[Résolu] Surveillance des processus Windows 8

Accélérer son PC et résoudre les problèmes de lenteur PC et Windows

Modérateur : Mods Windows

nv.dep

[Résolu] Surveillance des processus Windows 8

par nv.dep »

Bonsoir (1ière partie),

Ce qui suit s'adresse à "SkyTech" (en priorité).

-----------------------------------------------------------------------------------

Voici le rapport "HiJackThis" :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:02:10, on 21.04.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Users\1\Desktop\T. 1\HijackThis.exe
C:\WINDOWS\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\System32\AUInstallAgent.dll,-101 (AllUserInstallAgent) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe

End of file - 23319 bytes

A peine avais-je lancé ce programme que j'avais :

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may not be able to fix this"

Est-ce normal que je trouve "windows defender" dans ce rapport ? Fonctionne-t-il en parallèle de "avast" ? Consomme-t-il des ressources ?

--------------------------------------------------------------------------------------
nv.dep

Re: Surveillance des processus Windows 8

par nv.dep »

------------------------------------------------------------------------------------

Voici le rapport "OTL", 1ière partie :

OTL logfile created on: 21.04.2013 02:17:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\1\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 0000100C | Country: Suisse | Language: FRS | Date Format: dd.MM.yyyy

7,88 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 80,26% Memory free
12,38 Gb Paging File | 10,83 Gb Available in Paging File | 87,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 879,80 Gb Total Space | 716,14 Gb Free Space | 81,40% Space Free | Partition Type: NTFS
Drive D: | 50,00 Gb Total Space | 31,26 Gb Free Space | 62,51% Space Free | Partition Type: NTFS

Computer Name: QUANTIQUE | User Name: 1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\1\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll ()
MOD - C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (afcdp) -- C:\Windows\SysNative\Drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\Drivers\tdrpman.sys (Acronis International GmbH)
DRV:64bit: - (tib) -- C:\Windows\SysNative\Drivers\tib.sys (Acronis International GmbH)
DRV:64bit: - (tib_mounter) -- C:\Windows\SysNative\Drivers\tib_mounter.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\Drivers\snapman.sys (Acronis)
DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\Drivers\fltsrv.sys (Acronis International GmbH)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (aswSnx) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\WINDOWS\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\Drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\Drivers\NETwNe64.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.ch.msn.com/defaultf
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-CH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 80 D7 68 49 3D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: google%40disconnect.me:2.4.2
FF - prefs.js..extensions.enabledAddons: googlesharing%40extension.thoughtcrime.org:0.24
FF - prefs.js..extensions.enabledAddons: https-everywhere%40eff.org:3.1.4
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6
FF - prefs.js..extensions.enabledAddons: %7Bfe0258ab-4f74-43a1-8781-bcdf340f9ee9%7D:2.6.4
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: trackmenot%40mrl.nyu.edu:0.6.728
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.8.307
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130402
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013.04.20 18:29:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.04.20 02:42:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013.04.20 18:29:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.20 14:54:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.04.20 14:54:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1\AppData\Roaming\mozilla\Extensions
[2013.04.20 15:13:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions
[2013.04.20 14:57:29 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2013.04.20 15:13:47 | 000,000,000 | ---D | M] (WOT) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.04.20 15:06:45 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]
[2013.04.20 14:59:19 | 000,000,000 | ---D | M] (GoogleSharing) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]
[2013.04.20 15:00:56 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]
[2013.04.20 14:59:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]\chrome
[2013.04.20 14:59:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]\components
[2013.04.20 14:59:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1\AppData\Roaming\mozilla\Firefox\Profiles\nif7ee21.default\extensions\[email protected]\defaults
[2013.04.20 14:58:31 | 000,039,030 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\[email protected]
[2013.04.20 15:08:28 | 000,067,428 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\[email protected]
[2013.04.20 15:02:24 | 000,532,430 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.04.20 14:56:55 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.20 15:04:40 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.04.20 15:03:30 | 000,057,702 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}.xpi
[2013.03.07 01:06:18 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\1\AppData\Roaming\mozilla\firefox\profiles\nif7ee21.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2013.04.20 14:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.04.20 02:42:12 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.04.10 07:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.10 09:02:39 | 000,001,609 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2013.04.10 09:02:39 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 09:02:39 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013.04.10 09:02:39 | 000,001,472 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2013.04.10 09:02:39 | 000,001,399 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2013.04.10 09:02:39 | 000,001,169 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll (Check Point Software Technologies LTD)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.218.0.70 85.218.0.85
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E22977A5-36A3-420C-B0D4-6F4FDC5F8259}: DhcpNameServer = 85.218.0.70 85.218.0.85
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{fc130bba-a933-11e2-be66-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{fc130bba-a933-11e2-be66-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\Autorun.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
nv.dep

Re: Surveillance des processus Windows 8

par nv.dep »

Rapport "OTL", 2ième partie :

