PDA

View Full Version : Win32.adload.jm + Virtumonde (out of memory) malware found by SpyBot 1.6.2 today



Plumo
2015-12-04, 06:05
Hi all!

Just runned Spybot 1.6.2 today as I do weekly since many years now and found out these error messages: 12432
"win32.adload.jm (out of memory) Virtumonde (out of memory) etc...
I then read on the net about these malwares, dloaded SpyBot 2.4 to test, no result. Then AVG Internet security 2014 scanned, nothing. Malwarebytes founded two minor adwares and quanratained them so here I am with my files to ask you if you can help me get rid of these malwares? I followed the sticky thread before posting here...
I hope I did it ok.

Merci in advance!

Plumo
_____
Farbar Log
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Exécuté par Plumo (administrateur) sur PLUMO-PC (03-12-2015 22:24:16)
Exécuté depuis C:\Users\Plumo\Desktop
Profils chargés: Plumo (Profils disponibles: Plumo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.4.0\ToolbarUpdater.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.4.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
(Corel, Inc.) C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Corel, Inc.) C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\MediaCataloger.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2531216 2015-08-18] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\igfxcui:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2015-02-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\DREAMA~1.SCR [106496 2009-02-20] ()
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
BootExecute: autocheck autochk /r \??\H:autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: [NameServer] 74.116.184.9,74.116.184.8

Internet Explorer:
==================
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/defaultf.aspx?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.4.0\ViProtocol.dll [2015-08-18] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default
FF Homepage: hxxp://radio-canada.ca/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.4.0\\npsitesafety.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1554290505-1184955759-1297804211-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-04-13] ()
FF user.js: detected! => C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\user.js [2015-01-05]
FF SearchPlugin: C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\searchplugins\avg-secure-search.xml [2014-08-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-08-18]
FF Extension: FlashGot - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-04-27]
FF Extension: Media Stealer - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\stealer@physacco.com.xpi [2015-05-30]
FF Extension: Cookies Manager+ - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-05-30]
FF Extension: Zoom Page - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\zoompage@DW-dev.xpi [2015-10-19]
FF Extension: NetVideoHunter - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\netvideohunter@netvideohunter.com [2015-11-14]
FF Extension: AVG Web TuneUp - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\avg@toolbar [2015-12-03] [non signé]
FF Extension: Facebook Secret Emoticons - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2015-10-15]
FF Extension: Pas de nom - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2015-10-15] [non signé]
FF Extension: Video DownloadHelper - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-28]
FF Extension: Adblock Plus - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-11] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-11-28] [non signé]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [102712 2008-04-17] (ArcSoft Inc.) [Fichier non signé]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-10-02] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-10-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-10-02] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-10-02] (ASUSTeK Computer Inc.) [Fichier non signé]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [583288 2015-02-13] (Hauppauge Computer Works) [Fichier non signé]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2015-01-05] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
R2 vToolbarUpdater3.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.4.0\ToolbarUpdater.exe [1830800 2015-08-18] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [912896 2010-09-20] (Hauppauge Computer Works, Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-03 22:24 - 2015-12-03 22:24 - 00025724 _____ C:\Users\Plumo\Desktop\FRST.txt
2015-12-03 22:23 - 2015-12-03 22:24 - 00000000 ____D C:\FRST
2015-12-03 22:23 - 2015-12-03 22:19 - 05198336 _____ (AVAST Software) C:\Users\Plumo\Desktop\aswMBR.exe
2015-12-03 22:22 - 2015-12-03 22:22 - 02350080 _____ (Farbar) C:\Users\Plumo\Downloads\FRST64.exe
2015-12-03 22:22 - 2015-12-03 22:22 - 02350080 _____ (Farbar) C:\Users\Plumo\Desktop\FRST64.exe
2015-12-03 22:21 - 2015-12-03 22:21 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PLUMO-PC-Windows-7-Ultimate-(64-bit).dat
2015-12-03 22:20 - 2015-12-03 22:20 - 00016388 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2015-12-03 22:20 - 2015-12-03 22:20 - 00002239 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\RegBackup
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-12-03 22:18 - 2015-12-03 22:19 - 05198336 _____ (AVAST Software) C:\Users\Plumo\Downloads\aswMBR.exe
2015-12-03 22:17 - 2015-12-03 22:17 - 01721344 _____ (Farbar) C:\Users\Plumo\Downloads\FRST.exe
2015-12-03 22:16 - 2015-12-03 22:15 - 04777232 _____ (Tweaking.com) C:\Users\Plumo\Desktop\tweaking.com_registry_backup_setup.exe
2015-12-03 22:15 - 2015-12-03 22:15 - 04777232 _____ (Tweaking.com) C:\Users\Plumo\Downloads\tweaking.com_registry_backup_setup.exe
2015-12-03 21:21 - 2015-12-03 21:21 - 05639148 _____ (Swearware) C:\Users\Plumo\Desktop\ComboFix.exe
2015-12-03 21:20 - 2015-12-03 21:21 - 05639148 _____ (Swearware) C:\Users\Plumo\Downloads\ComboFix.exe
2015-12-03 21:20 - 2015-12-03 21:20 - 00119808 _____ (Atribune.org) C:\Users\Plumo\Downloads\VundoFix.exe
2015-12-03 21:20 - 2015-12-03 21:20 - 00119808 _____ (Atribune.org) C:\Users\Plumo\Desktop\VundoFix.exe
2015-12-03 21:16 - 2015-12-03 21:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Plumo\Desktop\sanner.exe
2015-12-03 21:15 - 2015-12-03 21:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Plumo\Downloads\HijackThis.exe
2015-12-03 20:59 - 2015-12-03 21:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-03 20:59 - 2015-12-03 20:59 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-03 20:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-03 20:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-03 20:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-03 20:57 - 2015-12-03 20:58 - 22908888 _____ (Malwarebytes ) C:\Users\Plumo\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-12-03 13:55 - 2015-12-03 13:55 - 00000000 ____D C:\ProgramData\Avg_Update_1215avi
2015-12-03 12:52 - 2015-12-03 12:52 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-03 12:52 - 2015-12-03 12:52 - 00001912 _____ C:\Windows\epplauncher.mif
2015-12-03 12:52 - 2015-12-03 12:52 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-03 12:52 - 2015-12-03 12:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-12-03 12:51 - 2015-12-03 12:51 - 14261952 _____ (Microsoft Corporation) C:\Users\Plumo\Downloads\mseinstall.exe
2015-12-03 00:36 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-03 00:33 - 2015-12-03 00:33 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-03 00:33 - 2015-12-03 00:33 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-03 00:33 - 2015-12-03 00:33 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-12-03 00:33 - 2015-12-03 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-03 00:32 - 2015-12-03 00:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-03 00:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-12-03 00:15 - 2015-12-03 00:24 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Plumo\Downloads\spybot-2.4.exe
2015-11-29 17:59 - 2015-11-29 17:59 - 00602760 _____ C:\Users\Plumo\Downloads\Archives de la mer morte.zip
2015-11-29 12:00 - 2015-10-08 18:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-29 12:00 - 2015-10-08 18:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-29 12:00 - 2015-10-08 14:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-29 12:00 - 2015-10-08 13:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-29 11:56 - 2015-11-29 11:56 - 00001058 _____ C:\Users\Plumo\Documents\cc_20151129_115632.reg
2015-11-26 10:16 - 2015-11-26 10:16 - 00251596 _____ C:\Users\Plumo\Downloads\Your E-Tickets.pdf
2015-11-21 08:58 - 2015-11-14 00:53 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-21 08:56 - 2015-11-15 22:35 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 37881976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 13527440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-21 08:56 - 2015-11-15 22:35 - 02870576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 02490672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-20 17:36 - 2015-11-12 13:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-16 11:23 - 2015-11-03 17:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-16 11:23 - 2015-11-03 16:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-16 11:23 - 2015-10-30 18:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-16 11:23 - 2015-10-30 18:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-16 11:23 - 2015-10-30 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-16 11:23 - 2015-10-30 18:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-16 11:23 - 2015-10-30 18:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-16 11:23 - 2015-10-30 18:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-16 11:23 - 2015-10-30 18:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-16 11:23 - 2015-10-30 18:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-16 11:23 - 2015-10-30 18:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-16 11:23 - 2015-10-30 18:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-16 11:23 - 2015-10-30 18:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-16 11:23 - 2015-10-30 18:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-16 11:23 - 2015-10-30 18:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-16 11:23 - 2015-10-30 18:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-16 11:23 - 2015-10-30 18:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-16 11:23 - 2015-10-30 18:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-16 11:23 - 2015-10-30 17:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-16 11:23 - 2015-10-30 17:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-16 11:23 - 2015-10-30 17:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-16 11:23 - 2015-10-30 17:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-16 11:23 - 2015-10-30 17:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-16 11:23 - 2015-10-30 17:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-16 11:23 - 2015-10-30 17:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-16 11:23 - 2015-10-30 17:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-16 11:23 - 2015-10-30 17:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-16 11:23 - 2015-10-30 17:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-16 11:23 - 2015-10-30 17:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-16 11:23 - 2015-10-30 17:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-16 11:23 - 2015-10-30 17:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-16 11:23 - 2015-10-30 17:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-16 11:23 - 2015-10-30 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-16 11:23 - 2015-10-30 17:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-16 11:23 - 2015-10-30 17:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-16 11:23 - 2015-10-30 17:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-16 11:23 - 2015-10-30 17:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-16 11:23 - 2015-10-30 17:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-16 11:23 - 2015-10-30 17:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-16 11:23 - 2015-10-30 17:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-16 11:23 - 2015-10-30 17:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-16 11:23 - 2015-10-30 17:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-16 11:23 - 2015-10-30 17:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-16 11:23 - 2015-10-30 17:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-16 11:23 - 2015-10-30 17:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-16 11:23 - 2015-10-30 17:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-16 11:23 - 2015-10-30 17:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-16 11:23 - 2015-10-30 17:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-16 11:23 - 2015-10-30 17:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-16 11:23 - 2015-10-30 17:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-16 11:23 - 2015-10-30 17:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-16 11:23 - 2015-10-30 17:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-16 11:23 - 2015-10-30 17:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-16 11:23 - 2015-10-30 17:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-16 11:23 - 2015-10-30 16:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-16 11:23 - 2015-10-30 16:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-16 11:23 - 2015-10-30 16:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-16 11:23 - 2015-10-30 16:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-16 11:22 - 2015-11-03 12:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-16 11:22 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-16 11:22 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-16 11:22 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-16 11:22 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-16 11:22 - 2015-10-20 13:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-16 11:22 - 2015-10-20 13:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-16 11:22 - 2015-10-20 13:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-16 11:22 - 2015-10-20 13:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-16 11:22 - 2015-10-20 13:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-16 11:22 - 2015-10-20 12:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-16 11:22 - 2015-10-19 20:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-16 11:22 - 2015-10-19 20:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-16 11:22 - 2015-10-19 20:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-16 11:22 - 2015-10-19 20:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-16 11:22 - 2015-10-19 20:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-16 11:22 - 2015-10-19 20:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-16 11:22 - 2015-10-19 20:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-16 11:22 - 2015-10-19 20:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-16 11:22 - 2015-10-19 20:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-16 11:22 - 2015-10-19 20:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-16 11:22 - 2015-10-19 19:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-16 11:22 - 2015-10-19 19:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-16 11:22 - 2015-10-19 19:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-16 11:22 - 2015-10-19 19:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-16 11:22 - 2015-10-19 19:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-16 11:22 - 2015-10-19 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-16 11:22 - 2015-10-19 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-16 11:22 - 2015-10-19 18:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-16 11:22 - 2015-10-19 18:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-16 11:22 - 2015-10-19 18:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-16 11:22 - 2015-10-19 18:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-16 11:22 - 2015-10-19 18:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-16 11:22 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-16 11:22 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-16 11:22 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-16 11:22 - 2015-09-23 08:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-16 11:22 - 2015-09-23 08:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-16 11:22 - 2015-09-23 08:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-16 11:17 - 2015-10-01 13:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-16 11:17 - 2015-10-01 13:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-16 11:17 - 2015-10-01 12:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 10:20 - 2015-11-10 10:20 - 00014261 _____ C:\Users\Plumo\Downloads\Avis de confirmation fournisseur.zip
2015-11-09 16:06 - 2015-11-15 22:35 - 18363000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-09 16:06 - 2015-11-15 22:35 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435891.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435891.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-09 16:06 - 2015-11-05 12:13 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-08 12:45 - 2015-11-08 12:45 - 00036780 _____ C:\Users\Plumo\Downloads\7B07y_Fj_400x400.jpeg
2015-11-06 15:58 - 2015-11-06 15:58 - 00004662 _____ C:\Users\Plumo\Documents\cc_20151106_155803.reg
2015-11-06 01:20 - 2015-11-06 01:20 - 00562454 _____ C:\Users\Plumo\Downloads\Outlook.com(5).zip
2015-11-05 23:25 - 2015-12-03 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-03 22:24 - 2014-06-01 22:00 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\uTorrent
2015-12-03 22:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-03 21:57 - 2015-03-18 10:25 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 21:55 - 2014-05-31 23:13 - 00000000 ____D C:\ProgramData\MFAData
2015-12-03 21:43 - 2014-06-01 00:42 - 00000000 ____D C:\Users\Plumo\AppData\Local\Corel
2015-12-03 21:43 - 2014-06-01 00:40 - 00002568 ___SH C:\ProgramData\KGyGaAvL.sys
2015-12-03 21:43 - 2014-06-01 00:38 - 00000000 ____D C:\Users\Plumo\Documents\My PSP Files
2015-12-03 21:34 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-03 21:34 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-03 21:25 - 2015-03-18 10:24 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-03 21:25 - 2015-01-02 14:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-03 21:25 - 2014-06-01 09:57 - 00000000 ____D C:\ProgramData\Hauppauge
2015-12-03 21:25 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-03 21:24 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ServiceProfiles
2015-12-03 12:52 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-03 12:38 - 2014-06-07 10:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-03 12:32 - 2009-07-13 23:45 - 05149856 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-03 01:13 - 2014-06-02 23:02 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\vlc
2015-12-03 00:36 - 2015-09-09 19:33 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-01 09:24 - 2014-06-02 23:13 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\dvdcss
2015-11-30 10:01 - 2014-06-01 12:51 - 00000000 ____D C:\Users\Plumo\AppData\Temp
2015-11-30 00:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-11-29 18:23 - 2014-05-31 22:42 - 00000000 ____D C:\Users\Plumo
2015-11-29 12:03 - 2014-06-01 10:44 - 01642388 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-29 12:03 - 2010-11-21 01:19 - 00747320 _____ C:\Windows\system32\perfh00C.dat
2015-11-29 12:03 - 2010-11-21 01:19 - 00149844 _____ C:\Windows\system32\perfc00C.dat
2015-11-29 12:03 - 2009-07-14 00:13 - 01642388 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-26 14:57 - 2015-07-11 10:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader*DC.lnk
2015-11-24 15:37 - 2014-06-01 12:51 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
2015-11-21 08:58 - 2015-01-02 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-21 08:58 - 2015-01-02 14:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:35 - 2015-01-02 15:01 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-20 17:33 - 2015-01-02 15:01 - 00000000 ____D C:\Users\Plumo\AppData\Local\NVIDIA Corporation
2015-11-20 17:32 - 2014-06-01 10:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-16 11:40 - 2014-06-02 20:42 - 00000000 ____D C:\Windows\system32\MRT
2015-11-16 11:34 - 2014-06-02 20:42 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-16 11:34 - 2014-06-01 00:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-16 11:26 - 2010-11-21 01:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-15 22:35 - 2015-01-02 14:57 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 12770944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-15 22:35 - 2015-01-02 14:18 - 17515528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-15 22:35 - 2015-01-02 14:18 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-14 20:03 - 2014-05-31 23:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-14 20:03 - 2014-05-31 23:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-14 01:18 - 2014-11-27 13:01 - 00000000 ____D C:\Users\Plumo\Downloads\Préservation automatique Corel
2015-11-14 01:06 - 2015-01-02 14:19 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-14 01:06 - 2015-01-02 14:19 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-12 23:01 - 2014-10-03 02:39 - 00003798 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2015-11-12 13:37 - 2015-01-02 15:00 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-11 22:05 - 2014-06-11 10:16 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-11-11 22:04 - 2014-05-31 23:43 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-11-10 11:00 - 2014-06-01 12:57 - 00000000 ____D C:\Users\Plumo\AppData\Local\ElevatedDiagnostics
2015-11-06 15:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 15:38 - 2014-05-31 23:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 02:09 - 2015-02-08 22:33 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\avidemux
2015-11-05 12:13 - 2015-01-23 11:12 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

==================== Fichiers à la racine de certains dossiers =======

2014-06-01 00:03 - 2015-11-01 17:37 - 0000836 _____ () C:\Users\Plumo\AppData\Roaming\burnaware.ini
2015-03-28 22:17 - 2015-05-22 14:29 - 0099384 _____ () C:\Users\Plumo\AppData\Roaming\inst.exe
2015-03-28 22:17 - 2015-05-22 14:29 - 0007859 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.cat
2015-03-28 22:17 - 2015-05-22 14:29 - 0001167 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.inf
2015-03-28 22:17 - 2015-05-22 14:29 - 0000055 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.log
2015-03-28 22:17 - 2015-05-22 14:29 - 0082816 _____ (VSO Software) C:\Users\Plumo\AppData\Roaming\pcouffin.sys
2015-03-28 22:17 - 2015-05-23 22:06 - 0001041 _____ () C:\Users\Plumo\AppData\Roaming\vso_ts_preview.xml
2014-06-01 00:42 - 2015-03-25 22:08 - 0003584 _____ () C:\Users\Plumo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 15:45 - 2015-01-06 15:48 - 0000041 ___SH () C:\ProgramData\.zreglib
2014-06-01 00:40 - 2014-06-01 00:42 - 0000088 __RSH () C:\ProgramData\161C05ED6F.sys
2014-06-01 00:40 - 2015-12-03 21:43 - 0002568 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-11-30 00:40

==================== Fin de FRST.txt ============================
(addition.txt is too big to be attached here (58kb) :sad:

aswMBR report
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-12-03 22:33:30
-----------------------------
22:33:30.938 OS Version: Windows x64 6.1.7601 Service Pack 1
22:33:30.938 Number of processors: 4 586 0x3A09
22:33:30.938 ComputerName: PLUMO-PC UserName: Plumo
22:33:31.883 Initialize success
22:33:32.070 VM: initialized successfully
22:33:32.071 VM: Intel CPU BiosDisabled
22:39:58.663 AVAST engine defs: 15120301
22:51:03.981 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
22:51:03.983 Disk 0 Vendor: WDC_WD1600AAJS-07PSA0 05.06H05 Size: 152627MB BusType: 11
22:51:04.371 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
22:51:04.372 Disk 1 Vendor: WDC_WD5000AAKX-00ERMA0 15.01H15 Size: 476940MB BusType: 11
22:51:04.468 Disk 1 MBR read successfully
22:51:04.470 Disk 1 MBR scan
22:51:04.490 Disk 1 Windows 7 default MBR code
22:51:04.492 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:51:04.495 Disk 1 Boot: NTFS code=1
22:51:04.517 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
22:51:04.574 Disk 1 scanning C:\Windows\system32\drivers
22:51:15.148 Service scanning
22:51:42.796 Modules scanning
22:51:42.799 Disk 1 trace - called modules:
22:51:42.811 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:51:42.813 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007b67060]
22:51:42.816 3 CLASSPNP.SYS[fffff880019b143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800748e680]
22:51:43.659 AVAST engine scan C:\Windows
22:51:45.425 AVAST engine scan C:\Windows\system32
22:55:39.908 AVAST engine scan C:\Windows\system32\drivers
22:55:56.999 AVAST engine scan C:\Users\Plumo
23:00:45.224 Disk 1 MBR has been saved successfully to "C:\Users\Plumo\Desktop\MBR.dat"
23:00:45.246 The log file has been saved successfully to "C:\Users\Plumo\Desktop\aswMBR.txt"

________________

Voilà! :thanks:

Juliet
2015-12-04, 20:26
Some of the logs I request you to post will be very long, you can either make multiple post or use the attachment feature to make sure all logs are posted in full.



