pbsvc.exe 2013-12-20 23:25 - 2014-01-09 14:28 - 00003972 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{17B10CF5-84C5-4EC6-89C9-1F37AE242D24} 2013-12-20 23:18 - 2014-01-09 14:25 - 00000000 __RDO C:\Users\Utilisateur\SkyDrive 2013-12-20 23:10 - 2013-12-20 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice 2013-12-20 23:02 - 2013-12-20 23:02 - 04645232 _____ (Piriform Ltd) C:\Users\Utilisateur\Downloads\ccsetup409.exe 2013-12-20 23:02 - 2013-12-20 23:02 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-12-20 23:02 - 2013-12-20 23:02 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-20 23:02 - 2013-12-20 23:02 - 00000000 ____D C:\Program Files\CCleaner 2013-12-20 23:01 - 2014-01-07 19:34 - 00000672 __RSH C:\ProgramData\ntuser.pol 2013-12-20 22:47 - 2013-12-20 22:47 - 00001462 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-20 22:46 - 2013-12-20 22:46 - 00000020 ___SH C:\Users\Utilisateur\ntuser.ini 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage réseau 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Modèles 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Menu Démarrer 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes images 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2013-12-20 22:40 - 2013-12-20 22:40 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-12-20 22:32 - 2013-12-20 22:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-12-20 22:31 - 2013-12-31 05:13 - 00000000 ____D C:\Users\Utilisateur 2013-12-20 22:31 - 2013-12-20 22:32 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-12-20 22:31 - 2013-12-20 22:32 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage réseau 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage d'impression 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Modèles 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Menu Démarrer 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes vidéos 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes images 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Ma musique 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Local\Historique 2013-12-20 22:31 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-12-20 22:31 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-12-20 22:30 - 2013-12-20 22:40 - 00022863 _____ C:\WINDOWS\diagwrn.xml 2013-12-20 22:30 - 2013-12-20 22:40 - 00022863 _____ C:\WINDOWS\diagerr.xml 2013-12-20 22:27 - 2014-01-09 14:25 - 00000000 ____D C:\ProgramData\NVIDIA 2013-12-20 22:27 - 2013-12-20 22:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\Program Files\Realtek 2013-12-20 22:27 - 2013-12-19 19:53 - 06671648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2013-12-20 22:27 - 2013-12-19 19:53 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2013-12-20 22:27 - 2013-12-19 19:53 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2013-12-20 22:27 - 2013-12-19 19:53 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2013-12-20 22:27 - 2013-12-19 19:53 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2013-12-20 22:27 - 2013-12-19 19:53 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2013-12-20 22:27 - 2013-12-19 06:01 - 03539040 _____ C:\WINDOWS\system32\nvcoproc.bin 2013-12-20 22:26 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files\ASUS 2013-12-20 22:26 - 2013-12-20 22:33 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-12-20 22:26 - 2013-12-20 22:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2013-12-20 22:26 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2013-12-20 22:26 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2013-12-20 22:24 - 2014-01-06 22:18 - 00000000 ___DC C:\WINDOWS\Panther 2013-12-20 22:24 - 2013-12-20 22:24 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2013-12-20 22:24 - 2013-12-20 22:24 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-12-20 22:23 - 2013-12-20 22:23 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-12-20 22:23 - 2013-12-20 22:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-12-20 22:23 - 2013-12-20 22:23 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-12-20 22:23 - 2013-12-20 22:23 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-12-20 22:23 - 2013-12-20 22:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2013-12-20 22:22 - 2013-12-20 22:22 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\MSBuild 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-12-20 22:16 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2013-12-20 22:16 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2013-12-20 22:16 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2013-12-20 22:16 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2013-12-20 22:16 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-12-20 22:16 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2013-12-20 22:07 - 2013-12-20 22:07 - 00008192 __RSH C:\BOOTSECT.BAK 2013-12-20 17:43 - 2013-12-20 18:26 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet 2013-12-20 14:06 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2013-12-20 14:06 - 2013-12-05 09:42 - 00035104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2013-12-20 14:06 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2013-12-20 02:23 - 2013-12-20 02:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2013-12-17 16:00 - 2013-12-17 16:00 - 00000084 _____ C:\WINDOWS\SysWOW64\prime.txt 2013-12-17 16:00 - 2013-12-17 16:00 - 00000065 _____ C:\WINDOWS\SysWOW64\local.txt 2013-12-16 21:51 - 2013-12-16 21:51 - 01978979 _____ C:\Users\Utilisateur\Documents\asus-pdf.zip ==================== One Month Modified Files and Folders ======= 2014-01-09 14:31 - 2014-01-09 14:31 - 00022342 _____ C:\Users\Utilisateur\Desktop\FRST.txt 2014-01-09 14:31 - 2014-01-09 14:31 - 00000000 ____D C:\FRST 2014-01-09 14:31 - 2013-11-14 08:31 - 01827432 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2014-01-09 14:31 - 2013-11-14 08:13 - 00812146 _____ C:\WINDOWS\system32\perfh00C.dat 2014-01-09 14:31 - 2013-11-14 08:13 - 00159742 _____ C:\WINDOWS\system32\perfc00C.dat 2014-01-09 14:30 - 2014-01-09 14:30 - 01931770 _____ (Farbar) C:\Users\Utilisateur\Desktop\FRST64.exe 2014-01-09 14:30 - 2013-11-02 18:46 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4121640540-4136590292-1234643125-1002 2014-01-09 14:28 - 2014-01-06 23:05 - 00228054 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-09 14:28 - 2013-12-20 23:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{17B10CF5-84C5-4EC6-89C9-1F37AE242D24} 2014-01-09 14:27 - 2013-11-02 19:14 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2014-01-09 14:26 - 2014-01-09 14:26 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-01-09 14:26 - 2013-11-11 19:17 - 01048576 _____ C:\WINDOWS\PE_Rom.dll 2014-01-09 14:25 - 2013-12-20 23:18 - 00000000 __RDO C:\Users\Utilisateur\SkyDrive 2014-01-09 14:25 - 2013-12-20 22:27 - 00000000 ____D C:\ProgramData\NVIDIA 2014-01-09 14:25 - 2013-11-02 19:14 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-09 14:25 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-09 03:35 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2014-01-09 03:24 - 2013-11-02 19:14 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-09 03:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru 2014-01-09 02:50 - 2013-11-05 18:52 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-09 00:00 - 2013-11-04 23:09 - 00000366 _____ C:\WINDOWS\Tasks\bench-sys.job 2014-01-08 23:49 - 2013-11-03 01:40 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2014-01-08 23:43 - 2013-11-05 19:01 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\TS3Client 2014-01-08 18:52 - 2013-11-03 01:40 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2014-01-08 18:46 - 2013-11-02 19:22 - 00000000 ____D C:\Program Files (x86)\Origin 2014-01-08 17:14 - 2013-11-11 19:22 - 00000000 _____ C:\WINDOWS\Path.idx 2014-01-08 00:00 - 2014-01-08 00:00 - 00000318 _____ C:\WINDOWS\Tasks\bench-Updater removing.job 2014-01-07 23:39 - 2014-01-07 23:39 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2014-01-07 23:39 - 2014-01-07 23:39 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2014-01-07 23:39 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2014-01-07 23:38 - 2014-01-07 23:37 - 00000039 _____ C:\WINDOWS\setupact.log 2014-01-07 23:38 - 2014-01-07 23:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2014-01-07 23:37 - 2014-01-07 23:37 - 00000000 _____ C:\WINDOWS\setuperr.log 2014-01-07 23:36 - 2014-01-07 23:36 - 00000000 ____D C:\NVIDIA 2014-01-07 19:46 - 2014-01-07 19:46 - 00000864 _____ C:\WINDOWS\PFRO.log 2014-01-07 19:34 - 2013-12-20 23:01 - 00000672 __RSH C:\ProgramData\ntuser.pol 2014-01-07 19:34 - 2013-11-04 23:09 - 00000000 ____D C:\Program Files (x86)\Bench 2014-01-07 18:00 - 2014-01-07 18:00 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Malwarebytes 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\ProgramData\Malwarebytes 2014-01-07 18:00 - 2014-01-07 18:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-07 17:59 - 2014-01-07 17:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Utilisateur\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-07 17:32 - 2014-01-07 17:32 - 00001320 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan.lnk 2014-01-07 17:31 - 2014-01-07 17:31 - 00001093 _____ C:\Users\Utilisateur\Desktop\Kaspersky Security Scan.lnk 2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2014-01-07 17:31 - 2014-01-07 17:31 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2014-01-07 17:30 - 2014-01-07 17:30 - 00179968 _____ (Kaspersky Lab) C:\Users\Utilisateur\Downloads\kss12.0.1.117mlg_en-fr_ru-fr_fr-fr_de-fr.exe 2014-01-07 14:38 - 2013-11-17 19:02 - 00015872 ___SH C:\Users\Utilisateur\Desktop\Thumbs.db 2014-01-06 22:18 - 2013-12-31 02:13 - 00000000 ____D C:\WINDOWS\Minidump 2014-01-06 22:18 - 2013-12-20 22:24 - 00000000 ___DC C:\WINDOWS\Panther 2014-01-06 22:18 - 2013-11-17 19:16 - 00000000 ____D C:\Program Files (x86)\Steam 2014-01-06 22:18 - 2013-11-04 20:56 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\CrashDumps 2014-01-02 20:14 - 2013-11-02 19:23 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Origin 2013-12-31 05:13 - 2013-12-20 22:31 - 00000000 ____D C:\Users\Utilisateur 2013-12-26 19:18 - 2013-12-26 19:18 - 00253536 _____ C:\Users\Utilisateur\Documents\favoris_26_12_13.html 2013-12-24 20:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2013-12-22 23:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-12-20 23:46 - 2013-11-03 01:40 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe 2013-12-20 23:27 - 2013-11-02 15:02 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\Packages 2013-12-20 23:18 - 2013-11-02 19:12 - 00000000 ___RD C:\Users\Utilisateur\SkyDrive.old 2013-12-20 23:10 - 2013-12-20 23:10 - 00000000 ___RD C:\WINDOWS\BrowserChoice 2013-12-20 23:10 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore 2013-12-20 23:02 - 2013-12-20 23:02 - 04645232 _____ (Piriform Ltd) C:\Users\Utilisateur\Downloads\ccsetup409.exe 2013-12-20 23:02 - 2013-12-20 23:02 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-12-20 23:02 - 2013-12-20 23:02 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-20 23:02 - 2013-12-20 23:02 - 00000000 ____D C:\Program Files\CCleaner 2013-12-20 23:01 - 2013-11-04 23:09 - 00003236 _____ C:\WINDOWS\System32\Tasks\bench-sys 2013-12-20 23:01 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2013-12-20 23:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2013-12-20 22:48 - 2013-11-02 15:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD 2013-12-20 22:47 - 2013-12-20 22:47 - 00001462 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-12-20 22:47 - 2013-11-02 15:03 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-20 22:47 - 2013-11-02 15:03 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-12-20 22:46 - 2013-12-20 22:46 - 00000020 ___SH C:\Users\Utilisateur\ntuser.ini 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage réseau 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Voisinage d'impression 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Modèles 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Menu Démarrer 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Mes images 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\Documents\Ma musique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes vidéos 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Mes images 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\Documents\Ma musique 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:41 - 2013-12-20 22:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2013-12-20 22:41 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration 2013-12-20 22:41 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT 2013-12-20 22:41 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default 2013-12-20 22:40 - 2013-12-20 22:40 - 00023108 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-12-20 22:40 - 2013-12-20 22:30 - 00022863 _____ C:\WINDOWS\diagwrn.xml 2013-12-20 22:40 - 2013-12-20 22:30 - 00022863 _____ C:\WINDOWS\diagerr.xml 2013-12-20 22:39 - 2013-10-30 17:43 - 01851286 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-12-20 22:39 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media 2013-12-20 22:39 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries 2013-12-20 22:36 - 2013-08-22 15:44 - 00362480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-12-20 22:34 - 2013-11-05 19:00 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2013-12-20 22:34 - 2013-11-02 23:17 - 00000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-12-20 22:34 - 2013-09-05 09:57 - 00000000 ____D C:\WINDOWS\fr 2013-12-20 22:34 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-12-20 22:34 - 2013-08-22 14:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM 2013-12-20 22:33 - 2013-12-20 22:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files\ASUS 2013-12-20 22:33 - 2013-12-20 22:26 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2013-12-20 22:33 - 2013-11-14 08:13 - 00000000 ____D C:\WINDOWS\system32\WCN 2013-12-20 22:33 - 2013-11-06 17:57 - 00000000 ____D C:\WINDOWS\SysWOW64\SearchProtect 2013-12-20 22:33 - 2013-11-04 19:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2013-12-20 22:33 - 2013-09-05 09:57 - 00000000 ____D C:\ProgramData\PRICache 2013-12-20 22:33 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help 2013-12-20 22:33 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-12-20 22:33 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2013-12-20 22:33 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2013-12-20 22:33 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated 2013-12-20 22:32 - 2013-12-20 22:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-12-20 22:32 - 2013-12-20 22:31 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-12-20 22:32 - 2013-12-20 22:31 - 00000000 ___RD C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-12-20 22:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage réseau 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Voisinage d'impression 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Modèles 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Menu Démarrer 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes vidéos 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Mes images 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\Documents\Ma musique 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2013-12-20 22:31 - 2013-12-20 22:31 - 00000000 _SHDL C:\Users\Utilisateur\AppData\Local\Historique 2013-12-20 22:28 - 2013-11-02 13:19 - 00000000 __SHD C:\Recovery 2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2013-12-20 22:27 - 2013-12-20 22:27 - 00000000 ____D C:\Program Files\Realtek 2013-12-20 22:26 - 2013-12-20 22:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2013-12-20 22:24 - 2013-12-20 22:24 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2013-12-20 22:24 - 2013-12-20 22:24 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll 2013-12-20 22:24 - 2013-12-20 22:24 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll 2013-12-20 22:24 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2013-12-20 22:23 - 2013-12-20 22:23 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-12-20 22:23 - 2013-12-20 22:23 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-12-20 22:23 - 2013-12-20 22:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2013-12-20 22:23 - 2013-12-20 22:23 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2013-12-20 22:23 - 2013-12-20 22:23 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-12-20 22:23 - 2013-12-20 22:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-12-20 22:23 - 2013-12-20 22:23 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-12-20 22:23 - 2013-12-20 22:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2013-12-20 22:23 - 2013-12-20 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager 2013-12-20 22:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera 2013-12-20 22:22 - 2013-12-20 22:22 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files\MSBuild 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-12-20 22:17 - 2013-12-20 22:17 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-12-20 22:07 - 2013-12-20 22:07 - 00008192 __RSH C:\BOOTSECT.BAK 2013-12-20 21:47 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-12-20 18:26 - 2013-12-20 17:43 - 00000000 ____D C:\Users\Utilisateur\AppData\Local\LogMeIn Rescue Applet 2013-12-20 17:48 - 2013-11-03 00:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-12-20 02:23 - 2013-12-20 02:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-12-19 21:33 - 2014-01-07 23:37 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2013-12-19 21:33 - 2014-01-07 23:37 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2013-12-19 21:33 - 2014-01-07 23:37 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 03071656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 02698272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2013-12-19 21:33 - 2013-11-20 01:40 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb 2013-12-19 21:33 - 2013-11-01 12:07 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2013-12-19 21:33 - 2013-11-01 12:07 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2013-12-19 19:53 - 2013-12-20 22:27 - 06671648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2013-12-19 19:53 - 2013-12-20 22:27 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2013-12-19 19:53 - 2013-12-20 22:27 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2013-12-19 19:53 - 2013-12-20 22:27 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2013-12-19 19:53 - 2013-12-20 22:27 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2013-12-19 19:53 - 2013-12-20 22:27 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2013-12-19 12:20 - 2013-12-19 12:20 - 00590112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2013-12-19 06:01 - 2013-12-20 22:27 - 03539040 _____ C:\WINDOWS\system32\nvcoproc.bin 2013-12-18 18:05 - 2013-11-02 23:44 - 00000000 ____D C:\WINDOWS\Razer Core 2013-12-17 16:00 - 2013-12-17 16:00 - 00000084 _____ C:\WINDOWS\SysWOW64\prime.txt 2013-12-17 16:00 - 2013-12-17 16:00 - 00000065 _____ C:\WINDOWS\SysWOW64\local.txt 2013-12-16 21:51 - 2013-12-16 21:51 - 01978979 _____ C:\Users\Utilisateur\Documents\asus-pdf.zip 2013-12-13 02:06 - 2013-11-02 19:22 - 00000000 ____D C:\ProgramData\Origin 2013-12-12 03:19 - 2013-11-02 19:14 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2013-12-12 03:19 - 2013-11-02 19:14 - 00003824 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2013-12-11 22:42 - 2013-09-05 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-12-11 22:41 - 2013-09-05 10:11 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-12-10 19:50 - 2013-11-05 18:52 - 00003890 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-12-10 18:48 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2013-12-10 03:13 - 2013-11-04 19:20 - 01100248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2013-12-10 03:13 - 2013-11-04 19:20 - 00982232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll Some content of TEMP: ==================== C:\Users\Utilisateur\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Utilisateur\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Utilisateur\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-01-08 20:08 ==================== End Of Log ============================
  15. OnE_LiKoR
    Hi and thank you for your answer. I have to specify that I'm not a paying customer. I followed the instructions in the topic you gave me, but I have a question : "Download DDS from here: dds.scr or here: dds.com and save it to your desktop" is a step only if I've got issues with Malwarebytes Anti-Malware right ? Anyway I can't make it work... it says "DDS is not meant to run in 'Compatibility Mode'. The program shall now exit". What should I do ? Is that essential I run it ? Thanks again for your answer.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.