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: vsmon - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {74166507-F39E-305E-A972-2C3478E47350} - .NET Framework
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.04.21 02:15:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\1\Desktop\OTL(1).exe
[2013.04.20 23:43:55 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Acronis
[2013.04.20 18:29:25 | 000,000,000 | ---D | C] -- C:\Users\1\Documents\ForceField Shared Files
[2013.04.20 18:29:12 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2013.04.20 18:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2013.04.20 18:26:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2013.04.20 18:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2013.04.20 18:04:00 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\CheckPoint
[2013.04.20 17:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013.04.20 17:49:13 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Skype
[2013.04.20 17:49:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.04.20 17:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.04.20 17:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.04.20 17:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.04.20 16:41:21 | 000,000,000 | ---D | C] -- C:\Users\1\Desktop\S. 4
[2013.04.20 16:41:08 | 000,000,000 | ---D | C] -- C:\Users\1\Desktop\S. 3
[2013.04.20 16:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.20 16:38:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.20 16:09:50 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\EAST Technologies
[2013.04.20 16:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2013.04.20 16:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\East-Tec Eraser 2013
[2013.04.20 16:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\East-Tec Eraser 2013
[2013.04.20 15:59:12 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
[2013.04.20 15:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Everything
[2013.04.20 15:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2013.04.20 15:17:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag
[2013.04.20 15:16:46 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Foxit Software
[2013.04.20 15:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013.04.20 15:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2013.04.20 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Mozilla
[2013.04.20 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Mozilla
[2013.04.20 14:54:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.04.20 14:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.04.20 14:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.20 14:53:31 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\vlc
[2013.04.20 14:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.04.20 14:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.04.20 14:51:08 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\XnView
[2013.04.20 14:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
[2013.04.20 14:50:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
[2013.04.20 14:43:25 | 000,000,000 | ---D | C] -- C:\Users\1\Desktop\T. 1. old
[2013.04.20 14:41:21 | 000,000,000 | ---D | C] -- C:\Users\1\Desktop\S. 2
[2013.04.20 14:39:08 | 000,000,000 | ---D | C] -- C:\Users\1\Desktop\T. 1
[2013.04.20 14:09:24 | 000,367,200 | ---- | C] (Acronis) -- C:\WINDOWS\SysNative\drivers\afcdp.sys
[2013.04.20 14:09:23 | 001,462,560 | ---- | C] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\tdrpman.sys
[2013.04.20 14:09:21 | 001,120,032 | ---- | C] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\tib.sys
[2013.04.20 14:09:21 | 000,183,224 | ---- | C] (Acronis) -- C:\WINDOWS\SysNative\drivers\tib_mounter.sys
[2013.04.20 14:09:19 | 000,233,760 | ---- | C] (Acronis) -- C:\WINDOWS\SysNative\drivers\snapman.sys
[2013.04.20 14:09:19 | 000,108,832 | ---- | C] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\fltsrv.sys
[2013.04.20 14:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2013.04.20 14:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2013.04.20 14:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2013.04.20 14:09:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2013.04.20 12:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013.04.20 12:37:14 | 000,000,000 | R--D | C] -- C:\Users\1\SkyDrive
[2013.04.20 12:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.04.20 12:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.04.20 12:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.04.20 11:56:26 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2013.04.20 11:56:26 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2013.04.20 11:56:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe
[2013.04.20 11:56:26 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe
[2013.04.20 11:56:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe
[2013.04.20 11:56:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe
[2013.04.20 11:56:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2013.04.20 11:55:41 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013.04.20 11:55:40 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013.04.20 11:55:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDKURD.DLL
[2013.04.20 11:55:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDKURD.DLL
[2013.04.20 11:55:31 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013.04.20 11:55:31 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013.04.20 11:55:30 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2013.04.20 11:55:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.04.20 11:55:30 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2013.04.20 11:55:30 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.04.20 11:55:07 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2013.04.20 11:55:02 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2013.04.20 11:55:01 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2013.04.20 11:55:01 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2013.04.20 11:55:01 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2013.04.20 11:55:01 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2013.04.20 11:55:00 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2013.04.20 11:54:59 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013.04.20 11:54:58 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2013.04.20 11:54:58 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2013.04.20 11:54:58 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2013.04.20 11:54:49 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2013.04.20 11:54:49 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.04.20 11:54:49 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2013.04.20 11:54:48 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2013.04.20 11:54:48 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2013.04.20 11:54:48 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWCN.dll
[2013.04.20 11:54:47 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2013.04.20 11:54:47 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2013.04.20 11:54:47 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl
[2013.04.20 11:54:46 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.04.20 11:54:46 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2013.04.20 11:54:46 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2013.04.20 11:54:45 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll
[2013.04.20 11:54:45 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013.04.20 11:54:45 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2013.04.20 11:54:43 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2013.04.20 11:54:43 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2013.04.20 11:54:41 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2013.04.20 11:54:40 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2013.04.20 11:54:39 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2013.04.20 11:54:39 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2013.04.20 11:54:38 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWCN.dll
[2013.04.20 11:54:38 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapAuthProxy.dll
[2013.04.20 11:54:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2013.04.20 11:54:37 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapPeerProxy.dll
[2013.04.20 11:54:36 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2013.04.20 11:54:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2013.04.20 11:54:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys
[2013.04.20 11:54:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2013.04.20 11:54:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2013.04.20 11:54:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll
[2013.04.20 11:51:15 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dskquota.dll
[2013.04.20 11:51:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquota.dll
[2013.04.20 11:50:47 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2013.04.20 11:50:40 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2013.04.20 11:50:39 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2013.04.20 11:50:39 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2013.04.20 11:50:39 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2013.04.20 11:50:39 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2013.04.20 11:50:39 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2013.04.20 11:49:47 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Compression.dll