You can check here (http://support.microsoft.com/kb/827218) if you're not sure if your computer is 32-bit or 64-bit

Download RogueKiller (http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe) to your desktop.


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Don't run any other options, they're not all bad!!
Post back the report which should be located on your desktop.



~~~~~~~~~~~~


Download the latest version of TDSSKiller from here (http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe) and save it to your Desktop.

or from these links:
http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe

http://www.bleepingcomputer.com/download/tdsskiller/dl/4/





Doubleclick on TDSSKiller.exe to run the application
https://dl.dropbox.com/u/73555776/tdss%20start.JPG

Then click on Change parameters.

https://dl.dropbox.com/u/73555776/tdss%20Change%20param.JPG

Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.

Click the Start Scan button.


If a suspicious object is detected, the default action will be Skip, click on Continue.

https://dl.dropbox.com/u/73555776/tdss%20threat.JPG

If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Get the report by selecting Reports

https://dl.dropbox.com/u/73555776/tdss%20report.JPG

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Please copy and paste its contents on your next reply.



A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`



http://i.imgur.com/BY4dvz9.png AdwCleaner

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) and save the file to your Desktop.
Right-Click AdwCleaner.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Follow the prompts.
Click Scan.
Upon completion, click Report. A log (AdwCleaner[SX].txt) will open. Briefly check the log for anything you know to be legitimate.
Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
Follow the prompts and allow your computer to reboot.
After rebooting, a log (AdwCleaner[SX].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


http://imageshack.us/a/img841/7292/thisisujrt.gif
Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/)
or from here http://downloads.malwarebytes.org/file/jrt
to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.


~~~~~~~~~~~~~~~~~~~~~`
please post
RogueKiller
TDSSKiller
AdwCleaner[CX].txt
JRT.txt

Plumo
2015-12-04, 22:19
Merci!
Here are the reports:
_____________
RogueKiller V11.0.0.0 [Nov 27 2015] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com

Système d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Démarré en : Mode normal
Utilisateur : Plumo [Administrateur]
Démarré depuis : C:\Users\Plumo\Desktop\RogueKiller.exe
Mode : Scan -- Date : 12/04/2015 14:21:53

¤¤¤ Processus : 0 ¤¤¤

¤¤¤ Registre : 11 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\AVG SafeGuard toolbar -> Trouvé(e)
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Trouvé(e)
[Suspicious.Path|Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswMBR (\??\C:\Users\Plumo\AppData\Local\Temp\aswMBR.sys) -> Trouvé(e)
[Suspicious.Path|Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm (\??\C:\Users\Plumo\AppData\Local\Temp\aswVmm.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMBR (\??\C:\Users\Plumo\AppData\Local\Temp\aswMBR.sys) -> Trouvé(e)
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm (\??\C:\Users\Plumo\AppData\Local\Temp\aswVmm.sys) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE} | NameServer : 74.116.184.9,74.116.184.8 ([-][CANADA (CA)]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE} | NameServer : 74.116.184.9,74.116.184.8 ([-][CANADA (CA)]) -> Trouvé(e)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE} | NameServer : 74.116.184.9,74.116.184.8 ([-][CANADA (CA)]) -> Trouvé(e)
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Trouvé(e)

¤¤¤ Tâches : 0 ¤¤¤

¤¤¤ Fichiers : 3 ¤¤¤
[Hidden.ADS][[[ADS]]] C:\Windows:7D11D83A45611A6F -> Trouvé(e)
[PUP][Répertoire] C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} -> Trouvé(e)
[Hj.Name][Fichier] C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe -> Trouvé(e)

¤¤¤ Fichier Hosts : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Non chargé [0xc000036b]) ¤¤¤

¤¤¤ Navigateurs web : 2 ¤¤¤
[PUP][FIREFX:Addon] m9hb7b2o.default : AVG Web TuneUp [avg@toolbar] -> Trouvé(e)
[PUM.HomePage][FIREFX:Config] m9hb7b2o.default : user_pref("browser.startup.homepage", "http://radio-canada.ca/"); -> Trouvé(e)