[2013.04.20 11:49:46 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2013.04.20 11:49:46 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2013.04.20 11:49:45 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013.04.20 11:49:45 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2013.04.20 11:49:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2013.04.20 11:49:39 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013.04.20 11:49:39 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2013.04.20 11:49:32 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2013.04.20 11:49:28 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2013.04.20 11:49:27 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2013.04.20 11:49:27 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2013.04.20 11:49:27 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2013.04.20 11:49:27 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2013.04.20 11:49:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2013.04.20 11:49:26 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2013.04.20 11:49:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2013.04.20 11:49:24 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2013.04.20 11:49:18 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.04.20 11:49:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhebl3.dll
[2013.04.20 11:49:13 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013.04.20 11:48:06 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2013.04.20 11:48:05 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2013.04.20 11:48:05 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2013.04.20 11:48:05 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2013.04.20 11:48:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2013.04.20 11:48:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2013.04.20 11:48:05 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2013.04.20 11:48:04 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2013.04.20 11:48:04 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2013.04.20 11:48:04 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2013.04.20 11:48:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2013.04.20 11:48:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2013.04.20 11:48:03 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Compression.dll
[2013.04.20 11:48:02 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2013.04.20 11:48:02 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2013.04.20 11:48:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2013.04.20 11:48:00 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2013.04.20 11:47:58 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2013.04.20 11:47:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2013.04.20 11:47:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2013.04.20 11:47:55 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2013.04.20 11:47:55 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2013.04.20 11:47:50 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2013.04.20 11:47:48 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2013.04.20 11:47:45 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2013.04.20 11:47:44 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2013.04.20 11:47:43 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2013.04.20 11:47:38 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013.04.20 11:47:38 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2013.04.20 11:47:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2013.04.20 11:47:37 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.04.20 11:47:36 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2013.04.20 11:47:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbdhebl3.dll
[2013.04.20 11:47:28 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.04.20 11:47:25 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013.04.20 11:47:25 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2013.04.20 11:47:24 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2013.04.20 11:47:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2013.04.20 11:47:23 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013.04.20 11:47:23 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2013.04.20 11:47:15 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2013.04.20 11:47:12 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013.04.20 11:47:12 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013.04.20 11:47:12 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013.04.20 11:47:12 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013.04.20 11:47:08 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2013.04.20 11:47:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-pdc.dll
[2013.04.20 11:47:01 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys
[2013.04.20 11:46:55 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.04.20 11:46:54 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.04.20 11:46:37 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2013.04.20 11:46:37 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2013.04.20 11:46:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vds_ps.dll
[2013.04.20 11:46:30 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2013.04.20 11:46:30 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2013.04.20 11:46:30 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2013.04.20 11:46:29 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2013.04.20 11:46:29 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2013.04.20 11:46:29 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2013.04.20 11:45:41 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2013.04.20 11:45:29 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2013.04.20 11:45:29 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2013.04.20 11:45:29 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vds_ps.dll
[2013.04.20 11:45:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsldr.exe
[2013.04.20 11:45:26 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2013.04.20 11:45:26 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2013.04.20 11:45:25 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2013.04.20 11:45:25 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2013.04.20 11:45:25 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2013.04.20 11:45:25 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2013.04.20 11:45:24 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2013.04.20 11:45:21 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2013.04.20 11:45:21 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2013.04.20 11:45:18 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2013.04.20 11:45:08 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2013.04.20 11:44:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.04.20 11:41:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013.04.20 11:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
[2013.04.20 11:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free
[2013.04.20 11:33:00 | 002,367,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2013.04.20 11:32:53 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys
[2013.04.20 11:32:49 | 014,259,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2013.04.20 11:32:44 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2013.04.20 11:32:42 | 003,847,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2013.04.20 11:32:41 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSAT.exe
[2013.04.20 11:32:40 | 011,875,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2013.04.20 11:32:39 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys
[2013.04.20 11:32:38 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2013.04.20 11:32:37 | 001,825,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2013.04.20 11:32:35 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2013.04.20 11:32:35 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2013.04.20 11:32:34 | 002,219,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2013.04.20 11:32:34 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2013.04.20 11:32:33 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2013.04.20 11:32:33 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2013.04.20 11:32:32 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provcore.dll
[2013.04.20 11:32:29 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSATAPI.dll
[2013.04.20 11:32:26 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2013.04.20 11:32:24 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2013.04.20 11:32:24 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2013.04.20 11:32:23 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2013.04.20 11:32:22 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2013.04.20 11:32:22 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2013.04.20 11:32:21 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2013.04.20 11:32:21 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2013.04.20 11:32:20 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2013.04.20 11:32:20 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2013.04.20 11:32:20 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2013.04.20 11:32:20 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2013.04.20 11:32:20 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rascfg.dll
[2013.04.20 11:32:19 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2013.04.20 11:32:18 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2013.04.20 11:32:18 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdsrv.dll
[2013.04.20 11:32:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascfg.dll
[2013.04.20 11:32:17 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2013.04.20 11:32:17 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2013.04.20 11:32:17 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2013.04.20 11:32:14 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2013.04.20 11:32:14 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSATAPI.dll
[2013.04.20 11:32:13 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2013.04.20 11:32:12 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2013.04.20 11:32:12 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2013.04.20 11:32:11 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2013.04.20 11:32:11 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2013.04.20 11:32:10 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2013.04.20 11:32:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll
[2013.04.20 11:32:07 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSSync.dll
[2013.04.20 11:32:07 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2013.04.20 11:32:06 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2013.04.20 11:32:06 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2013.04.20 11:32:06 | 000,120,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2013.04.20 11:32:06 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2013.04.20 11:32:05 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2013.04.20 11:32:05 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSSync.dll
[2013.04.20 11:32:04 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2013.04.20 11:32:04 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013.04.20 11:32:04 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.04.20 11:32:04 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2013.04.20 11:32:04 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2013.04.20 11:32:03 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2013.04.20 11:32:03 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2013.04.20 11:32:03 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2013.04.20 11:32:02 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provcore.dll
[2013.04.20 11:32:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2013.04.20 11:32:01 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2013.04.20 11:32:01 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2013.04.20 11:32:01 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avrt.dll
[2013.04.20 11:32:00 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2013.04.20 11:32:00 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2013.04.20 11:32:00 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2013.04.20 11:32:00 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2013.04.20 11:31:59 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll
[2013.04.20 11:31:59 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll
[2013.04.20 11:31:59 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfdisk.dll
[2013.04.20 11:31:58 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2013.04.20 11:31:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013.04.20 11:31:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfdisk.dll
[2013.04.20 11:31:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2013.04.20 11:31:56 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2013.04.20 11:31:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svchost.exe
[2013.04.20 11:31:55 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2013.04.20 11:31:55 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.04.20 11:31:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2013.04.20 11:31:52 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2013.04.20 11:31:52 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2013.04.20 11:31:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2013.04.20 11:31:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2013.04.20 11:31:51 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetup.exe
[2013.04.20 11:31:51 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2013.04.20 11:31:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013.04.20 11:31:50 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2013.04.20 11:31:50 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2013.04.20 11:31:50 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2013.04.20 11:31:49 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2013.04.20 11:31:49 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2013.04.20 11:31:49 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2013.04.20 11:31:48 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013.04.20 11:31:48 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013.04.20 11:31:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2013.04.20 11:31:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchapi.dll
[2013.04.20 11:31:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2013.04.20 11:31:47 | 001,701,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013.04.20 11:31:47 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2013.04.20 11:31:47 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfos.dll
[2013.04.20 11:31:46 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2013.04.20 11:31:46 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcat.dll
[2013.04.20 11:31:46 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvc.dll
[2013.04.20 11:31:43 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2013.04.20 11:31:43 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhshl.dll
[2013.04.20 11:31:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2013.04.20 11:31:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2013.04.20 11:31:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhmanagew.exe
[2013.04.20 11:31:42 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll
[2013.04.20 11:31:42 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhlisten.dll
[2013.04.20 11:31:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll
[2013.04.20 11:31:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2013.04.20 11:31:41 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll
[2013.04.20 11:31:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchph.dll
[2013.04.20 11:31:41 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcleanup.dll
[2013.04.20 11:31:39 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhtask.dll
[2013.04.20 11:31:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2013.04.20 11:31:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndptsp.tsp
[2013.04.20 11:31:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll
[2013.04.20 11:31:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2013.04.20 11:31:37 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhautoplay.dll
[2013.04.20 11:31:37 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndptsp.tsp
[2013.04.20 11:31:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll
[2013.04.20 11:31:37 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll
[2013.04.20 11:31:36 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp
[2013.04.20 11:31:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfctrs.dll
[2013.04.20 11:31:36 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfctrs.dll
[2013.04.20 11:31:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp
[2013.04.20 11:31:36 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll
[2013.04.20 11:31:36 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll
[2013.04.20 11:31:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfos.dll
[2013.04.20 11:31:36 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll
[2013.04.20 11:31:35 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2013.04.20 11:31:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2013.04.20 11:31:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll
[2013.04.20 11:31:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll
[2013.04.20 11:31:34 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LangCleanupSysprepAction.dll
[2013.04.20 11:31:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MUILanguageCleanup.dll
[2013.04.20 11:31:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwmp.dll
[2013.04.20 11:31:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwmp.dll
[2013.04.20 11:31:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2013.04.20 11:31:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2013.04.20 11:31:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2013.04.20 11:31:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2013.04.20 11:31:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdxm.ocx
[2013.04.20 11:31:26 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxmasf.dll
[2013.04.20 11:31:18 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2013.04.20 11:31:16 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2013.04.20 11:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.04.20 11:26:49 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2013.04.20 11:26:49 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2013.04.20 11:26:49 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2013.04.20 11:26:49 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2013.04.20 11:26:49 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2013.04.20 11:26:49 | 015,508,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
nv.dep