¤¤¤ Vérification MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD1600AAJS-07PSA0 ATA Device +++++
--- User ---
[MBR] 60cc94ad3f7eb334634844e9ce134154
[BSP] c4275186afd174cbc6e0f5f97311343c : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 16065 | Size: 152617 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 246c36046cf5bf5896500ead34ce7662
[BSP] 3dcb9f972cd12d98b4299435dfecbbfa : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive3: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive4: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive5: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive6: Hitachi HDS723020BLA642 USB Device +++++
--- User ---
[MBR] 7db2f4f160f12269a00c246339f75a7e
[BSP] 59d84bd3200ef3c5902414b2d50b0428 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive7: Seagate FreeAgent USB Device +++++
--- User ---
[MBR] d2f228c9e4d318d7456f65044d70c36d
[BSP] 5b029bc6830643bdd2371c62f03b1277 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )
____________
TDSS
14:37:56.0392 0x1308 TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
14:38:02.0710 0x1308 ============================================================
14:38:02.0710 0x1308 Current date / time: 2015/12/04 14:38:02.0710
14:38:02.0710 0x1308 SystemInfo:
14:38:02.0710 0x1308
14:38:02.0710 0x1308 OS Version: 6.1.7601 ServicePack: 1.0
14:38:02.0710 0x1308 Product type: Workstation
14:38:02.0710 0x1308 ComputerName: PLUMO-PC
14:38:02.0710 0x1308 UserName: Plumo
14:38:02.0710 0x1308 Windows directory: C:\Windows
14:38:02.0710 0x1308 System windows directory: C:\Windows
14:38:02.0710 0x1308 Running under WOW64
14:38:02.0710 0x1308 Processor architecture: Intel x64
14:38:02.0710 0x1308 Number of processors: 4
14:38:02.0710 0x1308 Page size: 0x1000
14:38:02.0710 0x1308 Boot type: Normal boot
14:38:02.0710 0x1308 ============================================================
14:38:04.0161 0x1308 KLMD registered as C:\Windows\system32\drivers\34873690.sys
14:38:05.0050 0x1308 System UUID: {4EBC6575-8CF9-D715-DAD6-818C8618CAF5}
14:38:05.0705 0x1308 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:05.0705 0x1308 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:05.0736 0x1308 Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1100000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:05.0752 0x1308 Drive \Device\Harddisk7\DR7 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:05.0752 0x1308 ============================================================
14:38:05.0752 0x1308 \Device\Harddisk1\DR1:
14:38:05.0752 0x1308 MBR partitions:
14:38:05.0752 0x1308 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:38:05.0752 0x1308 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
14:38:05.0752 0x1308 \Device\Harddisk0\DR0:
14:38:05.0752 0x1308 MBR partitions:
14:38:05.0767 0x1308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x12A14BC1
14:38:05.0767 0x1308 \Device\Harddisk6\DR6:
14:38:05.0767 0x1308 MBR partitions:
14:38:05.0767 0x1308 \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
14:38:05.0767 0x1308 \Device\Harddisk7\DR7:
14:38:05.0767 0x1308 MBR partitions:
14:38:05.0767 0x1308 \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
14:38:05.0767 0x1308 ============================================================
14:38:05.0814 0x1308 C: <-> \Device\Harddisk1\DR1\Partition2
14:38:05.0830 0x1308 E: <-> \Device\Harddisk0\DR0\Partition1
14:38:05.0845 0x1308 F: <-> \Device\Harddisk7\DR7\Partition1
14:38:05.0892 0x1308 G: <-> \Device\Harddisk6\DR6\Partition1
14:38:05.0892 0x1308 ============================================================
14:38:05.0892 0x1308 Initialize success
14:38:05.0892 0x1308 ============================================================
14:38:42.0225 0x249c ============================================================
14:38:42.0225 0x249c Scan started
14:38:42.0225 0x249c Mode: Manual; SigCheck; TDLFS;
14:38:42.0225 0x249c ============================================================
14:38:42.0225 0x249c KSN ping started
14:38:45.0033 0x249c KSN ping finished: true
14:38:46.0140 0x249c ================ Scan system memory ========================
14:38:46.0140 0x249c System memory - ok
14:38:46.0140 0x249c ================ Scan services =============================
14:38:46.0265 0x249c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:38:46.0343 0x249c 1394ohci - ok
14:38:46.0437 0x249c Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - ok
14:38:46.0515 0x249c [ 61A581E5481E22A76A88490C57015105, 0CBD32CD9620C616AC0B79B4F0E3818BBD7E7AF000AD42F5B4186EF09BB044AB ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:38:46.0546 0x249c ACDaemon - detected UnsignedFile.Multi.Generic ( 1 )
14:38:50.0103 0x249c Detect skipped due to KSN trusted
14:38:50.0103 0x249c ACDaemon - ok
14:38:50.0150 0x249c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:38:50.0165 0x249c ACPI - ok
14:38:50.0181 0x249c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:38:50.0212 0x249c AcpiPmi - ok
14:38:50.0306 0x249c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:50.0321 0x249c AdobeARMservice - ok
14:38:50.0352 0x249c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:38:50.0368 0x249c adp94xx - ok
14:38:50.0399 0x249c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:38:50.0415 0x249c adpahci - ok
14:38:50.0430 0x249c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:38:50.0430 0x249c adpu320 - ok
14:38:50.0477 0x249c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:38:50.0508 0x249c AeLookupSvc - ok
14:38:50.0586 0x249c [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
14:38:50.0602 0x249c Afc - ok
14:38:50.0664 0x249c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:38:50.0696 0x249c AFD - ok
14:38:50.0742 0x249c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:38:50.0742 0x249c agp440 - ok
14:38:50.0774 0x249c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:38:50.0789 0x249c ALG - ok
14:38:50.0820 0x249c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:38:50.0836 0x249c aliide - ok
14:38:50.0836 0x249c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:38:50.0836 0x249c amdide - ok
14:38:50.0867 0x249c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:38:50.0898 0x249c AmdK8 - ok
14:38:50.0898 0x249c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:38:50.0930 0x249c AmdPPM - ok
14:38:50.0961 0x249c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:38:50.0961 0x249c amdsata - ok
14:38:50.0976 0x249c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:38:50.0992 0x249c amdsbs - ok
14:38:51.0008 0x249c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:38:51.0008 0x249c amdxata - ok
14:38:51.0054 0x249c [ 4FC6E2C2FC50445450651F42E90CC0BD, BC04902B1A5A5C3354E1C4A5C69906ED7DF19F90286BE1AC4E4224E05ED36184 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
14:38:51.0054 0x249c Apowersoft_AudioDevice - ok
14:38:51.0101 0x249c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
14:38:51.0132 0x249c AppID - ok
14:38:51.0148 0x249c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:38:51.0164 0x249c AppIDSvc - ok
14:38:51.0195 0x249c [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
14:38:51.0242 0x249c Appinfo - ok
14:38:51.0304 0x249c [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:38:51.0320 0x249c Apple Mobile Device - ok
14:38:51.0351 0x249c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:38:51.0382 0x249c AppMgmt - ok
14:38:51.0413 0x249c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:38:51.0429 0x249c arc - ok
14:38:51.0444 0x249c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:38:51.0444 0x249c arcsas - ok
14:38:51.0522 0x249c [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
14:38:51.0538 0x249c asComSvc - ok
14:38:51.0569 0x249c [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
14:38:51.0585 0x249c asHmComSvc - ok
14:38:51.0600 0x249c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
14:38:51.0616 0x249c AsIO - ok
14:38:51.0694 0x249c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:51.0694 0x249c aspnet_state - ok
14:38:51.0725 0x249c [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
14:38:51.0741 0x249c AsSysCtrlService - ok
14:38:51.0756 0x249c [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
14:38:51.0756 0x249c AsUpIO - ok
14:38:51.0834 0x249c [ D0B202843B8ADE504EB304DC1E889A3C, B4E30B218A11B32CCB07FD2B37CD85C582721B7321862566593558E059A2047B ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
14:38:51.0912 0x249c AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
14:38:55.0001 0x249c Detect skipped due to KSN trusted
14:38:55.0001 0x249c AsusFanControlService - ok
14:38:55.0032 0x249c [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
14:38:55.0032 0x249c ASUSFILTER - ok
14:38:55.0048 0x249c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:55.0142 0x249c AsyncMac - ok
14:38:55.0173 0x249c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:38:55.0173 0x249c atapi - ok
14:38:55.0220 0x249c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:55.0266 0x249c AudioEndpointBuilder - ok
14:38:55.0282 0x249c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:38:55.0298 0x249c AudioSrv - ok
14:38:55.0344 0x249c [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
14:38:55.0344 0x249c Avgdiska - ok
14:38:55.0360 0x249c [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
14:38:55.0376 0x249c Avgfwfd - ok
14:38:55.0469 0x249c [ 4794B0A85FE0472EAB1B8D6B8523D92B, 7F246540284B1D097060C4BAF978A5EBFED74C1EA452A5B6CA1B448CCE00D170 ] avgfws C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
14:38:55.0500 0x249c avgfws - ok
14:38:55.0578 0x249c [ 0E3C06E1E9043F6EE2AFCB4E6FA20E68, 0A2A6D4373D5187E66A692F6A0672A2991A27AFCB770798B3EB2D36DBB3F258B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
14:38:55.0641 0x249c AVGIDSAgent - ok
14:38:55.0672 0x249c [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:38:55.0688 0x249c AVGIDSDriver - ok
14:38:55.0703 0x249c [ 6805C3630FD401721200A9198553F09E, D81E5C126AFB9A51499C5794E9586175541D27B3A24FA24CDB5D1EFE43097FC6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:38:55.0719 0x249c AVGIDSHA - ok
14:38:55.0750 0x249c [ 5980222218A0773E2994E524E5BA2464, 56B39A8FFBB87B898D7206DE4BCD1E51D64A38588BFFD264CD75A2CAC19E911A ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:38:55.0750 0x249c Avgldx64 - ok
14:38:55.0781 0x249c [ C16CBC8EF6D8CC426F6C18D450A016A7, A8011DDBA41AAA3466280732D45119C410753E3E4EFDB6C62AFAF35C72B7D38E ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:38:55.0781 0x249c Avgloga - ok
14:38:55.0812 0x249c [ 3BEAEEFEFF30C99EA22D0F3942291433, C2FC7AAA298E4FEBD84F6438ACCC3F483486B74F40C7228128D31BB1BED9853A ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:38:55.0828 0x249c Avgmfx64 - ok
14:38:55.0844 0x249c [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
14:38:55.0844 0x249c Avgrkx64 - ok
14:38:55.0875 0x249c [ 0D9C55812B8F8FD8F073AC6C1AF2DFE6, A9880A6BB17E168330AD7C0FD6ABB4DA0D1FD7753A2EA31F2DBD015B0B84ED40 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
14:38:55.0875 0x249c Avgtdia - ok
14:38:55.0922 0x249c [ 9684BC50957AD3AB90075CA7273F3CCE, 0C2B2C1B5D058ECB8FB7224410689E640D12965A29E77A169FB184899E68A566 ] avgwd C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
14:38:55.0937 0x249c avgwd - ok
14:38:55.0968 0x249c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:38:56.0000 0x249c AxInstSV - ok
14:38:56.0031 0x249c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:38:56.0062 0x249c b06bdrv - ok
14:38:56.0093 0x249c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:38:56.0109 0x249c b57nd60a - ok
14:38:56.0156 0x249c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:38:56.0171 0x249c BDESVC - ok
14:38:56.0187 0x249c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:38:56.0218 0x249c Beep - ok
14:38:56.0249 0x249c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:38:56.0296 0x249c BFE - ok
14:38:56.0343 0x249c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:38:56.0483 0x249c BITS - ok
14:38:56.0499 0x249c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:38:56.0530 0x249c blbdrive - ok
14:38:56.0546 0x249c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:38:56.0577 0x249c bowser - ok
14:38:56.0608 0x249c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:38:56.0624 0x249c BrFiltLo - ok
14:38:56.0639 0x249c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:38:56.0655 0x249c BrFiltUp - ok
14:38:56.0702 0x249c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:38:56.0733 0x249c Browser - ok
14:38:56.0733 0x249c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:38:56.0764 0x249c Brserid - ok
14:38:56.0764 0x249c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:38:56.0795 0x249c BrSerWdm - ok
14:38:56.0811 0x249c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:38:56.0842 0x249c BrUsbMdm - ok
14:38:56.0842 0x249c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:38:56.0858 0x249c BrUsbSer - ok
14:38:56.0858 0x249c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:38:56.0889 0x249c BTHMODEM - ok
14:38:56.0936 0x249c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:38:56.0951 0x249c bthserv - ok
14:38:56.0967 0x249c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:38:56.0982 0x249c cdfs - ok
14:38:56.0998 0x249c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:38:57.0014 0x249c cdrom - ok
14:38:57.0029 0x249c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:38:57.0076 0x249c CertPropSvc - ok
14:38:57.0092 0x249c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:38:57.0092 0x249c circlass - ok
14:38:57.0138 0x249c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:38:57.0154 0x249c CLFS - ok
14:38:57.0216 0x249c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:57.0232 0x249c clr_optimization_v2.0.50727_32 - ok
14:38:57.0263 0x249c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:57.0279 0x249c clr_optimization_v2.0.50727_64 - ok
14:38:57.0357 0x249c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:57.0372 0x249c clr_optimization_v4.0.30319_32 - ok
14:38:57.0404 0x249c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:57.0419 0x249c clr_optimization_v4.0.30319_64 - ok
14:38:57.0450 0x249c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:38:57.0482 0x249c CmBatt - ok
14:38:57.0497 0x249c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:38:57.0513 0x249c cmdide - ok
14:38:57.0591 0x249c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
14:38:57.0606 0x249c CNG - ok
14:38:57.0606 0x249c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:38:57.0622 0x249c Compbatt - ok
14:38:57.0653 0x249c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:38:57.0669 0x249c CompositeBus - ok
14:38:57.0700 0x249c COMSysApp - ok
14:38:57.0887 0x249c [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:38:57.0903 0x249c cphs - ok
14:38:58.0043 0x249c [ 3CA734CE373E5675FBC15CA2C45228E5, A6C6E9FABDE5EA18D266DB71C0CC6B51D682116D1898CCB4E9BA730F15C44B32 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
14:38:58.0059 0x249c cpudrv64 - ok
14:38:58.0106 0x249c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:38:58.0121 0x249c crcdisk - ok
14:38:58.0184 0x249c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:38:58.0215 0x249c CryptSvc - ok
14:38:58.0262 0x249c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:38:58.0308 0x249c CSC - ok
14:38:58.0324 0x249c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:38:58.0371 0x249c CscService - ok
14:38:58.0418 0x249c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:38:58.0433 0x249c DcomLaunch - ok
14:38:58.0464 0x249c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:38:58.0496 0x249c defragsvc - ok
14:38:58.0496 0x249c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:38:58.0527 0x249c DfsC - ok
14:38:58.0558 0x249c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:38:58.0589 0x249c Dhcp - ok
14:38:58.0667 0x249c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:38:58.0730 0x249c DiagTrack - ok
14:38:58.0761 0x249c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:38:58.0776 0x249c discache - ok
14:38:58.0808 0x249c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:38:58.0808 0x249c Disk - ok
14:38:58.0839 0x249c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:38:58.0854 0x249c dmvsc - ok
14:38:58.0886 0x249c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:38:58.0901 0x249c Dnscache - ok
14:38:58.0932 0x249c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:38:58.0979 0x249c dot3svc - ok
14:38:58.0995 0x249c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:38:59.0026 0x249c DPS - ok
14:38:59.0057 0x249c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:38:59.0088 0x249c drmkaud - ok
14:38:59.0135 0x249c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:38:59.0151 0x249c DXGKrnl - ok
14:38:59.0166 0x249c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:38:59.0198 0x249c EapHost - ok
14:38:59.0291 0x249c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:38:59.0354 0x249c ebdrv - ok
14:38:59.0400 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
14:38:59.0416 0x249c EFS - ok
14:38:59.0478 0x249c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:38:59.0525 0x249c ehRecvr - ok
14:38:59.0541 0x249c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:38:59.0556 0x249c ehSched - ok
14:38:59.0588 0x249c [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
14:38:59.0603 0x249c ElbyCDFL - ok
14:38:59.0619 0x249c [ 702D5606CF2199E0EDEA6F0E0D27CD10, 238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:38:59.0619 0x249c ElbyCDIO - ok
14:38:59.0666 0x249c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:38:59.0681 0x249c elxstor - ok
14:38:59.0697 0x249c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:38:59.0712 0x249c ErrDev - ok
14:38:59.0744 0x249c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:38:59.0775 0x249c EventSystem - ok
14:38:59.0822 0x249c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:38:59.0853 0x249c exfat - ok
14:38:59.0853 0x249c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:38:59.0884 0x249c fastfat - ok
14:38:59.0915 0x249c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:38:59.0962 0x249c Fax - ok
14:38:59.0978 0x249c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:38:59.0993 0x249c fdc - ok
14:39:00.0024 0x249c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:39:00.0056 0x249c fdPHost - ok
14:39:00.0071 0x249c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:39:00.0149 0x249c FDResPub - ok
14:39:00.0180 0x249c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:39:00.0196 0x249c FileInfo - ok
14:39:00.0196 0x249c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:39:00.0227 0x249c Filetrace - ok
14:39:00.0243 0x249c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:39:00.0258 0x249c flpydisk - ok
14:39:00.0290 0x249c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:39:00.0290 0x249c FltMgr - ok
14:39:00.0352 0x249c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
14:39:00.0414 0x249c FontCache - ok
14:39:00.0446 0x249c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:39:00.0461 0x249c FontCache3.0.0.0 - ok
14:39:00.0477 0x249c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:39:00.0477 0x249c FsDepends - ok
14:39:00.0508 0x249c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:39:00.0508 0x249c Fs_Rec - ok
14:39:00.0555 0x249c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:39:00.0570 0x249c fvevol - ok
14:39:00.0570 0x249c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:39:00.0586 0x249c gagp30kx - ok
14:39:00.0711 0x249c [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:39:00.0726 0x249c GfExperienceService - ok
14:39:00.0773 0x249c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:39:00.0836 0x249c gpsvc - ok
14:39:00.0898 0x249c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:39:00.0914 0x249c gupdate - ok
14:39:00.0929 0x249c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:39:00.0929 0x249c gupdatem - ok
14:39:01.0007 0x249c [ 237197AA5D1E807F2F2AE44284536378, B295599AFA99B2C72EA50D85D64BBA6EE893F8B347C964AF9A10D1D3773BF7D2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
14:39:01.0023 0x249c HauppaugeTVServer - detected UnsignedFile.Multi.Generic ( 1 )
14:39:03.0893 0x249c Detect skipped due to KSN trusted
14:39:03.0893 0x249c HauppaugeTVServer - ok
14:39:03.0924 0x249c [ 594F2F869A29B41E170825975B0B0B4C, CCD7F2D8CD5EE2BEFE07BF59DF60EC45FF2B83CCF2F2211F411A10D65A4BE626 ] hcw18bda C:\Windows\system32\drivers\hcw18bda.sys
14:39:03.0956 0x249c hcw18bda - ok
14:39:03.0971 0x249c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:39:04.0002 0x249c hcw85cir - ok
14:39:04.0049 0x249c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:39:04.0065 0x249c HdAudAddService - ok
14:39:04.0096 0x249c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:39:04.0127 0x249c HDAudBus - ok
14:39:04.0143 0x249c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:39:04.0158 0x249c HidBatt - ok
14:39:04.0158 0x249c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:39:04.0190 0x249c HidBth - ok
14:39:04.0205 0x249c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:39:04.0221 0x249c HidIr - ok
14:39:04.0236 0x249c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:39:04.0252 0x249c hidserv - ok
14:39:04.0299 0x249c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:39:04.0314 0x249c HidUsb - ok
14:39:04.0361 0x249c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:39:04.0377 0x249c hkmsvc - ok
14:39:04.0408 0x249c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:39:04.0424 0x249c HomeGroupListener - ok
14:39:04.0439 0x249c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:39:04.0455 0x249c HomeGroupProvider - ok
14:39:04.0486 0x249c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:39:04.0502 0x249c HpSAMD - ok
14:39:04.0548 0x249c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:39:04.0595 0x249c HTTP - ok
14:39:04.0611 0x249c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:39:04.0626 0x249c hwpolicy - ok
14:39:04.0626 0x249c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:39:04.0642 0x249c i8042prt - ok
14:39:04.0658 0x249c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:39:04.0673 0x249c iaStorV - ok
14:39:04.0720 0x249c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:39:04.0720 0x249c ICCS - ok
14:39:04.0782 0x249c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:39:04.0814 0x249c idsvc - ok
14:39:04.0829 0x249c IEEtwCollectorService - ok
14:39:04.0923 0x249c [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:39:05.0032 0x249c igfx - ok
14:39:05.0094 0x249c [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
14:39:05.0110 0x249c igfxCUIService1.0.0.0 - ok
14:39:05.0141 0x249c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:39:05.0157 0x249c iirsp - ok
14:39:05.0188 0x249c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:39:05.0235 0x249c IKEEXT - ok
14:39:05.0266 0x249c [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:39:05.0282 0x249c IntcDAud - ok
14:39:05.0297 0x249c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:39:05.0297 0x249c intelide - ok
14:39:05.0328 0x249c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:39:05.0344 0x249c intelppm - ok
14:39:05.0375 0x249c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:39:05.0422 0x249c IPBusEnum - ok
14:39:05.0438 0x249c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:39:05.0453 0x249c IpFilterDriver - ok
14:39:05.0500 0x249c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:39:05.0547 0x249c iphlpsvc - ok
14:39:05.0547 0x249c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:39:05.0562 0x249c IPMIDRV - ok
14:39:05.0578 0x249c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:39:05.0609 0x249c IPNAT - ok
14:39:05.0625 0x249c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:39:05.0640 0x249c IRENUM - ok
14:39:05.0656 0x249c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:39:05.0656 0x249c isapnp - ok
14:39:05.0687 0x249c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:39:05.0703 0x249c iScsiPrt - ok
14:39:05.0718 0x249c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:39:05.0734 0x249c kbdclass - ok
14:39:05.0750 0x249c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:39:05.0765 0x249c kbdhid - ok
14:39:05.0781 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
14:39:05.0781 0x249c KeyIso - ok
14:39:05.0828 0x249c [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:39:05.0828 0x249c KSecDD - ok
14:39:05.0843 0x249c [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:39:05.0843 0x249c KSecPkg - ok
14:39:05.0859 0x249c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:39:05.0874 0x249c ksthunk - ok
14:39:05.0906 0x249c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:39:05.0937 0x249c KtmRm - ok
14:39:05.0984 0x249c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:39:05.0999 0x249c LanmanServer - ok
14:39:06.0015 0x249c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:39:06.0062 0x249c LanmanWorkstation - ok
14:39:06.0077 0x249c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:39:06.0108 0x249c lltdio - ok
14:39:06.0124 0x249c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:39:06.0171 0x249c lltdsvc - ok
14:39:06.0186 0x249c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:39:06.0218 0x249c lmhosts - ok
14:39:06.0249 0x249c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:39:06.0249 0x249c LSI_FC - ok
14:39:06.0264 0x249c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:39:06.0280 0x249c LSI_SAS - ok
14:39:06.0296 0x249c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:39:06.0296 0x249c LSI_SAS2 - ok
14:39:06.0311 0x249c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:39:06.0311 0x249c LSI_SCSI - ok
14:39:06.0327 0x249c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:39:06.0358 0x249c luafv - ok
14:39:06.0405 0x249c [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:39:06.0420 0x249c MBAMProtector - ok
14:39:06.0498 0x249c [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
14:39:06.0545 0x249c MBAMScheduler - ok
14:39:06.0592 0x249c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
14:39:06.0623 0x249c MBAMService - ok
14:39:06.0670 0x249c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:39:06.0670 0x249c MBAMSwissArmy - ok
14:39:06.0686 0x249c [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:39:06.0701 0x249c MBAMWebAccessControl - ok
14:39:06.0701 0x249c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:39:06.0717 0x249c Mcx2Svc - ok
14:39:06.0748 0x249c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:39:06.0748 0x249c megasas - ok
14:39:06.0764 0x249c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:39:06.0764 0x249c MegaSR - ok
14:39:06.0810 0x249c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:39:06.0810 0x249c MEIx64 - ok
14:39:06.0842 0x249c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:39:06.0873 0x249c MMCSS - ok
14:39:06.0873 0x249c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:39:06.0904 0x249c Modem - ok
14:39:06.0935 0x249c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:39:06.0951 0x249c monitor - ok
14:39:06.0966 0x249c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:39:06.0982 0x249c mouclass - ok
14:39:06.0998 0x249c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:39:07.0013 0x249c mouhid - ok
14:39:07.0060 0x249c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:39:07.0060 0x249c mountmgr - ok
14:39:07.0107 0x249c [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:39:07.0122 0x249c MozillaMaintenance - ok
14:39:07.0154 0x249c [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:39:07.0169 0x249c MpFilter - ok
14:39:07.0200 0x249c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:39:07.0200 0x249c mpio - ok
14:39:07.0216 0x249c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:39:07.0247 0x249c mpsdrv - ok
14:39:07.0278 0x249c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:39:07.0325 0x249c MpsSvc - ok
14:39:07.0356 0x249c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:39:07.0372 0x249c MRxDAV - ok
14:39:07.0419 0x249c [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:39:07.0434 0x249c mrxsmb - ok
14:39:07.0481 0x249c [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:39:07.0497 0x249c mrxsmb10 - ok
14:39:07.0528 0x249c [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:39:07.0559 0x249c mrxsmb20 - ok
14:39:07.0590 0x249c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:39:07.0606 0x249c msahci - ok
14:39:07.0668 0x249c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:39:07.0684 0x249c msdsm - ok
14:39:07.0715 0x249c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:39:07.0746 0x249c MSDTC - ok
14:39:07.0762 0x249c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:39:07.0778 0x249c Msfs - ok
14:39:07.0793 0x249c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:39:07.0809 0x249c mshidkmdf - ok
14:39:07.0824 0x249c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:39:07.0824 0x249c msisadrv - ok
14:39:07.0871 0x249c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:39:07.0934 0x249c MSiSCSI - ok
14:39:07.0934 0x249c msiserver - ok
14:39:07.0965 0x249c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:39:07.0996 0x249c MSKSSRV - ok
14:39:08.0074 0x249c [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:39:08.0090 0x249c MsMpSvc - ok
14:39:08.0121 0x249c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:39:08.0152 0x249c MSPCLOCK - ok
14:39:08.0168 0x249c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:39:08.0183 0x249c MSPQM - ok
14:39:08.0230 0x249c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:39:08.0246 0x249c MsRPC - ok
14:39:08.0261 0x249c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:39:08.0261 0x249c mssmbios - ok
14:39:08.0292 0x249c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:39:08.0324 0x249c MSTEE - ok
14:39:08.0339 0x249c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:39:08.0355 0x249c MTConfig - ok
14:39:08.0370 0x249c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:39:08.0386 0x249c Mup - ok
14:39:08.0402 0x249c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:39:08.0433 0x249c napagent - ok
14:39:08.0480 0x249c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:39:08.0495 0x249c NativeWifiP - ok
14:39:08.0542 0x249c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:39:08.0558 0x249c NDIS - ok
14:39:08.0589 0x249c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:39:08.0604 0x249c NdisCap - ok
14:39:08.0636 0x249c [ 2E7C9CC1DF7F878358C7292D036AFE63, B0B2C55A73FD957D410C2A6C67C6BC93EA477BA905EE5DD074C85DDFAA4B9A68 ] ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
14:39:08.0636 0x249c ndisrd - ok
14:39:08.0667 0x249c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:39:08.0698 0x249c NdisTapi - ok
14:39:08.0714 0x249c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:39:08.0745 0x249c Ndisuio - ok
14:39:08.0760 0x249c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:39:08.0792 0x249c NdisWan - ok