Re: Surveillance des processus Windows 8

par nv.dep »

Rapport "OTL", 3ième partie :


[2013.04.20 11:26:49 | 015,042,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2013.04.20 11:26:49 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2013.04.20 11:26:49 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2013.04.20 11:26:49 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2013.04.20 11:26:49 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2013.04.20 11:26:49 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2013.04.20 11:26:49 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2013.04.20 11:26:49 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2013.04.20 11:26:49 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2013.04.20 11:26:49 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2013.04.20 11:26:49 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6431422.dll
[2013.04.20 11:26:49 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6431422.dll
[2013.04.20 11:26:49 | 000,420,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2013.04.20 11:26:49 | 000,364,832 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2013.04.20 11:26:48 | 000,030,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys
[2013.04.20 11:25:29 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013.04.20 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Malwarebytes
[2013.04.20 11:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.20 11:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.20 11:24:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013.04.20 11:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.20 11:23:55 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Programs
[2013.04.20 11:08:55 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.04.20 11:08:54 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.04.20 11:04:20 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013.04.20 03:03:31 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.04.20 03:03:21 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.04.20 03:03:21 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.04.20 03:03:21 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.04.20 03:03:20 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.04.20 03:03:19 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2013.04.20 03:03:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2013.04.20 03:03:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2013.04.20 03:03:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2013.04.20 03:03:19 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.04.20 03:03:19 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.04.20 03:03:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.04.20 03:03:19 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2013.04.20 03:03:19 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2013.04.20 03:02:59 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2013.04.20 03:02:59 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2013.04.20 03:02:59 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013.04.20 03:02:58 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe
[2013.04.20 03:02:57 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2013.04.20 03:02:56 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2013.04.20 03:02:56 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2013.04.20 03:02:56 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2013.04.20 03:02:56 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013.04.20 03:02:55 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013.04.20 03:02:55 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2013.04.20 03:02:55 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2013.04.20 03:02:55 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys
[2013.04.20 03:02:54 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013.04.20 03:02:54 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2013.04.20 03:02:54 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013.04.20 03:02:54 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe
[2013.04.20 03:02:53 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2013.04.20 03:02:53 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2013.04.20 03:02:53 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe
[2013.04.20 03:02:52 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2013.04.20 03:02:52 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2013.04.20 03:02:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll
[2013.04.20 03:02:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll
[2013.04.20 03:02:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll
[2013.04.20 03:02:36 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll
[2013.04.20 03:02:36 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll
[2013.04.20 03:01:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013.04.20 03:01:14 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013.04.20 03:00:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.04.20 03:00:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll
[2013.04.20 03:00:49 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll
[2013.04.20 03:00:49 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll
[2013.04.20 03:00:48 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2013.04.20 03:00:48 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2013.04.20 02:57:44 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll
[2013.04.20 02:56:09 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
[2013.04.20 02:55:10 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.04.20 02:55:05 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.04.20 02:55:03 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll
[2013.04.20 02:55:03 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll
[2013.04.20 02:55:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2013.04.20 02:55:02 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2013.04.20 02:55:02 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2013.04.20 02:55:02 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.04.20 02:55:02 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.04.20 02:55:02 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll
[2013.04.20 02:55:02 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2013.04.20 02:55:02 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll
[2013.04.20 02:55:02 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll
[2013.04.20 02:55:02 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys
[2013.04.20 02:55:01 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.04.20 02:55:01 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2013.04.20 02:55:01 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2013.04.20 02:55:01 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2013.04.20 02:55:01 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2013.04.20 02:55:01 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2013.04.20 02:55:01 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll
[2013.04.20 02:55:01 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe
[2013.04.20 02:55:01 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe
[2013.04.20 02:55:01 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.04.20 02:55:01 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe
[2013.04.20 02:55:01 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe
[2013.04.20 02:55:01 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2013.04.20 02:55:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys
[2013.04.20 02:55:01 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2013.04.20 02:55:00 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys
[2013.04.20 02:55:00 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2013.04.20 02:55:00 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2013.04.20 02:55:00 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2013.04.20 02:54:01 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.04.20 02:54:01 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2013.04.20 02:53:59 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.04.20 02:53:57 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2013.04.20 02:53:54 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013.04.20 02:53:54 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013.04.20 02:53:53 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013.04.20 02:53:53 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013.04.20 02:53:53 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.04.20 02:53:53 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.04.20 02:53:53 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2013.04.20 02:53:52 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013.04.20 02:53:52 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013.04.20 02:53:52 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.04.20 02:53:51 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.04.20 02:53:51 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.04.20 02:53:51 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.04.20 02:53:51 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2013.04.20 02:53:51 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.04.20 02:53:51 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.04.20 02:53:51 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2013.04.20 02:53:51 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2013.04.20 02:53:51 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2013.04.20 02:53:51 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.04.20 02:53:51 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2013.04.20 02:53:51 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2013.04.20 02:53:50 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013.04.20 02:53:49 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2013.04.20 02:53:49 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2013.04.20 02:53:49 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2013.04.20 02:53:48 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.04.20 02:53:48 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2013.04.20 02:53:48 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2013.04.20 02:53:48 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013.04.20 02:53:48 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.04.20 02:53:48 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2013.04.20 02:53:47 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.04.20 02:53:46 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013.04.20 02:53:46 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2013.04.20 02:53:43 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2013.04.20 02:53:43 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.04.20 02:53:43 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2013.04.20 02:53:43 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll
[2013.04.20 02:53:43 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2013.04.20 02:53:43 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2013.04.20 02:53:43 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll
[2013.04.20 02:53:43 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2013.04.20 02:53:43 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2013.04.20 02:53:43 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2013.04.20 02:53:43 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013.04.20 02:53:43 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.04.20 02:53:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2013.04.20 02:53:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2013.04.20 02:53:42 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.04.20 02:53:42 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2013.04.20 02:53:42 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2013.04.20 02:53:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2013.04.20 02:53:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2013.04.20 02:53:41 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.04.20 02:53:41 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.04.20 02:53:41 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.04.20 02:53:41 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.04.20 02:53:41 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL
[2013.04.20 02:53:41 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.04.20 02:53:41 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.04.20 02:53:40 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll
[2013.04.20 02:53:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll
[2013.04.20 02:53:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
[2013.04.20 02:53:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2013.04.20 02:53:38 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wushareduxresources.dll
[2013.04.20 02:53:09 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013.04.20 02:53:05 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2013.04.20 02:53:05 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2013.04.20 02:47:53 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2013.04.20 02:47:53 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2013.04.20 02:47:52 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2013.04.20 02:47:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2013.04.20 02:47:52 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2013.04.20 02:47:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2013.04.20 02:47:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll
[2013.04.20 02:47:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[2013.04.20 02:47:50 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaevts.dll
[2013.04.20 02:45:08 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2013.04.20 02:45:08 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resetengmig.dll
[2013.04.20 02:45:08 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2013.04.20 02:45:08 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2013.04.20 02:45:07 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysreset.exe
[2013.04.20 02:44:10 | 000,377,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2013.04.20 02:44:10 | 000,033,400 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2013.04.20 02:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.04.20 02:44:02 | 000,070,992 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2013.04.20 02:44:02 | 000,068,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys
[2013.04.20 02:43:39 | 001,025,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2013.04.20 02:43:37 | 000,287,840 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2013.04.20 02:43:37 | 000,080,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2013.04.20 02:42:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2013.04.20 02:41:59 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.04.20 02:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.04.20 02:41:36 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2013.04.20 02:41:36 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2013.04.20 02:41:36 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2013.04.20 02:41:35 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2013.04.20 02:41:35 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2013.04.20 02:41:35 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2013.04.20 02:41:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2013.04.20 02:41:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2013.04.20 02:41:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2013.04.20 02:41:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2013.04.20 02:41:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnlobby.dll
[2013.04.20 02:41:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnaddr.dll
[2013.04.20 02:41:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnlobby.dll
[2013.04.20 02:41:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnaddr.dll
[2013.04.20 02:41:34 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2013.04.20 02:41:34 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2013.04.20 02:41:34 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2013.04.20 02:41:34 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2013.04.20 02:41:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2013.04.20 02:41:34 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2013.04.20 02:41:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2013.04.20 02:41:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2013.04.20 02:41:16 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2013.04.20 02:41:16 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2013.04.20 02:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.04.20 02:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2013.04.20 02:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2013.04.20 02:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2013.04.20 02:40:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2013.04.20 00:47:50 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Diagnostics
[2013.04.19 23:23:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.04.19 23:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2013.04.19 23:22:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2013.04.19 23:20:09 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\ElevatedDiagnostics
[2013.04.19 23:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.04.19 23:07:05 | 006,398,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2013.04.19 23:07:05 | 003,477,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2013.04.19 23:07:05 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2013.04.19 23:07:05 | 001,016,096 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshext.dll
[2013.04.19 23:07:05 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2013.04.19 23:07:05 | 000,076,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nv3dappshextr.dll
[2013.04.19 23:07:05 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2013.04.19 23:06:48 | 000,060,776 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2013.04.19 23:06:48 | 000,052,584 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2013.04.19 23:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.04.19 23:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.04.19 23:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.04.19 23:01:56 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Macromedia
[2013.04.19 22:39:50 | 000,000,000 | R--D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.04.19 22:39:50 | 000,000,000 | R--D | C] -- C:\Users\1\Searches
[2013.04.19 22:39:50 | 000,000,000 | R--D | C] -- C:\Users\1\Contacts
[2013.04.19 22:39:50 | 000,000,000 | R--D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.04.19 22:39:46 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Adobe
[2013.04.19 22:39:00 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\VirtualStore
[2013.04.19 22:38:55 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Packages
[2013.04.19 22:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013.04.19 22:38:49 | 000,000,000 | --SD | C] -- C:\Users\1\AppData\Roaming\Microsoft
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Videos
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Saved Games
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Pictures
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Music
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Links
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Favorites
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Downloads
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Documents
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\Desktop
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.04.19 22:38:49 | 000,000,000 | R--D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.04.19 22:38:49 | 000,000,000 | -H-D | C] -- C:\Users\1\AppData
[2013.04.19 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Temp
[2013.04.19 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Local\Microsoft
[2013.04.19 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.04.19 22:13:17 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.04.19 22:05:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.04.19 22:00:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.04.13 00:24:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.03.27 00:20:00 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100.dll
[2013.03.27 00:20:00 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp100.dll
[2013.03.26 20:57:54 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100.dll
[2013.03.26 20:57:54 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp100.dll

========== Files - Modified Within 30 Days ==========

[2013.04.21 02:18:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.21 02:15:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\1\Desktop\OTL(1).exe
[2013.04.21 01:41:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2013.04.21 01:40:58 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.21 01:38:54 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.04.21 01:38:52 | 2477,060,095 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.20 23:17:01 | 000,001,481 | ---- | M] () -- C:\Users\1\Desktop\IE InPrivate.lnk
[2013.04.20 18:36:00 | 000,417,507 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\vsconfig.xml
[2013.04.20 18:29:08 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013.04.20 17:49:09 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.20 16:42:22 | 003,985,566 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.04.20 16:42:22 | 000,764,558 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat
[2013.04.20 16:42:22 | 000,741,758 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0816.dat
[2013.04.20 16:42:22 | 000,674,948 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.04.20 16:42:22 | 000,152,194 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0816.dat
[2013.04.20 16:42:22 | 000,147,870 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat
[2013.04.20 16:42:22 | 000,124,834 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.04.20 16:38:11 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.20 16:09:20 | 000,001,095 | ---- | M] () -- C:\Users\1\Desktop\East-Tec Eraser 2013.lnk
[2013.04.20 16:00:13 | 000,002,409 | ---- | M] () -- C:\Users\1\Desktop\Word 2013.lnk
[2013.04.20 16:00:08 | 000,002,426 | ---- | M] () -- C:\Users\1\Desktop\PowerPoint 2013.lnk
[2013.04.20 16:00:03 | 000,002,399 | ---- | M] () -- C:\Users\1\Desktop\Excel 2013.lnk
[2013.04.20 15:59:12 | 000,001,035 | ---- | M] () -- C:\Users\1\Desktop\Search Everything.lnk
[2013.04.20 15:50:43 | 000,316,288 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.04.20 15:17:21 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.04.20 15:15:51 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.04.20 14:54:18 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.20 14:53:26 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.04.20 14:51:52 | 000,000,923 | ---- | M] () -- C:\Users\1\Desktop\XnView.lnk
[2013.04.20 14:09:24 | 000,367,200 | ---- | M] (Acronis) -- C:\WINDOWS\SysNative\drivers\afcdp.sys
[2013.04.20 14:09:23 | 001,462,560 | ---- | M] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\tdrpman.sys
[2013.04.20 14:09:21 | 001,120,032 | ---- | M] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\tib.sys
[2013.04.20 14:09:21 | 000,183,224 | ---- | M] (Acronis) -- C:\WINDOWS\SysNative\drivers\tib_mounter.sys
[2013.04.20 14:09:19 | 000,233,760 | ---- | M] (Acronis) -- C:\WINDOWS\SysNative\drivers\snapman.sys
[2013.04.20 14:09:19 | 000,108,832 | ---- | M] (Acronis International GmbH) -- C:\WINDOWS\SysNative\drivers\fltsrv.sys
[2013.04.20 14:09:17 | 000,001,205 | ---- | M] () -- C:\Users\Public\Desktop\True Image 2013.lnk
[2013.04.20 11:34:28 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2013.04.20 11:24:12 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.20 02:44:11 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.20 02:39:55 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013.04.02 23:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.04.02 23:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.27 00:20:00 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100.dll
[2013.03.27 00:20:00 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcp100.dll
[2013.03.26 20:57:54 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100.dll
[2013.03.26 20:57:54 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcp100.dll

========== Files Created - No Company Name ==========

[2013.04.21 02:18:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.20 23:16:21 | 000,001,481 | ---- | C] () -- C:\Users\1\Desktop\IE InPrivate.lnk
[2013.04.20 18:29:28 | 000,417,507 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\vsconfig.xml
[2013.04.20 18:29:08 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2013.04.20 17:49:09 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.04.20 16:38:11 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.20 16:09:20 | 000,001,095 | ---- | C] () -- C:\Users\1\Desktop\East-Tec Eraser 2013.lnk
[2013.04.20 16:00:13 | 000,002,409 | ---- | C] () -- C:\Users\1\Desktop\Word 2013.lnk
[2013.04.20 16:00:08 | 000,002,426 | ---- | C] () -- C:\Users\1\Desktop\PowerPoint 2013.lnk
[2013.04.20 16:00:03 | 000,002,399 | ---- | C] () -- C:\Users\1\Desktop\Excel 2013.lnk
[2013.04.20 15:59:12 | 000,001,035 | ---- | C] () -- C:\Users\1\Desktop\Search Everything.lnk
[2013.04.20 15:50:36 | 000,316,288 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.04.20 15:17:21 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Mp3tag.lnk
[2013.04.20 15:15:51 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.04.20 14:54:18 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.04.20 14:54:17 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.04.20 14:53:26 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.04.20 14:51:01 | 000,000,923 | ---- | C] () -- C:\Users\1\Desktop\XnView.lnk
[2013.04.20 14:09:17 | 000,001,205 | ---- | C] () -- C:\Users\Public\Desktop\True Image 2013.lnk
[2013.04.20 12:37:14 | 000,002,255 | ---- | C] () -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
[2013.04.20 11:34:28 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2013.04.20 11:31:39 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2013.04.20 11:31:39 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.04.20 11:26:49 | 000,017,738 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2013.04.20 11:24:12 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.20 11:11:33 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk
[2013.04.20 02:53:48 | 000,387,867 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.04.20 02:44:11 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.04.20 02:43:39 | 000,178,624 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2013.04.20 02:43:39 | 000,065,336 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2013.04.20 02:43:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt
[2013.04.20 02:39:55 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.04.19 23:07:05 | 003,065,455 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2013.04.19 22:39:46 | 000,001,450 | ---- | C] () -- C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.04.19 22:00:12 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013.04.13 00:29:10 | 2477,060,095 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.07.25 21:22:56 | 000,733,840 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012.07.25 21:22:56 | 000,492,340 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 03:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 09:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.04.20 23:43:55 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Acronis
[2013.04.19 22:39:46 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Adobe
[2013.04.20 18:29:25 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\CheckPoint
[2013.04.20 16:09:50 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\EAST Technologies
[2013.04.20 15:16:46 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Foxit Software
[2013.04.20 23:19:24 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Macromedia
[2013.04.20 11:24:21 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Malwarebytes
[2013.04.20 23:46:02 | 000,000,000 | --SD | M] -- C:\Users\1\AppData\Roaming\Microsoft
[2013.04.20 14:54:29 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Mozilla
[2013.04.20 17:51:20 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\Skype
[2013.04.20 14:53:42 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\vlc
[2013.04.20 14:52:28 | 000,000,000 | ---D | M] -- C:\Users\1\AppData\Roaming\XnView