14:39:08.0792 0x249c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:39:08.0823 0x249c NDProxy - ok
14:39:08.0823 0x249c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:39:08.0854 0x249c NetBIOS - ok
14:39:08.0870 0x249c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:39:08.0901 0x249c NetBT - ok
14:39:08.0916 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
14:39:08.0932 0x249c Netlogon - ok
14:39:08.0963 0x249c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:39:08.0994 0x249c Netman - ok
14:39:09.0057 0x249c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:09.0057 0x249c NetMsmqActivator - ok
14:39:09.0072 0x249c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:09.0088 0x249c NetPipeActivator - ok
14:39:09.0119 0x249c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:39:09.0150 0x249c netprofm - ok
14:39:09.0150 0x249c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:09.0150 0x249c NetTcpActivator - ok
14:39:09.0166 0x249c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:09.0166 0x249c NetTcpPortSharing - ok
14:39:09.0213 0x249c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:39:09.0213 0x249c nfrd960 - ok
14:39:09.0260 0x249c [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:39:09.0260 0x249c NisDrv - ok
14:39:09.0291 0x249c [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
14:39:09.0306 0x249c NisSrv - ok
14:39:09.0338 0x249c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:39:09.0384 0x249c NlaSvc - ok
14:39:09.0400 0x249c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:39:09.0416 0x249c Npfs - ok
14:39:09.0431 0x249c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:39:09.0447 0x249c nsi - ok
14:39:09.0462 0x249c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:39:09.0478 0x249c nsiproxy - ok
14:39:09.0540 0x249c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:39:09.0572 0x249c Ntfs - ok
14:39:09.0587 0x249c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:39:09.0618 0x249c Null - ok
14:39:09.0665 0x249c [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:39:09.0681 0x249c NVHDA - ok
14:39:09.0930 0x249c [ 6DDB922F08C17C342F1FB868D7EB22CD, A62E476FD377EA9974122DC7C426735B6BE5CECCD0D3DA22502DF7CBB208B49E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:39:10.0102 0x249c nvlddmkm - ok
14:39:10.0196 0x249c [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:39:10.0242 0x249c NvNetworkService - ok
14:39:10.0289 0x249c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:39:10.0289 0x249c nvraid - ok
14:39:10.0305 0x249c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:39:10.0305 0x249c nvstor - ok
14:39:10.0367 0x249c [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:39:10.0367 0x249c NvStreamKms - ok
14:39:10.0570 0x249c [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
14:39:10.0695 0x249c NvStreamNetworkSvc - ok
14:39:10.0820 0x249c [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:39:10.0913 0x249c NvStreamSvc - ok
14:39:10.0960 0x249c [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] nvsvc C:\Windows\system32\nvvsvc.exe
14:39:10.0991 0x249c nvsvc - ok
14:39:11.0007 0x249c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:39:11.0022 0x249c nvvad_WaveExtensible - ok
14:39:11.0038 0x249c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:39:11.0054 0x249c nv_agp - ok
14:39:11.0132 0x249c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:39:11.0147 0x249c odserv - ok
14:39:11.0178 0x249c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:39:11.0194 0x249c ohci1394 - ok
14:39:11.0225 0x249c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:11.0225 0x249c ose - ok
14:39:11.0256 0x249c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:39:11.0288 0x249c p2pimsvc - ok
14:39:11.0319 0x249c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:39:11.0334 0x249c p2psvc - ok
14:39:11.0366 0x249c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:39:11.0397 0x249c Parport - ok
14:39:11.0412 0x249c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:39:11.0428 0x249c partmgr - ok
14:39:11.0459 0x249c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:39:11.0490 0x249c PcaSvc - ok
14:39:11.0490 0x249c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:39:11.0506 0x249c pci - ok
14:39:11.0537 0x249c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:39:11.0537 0x249c pciide - ok
14:39:11.0553 0x249c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:39:11.0568 0x249c pcmcia - ok
14:39:11.0568 0x249c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:39:11.0568 0x249c pcw - ok
14:39:11.0662 0x249c [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
14:39:11.0709 0x249c PDF Architect 2 - ok
14:39:11.0740 0x249c [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
14:39:11.0756 0x249c PDF Architect 2 Creator - ok
14:39:11.0802 0x249c [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
14:39:11.0834 0x249c pdfforge CrashHandler - ok
14:39:11.0880 0x249c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:39:11.0896 0x249c PEAUTH - ok
14:39:11.0943 0x249c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:39:12.0036 0x249c PeerDistSvc - ok
14:39:12.0208 0x249c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:39:12.0224 0x249c PerfHost - ok
14:39:12.0286 0x249c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:39:12.0348 0x249c pla - ok
14:39:12.0395 0x249c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:39:12.0411 0x249c PlugPlay - ok
14:39:12.0458 0x249c PnkBstrA - ok
14:39:12.0473 0x249c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:39:12.0473 0x249c PNRPAutoReg - ok
14:39:12.0489 0x249c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:39:12.0504 0x249c PNRPsvc - ok
14:39:12.0551 0x249c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:39:12.0598 0x249c PolicyAgent - ok
14:39:12.0614 0x249c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:39:12.0660 0x249c Power - ok
14:39:12.0676 0x249c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:39:12.0707 0x249c PptpMiniport - ok
14:39:12.0707 0x249c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:39:12.0723 0x249c Processor - ok
14:39:12.0738 0x249c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:39:12.0770 0x249c ProfSvc - ok
14:39:12.0801 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:39:12.0816 0x249c ProtectedStorage - ok
14:39:12.0832 0x249c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:39:12.0848 0x249c Psched - ok
14:39:12.0879 0x249c [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:39:12.0894 0x249c PSI_SVC_2 - ok
14:39:12.0941 0x249c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:39:12.0972 0x249c ql2300 - ok
14:39:12.0988 0x249c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:39:13.0004 0x249c ql40xx - ok
14:39:13.0019 0x249c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:39:13.0035 0x249c QWAVE - ok
14:39:13.0050 0x249c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:39:13.0066 0x249c QWAVEdrv - ok
14:39:13.0066 0x249c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:39:13.0097 0x249c RasAcd - ok
14:39:13.0128 0x249c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:39:13.0144 0x249c RasAgileVpn - ok
14:39:13.0160 0x249c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:39:13.0206 0x249c RasAuto - ok
14:39:13.0206 0x249c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:39:13.0222 0x249c Rasl2tp - ok
14:39:13.0253 0x249c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:39:13.0300 0x249c RasMan - ok
14:39:13.0316 0x249c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:39:13.0331 0x249c RasPppoe - ok
14:39:13.0347 0x249c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:39:13.0394 0x249c RasSstp - ok
14:39:13.0409 0x249c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:39:13.0425 0x249c rdbss - ok
14:39:13.0440 0x249c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:39:13.0456 0x249c rdpbus - ok
14:39:13.0472 0x249c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:39:13.0503 0x249c RDPCDD - ok
14:39:13.0534 0x249c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:39:13.0565 0x249c RDPDR - ok
14:39:13.0581 0x249c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:39:13.0596 0x249c RDPENCDD - ok
14:39:13.0596 0x249c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:39:13.0643 0x249c RDPREFMP - ok
14:39:13.0690 0x249c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:39:13.0706 0x249c RdpVideoMiniport - ok
14:39:13.0737 0x249c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:39:13.0768 0x249c RDPWD - ok
14:39:13.0784 0x249c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:39:13.0799 0x249c rdyboost - ok
14:39:13.0815 0x249c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:39:13.0862 0x249c RemoteAccess - ok
14:39:13.0893 0x249c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:39:13.0908 0x249c RemoteRegistry - ok
14:39:13.0924 0x249c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:39:13.0955 0x249c RpcEptMapper - ok
14:39:13.0986 0x249c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:39:13.0986 0x249c RpcLocator - ok
14:39:14.0018 0x249c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:39:14.0033 0x249c RpcSs - ok
14:39:14.0064 0x249c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:39:14.0080 0x249c rspndr - ok
14:39:14.0142 0x249c [ AC4CA62572CA516945AB92D6C9F501F4, 6CB4178DD1ED3D8224EA1F91CAA00AFBC756DCA2DFD71F399B05E511E79D5150 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:39:14.0158 0x249c RTL8167 - ok
14:39:14.0189 0x249c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:39:14.0189 0x249c s3cap - ok
14:39:14.0205 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
14:39:14.0220 0x249c SamSs - ok
14:39:14.0236 0x249c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:39:14.0252 0x249c sbp2port - ok
14:39:14.0267 0x249c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:39:14.0298 0x249c SCardSvr - ok
14:39:14.0314 0x249c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:39:14.0330 0x249c scfilter - ok
14:39:14.0376 0x249c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:39:14.0423 0x249c Schedule - ok
14:39:14.0439 0x249c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:39:14.0470 0x249c SCPolicySvc - ok
14:39:14.0470 0x249c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:39:14.0501 0x249c SDRSVC - ok
14:39:14.0595 0x249c [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:39:14.0642 0x249c SDScannerService - ok
14:39:14.0704 0x249c [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:39:14.0766 0x249c SDUpdateService - ok
14:39:14.0798 0x249c [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:39:14.0813 0x249c SDWSCService - ok
14:39:14.0829 0x249c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:39:14.0860 0x249c secdrv - ok
14:39:14.0876 0x249c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:39:14.0922 0x249c seclogon - ok
14:39:14.0938 0x249c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:39:14.0969 0x249c SENS - ok
14:39:14.0969 0x249c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:39:15.0016 0x249c SensrSvc - ok
14:39:15.0047 0x249c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:39:15.0063 0x249c Serenum - ok
14:39:15.0078 0x249c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:39:15.0094 0x249c Serial - ok
14:39:15.0125 0x249c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:39:15.0156 0x249c sermouse - ok
14:39:15.0172 0x249c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:39:15.0188 0x249c SessionEnv - ok
14:39:15.0203 0x249c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:39:15.0219 0x249c sffdisk - ok
14:39:15.0219 0x249c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:39:15.0234 0x249c sffp_mmc - ok
14:39:15.0234 0x249c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:39:15.0266 0x249c sffp_sd - ok
14:39:15.0281 0x249c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:39:15.0281 0x249c sfloppy - ok
14:39:15.0312 0x249c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:39:15.0344 0x249c SharedAccess - ok
14:39:15.0359 0x249c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:39:15.0390 0x249c ShellHWDetection - ok
14:39:15.0406 0x249c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:39:15.0422 0x249c SiSRaid2 - ok
14:39:15.0437 0x249c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:39:15.0453 0x249c SiSRaid4 - ok
14:39:15.0453 0x249c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:39:15.0484 0x249c Smb - ok
14:39:15.0500 0x249c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:39:15.0515 0x249c SNMPTRAP - ok
14:39:15.0531 0x249c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:39:15.0531 0x249c spldr - ok
14:39:15.0562 0x249c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:39:15.0593 0x249c Spooler - ok
14:39:15.0687 0x249c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:39:15.0827 0x249c sppsvc - ok
14:39:15.0843 0x249c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:39:15.0858 0x249c sppuinotify - ok
14:39:15.0874 0x249c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:39:15.0921 0x249c srv - ok
14:39:15.0936 0x249c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:39:15.0952 0x249c srv2 - ok
14:39:15.0968 0x249c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:39:15.0983 0x249c srvnet - ok
14:39:16.0014 0x249c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:39:16.0061 0x249c SSDPSRV - ok
14:39:16.0077 0x249c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:39:16.0108 0x249c SstpSvc - ok
14:39:16.0155 0x249c [ 937821881026EBE17DA25285CD5461A8, 79C503798BD6CE218598229AAB417EBD43E151A2E821BE99E138BFA9F841103A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:39:16.0170 0x249c Stereo Service - ok
14:39:16.0186 0x249c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:39:16.0202 0x249c stexstor - ok
14:39:16.0233 0x249c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:39:16.0248 0x249c stisvc - ok
14:39:16.0280 0x249c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:39:16.0280 0x249c storflt - ok
14:39:16.0295 0x249c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:39:16.0311 0x249c storvsc - ok
14:39:16.0311 0x249c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:39:16.0326 0x249c swenum - ok
14:39:16.0404 0x249c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:39:16.0436 0x249c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
14:39:18.0386 0x25ac Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc
14:39:19.0197 0x249c Detect skipped due to KSN trusted
14:39:19.0197 0x249c SwitchBoard - ok
14:39:19.0228 0x249c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:39:19.0259 0x249c swprv - ok
14:39:19.0275 0x249c [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
14:39:19.0290 0x249c Synth3dVsc - ok
14:39:19.0353 0x249c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:39:19.0415 0x249c SysMain - ok
14:39:19.0431 0x249c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:39:19.0446 0x249c TabletInputService - ok
14:39:19.0462 0x249c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:39:19.0493 0x249c TapiSrv - ok
14:39:19.0493 0x249c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:39:19.0524 0x249c TBS - ok
14:39:19.0587 0x249c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:39:19.0618 0x249c Tcpip - ok
14:39:19.0680 0x249c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:39:19.0712 0x249c TCPIP6 - ok
14:39:19.0727 0x249c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:39:19.0743 0x249c tcpipreg - ok
14:39:19.0758 0x249c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:39:19.0774 0x249c TDPIPE - ok
14:39:19.0805 0x249c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:39:19.0805 0x249c TDTCP - ok
14:39:19.0836 0x249c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:39:19.0852 0x249c tdx - ok
14:39:19.0868 0x249c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:39:19.0883 0x249c TermDD - ok
14:39:19.0899 0x249c [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
14:39:19.0930 0x249c terminpt - ok
14:39:19.0977 0x249c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:39:20.0008 0x249c TermService - ok
14:39:20.0024 0x249c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:39:20.0055 0x249c Themes - ok
14:39:20.0070 0x249c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:39:20.0102 0x249c THREADORDER - ok
14:39:20.0102 0x249c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:39:20.0133 0x249c TrkWks - ok
14:39:20.0180 0x249c [ 5BD389925662396A52AEB64901D3C952, 8B6C99ADA6B39E16D055F18DB220C90AEE67E36B08AE5E117103D86C9A138834 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
14:39:20.0180 0x249c TrueSight - ok
14:39:20.0226 0x249c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:39:20.0273 0x249c TrustedInstaller - ok
14:39:20.0304 0x249c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:39:20.0320 0x249c tssecsrv - ok
14:39:20.0351 0x249c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:39:20.0367 0x249c TsUsbFlt - ok
14:39:20.0382 0x249c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:39:20.0414 0x249c TsUsbGD - ok
14:39:20.0429 0x249c [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
14:39:20.0476 0x249c tsusbhub - ok
14:39:20.0570 0x249c [ 1644B878986A612FE87682140A9908B2, 1F0F1EC551B45D97FA5CCFCF3807CF15CE1941F3B352AFDDF364D835E23EA071 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
14:39:20.0585 0x249c TuneUp.Defrag - ok
14:39:20.0648 0x249c [ EB7737CDC5A6955DD9C05665B2FCB4F7, 2680E3DC4EA25430BF6AB94C1AB5B2002127BFE2C4848CFD6E95A8B4AD97BAEA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
14:39:20.0663 0x249c TuneUp.UtilitiesSvc - ok
14:39:20.0694 0x249c [ DCC94C51D27C7EC0DADECA8F64C94FCF, 90C978C2284C9BDE3EFA1124616D824E0C361C388293FA22DBC8C3B70C920574 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
14:39:20.0694 0x249c TuneUpUtilitiesDrv - ok
14:39:20.0726 0x249c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:39:20.0757 0x249c tunnel - ok
14:39:20.0772 0x249c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:39:20.0788 0x249c uagp35 - ok
14:39:20.0804 0x249c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:39:20.0835 0x249c udfs - ok
14:39:20.0850 0x249c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:39:20.0866 0x249c UI0Detect - ok
14:39:20.0897 0x249c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:39:20.0897 0x249c uliagpkx - ok
14:39:20.0913 0x249c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:39:20.0928 0x249c umbus - ok
14:39:20.0944 0x249c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:39:20.0944 0x249c UmPass - ok
14:39:20.0975 0x249c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:39:20.0975 0x249c UmRdpService - ok
14:39:20.0991 0x249c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:39:21.0022 0x249c upnphost - ok
14:39:21.0053 0x249c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:39:21.0069 0x249c usbccgp - ok
14:39:21.0084 0x249c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:39:21.0116 0x249c usbcir - ok
14:39:21.0147 0x249c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:39:21.0147 0x249c usbehci - ok
14:39:21.0178 0x249c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:39:21.0194 0x249c usbhub - ok
14:39:21.0225 0x249c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:39:21.0225 0x249c usbohci - ok
14:39:21.0256 0x249c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:39:21.0272 0x249c usbprint - ok
14:39:21.0303 0x249c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:39:21.0318 0x249c usbscan - ok
14:39:21.0350 0x249c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:39:21.0365 0x249c USBSTOR - ok
14:39:21.0381 0x249c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:39:21.0396 0x249c usbuhci - ok
14:39:21.0428 0x249c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:39:21.0443 0x249c UxSms - ok
14:39:21.0490 0x249c [ 58FE40EE6800113535DC0BE824D3265C, A3EBEB7C869E71137BE0DC93E6EFCA192F09281D18494158F40BFD07A08EA3AA ] UxTuneUp C:\Windows\System32\uxtuneup.dll
14:39:21.0506 0x249c UxTuneUp - ok
14:39:21.0521 0x249c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
14:39:21.0521 0x249c VaultSvc - ok
14:39:21.0568 0x249c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:39:21.0568 0x249c vdrvroot - ok
14:39:21.0599 0x249c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:39:21.0630 0x249c vds - ok
14:39:21.0662 0x249c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:39:21.0662 0x249c vga - ok
14:39:21.0677 0x25ac Object send P2P result: true
14:39:21.0677 0x25ac Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc
14:39:21.0693 0x249c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:39:21.0724 0x249c VgaSave - ok
14:39:21.0724 0x249c VGPU - ok
14:39:21.0755 0x249c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:39:21.0771 0x249c vhdmp - ok
14:39:21.0849 0x249c [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:39:21.0880 0x249c VIAHdAudAddService - ok
14:39:21.0911 0x249c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:39:21.0911 0x249c viaide - ok
14:39:21.0927 0x249c [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
14:39:21.0942 0x249c VIAKaraokeService - ok
14:39:21.0958 0x249c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:39:21.0974 0x249c vmbus - ok
14:39:21.0989 0x249c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:39:22.0005 0x249c VMBusHID - ok
14:39:22.0020 0x249c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:39:22.0036 0x249c volmgr - ok
14:39:22.0036 0x249c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:39:22.0052 0x249c volmgrx - ok
14:39:22.0067 0x249c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:39:22.0083 0x249c volsnap - ok
14:39:22.0098 0x249c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:39:22.0114 0x249c vsmraid - ok
14:39:22.0161 0x249c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:39:22.0223 0x249c VSS - ok
14:39:22.0364 0x249c [ 4E372CB8017861B462769C36765C7700, 4E82C47FF5EA85B84AA830DF335220901EFCF0C51FBE85FC131E7E247E5D7397 ] vToolbarUpdater3.4.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.4.0\ToolbarUpdater.exe
14:39:22.0426 0x249c vToolbarUpdater3.4.0 - ok
14:39:22.0426 0x249c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:39:22.0442 0x249c vwifibus - ok
14:39:22.0488 0x249c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:39:22.0504 0x249c W32Time - ok
14:39:22.0535 0x249c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:39:22.0551 0x249c WacomPen - ok
14:39:22.0582 0x249c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:39:22.0598 0x249c WANARP - ok
14:39:22.0613 0x249c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:39:22.0629 0x249c Wanarpv6 - ok
14:39:22.0707 0x249c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:39:22.0754 0x249c WatAdminSvc - ok
14:39:22.0800 0x249c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:39:22.0863 0x249c wbengine - ok
14:39:22.0878 0x249c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:39:22.0894 0x249c WbioSrvc - ok
14:39:22.0910 0x249c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:39:22.0941 0x249c wcncsvc - ok
14:39:22.0956 0x249c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:39:23.0003 0x249c WcsPlugInService - ok
14:39:23.0019 0x249c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:39:23.0019 0x249c Wd - ok
14:39:23.0050 0x249c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:39:23.0066 0x249c Wdf01000 - ok
14:39:23.0081 0x249c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:39:23.0128 0x249c WdiServiceHost - ok
14:39:23.0144 0x249c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:39:23.0144 0x249c WdiSystemHost - ok
14:39:23.0175 0x249c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:39:23.0206 0x249c WebClient - ok
14:39:23.0237 0x249c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:39:23.0253 0x249c Wecsvc - ok
14:39:23.0268 0x249c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:39:23.0284 0x249c wercplsupport - ok
14:39:23.0300 0x249c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:39:23.0346 0x249c WerSvc - ok
14:39:23.0362 0x249c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:39:23.0393 0x249c WfpLwf - ok
14:39:23.0393 0x249c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:39:23.0409 0x249c WIMMount - ok
14:39:23.0424 0x249c WinDefend - ok
14:39:23.0440 0x249c WinHttpAutoProxySvc - ok
14:39:23.0487 0x249c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:39:23.0518 0x249c Winmgmt - ok
14:39:23.0565 0x249c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:39:23.0658 0x249c WinRM - ok
14:39:23.0721 0x249c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:39:23.0721 0x249c WinUsb - ok
14:39:23.0768 0x249c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:39:23.0814 0x249c Wlansvc - ok
14:39:23.0846 0x249c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:39:23.0877 0x249c WmiAcpi - ok
14:39:23.0892 0x249c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:39:23.0908 0x249c wmiApSrv - ok
14:39:23.0939 0x249c WMPNetworkSvc - ok
14:39:23.0939 0x249c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:39:23.0955 0x249c WPCSvc - ok
14:39:23.0970 0x249c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:39:24.0002 0x249c WPDBusEnum - ok
14:39:24.0002 0x249c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:39:24.0017 0x249c ws2ifsl - ok
14:39:24.0033 0x249c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:39:24.0048 0x249c wscsvc - ok
14:39:24.0048 0x249c WSearch - ok
14:39:24.0142 0x249c [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
14:39:24.0220 0x249c wuauserv - ok
14:39:24.0236 0x249c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:39:24.0267 0x249c WudfPf - ok
14:39:24.0298 0x249c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:24.0329 0x249c WUDFRd - ok
14:39:24.0345 0x249c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:39:24.0360 0x249c wudfsvc - ok
14:39:24.0392 0x249c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:39:24.0423 0x249c WwanSvc - ok
14:39:24.0423 0x249c ================ Scan global ===============================
14:39:24.0454 0x249c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:39:24.0485 0x249c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:39:24.0501 0x249c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:39:24.0516 0x249c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:39:24.0548 0x249c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:39:24.0563 0x249c [ Global ] - ok
14:39:24.0563 0x249c ================ Scan MBR ==================================
14:39:24.0563 0x249c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:39:24.0657 0x25ac Object send P2P result: true
14:39:24.0657 0x25ac Object required for P2P: [ 5A3DE85307FB54C09C0D1D52B97916FE ] nvsvc
14:39:24.0969 0x249c \Device\Harddisk1\DR1 - ok
14:39:24.0969 0x249c [ CA10FFA6C508202CE0A9D48F6976CDE0 ] \Device\Harddisk0\DR0
14:39:25.0031 0x249c \Device\Harddisk0\DR0 - ok
14:39:25.0047 0x249c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR6
14:39:25.0156 0x249c \Device\Harddisk6\DR6 - ok
14:39:25.0172 0x249c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk7\DR7
14:39:25.0312 0x249c \Device\Harddisk7\DR7 - ok
14:39:25.0312 0x249c ================ Scan VBR ==================================
14:39:25.0312 0x249c [ 6AA36F3F96FC0374C7908AE9279D9DBD ] \Device\Harddisk1\DR1\Partition1
14:39:25.0312 0x249c \Device\Harddisk1\DR1\Partition1 - ok
14:39:25.0312 0x249c [ 5CBE3D11E4513822732356EE5B14D478 ] \Device\Harddisk1\DR1\Partition2
14:39:25.0374 0x249c \Device\Harddisk1\DR1\Partition2 - ok
14:39:25.0374 0x249c [ B42A6BCA40FDC9AAF2CA160EFB73C7D1 ] \Device\Harddisk0\DR0\Partition1
14:39:25.0406 0x249c \Device\Harddisk0\DR0\Partition1 - ok
14:39:25.0406 0x249c [ 281102D52EE6D79845A5EA81F0A46C89 ] \Device\Harddisk6\DR6\Partition1
14:39:25.0484 0x249c \Device\Harddisk6\DR6\Partition1 - ok
14:39:25.0484 0x249c [ 6CA5D00DAC18F221C1DE40835586E7A5 ] \Device\Harddisk7\DR7\Partition1
14:39:25.0530 0x249c \Device\Harddisk7\DR7\Partition1 - ok
14:39:25.0530 0x249c ================ Scan generic autorun ======================
14:39:25.0640 0x249c [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:39:25.0686 0x249c NvBackend - ok
14:39:25.0702 0x249c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:39:25.0718 0x249c ShadowPlay - ok
14:39:25.0796 0x249c [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
14:39:25.0827 0x249c MSC - ok
14:39:25.0983 0x249c [ E5FF7729053F67212768C5D37BE762B4, 1A0633FF2062F2C3D5675C7E532B30AF45D0E53D997A7357CC0AA8DA3BE6E1A6 ] C:\Program Files (x86)\AVG\AVG2014\avgui.exe
14:39:26.0061 0x249c AVG_UI - ok
14:39:26.0123 0x249c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:26.0170 0x249c Sidebar - ok
14:39:26.0186 0x249c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:26.0201 0x249c mctadmin - ok
14:39:26.0217 0x249c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:26.0248 0x249c Sidebar - ok
14:39:26.0248 0x249c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:26.0264 0x249c mctadmin - ok
14:39:26.0357 0x249c [ 390679F7A217A5E73D756276C40AE887, 3EDFB645B2F58864E653C66516D6D48C4F9D691CFD51D91D4D88E316EE7B7177 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
14:39:26.0404 0x249c SpybotSD TeaTimer - detected UnsignedFile.Multi.Generic ( 1 )
14:39:27.0590 0x25ac Object send P2P result: true
14:39:29.0134 0x249c Detect skipped due to KSN trusted
14:39:29.0134 0x249c SpybotSD TeaTimer - ok
14:39:29.0165 0x249c [ 22DA0DDAF1BF9E0FB5C705319024429B, EC2C086FF784B06E4FF05243164DDB768B81EE32096AFED6D5E574FF350B619E ] C:\Program Files (x86)\uTorrent\uTorrent.exe
14:39:29.0165 0x249c uTorrent - ok
14:39:29.0165 0x249c Waiting for KSN requests completion. In queue: 106
14:39:30.0179 0x249c Waiting for KSN requests completion. In queue: 106
14:39:31.0193 0x249c Waiting for KSN requests completion. In queue: 106
14:39:32.0207 0x249c Waiting for KSN requests completion. In queue: 1
14:39:33.0221 0x249c Waiting for KSN requests completion. In queue: 1
14:39:34.0251 0x249c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
14:39:34.0298 0x249c AV detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4830 ), 0x41000 ( enabled : updated )
14:39:34.0298 0x249c FW detected via SS2: AVG Internet Security 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4830 ), 0x41010 ( enabled )
14:39:37.0215 0x249c ============================================================
14:39:37.0215 0x249c Scan finished
14:39:37.0215 0x249c ============================================================
14:39:37.0215 0x204c Detected object count: 0
14:39:37.0215 0x204c Actual detected object count: 0
14:49:06.0235 0x272c Deinitialize success
____________
ADW
# AdwCleaner v5.023 - Rapport créé le 04/12/2015 à 14:55:45
# Mis à jour le 30/11/2015 par Xplode
# Base de données : 2015-12-03.1 [Serveur]
# Système d'exploitation : Windows 7 Ultimate Service Pack 1 (x64)
# Nom d'utilisateur : Plumo - PLUMO-PC
# Exécuté depuis : C:\Users\Plumo\Desktop\adwcleaner_5.023.exe
# Option : Nettoyer
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Supprimé : vToolbarUpdater3.4.0

***** [ Dossiers ] *****

[-] Dossier Supprimé : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Dossier Supprimé : C:\ProgramData\AVG Secure Search
[-] Dossier Supprimé : C:\ProgramData\AVG Security Toolbar
[-] Dossier Supprimé : C:\ProgramData\Avg_Update_1215avi
[-] Dossier Supprimé : C:\Users\Plumo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian Technologies
[-] Dossier Supprimé : C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\Avg@toolbar

***** [ Fichiers ] *****

[-] Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] Fichier Supprimé : C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\searchplugins\avg-secure-search.xml
[-] Fichier Supprimé : C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\user.js

***** [ DLLs ] *****


***** [ Raccourcis ] *****


***** [ Tâches planifiées ] *****


***** [ Registre ] *****

[-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Clé Supprimée : HKCU\Software\Avg Secure Update
[-] Clé Supprimée : HKLM\SOFTWARE\AVG SafeGuard toolbar
[-] Clé Supprimée : HKLM\SOFTWARE\Conduit
[-] Clé Supprimée : HKU\.DEFAULT\Software\Avg Secure Update

***** [ Navigateurs ] *****


*************************

:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3981 octets] ##########
____________
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Ultimate x64
Ran by Plumo (Administrator) on 2015-12-04 at 15:04:53,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\Plumo\AppData\Local\pdfforge (Folder)
Successfully deleted: C:\Users\Plumo\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\Windows\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-12-04 at 15:07:30,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Voilà! :thanks:

plumo

Juliet
2015-12-05, 00:27
Good work.

Since you already have Malwarebytes' Anti-Malware on your computer, let's update it and run another scan.

Open MalwareBytes

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply


Exit Malwarebytes
~~~~~~~~~~~~~~~~~

Locate and delete FRST.txt & Addition.txt from your first run.

I would like for you to run the tool again and post fresh logs.

If you need to make multiple post that is OK


Right-Click FRST.exe / FRST64.exe and select http://i.imgur.com/AVOiBNU.jpg Run as administrator to run the programme.
Click Yes to the disclaimer.
Ensure the Addition.txt box is checked.
Click the Scan button and let the programme run.
Upon completion, click OK, then OK on the Addition.txt pop up screen.
Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.


~~~~
How is your computer now?

Plumo
2015-12-05, 03:24
Rebonsoir! :)

MBM log
Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 2015-12-04
Heure de l'analyse: 19:26
Fichier journal:
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.12.04.06
Base de données de rootkits: v2015.11.26.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Plumo

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 351081
Temps écoulé: 19 min, 59 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 0
(Aucun élément malveillant détecté)

Valeurs du Registre: 0
(Aucun élément malveillant détecté)

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 0
(Aucun élément malveillant détecté)

Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
__________
FRST
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Exécuté par Plumo (administrateur) sur PLUMO-PC (04-12-2015 20:04:37)
Exécuté depuis C:\Users\Plumo\Desktop
Profils chargés: Plumo (Profils disponibles: Plumo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe


==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5212072 2015-07-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\igfxcui:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399224 2015-02-06] (BitTorrent, Inc.)
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\DREAMA~1.SCR [106496 2009-02-20] ()
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-05-23] ()
BootExecute: autocheck autochk /r \??\H:autocheck autochk * sdnclean64.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: [NameServer] 74.116.184.9,74.116.184.8

Internet Explorer:
==================
HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/defaultf.aspx?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default
FF Homepage: hxxp://radio-canada.ca/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Pas de fichier]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-05-26] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-05-26] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1554290505-1184955759-1297804211-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-04-13] ()
FF Extension: FlashGot - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-04-27]
FF Extension: Media Stealer - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\stealer@physacco.com.xpi [2015-05-30]
FF Extension: Cookies Manager+ - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-05-30]
FF Extension: Zoom Page - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\zoompage@DW-dev.xpi [2015-10-19]
FF Extension: NetVideoHunter - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\extensions\netvideohunter@netvideohunter.com [2015-11-14]
FF Extension: Pas de nom - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2015-10-15] [non signé]
FF Extension: Facebook Ads Block - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi [2015-10-15]
FF Extension: Video DownloadHelper - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-28]
FF Extension: Adblock Plus - C:\Users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-11] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-11-28] [non signé]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21]

==================== Services (Avec liste blanche) ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [102712 2008-04-17] (ArcSoft Inc.) [Fichier non signé]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-10-02] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-10-02] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-10-02] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2014-10-02] (ASUSTeK Computer Inc.) [Fichier non signé]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-29] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [583288 2015-02-13] (Hauppauge Computer Works) [Fichier non signé]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-15] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2015-01-05] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [276960 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [912896 2010-09-20] (Hauppauge Computer Works, Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-04] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-04] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-04 20:04 - 2015-12-04 20:04 - 00024090 _____ C:\Users\Plumo\Desktop\FRST.txt
2015-12-04 15:07 - 2015-12-04 15:07 - 00000788 _____ C:\Users\Plumo\Desktop\JRT.txt
2015-12-04 15:01 - 2015-12-04 15:01 - 00004076 _____ C:\Users\Plumo\Desktop\AdwCleaner[C1].txt
2015-12-04 14:52 - 2015-12-04 14:52 - 00003749 _____ C:\Users\Plumo\Desktop\AdwCleaner[S1].txt
2015-12-04 14:49 - 2015-12-04 14:55 - 00000000 ____D C:\AdwCleaner
2015-12-04 14:49 - 2015-12-04 14:49 - 00226502 _____ C:\Users\Plumo\Desktop\TDSSKiller.3.1.0.7_04.12.2015_14.37.56_log.txt
2015-12-04 14:37 - 2015-12-04 14:49 - 00226502 _____ C:\TDSSKiller.3.1.0.7_04.12.2015_14.37.56_log.txt
2015-12-04 14:35 - 2015-12-04 14:35 - 00011036 _____ C:\Users\Plumo\Desktop\rapport roguekill.txt
2015-12-04 14:11 - 2015-12-04 14:37 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-04 14:11 - 2015-12-04 14:11 - 00030848 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-12-04 14:08 - 2015-12-04 14:07 - 01599336 _____ (Malwarebytes) C:\Users\Plumo\Desktop\JRT.exe
2015-12-04 14:07 - 2015-12-04 14:07 - 01599336 _____ (Malwarebytes) C:\Users\Plumo\Downloads\JRT.exe
2015-12-04 14:07 - 2015-12-04 14:06 - 01736704 _____ C:\Users\Plumo\Desktop\adwcleaner_5.023.exe
2015-12-04 14:06 - 2015-12-04 14:06 - 01736704 _____ C:\Users\Plumo\Downloads\adwcleaner_5.023.exe
2015-12-04 14:05 - 2015-12-04 14:05 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Plumo\Desktop\tdsskiller.exe
2015-12-04 14:04 - 2015-12-04 14:05 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Plumo\Downloads\tdsskiller.exe
2015-12-04 14:04 - 2015-12-04 14:02 - 20826184 _____ C:\Users\Plumo\Desktop\RogueKiller.exe
2015-12-04 14:01 - 2015-12-04 14:02 - 20826184 _____ C:\Users\Plumo\Downloads\RogueKiller.exe
2015-12-03 23:00 - 2015-12-03 23:00 - 00002060 _____ C:\Users\Plumo\Desktop\aswMBR.txt
2015-12-03 23:00 - 2015-12-03 23:00 - 00000512 _____ C:\Users\Plumo\Desktop\MBR.dat
2015-12-03 22:23 - 2015-12-04 20:04 - 00000000 ____D C:\FRST
2015-12-03 22:23 - 2015-12-03 22:19 - 05198336 _____ (AVAST Software) C:\Users\Plumo\Desktop\aswMBR.exe
2015-12-03 22:22 - 2015-12-03 22:22 - 02350080 _____ (Farbar) C:\Users\Plumo\Downloads\FRST64.exe
2015-12-03 22:22 - 2015-12-03 22:22 - 02350080 _____ (Farbar) C:\Users\Plumo\Desktop\FRST64.exe
2015-12-03 22:21 - 2015-12-03 22:21 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PLUMO-PC-Windows-7-Ultimate-(64-bit).dat
2015-12-03 22:20 - 2015-12-03 22:20 - 00016388 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2015-12-03 22:20 - 2015-12-03 22:20 - 00002239 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\RegBackup
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-12-03 22:20 - 2015-12-03 22:20 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-12-03 22:18 - 2015-12-03 22:19 - 05198336 _____ (AVAST Software) C:\Users\Plumo\Downloads\aswMBR.exe
2015-12-03 22:17 - 2015-12-03 22:17 - 01721344 _____ (Farbar) C:\Users\Plumo\Downloads\FRST.exe
2015-12-03 22:16 - 2015-12-03 22:15 - 04777232 _____ (Tweaking.com) C:\Users\Plumo\Desktop\tweaking.com_registry_backup_setup.exe
2015-12-03 22:15 - 2015-12-03 22:15 - 04777232 _____ (Tweaking.com) C:\Users\Plumo\Downloads\tweaking.com_registry_backup_setup.exe
2015-12-03 21:21 - 2015-12-03 21:21 - 05639148 _____ (Swearware) C:\Users\Plumo\Desktop\ComboFix.exe
2015-12-03 21:20 - 2015-12-03 21:21 - 05639148 _____ (Swearware) C:\Users\Plumo\Downloads\ComboFix.exe
2015-12-03 21:20 - 2015-12-03 21:20 - 00119808 _____ (Atribune.org) C:\Users\Plumo\Downloads\VundoFix.exe
2015-12-03 21:20 - 2015-12-03 21:20 - 00119808 _____ (Atribune.org) C:\Users\Plumo\Desktop\VundoFix.exe
2015-12-03 21:16 - 2015-12-03 21:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Plumo\Desktop\sanner.exe
2015-12-03 21:15 - 2015-12-03 21:15 - 00388608 _____ (Trend Micro Inc.) C:\Users\Plumo\Downloads\HijackThis.exe
2015-12-03 20:59 - 2015-12-04 19:54 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-03 20:59 - 2015-12-03 20:59 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-03 20:59 - 2015-12-03 20:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-03 20:59 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-03 20:59 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-03 20:59 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-03 20:57 - 2015-12-03 20:58 - 22908888 _____ (Malwarebytes ) C:\Users\Plumo\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-12-03 12:52 - 2015-12-03 12:52 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-03 12:52 - 2015-12-03 12:52 - 00001912 _____ C:\Windows\epplauncher.mif
2015-12-03 12:52 - 2015-12-03 12:52 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-12-03 12:52 - 2015-12-03 12:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-12-03 12:51 - 2015-12-03 12:51 - 14261952 _____ (Microsoft Corporation) C:\Users\Plumo\Downloads\mseinstall.exe
2015-12-03 00:36 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-03 00:33 - 2015-12-03 00:33 - 00001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-03 00:33 - 2015-12-03 00:33 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-03 00:33 - 2015-12-03 00:33 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-12-03 00:33 - 2015-12-03 00:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-03 00:32 - 2015-12-03 00:38 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-03 00:32 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-12-03 00:15 - 2015-12-03 00:24 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Plumo\Downloads\spybot-2.4.exe
2015-11-29 17:59 - 2015-11-29 17:59 - 00602760 _____ C:\Users\Plumo\Downloads\Archives de la mer morte.zip
2015-11-29 12:00 - 2015-10-08 18:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-29 12:00 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-29 12:00 - 2015-10-08 18:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-29 12:00 - 2015-10-08 18:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-29 12:00 - 2015-10-08 14:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-29 12:00 - 2015-10-08 13:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-29 11:56 - 2015-11-29 11:56 - 00001058 _____ C:\Users\Plumo\Documents\cc_20151129_115632.reg
2015-11-26 10:16 - 2015-11-26 10:16 - 00251596 _____ C:\Users\Plumo\Downloads\Your E-Tickets.pdf
2015-11-21 08:58 - 2015-11-14 00:53 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-21 08:56 - 2015-11-15 22:35 - 42913912 _____ C:\Windows\system32\nvcompiler.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 37881976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 22310008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 16553568 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 14835872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 13527440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 12034248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 11130488 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-21 08:56 - 2015-11-15 22:35 - 02870576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 02490672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00689272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00501056 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00413816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-21 08:56 - 2015-11-15 22:35 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-20 17:36 - 2015-11-12 13:37 - 00112712 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2015-11-16 11:23 - 2015-11-03 17:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-16 11:23 - 2015-11-03 16:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-16 11:23 - 2015-10-30 18:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-16 11:23 - 2015-10-30 18:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-16 11:23 - 2015-10-30 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-16 11:23 - 2015-10-30 18:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-16 11:23 - 2015-10-30 18:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-16 11:23 - 2015-10-30 18:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-16 11:23 - 2015-10-30 18:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-16 11:23 - 2015-10-30 18:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-16 11:23 - 2015-10-30 18:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-16 11:23 - 2015-10-30 18:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-16 11:23 - 2015-10-30 18:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-16 11:23 - 2015-10-30 18:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-16 11:23 - 2015-10-30 18:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-16 11:23 - 2015-10-30 18:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-16 11:23 - 2015-10-30 18:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-16 11:23 - 2015-10-30 18:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-16 11:23 - 2015-10-30 18:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-16 11:23 - 2015-10-30 17:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-16 11:23 - 2015-10-30 17:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-16 11:23 - 2015-10-30 17:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-16 11:23 - 2015-10-30 17:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-16 11:23 - 2015-10-30 17:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-16 11:23 - 2015-10-30 17:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-16 11:23 - 2015-10-30 17:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-16 11:23 - 2015-10-30 17:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-16 11:23 - 2015-10-30 17:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-16 11:23 - 2015-10-30 17:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-16 11:23 - 2015-10-30 17:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-16 11:23 - 2015-10-30 17:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-16 11:23 - 2015-10-30 17:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-16 11:23 - 2015-10-30 17:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-16 11:23 - 2015-10-30 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-16 11:23 - 2015-10-30 17:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-16 11:23 - 2015-10-30 17:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-16 11:23 - 2015-10-30 17:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-16 11:23 - 2015-10-30 17:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-16 11:23 - 2015-10-30 17:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-16 11:23 - 2015-10-30 17:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-16 11:23 - 2015-10-30 17:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-16 11:23 - 2015-10-30 17:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-16 11:23 - 2015-10-30 17:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-16 11:23 - 2015-10-30 17:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-16 11:23 - 2015-10-30 17:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-16 11:23 - 2015-10-30 17:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-16 11:23 - 2015-10-30 17:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-16 11:23 - 2015-10-30 17:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-16 11:23 - 2015-10-30 17:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-16 11:23 - 2015-10-30 17:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-16 11:23 - 2015-10-30 17:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-16 11:23 - 2015-10-30 17:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-16 11:23 - 2015-10-30 17:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-16 11:23 - 2015-10-30 17:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-16 11:23 - 2015-10-30 17:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-16 11:23 - 2015-10-30 17:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-16 11:23 - 2015-10-30 16:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-16 11:23 - 2015-10-30 16:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-16 11:23 - 2015-10-30 16:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-16 11:23 - 2015-10-30 16:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-16 11:22 - 2015-11-03 12:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-16 11:22 - 2015-10-29 12:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-16 11:22 - 2015-10-29 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-16 11:22 - 2015-10-29 12:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-16 11:22 - 2015-10-29 12:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-16 11:22 - 2015-10-29 12:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-16 11:22 - 2015-10-20 13:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-16 11:22 - 2015-10-20 13:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-16 11:22 - 2015-10-20 13:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-16 11:22 - 2015-10-20 13:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-16 11:22 - 2015-10-20 13:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-16 11:22 - 2015-10-20 13:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-16 11:22 - 2015-10-20 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-16 11:22 - 2015-10-20 12:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-16 11:22 - 2015-10-19 20:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-16 11:22 - 2015-10-19 20:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-16 11:22 - 2015-10-19 20:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-16 11:22 - 2015-10-19 20:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-16 11:22 - 2015-10-19 20:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-16 11:22 - 2015-10-19 20:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-16 11:22 - 2015-10-19 20:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-16 11:22 - 2015-10-19 20:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-16 11:22 - 2015-10-19 20:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-16 11:22 - 2015-10-19 20:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-16 11:22 - 2015-10-19 20:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-16 11:22 - 2015-10-19 20:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-16 11:22 - 2015-10-19 19:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-16 11:22 - 2015-10-19 19:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-16 11:22 - 2015-10-19 19:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-16 11:22 - 2015-10-19 19:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-16 11:22 - 2015-10-19 19:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-16 11:22 - 2015-10-19 19:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-16 11:22 - 2015-10-19 19:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-16 11:22 - 2015-10-19 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-16 11:22 - 2015-10-19 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 19:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-16 11:22 - 2015-10-19 18:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-16 11:22 - 2015-10-19 18:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-16 11:22 - 2015-10-19 18:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-16 11:22 - 2015-10-19 18:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-16 11:22 - 2015-10-19 18:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-16 11:22 - 2015-10-19 18:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-16 11:22 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-16 11:22 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-16 11:22 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-16 11:22 - 2015-09-23 08:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-16 11:22 - 2015-09-23 08:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-16 11:22 - 2015-09-23 08:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-16 11:17 - 2015-10-01 13:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-16 11:17 - 2015-10-01 13:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-16 11:17 - 2015-10-01 12:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 10:20 - 2015-11-10 10:20 - 00014261 _____ C:\Users\Plumo\Downloads\Avis de confirmation fournisseur.zip
2015-11-09 16:06 - 2015-11-15 22:35 - 18363000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-09 16:06 - 2015-11-15 22:35 - 15717864 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435891.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435891.dll
2015-11-09 16:06 - 2015-11-05 12:13 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-09 16:06 - 2015-11-05 12:13 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-08 12:45 - 2015-11-08 12:45 - 00036780 _____ C:\Users\Plumo\Downloads\7B07y_Fj_400x400.jpeg
2015-11-06 15:58 - 2015-11-06 15:58 - 00004662 _____ C:\Users\Plumo\Documents\cc_20151106_155803.reg
2015-11-06 01:20 - 2015-11-06 01:20 - 00562454 _____ C:\Users\Plumo\Downloads\Outlook.com(5).zip
2015-11-05 23:25 - 2015-12-03 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2015-12-04 20:05 - 2014-06-01 22:00 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\uTorrent
2015-12-04 20:04 - 2015-03-18 10:25 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 20:02 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-04 20:02 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-04 19:53 - 2015-03-18 10:24 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 19:53 - 2015-01-02 14:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-04 19:53 - 2014-06-01 09:57 - 00000000 ____D C:\ProgramData\Hauppauge
2015-12-04 19:53 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-04 18:38 - 2014-05-31 23:13 - 00000000 ____D C:\ProgramData\MFAData
2015-12-04 15:43 - 2014-06-01 00:42 - 00000000 ____D C:\Users\Plumo\AppData\Local\Corel
2015-12-04 15:39 - 2014-06-01 00:40 - 00002568 ___SH C:\ProgramData\KGyGaAvL.sys
2015-12-04 15:39 - 2014-06-01 00:38 - 00000000 ____D C:\Users\Plumo\Documents\My PSP Files
2015-12-03 22:59 - 2015-03-18 10:25 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 22:59 - 2015-03-18 10:24 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 22:25 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-03 21:24 - 2009-07-13 23:45 - 00000000 ____D C:\Windows\ServiceProfiles
2015-12-03 12:52 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-03 12:38 - 2014-06-07 10:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-03 12:32 - 2009-07-13 23:45 - 05149856 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-03 01:13 - 2014-06-02 23:02 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\vlc
2015-12-03 00:36 - 2015-09-09 19:33 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-01 09:24 - 2014-06-02 23:13 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\dvdcss
2015-11-30 10:01 - 2014-06-01 12:51 - 00000000 ____D C:\Users\Plumo\AppData\Temp
2015-11-30 00:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-11-29 18:23 - 2014-05-31 22:42 - 00000000 ____D C:\Users\Plumo
2015-11-29 12:03 - 2014-06-01 10:44 - 01642388 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-29 12:03 - 2010-11-21 01:19 - 00747320 _____ C:\Windows\system32\perfh00C.dat
2015-11-29 12:03 - 2010-11-21 01:19 - 00149844 _____ C:\Windows\system32\perfc00C.dat
2015-11-29 12:03 - 2009-07-14 00:13 - 01642388 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-26 14:57 - 2015-07-11 10:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader*DC.lnk
2015-11-24 15:37 - 2014-06-01 12:51 - 00000000 ____D C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint
2015-11-21 08:58 - 2015-01-02 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-11-21 08:58 - 2015-01-02 14:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-20 17:35 - 2015-01-02 15:01 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-20 17:33 - 2015-01-02 15:01 - 00000000 ____D C:\Users\Plumo\AppData\Local\NVIDIA Corporation
2015-11-20 17:32 - 2014-06-01 10:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-16 11:40 - 2014-06-02 20:42 - 00000000 ____D C:\Windows\system32\MRT
2015-11-16 11:34 - 2014-06-02 20:42 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-16 11:34 - 2014-06-01 00:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-16 11:26 - 2010-11-21 01:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-15 22:35 - 2015-01-02 14:57 - 15122296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 12770944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 03579696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-15 22:35 - 2015-01-02 14:57 - 03159248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-15 22:35 - 2015-01-02 14:18 - 17515528 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-15 22:35 - 2015-01-02 14:18 - 00033607 _____ C:\Windows\system32\nvinfo.pb
2015-11-14 20:03 - 2014-05-31 23:43 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-14 20:03 - 2014-05-31 23:43 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-14 01:18 - 2014-11-27 13:01 - 00000000 ____D C:\Users\Plumo\Downloads\Préservation automatique Corel
2015-11-14 01:06 - 2015-01-02 14:19 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-14 01:06 - 2015-01-02 14:19 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-14 01:06 - 2015-01-02 14:19 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-12 23:01 - 2014-10-03 02:39 - 00003798 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2015-11-12 13:37 - 2015-01-02 15:00 - 01828160 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01509824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-12 13:37 - 2015-01-02 15:00 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-11 22:05 - 2014-06-11 10:16 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-11-11 22:04 - 2014-05-31 23:43 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-11-10 11:00 - 2014-06-01 12:57 - 00000000 ____D C:\Users\Plumo\AppData\Local\ElevatedDiagnostics
2015-11-06 15:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 15:38 - 2014-05-31 23:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 02:09 - 2015-02-08 22:33 - 00000000 ____D C:\Users\Plumo\AppData\Roaming\avidemux
2015-11-05 12:13 - 2015-01-23 11:12 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