< %APPDATA%\*.exe /s >

< %temp%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2012.10.11 06:53:24 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=0AD19A3CA61271BA872AD90771BA47DC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2012.10.11 09:09:58 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=0DDFEAA2AA18D4295EF220EB666B2312 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2012.07.26 04:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2012.07.26 05:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2012.10.11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\SysWOW64\explorer.exe
[2012.10.11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) MD5=953ADECFF08202A01EFC6110214FDE02 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2012.10.11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\explorer.exe
[2012.10.11 08:35:16 | 002,380,944 | ---- | M] (Microsoft Corporation) MD5=E13A31D5254C25406A7946BDD9B06364 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe

< MD5 for: WININIT.EXE >
[2012.07.26 07:12:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\$WINDOWS.~BT\Windows\System32\wininit.exe
[2012.07.26 07:12:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99\wininit.exe
[2012.07.26 04:08:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\WINDOWS\SysNative\wininit.exe
[2012.07.26 04:08:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012.09.20 07:33:55 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=1F84B5F8DBDFFD36DF143C61CE25F12A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2012.09.20 07:33:17 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=6522E98C94A2A81AE11EB66D2AF5743A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2012.07.26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\System32\winlogon.exe
[2012.07.26 07:12:53 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\$WINDOWS.~BT\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2012.07.26 04:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2012.10.11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\WINDOWS\SysNative\winlogon.exe
[2012.10.11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2012.10.11 06:45:27 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=CBFD56B4EC07CB056A6ABD55DD33671F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"" = mnmsrvc
"Required" = DebugWindows [binary data]
"Debug" =
"Posix" = %SystemRoot%\system32\psxss.exe
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< nslookup http://www.google.fr /c >
Serveur : ns1.citycable.ch
Address: 85.218.0.70

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013.02.21 13:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013.02.21 13:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2013.04.10 09:03:09 | 000,867,936 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2013.04.10 07:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013.02.21 11:15:22 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013.02.21 11:15:22 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013.02.21 11:15:22 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013.02.21 13:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013.02.21 13:59:57 | 000,775,216 | ---- | M] (Microsoft Corporation)

< End of report >

--------------------------------------------------------------------------------------

Voilà. Je crois que c'est tout.

Encore un grand merci pour ton aide.

Bon dimanche
SkyTech

Re: Surveillance des processus Windows 8

par SkyTech »

Bonjour,

Tu aurais pu utiliser pijoint pour poster ton rapport OTL : http://pjjoint.malekal.com/index.php?lang=fr
A peine avais-je lancé ce programme que j'avais :

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may not be able to fix this"

Est-ce normal que je trouve "windows defender" dans ce rapport ? Fonctionne-t-il en parallèle de "avast" ? Consomme-t-il des ressources ?
Il faut faire un clic droit sur HijackThis, Exécuter en tant qu'administrateur pour le lancer, ce logiciel n'est plus maintenu à jour...

Pour Windows Defender oui il est en activité.

Concernant la machine en général il n'y a rien à optimiser, soit parce que tu n'as pas encore installé tout tes logiciels, soit parce que tu as appliqué les conseils de l'autre post.

Il faut passer par Services.msc comme indiqué sur l'autre sujet pour aller dans les services et désactiver Windows Defender.
nv.dep

Re: Surveillance des processus Windows 8

par nv.dep »

Bonjour,

En ce qui concerne "Windows Defender" et l'utilisation de "services.msc", je trouve ceci :

"Type de démarrage : Manuel (Déclencher le démarrage); Ouvrir une session en tant que : Système local" PDT_009

Aie-je quelque chose à faire ?
SkyTech

Re: Surveillance des processus Windows 8

par SkyTech »

Mets-le en désactiver.

Tu pourras aussi désactiver : NVIDIA Display Driver Service
nv.dep

Re: Surveillance des processus Windows 8

par nv.dep »

Bonsoir SkyTech,

Merci pour ton aide précieuse.

Pour ma part, sujet clos.

Bonne continuation. PDT_016
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Accélérer Windows et problème de lenteur PC »