==================== Fichiers à la racine de certains dossiers =======

2014-06-01 00:03 - 2015-11-01 17:37 - 0000836 _____ () C:\Users\Plumo\AppData\Roaming\burnaware.ini
2015-03-28 22:17 - 2015-05-22 14:29 - 0099384 _____ () C:\Users\Plumo\AppData\Roaming\inst.exe
2015-03-28 22:17 - 2015-05-22 14:29 - 0007859 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.cat
2015-03-28 22:17 - 2015-05-22 14:29 - 0001167 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.inf
2015-03-28 22:17 - 2015-05-22 14:29 - 0000055 _____ () C:\Users\Plumo\AppData\Roaming\pcouffin.log
2015-03-28 22:17 - 2015-05-22 14:29 - 0082816 _____ (VSO Software) C:\Users\Plumo\AppData\Roaming\pcouffin.sys
2015-03-28 22:17 - 2015-05-23 22:06 - 0001041 _____ () C:\Users\Plumo\AppData\Roaming\vso_ts_preview.xml
2014-06-01 00:42 - 2015-03-25 22:08 - 0003584 _____ () C:\Users\Plumo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 15:45 - 2015-01-06 15:48 - 0000041 ___SH () C:\ProgramData\.zreglib
2014-06-01 00:40 - 2014-06-01 00:42 - 0000088 __RSH () C:\ProgramData\161C05ED6F.sys
2014-06-01 00:40 - 2015-12-04 15:39 - 0002568 ___SH () C:\ProgramData\KGyGaAvL.sys

Certains fichiers dans TEMP:
====================
C:\Users\Plumo\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Plumo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


LastRegBack: 2015-11-30 00:40

==================== Fin de FRST.txt ============================
Addition
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version:01-12-2015
Exécuté par Plumo (2015-12-04 20:05:16)
Exécuté depuis C:\Users\Plumo\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-06-01 03:42:14)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-1554290505-1184955759-1297804211-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1554290505-1184955759-1297804211-1002 - Limited - Enabled)
Invité (S-1-5-21-1554290505-1184955759-1297804211-501 - Limited - Disabled)
Plumo (S-1-5-21-1554290505-1184955759-1297804211-1000 - Administrator - Enabled) => C:\Users\Plumo

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
3D PageFlip Standard (HKLM-x32\...\3D PageFlip Standard_is1) (Version: - 3DPageFlip Solution)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Abrosoft FantaMorph 5.4.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.4.5 - Abrosoft)
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.06 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.6.0.393 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.2 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
Antidote HD (HKLM-x32\...\{56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}) (Version: 7.6.7000 - Druide informatique inc.)
Any Video Converter 5.7.8 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaImpression (HKLM-x32\...\{531F0013-964C-4BE6-B382-4117DC8BCDF9}) (Version: - ArcSoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4830 - AVG Technologies)
AVG 2014 (Version: 14.0.4477 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4830 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.4.0.1 - AVG Technologies)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.)
AVS Audio Editor version 4.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
BurnAware Professional 6.9.4 (HKLM-x32\...\BurnAware Professional_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
Contents (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
ConvertXtoDVD 4.0.3.313 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.3.313 - )
Cool Beans NFO Creator 2.0.1.3 (HKLM-x32\...\Cool Beans NFO Creator_is1) (Version: - Cool Beans Software)
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
DeviceIO (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Dream Aquarium 1.234 (HKLM-x32\...\Dream Aquarium) (Version: 1.234 - Dream Aquarium Screensaver)
Epson Copy Utility 3.4 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.4.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.01.00 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FastStone Photo Resizer 3.3 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.3 - FastStone Soft.)
Flip PDF Professional (HKLM-x32\...\Flip PDF Professional_is1) (Version: - FlipBuilder Solution)
FlipCreator (version 4.6.2.2) (HKLM-x32\...\FlipCreator_is1) (Version: - Alive Software, Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
H.264 Encoder (HKLM-x32\...\{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1) (Version: - www.H264Encoder.com)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.33049 (CD 3.9g) - Hauppauge Computer Works)
ICA (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
KONICA MINOLTA PagePro 1400W (HKLM\...\KONICA MINOLTA PagePro 1400W) (Version: - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mise à jour du pilote EPSON Perfection V30/V300 Photo Scanner (HKLM-x32\...\{CEC9B674-2E1B-43CA-97FE-026D07AD22C1}) (Version: - )
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Mises à jour NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
MLE (x32 Version: 1.0.0.23 - Corel Corporation) Hidden
Mozilla Firefox 42.0 (x86 fr) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 fr)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
No One Lives Forever 2 (HKLM-x32\...\{EBCCE08A-B3EE-40E7-96D7-31741D481015}) (Version: - )
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Pilote 3D Vision 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Pilote graphique 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
Panneau de configuration NVIDIA 359.00 (Version: 359.00 - NVIDIA Corporation) Hidden
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
PIXresizer (HKLM-x32\...\PIXresizer_is1) (Version: 2.0.5 - Bluefive software)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.0.9 - Portforward, LLC)
PSPH10Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PureHD (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Replay Video Capture 6 (HKLM-x32\...\Replay Video Capture6.0.6) (Version: 6.0.6 - Applian Technologies Inc.)
Serif PagePlus X6 (HKLM-x32\...\{E2B22002-9C8B-43CC-A75B-464B6ED4FF6B}) (Version: 16.0.0.19 - Serif (Europe) Ltd)
Setup (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Share (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Share64 (Version: 1.6.1.109 - Corel Corporation) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Snapseed (HKLM-x32\...\{C995D30C-08D6-4B04-A28F-71E9B519D662}) (Version: 1.2.0 - Nik Software, Inc.)
SolveigMM AVI Trimmer version 2.1.1407.1 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 2.1.1407.1 - Solveig Multimedia)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Streaming Video Recorder V4.2.5 (HKLM\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 4.2.5 - Apowersoft)
StudioTax 2014 (HKLM-x32\...\{52D1D702-B61F-4B41-8CDA-75784DE52BAB}) (Version: 10.0.9.2 - BHOK IT Consulting)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TEncoder Video Converter version 4.5.5 (HKLM-x32\...\{7B1F9D22-568D-4109-B128-040BF8A932FC}_is1) (Version: 4.5.5 - ozok)
TMPGEnc Video Mastering Works 6 Trial (HKLM\...\{97102D15-0FD1-4614-B97D-BE83187E1BB0}) (Version: 6.0.7.18 - Pegasys Inc.)
Total Recorder 7.0 (HKLM-x32\...\TotalRecorder) (Version: - )
TSDoctor (HKLM-x32\...\{74B00C74-3D2D-4159-B9A8-B75120139709}) (Version: 1.2.161 - Cypheros)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.6000.10 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6000.10 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (fr-FR) (x32 Version: 9.0.6000.10 - TuneUp Software) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.3.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VIA Le gestionnaire du dispositif de plate-forme (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VidCoder 1.5.31 (x86) (HKLM-x32\...\VidCoder_is1) (Version: 1.5.31 - RandomEngy)
VIO (x32 Version: 1.6.1.109 - Corel Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version: - )
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Personnalisé CLSID (Avec liste blanche): ==========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

CustomCLSID: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000_Classes\CLSID\{A502EEBE-5071-4486-9646-EEE59C8FC937}\InprocServer32 -> C:\Program Files (x86)\Druide\Antidote 7\Texteurs\Word\Antidote.Word.MT.P200_64.dll (Druide informatique inc.)

==================== Points de restauration =========================

28-11-2015 02:45:52 Point de contrôle planifié
29-11-2015 12:00:41 Windows Update
03-12-2015 12:56:47 Windows Update
04-12-2015 15:05:00 JRT Pre-Junkware Removal

==================== Hosts contenu: ==========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2009-07-13 21:34 - 2015-07-19 21:41 - 00450834 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

Il y a 15464 plus de lignes.


==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {143FBCB8-D818-4446-BAF2-AA0EE78346EE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {16173F40-5B70-4035-8344-0E79B08AF649} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {2242E00E-0904-4CF2-AE02-32CB8788F5F6} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {4823860D-BF71-403C-AD66-9AD2B89C158D} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-01-14] ()
Task: {546E1FBA-4B86-44B3-BF11-898C6085D007} - System32\Tasks\Maintenance automatique => C:\Program Files (x86)\TuneUp Utilities 2010\OneClickStarter.exe [2011-05-31] (TuneUp Software)
Task: {5BC6A85B-4E81-4EEA-BFA7-01F54026E1A0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {5E81EEEC-1BA4-4BF6-8310-30F3E77BC26D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {7D6A158F-D316-4E8B-9C56-6ABF5E90C1B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {847DC7FC-D006-415C-A155-8E839D51A208} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {9866A702-845D-4AD5-B30E-3A5389DD4819} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {A710D3EB-C239-4A31-99AB-A832AAC6DB91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
Task: {A9BEF646-105C-42C5-96F2-5FAEBDEE6A06} - System32\Tasks\{65C02ED6-6F32-4D3E-B7FC-1D9121585D99} => E:\NfS5porsche 2000\porsche.exe [2000-06-26] ()
Task: {D1C19B67-D2D3-4576-9A76-E464A1FC4B18} - System32\Tasks\{137150EE-E72F-4A7C-BE9F-BF4CEA85B19A} => E:\NfS5porsche 2000\porsche.exe [2000-06-26] ()
Task: {D949518C-BABA-4FB9-ACB1-EB9A36B953C7} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe
Task: {E6BA914B-D836-4888-86E2-334193430A67} - System32\Tasks\{DCADD795-1D79-4721-A415-48E45802339F} => E:\NfS5porsche 2000\porsche.exe [2000-06-26] ()
Task: {EB0E70EA-9D9B-4612-B80D-2416A63E3580} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {F9CC5A34-9952-45EE-A6F7-69522FF8EDE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {FFA337AC-FB1A-4F09-A6FE-BCF98E1BEC18} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17] (ArcSoft Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Raccourcis =============================

(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)

==================== Modules chargés (Avec liste blanche) ==============

2015-01-02 14:19 - 2015-11-14 01:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-12 14:47 - 2010-11-18 17:26 - 00224176 _____ () C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
2014-05-23 01:10 - 2014-05-23 01:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2009-12-30 17:48 - 2011-08-04 14:06 - 00139264 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2014-10-02 23:10 - 2014-10-02 23:10 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-10-02 23:12 - 2013-01-14 15:37 - 01406776 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2015-01-15 00:28 - 2015-01-15 00:28 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-02 23:10 - 2015-12-04 19:53 - 00023552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-10-02 23:10 - 2010-06-29 17:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-03-31 09:38 - 2015-11-12 13:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-03 00:32 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-03 00:32 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-03 00:32 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-02 23:12 - 2013-01-14 16:16 - 05771136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2014-10-02 23:12 - 2010-06-21 14:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2014-06-01 10:04 - 2011-08-23 09:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-10-02 23:11 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2014-10-02 23:11 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2014-10-02 23:11 - 2012-10-08 16:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2014-10-02 23:12 - 2013-01-15 14:30 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2014-10-02 23:16 - 2012-06-19 11:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2014-10-02 23:17 - 2013-06-24 14:59 - 01173504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2014-10-02 23:20 - 2012-07-20 08:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2014-10-02 23:11 - 2012-05-25 09:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2014-10-02 23:11 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2014-10-02 23:11 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2014-10-02 23:11 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2014-10-02 23:11 - 2012-08-29 17:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2014-10-02 23:10 - 2010-08-23 17:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2014-10-02 23:11 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-10-02 23:11 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-12-03 00:32 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-03 00:32 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-11-14 20:03 - 2015-11-14 20:03 - 17604296 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll

==================== Alternate Data Streams (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)

AlternateDataStreams: C:\Windows:7D11D83A45611A6F

==================== Mode sans échec (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)


==================== EXE Association (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)


==================== Internet Explorer sites de confiance/sensibles ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Il y a 7867 plus de sites.

IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\...\123simsen.com -> www.123simsen.com

Il y a 7867 plus de sites.


==================== Autres zones ============================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKU\S-1-5-21-1554290505-1184955759-1297804211-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Plumo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 74.116.184.9 - 74.116.184.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Actuellement, il n'y a pas de correction automatique pour cette section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AutoStart IR.lnk => C:\Windows\pss\AutoStart IR.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snagit 12.lnk => C:\Windows\pss\Snagit 12.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status.lnk => C:\Windows\pss\WinTV Recording Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Plumo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enregistrement de scanner Epson.lnk => C:\Windows\pss\Enregistrement de scanner Epson.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: agentantidote.exe => "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession
MSCONFIG\startupreg: agentantidote64.exe => "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: EEventManager => C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: KONICA MINOLTA PagePro 1400W STD => C:\Windows\system32\MSTMON_Y.EXE STARTUP
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Standby => "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"

==================== RèglesPare-feu (Avec liste blanche) ===============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{B770038B-16AF-4B9E-86F9-47680AA0CB7E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{831C82C1-CC0B-436C-9F83-58909DF0213D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{DF8CFD3C-1B89-4CF3-976B-79EBDD5B7FCF}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{AB2B3347-8E0D-4919-B49B-1C9731BD33D5}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\Streaming-Video-Recorder.exe
FirewallRules: [{A2D7079E-6CFB-4696-A322-E04F4D4365FE}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\StreamingVideoRecorder.exe
FirewallRules: [{5068D6AE-48A1-4409-8794-D9327281107C}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll
FirewallRules: [{A5EBADD5-2D16-49C5-A47B-EDC19977AA09}] => (Allow) C:\Program Files\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll
FirewallRules: [{D5964344-5F20-48F2-B2F9-002D185029AB}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{1FDE7D7C-C627-4C1E-ABDB-FCBDBF343026}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{648921DF-DFCA-4DD6-ADC9-2D151BAA8BFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F5ED3195-82EB-4BBD-AD0C-7E90BB726B31}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A940AF77-0730-4D42-B400-BF68749CAE9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33BB8FB8-F7F0-48CF-A09A-6C69F2D213BE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A468D632-6610-4CC7-9CF3-B64CA6CF60D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CC04F0BB-2FF0-43B3-B610-8C5F9924BB87}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{027F1E33-57FC-441D-A875-4B010CDB3642}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9A76CF83-A4F9-4D68-A059-8AF8DC70E431}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3C3410F9-D322-46B5-9CBE-290A3E25E279}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{A6A6C6CC-C933-4CBD-BFAE-792FEB42C178}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{2375A040-E5CA-4C36-A647-6F43A7BF0C12}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C16285BC-A8D2-4E2E-AC90-8915DE7F506F}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{0F24E59C-AF89-4D7D-87DF-D0FD80185D5F}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{ACD92A48-E976-4145-ACA3-8516F509755A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{C6B55E48-5B74-471E-BC07-F4A8B2DAF1AE}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{F65E55E0-A03E-4BFE-9284-3EC6AFB62C83}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{B48A6E36-2073-4ABB-972D-6BF5C73B8AE9}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{6DE2B662-A21A-4F2B-A8BE-F6E225696569}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{F775409F-675C-4E8E-8E2F-443B14169B50}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{B8BEC260-E30F-4645-9F38-254CEF14C5C2}] => (Allow) C:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{AB5EB52B-4F98-4224-9245-557D4B3D3DB4}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{FC326B71-B4F5-4579-8A4B-3665E2FD32FF}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{2A460B84-DA8A-48CF-8F07-F185069F6DC5}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{002F0DC3-71ED-4E51-B8C3-74FC9F8E0F86}] => (Allow) C:\Program Files (x86)\WinTV\TVServer\CaptureDCR.exe
FirewallRules: [{0E8AE946-5502-4601-8CFD-938C0415C895}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0544087D-93BE-4691-97B8-000501FACD12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A7EBC9D2-033B-4720-8E5A-9BA0423A5706}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EF31AAB5-CD38-4BEE-B620-6D1E21C03FAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{01996EDB-22BB-4D83-A1CC-5B8A0CA37425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EB05B2D-4BD6-4A37-B123-4205C8554329}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{2211456D-1CF9-4D2F-A7EC-4B7E228C6B67}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{DF35228D-92FE-4598-BF4D-D2CC12CDA353}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{FC7491F3-BEB5-49D2-9323-6EC0103C0022}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{506C900F-4654-4181-BE2D-763391C080C5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{59CD1B27-2313-4ED9-8ADD-B884BCDB4421}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{2D4BFEDD-1C83-4B89-9BF3-CE72FDD922CC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{5E7DEA9D-D143-4FF1-88DC-C787B03C3889}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1D6B593F-B451-4EA8-A695-4E3C3B33218C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Éléments en erreur du Gestionnaire de périphériques =============

Name: Contrôleur de bus USB
Description: Contrôleur de bus USB
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erreurs du Journal des événements: =========================

Erreurs Application:
==================
Error: (12/04/2015 07:54:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Nom du module défaillant : igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000001116c
ID du processus défaillant : 0x614
Heure de début de l’application défaillante : 0xigfxCUIService.exe0
Chemin d’accès de l’application défaillante : igfxCUIService.exe1
Chemin d’accès du module défaillant: igfxCUIService.exe2
ID de rapport : igfxCUIService.exe3

Error: (12/04/2015 07:53:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2015 02:59:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Nom du module défaillant : igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000001116c
ID du processus défaillant : 0x5e4
Heure de début de l’application défaillante : 0xigfxCUIService.exe0
Chemin d’accès de l’application défaillante : igfxCUIService.exe1
Chemin d’accès du module défaillant: igfxCUIService.exe2
ID de rapport : igfxCUIService.exe3

Error: (12/04/2015 02:59:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 09:28:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Nom du module défaillant : igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000001116c
ID du processus défaillant : 0x5e8
Heure de début de l’application défaillante : 0xigfxCUIService.exe0
Chemin d’accès de l’application défaillante : igfxCUIService.exe1
Chemin d’accès du module défaillant: igfxCUIService.exe2
ID de rapport : igfxCUIService.exe3

Error: (12/03/2015 09:28:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 00:31:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d672ee4
Nom du module défaillant : SHELL32.dll, version : 6.1.7601.18952, horodatage : 0x55c3a0ed
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000005051e
ID du processus défaillant : 0x494
Heure de début de l’application défaillante : 0xExplorer.EXE0
Chemin d’accès de l’application défaillante : Explorer.EXE1
Chemin d’accès du module défaillant: Explorer.EXE2
ID de rapport : Explorer.EXE3

Error: (12/03/2015 00:31:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Nom du module défaillant : igfxCUIService.exe, version : 6.15.10.3621, horodatage : 0x5376e21a
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000001116c
ID du processus défaillant : 0x5a8
Heure de début de l’application défaillante : 0xigfxCUIService.exe0
Chemin d’accès de l’application défaillante : igfxCUIService.exe1
Chemin d’accès du module défaillant: igfxCUIService.exe2
ID de rapport : igfxCUIService.exe3

Error: (12/03/2015 00:30:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 00:27:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567, horodatage : 0x4d672ee4
Nom du module défaillant : SHELL32.dll, version : 6.1.7601.18952, horodatage : 0x55c3a0ed
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000005051e
ID du processus défaillant : 0x1d20
Heure de début de l’application défaillante : 0xExplorer.EXE0
Chemin d’accès de l’application défaillante : Explorer.EXE1
Chemin d’accès du module défaillant: Explorer.EXE2
ID de rapport : Explorer.EXE3


Erreurs système:
=============
Error: (12/04/2015 07:54:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Intel(R) HD Graphics Control Panel Service s’est arrêté avec l’erreur*:
%%-2147467259

Error: (12/04/2015 07:53:48 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort1.

Error: (12/04/2015 03:05:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service NVIDIA Display Driver Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (12/04/2015 02:59:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Le service Intel(R) HD Graphics Control Panel Service s’est arrêté avec l’erreur*:
%%-2147467259

Error: (12/04/2015 02:57:27 PM) (Source: atapi) (EventID: 11) (User: )
Description: Le pilote a détecté une erreur du contrôleur sur \Device\Ide\IdePort1.

Error: (12/04/2015 02:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Windows Search n’a pas pu démarrer en raison de l’erreur*:
%%1069

Error: (12/04/2015 02:56:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service WSearch n’a pas pu ouvrir de session en tant que NT AUTHORITY\SYSTEM avec le mot de passe actuellement configuré en raison de l’erreur suivante*:
%%50

Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error: (12/04/2015 02:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Partage réseau du Lecteur Windows Media n’a pas pu démarrer en raison de l’erreur*:
%%1069

Error: (12/04/2015 02:56:28 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Le service WMPNetworkSvc n’a pas pu ouvrir de session en tant que NT AUTHORITY\NetworkService avec le mot de passe actuellement configuré en raison de l’erreur suivante*:
%%50

Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error: (12/04/2015 02:55:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Spybot-S&D 2 Security Center Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes*: Redémarrer le service.


==================== Infos Mémoire ===========================

Processeur: Intel(R) Core(TM) i3-3250 CPU @ 3.50GHz
Pourcentage de mémoire utilisée: 36%
Mémoire physique - RAM - totale: 8120.37 MB
Mémoire physique - RAM - disponible: 5150.77 MB
Mémoire virtuelle totale: 16238.95 MB
Mémoire virtuelle disponible: 12703.73 MB

==================== Lecteurs ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:340.05 GB) NTFS
Drive e: (JEUX) (Fixed) (Total:149.04 GB) (Free:23.05 GB) NTFS
Drive f: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:5.83 GB) NTFS
Drive g: (Hitachi) (Fixed) (Total:1863.01 GB) (Free:1056.69 GB) NTFS
Drive h: () (Removable) (Total:3.73 GB) (Free:1.41 GB) FAT32

==================== MBR & Table des partitions ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: AF697017)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 12171216)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: FD5FB4CE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7E474F7A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Fin de Addition.txt ============================

Voilà!

Last time, I tested SpyBot after the first tweaks and it showed win32.adload again + two Virtumonde; seems that one Virtumonde was deleted somewhere during the process.
I am now running it again just to see....
:snorkle:
win32.adload.jm is still present.... and Virtumonde multiplied itself!!!!!!
:mad::eek:

Plumo

Juliet
2015-12-05, 04:26
win32.adload.jm is still present.... and Virtumonde multiplied itself!!!!!!
Can you see if it gives you where it's located?, in a file path or folder?

~~~~~~~~~~~~~~~~~~~~~~~~~~~
AV: Microsoft Security Essentials (Enabled - Up to date)
AV: AVG Internet Security 2014 (Enabled - Up to date)

You are using 2 antivirus software on your computer. This will not bring you more protection. In many cases this lessens your protection and causes errors from either applications.
You need to remove/uninstall one, your choice.

~~~~~~~~~~~~~~~~~~~~`
I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - worms (http://en.wikipedia.org/wiki/Computer_worm), backdoor Trojans (http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99), IRCBots (http://en.wikipedia.org/wiki/IRC_bot), and rootkits (http://en.wikipedia.org/wiki/Rootkit) propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information.

Risks of File-Sharing Technology (http://www.us-cert.gov/cas/tips/ST05-007.html)
P2P Software User Advisories (http://aresgalaxy.sourceforge.net/p2prisks.htm)
More malware is traveling on P2P networks these days (http://www.computerworld.com/s/article/9240067/More_malware_is_traveling_on_P2P_networks_these_days)

Your P2P software can be removed by following the instructions below.

Press the Windows Key http://i.imgur.com/pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
Search for the aforementioned programme(s), right-click and click Uninstall. Follow the prompts.

If you choose not to, please refrain from using the programme(s) during this process.

~~~~~~~~~~~~~~~~~~~~

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)


https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG




start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
AlternateDataStreams: C:\Windows:7D11D83A45611A6F
EmptyTemp:
End


Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~~`

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

How to use ComboFix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

Download ComboFix from here:
Link 1 (http://www.bleepingcomputer.com/download/combofix/)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)

Place ComboFix.exe on your Desktop <--Important
[LIST]
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.



You can get help on disabling your protection programs here (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html)
Double click on ComboFix.exe & follow the prompts.
You may be asked to install or update the Recovery Console (http://en.wikipedia.org/wiki/Recovery_Console) (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)
Your desktop may go blank. This is normal. It will return when ComboFix is done. Combofix may need to reboot your computer more than once to do its job this is normal.
When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
---------------------------------------------------------------------------------------------
If there are Internet issues after running ComboFix:
Internet Explorer:
Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" and check to "Automatically detect settings". Also clear any proxy address and port. ok, apply (only if applicable), ok.
Firefox:
Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection. "No Proxy" should be selected, unless you have one set up yourself.
Chrome:
Select -> Tools menu -> then "Options", then go to "Change Proxy Settings", then "LAN Settings" , then take out the check mark for "Use a proxy server for your LAN" if set, unless you set this up yourself.

Please post these 2 logs when finished.

Plumo
2015-12-05, 05:57
I know its uncanny but can't rely the path so far...

By now, I had two antivirus because of my first testings, I just uninstalled MSEssentials.
Still using Utorrent since 2006, old version (2.2.2.1) and by far the best one, nothing happened on this way, I am using safe torrent web site with safe stuff...
but it can happen...
Here are the tests results;
___________
FRST
Résultats de correction de Farbar Recovery Scan Tool (x64) Version:01-12-2015
Exécuté par Plumo (2015-12-04 22:22:55) Run:1
Exécuté depuis C:\Users\Plumo\Desktop
Profils chargés: Plumo (Profils disponibles: Plumo)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
AlternateDataStreams: C:\Windows:7D11D83A45611A6F
EmptyTemp:
End
*****************

Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => valeur supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => clé supprimé(es) avec succès
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => clé supprimé(es) avec succès
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => clé supprimé(es) avec succès
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => clé supprimé(es) avec succès
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => clé supprimé(es) avec succès
C:\Windows => ":7D11D83A45611A6F" ADS supprimé(es) avec succès.
EmptyTemp: => 713.2 MB données temporaires supprimées.


Le système a dû redémarrer.

==== Fin de Fixlog 22:23:58 ====
___________
COMBOFix
ComboFix 15-12-03.01 - Plumo 2015-12-04 22:37:42.1.4 - x64
Microsoft Windows*7 Édition Intégrale 6.1.7601.1.1252.1.1036.18.8120.5861 [GMT -5:00]
Lancé depuis: c:\users\Plumo\Desktop\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
FW: AVG Internet Security 2014 *Enabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
SP: AVG Internet Security 2014 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\161C05ED6F.sys
c:\programdata\ma-config.com
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\maconfservice.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\Logs\websocketpp.log
c:\programdata\ma-config.com\mcbase.db
c:\programdata\ma-config.com\server.pem
c:\users\Plumo\AppData\Local\assembly\tmp
c:\users\Plumo\AppData\Roaming\inst.exe
c:\users\Plumo\AppData\Roaming\vso_ts_preview.xml
c:\windows\msdownld.tmp
c:\windows\SysWow64\~GLH0064.TMP
F:\Autorun.inf
F:\Setup.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-11-05 au 2015-12-05 ))))))))))))))))))))))))))))))))))))
.
.
2015-12-05 03:46 . 2015-12-05 03:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-04 19:49 . 2015-12-04 19:55 -------- d-----w- C:\AdwCleaner
2015-12-04 19:11 . 2015-12-04 19:11 30848 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-04 19:11 . 2015-12-04 19:37 -------- d-----w- c:\programdata\RogueKiller
2015-12-04 03:23 . 2015-12-05 03:26 -------- d-----w- C:\FRST
2015-12-04 03:20 . 2015-12-04 03:20 -------- d-----w- C:\RegBackup
2015-12-04 03:20 . 2015-12-04 03:20 -------- d-----w- c:\program files (x86)\Tweaking.com
2015-12-04 01:59 . 2015-12-05 03:28 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-04 01:59 . 2015-12-04 01:59 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-04 01:59 . 2015-12-04 01:59 -------- d-----w- c:\programdata\Malwarebytes
2015-12-04 01:59 . 2015-10-05 14:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-04 01:59 . 2015-10-05 14:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-04 01:59 . 2015-10-05 14:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-12-03 05:32 . 2013-09-20 15:49 21040 ----a-w- c:\windows\system32\sdnclean64.exe
2015-12-03 05:32 . 2015-12-03 05:38 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-11-29 17:00 . 2015-10-08 23:22 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-11-29 17:00 . 2015-10-08 23:18 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2015-11-29 17:00 . 2015-10-08 23:18 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2015-11-29 17:00 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-11-29 17:00 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-11-29 17:00 . 2015-10-08 23:18 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2015-11-29 17:00 . 2015-10-08 23:17 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2015-11-21 13:58 . 2015-11-14 05:53 102520 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-11-20 22:36 . 2015-11-12 18:37 112712 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2015-11-16 16:22 . 2015-10-20 01:12 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-11-16 16:17 . 2015-10-01 18:00 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-11-09 21:06 . 2015-11-05 17:13 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2015-11-09 21:06 . 2015-11-05 17:13 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-11-09 21:06 . 2015-11-16 03:35 18363000 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-11-09 21:06 . 2015-11-16 03:35 15717864 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-11-09 21:06 . 2015-11-05 17:13 1905272 ----a-w- c:\windows\system32\nvdispco6435891.dll
2015-11-09 21:06 . 2015-11-05 17:13 1564792 ----a-w- c:\windows\system32\nvdispgenco6435891.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-05 01:20 . 2014-06-01 05:40 2568 --sha-w- c:\programdata\KGyGaAvL.sys
2015-11-16 16:34 . 2014-06-03 01:42 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-11-16 03:35 . 2015-01-02 19:57 3579696 ----a-w- c:\windows\system32\nvapi64.dll
2015-11-16 03:35 . 2015-01-02 19:57 3159248 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-11-16 03:35 . 2015-01-02 19:57 15122296 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-11-16 03:35 . 2015-01-02 19:57 12770944 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-11-16 03:35 . 2015-01-02 19:18 17515528 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-11-15 01:03 . 2014-06-01 04:43 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-15 01:03 . 2014-06-01 04:43 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-11-14 06:06 . 2015-01-02 19:19 6358832 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-14 06:06 . 2015-01-02 19:19 2983032 ----a-w- c:\windows\system32\nvsvc64.dll
2015-11-14 06:06 . 2015-01-02 19:19 938800 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-14 06:06 . 2015-01-02 19:19 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-11-14 06:06 . 2015-01-02 19:19 385144 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-14 06:06 . 2015-01-02 19:19 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-11-12 18:37 . 2015-01-02 20:00 1509824 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-11-12 18:37 . 2015-01-02 20:00 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-11-12 18:37 . 2015-01-02 20:00 1828160 ----a-w- c:\windows\system32\nvspcap64.dll
2015-11-12 18:37 . 2015-01-02 20:00 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-11-05 17:13 . 2015-01-23 16:12 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-10-29 17:50 . 2015-11-16 16:22 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-16 16:22 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-16 16:22 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-16 16:22 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-16 16:22 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-16 16:22 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-16 16:22 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-16 16:22 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-16 16:22 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-28 15:09 . 2015-10-28 15:10 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-28 08:17 . 2015-01-02 19:19 6027430 ----a-w- c:\windows\system32\nvcoproc.bin
2015-10-20 00:45 . 2015-11-16 16:22 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 06:29 . 2015-10-13 06:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 06:22 . 2015-10-13 06:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-03 05:06 . 2015-10-21 04:39 1905456 ----a-w- c:\windows\system32\nvdispco6435850.dll
2015-10-03 05:06 . 2015-10-21 04:39 1564976 ----a-w- c:\windows\system32\nvdispgenco6435850.dll
2015-10-01 18:06 . 2015-10-21 03:24 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-21 03:24 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-21 03:24 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-21 03:24 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-21 03:24 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-21 03:24 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 18:00 . 2015-10-21 03:24 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 17:50 . 2015-10-21 03:24 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-21 03:24 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-21 03:24 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-21 03:24 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-21 03:24 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-21 03:24 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-21 03:24 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-21 03:24 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-21 03:24 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-09-14 00:29 . 2015-10-01 05:13 1898288 ----a-w- c:\windows\system32\nvdispco6435598.dll
2015-09-14 00:29 . 2015-10-01 05:13 1558832 ----a-w- c:\windows\system32\nvdispgenco6435598.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2015-02-06 399224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2015-07-30 5212072]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave"=DrvTrNTm.dll
"mixer"=DrvTrNTm.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\h:\0autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"GesAnt.exe"="c:\program files (x86)\Druide\Antidote 7\Programmes32\GesAnt.exe" /Nettoyage
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe;c:\program files (x86)\Abrosoft\FantaMorph5\FantaUp.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [x]
S2 avgfws;Pare-feu AVG;c:\program files (x86)\AVG\AVG2014\avgfws.exe;c:\program files (x86)\AVG\AVG2014\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HauppaugeTVServer;HauppaugeTVServer;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys;c:\windows\SYSNATIVE\drivers\hcw18bda.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2015-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18 15:24]
.
2015-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18 15:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 06:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 06:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 06:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-12 2757424]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-11-12 1828160]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: NameServer = 74.116.184.9,74.116.184.8
FF - ProfilePath - c:\users\Plumo\AppData\Roaming\Mozilla\Firefox\Profiles\m9hb7b2o.default\
FF - prefs.js: browser.startup.homepage - hxxp://radio-canada.ca/
FF - prefs.js: keyword.URL -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Notify-igfxcui - (no file)
Notify-SDWinLogon - SDWinLogon.dll
.
.
"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.]
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-12-04 22:51:56
ComboFix-quarantined-files.txt 2015-12-05 03:51
.
Avant-CF: 365*343*154*176 octets libres
Après-CF: 364*916*305*920 octets libres
.
- - End Of File - - 7477C459ADB429F817D9436D874830F3
CA10FFA6C508202CE0A9D48F6976CDE0
___________

Merci for your time!
:band:

Plumo

Plumo
2015-12-05, 06:11
Just runned SpyBot and Adload is still showing,
Virtumonde appeared only two times now.

Plumo

Juliet
2015-12-05, 14:42
Just runned SpyBot and Adload is still showing,
Virtumonde appeared only two times now.
Well, it's hiding very well because not seeing anything yet.

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
Most reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.



Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

http://i.imgur.com/GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

Please download ESET Online Scan (http://download.eset.com/special/eos/esetsmartinstaller_enu.exe) and save the file to your Desktop.
Temporarily disable your anti-virus software. For instructions, please refer to the following link (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/).
Double-click esetsmartinstaller_enu.exe to run the programme.
Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
Agree to the Terms of Use once more and click Start. Allow components to download.
Place a checkmark next to Enable detection of potentially unwanted applications.
Click Advanced settings. Place a checkmark next to:

Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology


Ensure Remove found threats is unchecked.
Click Start.
Wait for the scan to finish. Please be patient as this can take some time.
Upon completion, click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png. If no threats were found, skip the next two bullet points.
Click http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
Push the Back button.
Place a checkmark next to http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
Re-enable your anti-virus software.
Copy the contents of the log and paste in your next reply.

Plumo
2015-12-06, 05:33
Here is the report;
:cleaning:

C:\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe Win32/HackTool.Crack.BF potentially unsafe application
C:\Users\Plumo\Downloads\avc-free.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Plumo\Downloads\cdbxp_setup_4.5.4.5306.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Plumo\Downloads\SolveigMM_AVI_Trimmer_2_1_1407_1.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Plumo\Downloads\SopCast\Setup-SopCast-3.9.2-2014-7-10.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
F:\Orbit downloader\OrbitSetup4.1.02.exe Win32/OpenCandy potentially unsafe application
F:\Seagate Sync\VOL\My Documents\torrents temporaires\Nero 8 Ultra Edition 8.3.6.0\Nero-8.3.6.0_fra_trial.exe Win32/Toolbar.AskSBar potentially unwanted application
G:\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application
G:\Hauppauge 1600-driver\hvr-1600_installer.zip a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 11.zip a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 127.zip a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 7.zip a variant of Win32/OpenCandy.A potentially unsafe application
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 8.zip a variant of Win32/OpenCandy.A potentially unsafe application
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 9.zip a variant of Win32/OpenCandy.A potentially unsafe application
G:\Stéphanie-boutte\Voice-ep2\FreeVideoDub205.exe Win32/Toolbar.Conduit.S potentially unwanted application
G:\Torrents-2\O2ACK1.3.7z Win32/HackKMS.A potentially unsafe application
G:\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip a variant of Win32/Keygen.DF potentially unsafe application
G:\Torrents-2\DU Meter v6.05 + Patch\Patch\Patch.exe a variant of Win32/HackTool.Patcher.A potentially unsafe application
G:\Torrents-2\Easy file FTP server 3.2\Keymaker\Keymaker.exe a variant of Win32/Keygen.MB potentially unsafe application
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz Win32/HackTool.Crack.BF potentially unsafe application
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe Win32/HackTool.Crack.BF potentially unsafe application
G:\win7-Arium V7\ChewWGAbyGstar.rar.zip Win32/HackTool.WinActivator.N potentially unsafe application
____________

Merci!
Plumo

Juliet
2015-12-06, 13:49
Forum Policy
I strongly suggest you remove any cracked software that is installed, we do not approve nor will we provide support in the future for problems produced because of illegal software.

Besides it being illegal, cracked/keygens are one of the fastest ways of infecting your system, 100% of Cracked/KeyGen software contains some form of malicious code. This forum as well as most of the other malware removal forums do not support the use of illegal software.

In the future, if asking for help and illegal software is found, help would be denied.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)


start
CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe
C:\Users\Plumo\Downloads\avc-free.exe
C:\Users\Plumo\Downloads\cdbxp_setup_4.5.4.5306.exe
C:\Users\Plumo\Downloads\SolveigMM_AVI_Trimmer_2_1_1407_1.exe
C:\Users\Plumo\Downloads\SopCast\Setup-SopCast-3.9.2-2014-7-10.exe
F:\Orbit downloader\OrbitSetup4.1.02.exe
F:\Seagate Sync\VOL\My Documents\torrents temporaires\Nero 8 Ultra Edition 8.3.6.0\Nero-8.3.6.0_fra_trial.exe
G:\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar
G:\Hauppauge 1600-driver\hvr-1600_installer.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 11.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 127.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 7.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 8.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 9.zip
G:\Stéphanie-boutte\Voice-ep2\FreeVideoDub205.exe
G:\Torrents-2\O2ACK1.3.7z
G:\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip
G:\Torrents-2\DU Meter v6.05 + Patch\Patch\Patch.exe
G:\Torrents-2\Easy file FTP server 3.2\Keymaker\Keymaker.exe
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe
G:\win7-Arium V7\ChewWGAbyGstar.rar.zip
EmptyTemp:
Hosts:
End


Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~

How is the computer now?

Plumo
2015-12-06, 17:42
Well, nobody's perfect and these warez files were from long time backup, 3 years ago If I remember well...

FRST report:
Résultats de correction de Farbar Recovery Scan Tool (x64) Version:05-12-2015
Exécuté par Plumo (2015-12-06 10:20:56) Run:2
Exécuté depuis C:\Users\Plumo\Desktop
Profils chargés: Plumo (Profils disponibles: Plumo)
Mode d'amorçage: Normal
==============================================

fixlist contenu:
*****************
tart
CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe
C:\Users\Plumo\Downloads\avc-free.exe
C:\Users\Plumo\Downloads\cdbxp_setup_4.5.4.5306.exe
C:\Users\Plumo\Downloads\SolveigMM_AVI_Trimmer_2_1_1407_1.exe
C:\Users\Plumo\Downloads\SopCast\Setup-SopCast-3.9.2-2014-7-10.exe
F:\Orbit downloader\OrbitSetup4.1.02.exe
F:\Seagate Sync\VOL\My Documents\torrents temporaires\Nero 8 Ultra Edition 8.3.6.0\Nero-8.3.6.0_fra_trial.exe
G:\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar
G:\Hauppauge 1600-driver\hvr-1600_installer.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 11.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 127.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 7.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 8.zip
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 9.zip
G:\Stéphanie-boutte\Voice-ep2\FreeVideoDub205.exe
G:\Torrents-2\O2ACK1.3.7z
G:\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip
G:\Torrents-2\DU Meter v6.05 + Patch\Patch\Patch.exe
G:\Torrents-2\Easy file FTP server 3.2\Keymaker\Keymaker.exe
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe
G:\win7-Arium V7\ChewWGAbyGstar.rar.zip
EmptyTemp:
Hosts:
End
*****************

tart => Erreur: Pas de correction automatique trouvée pour cet élément.
Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
C:\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe => déplacé(es) avec succès
C:\Users\Plumo\Downloads\avc-free.exe => déplacé(es) avec succès
C:\Users\Plumo\Downloads\cdbxp_setup_4.5.4.5306.exe => déplacé(es) avec succès
C:\Users\Plumo\Downloads\SolveigMM_AVI_Trimmer_2_1_1407_1.exe => déplacé(es) avec succès
C:\Users\Plumo\Downloads\SopCast\Setup-SopCast-3.9.2-2014-7-10.exe => déplacé(es) avec succès
F:\Orbit downloader\OrbitSetup4.1.02.exe => déplacé(es) avec succès
F:\Seagate Sync\VOL\My Documents\torrents temporaires\Nero 8 Ultra Edition 8.3.6.0\Nero-8.3.6.0_fra_trial.exe => déplacé(es) avec succès
G:\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar => déplacé(es) avec succès
G:\Hauppauge 1600-driver\hvr-1600_installer.zip => déplacé(es) avec succès
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 11.zip => déplacé(es) avec succès
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 127.zip => déplacé(es) avec succès
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 7.zip => déplacé(es) avec succès
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 8.zip => déplacé(es) avec succès
G:\PLUMO-PC\Backup Set 2015-09-20 211032\Backup Files 2015-09-20 211032\Backup files 9.zip => déplacé(es) avec succès
G:\Stéphanie-boutte\Voice-ep2\FreeVideoDub205.exe => déplacé(es) avec succès
G:\Torrents-2\O2ACK1.3.7z => déplacé(es) avec succès
G:\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip => déplacé(es) avec succès
G:\Torrents-2\DU Meter v6.05 + Patch\Patch\Patch.exe => déplacé(es) avec succès
G:\Torrents-2\Easy file FTP server 3.2\Keymaker\Keymaker.exe => déplacé(es) avec succès
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz => déplacé(es) avec succès
G:\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe => déplacé(es) avec succès
G:\win7-Arium V7\ChewWGAbyGstar.rar.zip => déplacé(es) avec succès
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.
EmptyTemp: => 349.1 MB données temporaires supprimées.


Le système a dû redémarrer.

==== Fin de Fixlog 10:21:58 ====

_______________

After a new SPB test, adload.jm still there and 3 Virtumonde (245-845-846)....
This is uncanny!
Where can it be located? :devil:

Should I uninstall SpyBot 1.6.2 and reinstall iy before a new check?

Plumo

Plumo
2015-12-06, 18:23
After another check with SpyBot 1.6.2, no more adload.jm but 3 Virtumonde (245-845-547).
I also made a Hijackthis check; maybe it could help you.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:16:14, on 2015-12-06
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)

FIREFOX: 42.0 (x86 fr)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Users\Plumo\Desktop\sanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Système')
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: NameServer = 74.116.184.9,74.116.184.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: NameServer = 74.116.184.9,74.116.184.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{2979BA9A-B950-4D02-A0B3-239DB61FDAEE}: NameServer = 74.116.184.9,74.116.184.8
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Abrosoft: Abrosoft FantaMorph update permissions manager. 12810. - Unknown owner - C:\Program Files (x86)\Abrosoft\FantaMorph5\FantaUp.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Pare-feu AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: PDF Architect 2 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Spouleur d’impression (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 26839 bytes

__________

Merci!

We'll find it!

Plumo :confused:

Juliet
2015-12-06, 21:09
Well, nobody's perfect and these warez files were from long time backup, 3 years ago If I remember well...
It's my job to tell you of the dangers by using programs that can install malware to you unknowingly. I was taught this way and some people have learned their children have placed this on the computers and they never knew.
What if you did not know what could happen?


I'm not sure but I think those entries that are still showing up can be in system restore points. I cannot guarantee this it's just a thought.

Let's purge restore points.

How to remove all System Restore points except the most recent one.

Click Start > All Programs > Accessories > System Tools > Click Disc Cleanup

Now launch this utility and click More Options tab. Under which click System Restore and followed by that click Clean Up tab a message will popup -
Are you sure you want to delete all but the most recent restore point? Click Yes then OK .
Finally another message will popup-Are you sure you want to perform these actions? Click Yes.
Now, all the System Restore points except the most recent one are cleaned. As a result there will be more free space in hard disk.

We may need to uninstall SpyBot then reinstall https://www.safer-networking.org/dl/

Plumo
2015-12-07, 08:32
Allo!
First, I uninstalled SPB 1.6.2 (but got "system error message code 1060") & SPB 2.4
I used CCleaner and then deleted the old folders.
Then I deleted old restoration points as you suggested.
I tried to reinstalled SPB 1.6.2 which was my fav but an error message occured saying the "unable to connect fron unsecured network to secure network. I tried this two times with no success so i installed SPB 2.4 and runned a full scan. Progz runned full time (1h20minutes) and found this:
_____
First scan
Search results from Spybot - Search & Destroy

2015-12-07 00:58:45
Scan took 01:21:05.
17 items found.

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=B07E249F29A6F0EEDE28F96D924503E9
Properties.filedate=1449462767
Properties.filedatetext=2015-12-06 23:32:47

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1449462767
Properties.filedatetext=2015-12-06 23:32:47

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=76
Properties.md5=381603B516ABC2768F2EE0AB05E0D105
Properties.filedate=1449462757
Properties.filedatetext=2015-12-06 23:32:37

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)


Historique: [SBI $49804B54] Browser: History (3) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (127) (Browser: Cookie, nothing done)


Gen:Trojan.Heur.ouW@!d5uqwj: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar.xBAD
Properties.size=11047594
Properties.md5=176092F23EDB281A287A3CEC17AD4D71
Properties.filedate=1352846208
Properties.filedatetext=2012-11-13 17:36:47

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\C\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe.xBAD
Properties.size=23176
Properties.md5=410D3A682504F0CAE304A058E141BF6F
Properties.filedate=1391420650
Properties.filedatetext=2014-02-03 04:44:10

Trojan.Generic.6156673: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip.xBAD
Properties.size=2168077
Properties.md5=94C1B7A5C14100DA9D3F7F85BDBB47DB
Properties.filedate=1363211849
Properties.filedatetext=2013-03-13 16:57:28

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz.xBAD
Properties.size=64510358
Properties.md5=33E240F0E5031B72837CBEEF532E247F
Properties.filedate=1426603297
Properties.filedatetext=2015-03-17 09:41:36

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe.xBAD
Properties.size=23176
Properties.md5=410D3A682504F0CAE304A058E141BF6F
Properties.filedate=1391420650
Properties.filedatetext=2014-02-03 04:44:10


--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-09-03 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2015-03-25 spybotsd2-install-av-update-2015b.exe (2.4.40.0)
2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-10-01 spybotsd2-install-scannerservice.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2015-12-06 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2015-03-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2015-12-06 SDLicense.dll (2.3.39.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2015-04-22 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2015-12-02 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2015-07-29 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-12-02 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-12-02 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2015-08-12 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-12-02 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

____________
After the corrections were made;
Search results from Spybot - Search & Destroy

2015-12-07 01:04:10
Scan took 01:21:05.
17 items found.

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file (File, nothing done)
C:\Users\Plumo\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\ZCDQEYJQ\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1554290505-1184955759-1297804211-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)


Historique: [SBI $49804B54] Browser: History (3) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (127) (Browser: Cookie, nothing done)


Gen:Trojan.Heur.ouW@!d5uqwj: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Boilsoft VDO joiner -crack\Boilsoft-Video-Joiner-7.01.2-Patch_www.PlusCrack.com.rar.xBAD
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\C\Program Files (x86)\Flip PDF Professional\Load_FlipPDFProfessional.exe.xBAD
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Trojan.Generic.6156673: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-2\Ap.PDF.to.Image.Converter.v4.1.Incl.Keygen-ViRiLiTY\vrlap41a.zip.xBAD
Properties.size=2070274
Properties.md5=1532E433183B227C5C162E59F7FF58AA
Properties.filedate=1449468221
Properties.filedatetext=2015-12-07 01:03:41

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader.tgz.xBAD
Properties.size=64489592
Properties.md5=68705D479F689168E2E4275141DAB997
Properties.filedate=1449468158
Properties.filedatetext=2015-12-07 01:02:38

Trojan.Hacktool.Sqlcrack.Q: [SBI $SpybotAV] Executable (File, nothing done)
C:\FRST\Quarantine\G\Torrents-Upload\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\FlipBuilder Flip PDF Professional 1.10.3 + Loader\Loader\Load_FlipPDFProfessional.exe.xBAD
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E


--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-09-03 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2015-03-25 spybotsd2-install-av-update-2015b.exe (2.4.40.0)
2015-03-25 spybotsd2-install-av-update.exe (2.4.40.0)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-10-01 spybotsd2-install-scannerservice.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2015-03-25 spybotsd2-translation-hrx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-07-28 spybotsd2-windows-upgrade-installer.exe (1.4.0.0)
2015-12-06 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2015-03-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2015-12-06 SDLicense.dll (2.3.39.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2015-04-22 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2015-12-02 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2015-07-29 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2015-11-19 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-12-02 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-12-02 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2015-12-02 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2015-08-12 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-12-02 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

_____________

No more Virtumonde showed nor any other messages.
It seems to be clean now.

Now, few questions;
I am used to work with AVG Internet Security and Spybot as protections, should I keep them or which programas combos should i look at for a better protection?
What just happenned here never happenned to me since many many years, I guess I was using ZA at that time.
I am not a Pro tech but not a newbie either..
What will be your suggestions?

And finally, merci for your time and advices, it was very fun to do all that stuff, I love to work into my machine... :bigthumb:

Plumo
Montréal :clown:

Juliet
2015-12-07, 13:16
It's a good thing we removed restore points because that is where the so called infections were hiding. They were actually bad restore points.
What Spybot found in those last scans (after installing the current version) was Usage Tracks,and some may return as you use your computer,even if they were fixed originally.

What appeared to be infections were already held in quarantine.

Gen:Trojan.Heur.ouW@!d5uqwj:==> C:\FRST\Quarantine
Trojan.Hacktool.Sqlcrack.Q:==> C:\FRST\Quarantine
Trojan.Generic.6156673::==> C:\FRST\Quarantine
Trojan.Hacktool.Sqlcrack.Q:==> C:\FRST\Quarantine

When I remove tools and quarantine folders I'll also supply topics on prevention. From there you make a decision which might be best for your machine.

So, let's do this now.

Don't miss or skip this next step, this will remove malicious files from quarantine and set a clean restore point.

Go to Start > Run > copy and paste the full text path in the run box

ComboFix /Uninstall

Note the space between the x and the /U, it needs to be there.

~~~~~~~~~~~~

http://i.imgur.com/AFZxnZc.jpg DelFix

Please download DelFix (http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix) or from Here (http://www.bleepingcomputer.com/download/delfix/) and save the file to your Desktop.

Double-click DelFix.exe to run the programme.
Place a checkmark next to the following items:

Activate UAC
Remove disinfection tools

Click the Run button.
-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).


~~~~~~~~~~~~~~~~`

Answers to common security questions - Best Practices (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/) by quietman7, MVP
How Malware Spreads - How did I get infected? (http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/) by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet (http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/) by Lawrence Abrams, MVP
How to Prevent Malware (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) by miekiemoes, MVP
How to backup and restore your data using Cobian Backup (http://www.bleepingcomputer.com/tutorials/backup-and-restore-data-with-cobian-backup/) by YourHighness
Slow Computer/browser? It May Not Be Malware (http://www.bleepingcomputer.com/forums/t/87058/slow-computerbrowser-check-here-first;-it-may-not-be-malware/) by quietman7, MVP


The following programmes come highly recommended in the security community.

http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8h.jpgAdBlock (https://adblockplus.org/en/firefox) is a browser add-on that blocks annoying banners, pop-ups and video ads.
http://i.imgur.com/E8I37RF.pngCryptoPrevent (https://www.foolishit.com/) places policy restrictions on loading points for ransomware (eg.CryptoPrevent), preventing your files from being encrypted.
http://i.imgur.com/EG85Vjt.png Malwarebytes Anti-Exploit (https://www.malwarebytes.org/antiexploit/) (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/x6YRrgUC.png.pagespeed.ic.HjgFxjvw2Z.jpgMalwarebytes Anti-Malware Premium (https://www.malwarebytes.org/) (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xjv4nhMJ.png.pagespeed.ic.A5YbWn1eDO.png NoScript (http://noscript.net/) is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
http://i.imgur.com/3O8r9Uq.png (http://www.sandboxie.com/) Sandboxie (http://www.sandboxie.com/) isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
http://1-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.png Secuina PSI (http://secunia.com/vulnerability_scanning/personal/) will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xj1OLIec.png.pagespeed.ic.k6hhwopU0q.jpg SpywareBlaster (https://www.brightfort.com/spywareblaster.html) is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
http://3-ps.googleusercontent.com/x/forums.whatthetech.com/i.imgur.com/xJEP5iWI.png.pagespeed.ic.4tmM1lM7DQ.pngWeb of Trust (https://www.mywot.com/) (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.


Want to help others? Join the ClassRoom (http://forums.whatthetech.com/What_the_Tech_Classroom_t80368.html) and learn how.

Plumo
2015-12-07, 17:53
Allo!

So far, so good.
Everything seems to run ok, even if it was running ok before all our tweaks!

Happy holidays to you et merci! :bigthumb:

Plumo:santa:

Juliet
2015-12-07, 23:23
We are glad to help.

Juliet
2015-12-08, 22:51
Glad we could help. :)http://i204.photobucket.com/albums/bb106/Juliet702/sparkle.gif

Since this issue appears resolved ... this Topic is closed.