Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Bill Gates (administrator) on BILLGATES-HP on 31-01-2014 22:15:15
Running from C:\Users\Bill Gates\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick-connector.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [612872 2014-01-03] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-04] ()
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation)
HKCU\...\Run: [SkyDrive] - C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-15] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Bill Gates\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-20] (Google Inc.)
HKU\OA\...\Run: [Google Update] - C:\Users\OA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-29] (Google Inc.)
HKU\OA\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\OA\...\Policies\system: [DisableLockWorkstation] 0
HKU\OA\...\Policies\system: [DisableChangePassword] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DB3BFB7E9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM - {E2F3799C-66D3-4E63-A94A-852705019087} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2014-01-06] ()
ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellExecuteHooks-x32: - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2014-01-06] ()
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF ProfilePath: C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: google.fr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bill Gates\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: DownloadHelper - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-30]
FF Extension: DebrideurStreaming - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
Chrome:
=======
CHR HomePage: https://www.google.fr/
CHR Extension: (Adblock Plus) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-28]
CHR Extension: (Readium) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-01-19]
CHR Extension: (AdBlock) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-28]
CHR Extension: (Google Wallet) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (DebrideurStreaming - Add-On) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipaffcpmobohfilpejhaciheebhaaej [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-13] (Avira Operations GmbH & Co. KG)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
R2 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149872 2012-06-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-26] (DT Soft Ltd)
S3 GGSAFERDriver; C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [27744 2012-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 X6va005; \??\C:\Users\BILLGA~1\AppData\Local\Temp\005B19E.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys F784F9BF32E708C71A63220E89A58496
C:\Windows\System32\DRIVERS\atikmpag.sys 43FD45C0DFE0A0FF2B8BE0D4AC165E18
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 53BD875C7C0808235BFB803C1A8BE009
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Program Files (x86)\Garena Plus\Room\safedrv.sys 9C50A5AD2218F133E48F9F35B749E9F4
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 33FAA40B288002C89529DBD14F3AB72C
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 31609B481CC202BFB441E37FEBCDEA05
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtsPStor.sys 6E5C3D18C3BCC72AA527DBC5FA61AB8F
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys EBC1A5E076A9BE314D3D9E8ED19ABB0A
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 0C0195C48B6B8582FA6F6373032118DA
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 22:09 - 2014-01-31 22:15 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt
2014-01-31 22:07 - 2014-01-31 22:15 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt
2014-01-31 22:06 - 2014-01-31 22:15 - 00000000 ____D C:\FRST
2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe
2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip
2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp
2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk
2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty
2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty
2014-01-26 23:41 - 2014-01-26 23:50 - 00000169 _____ C:\Windows\SysWOW64\test.aok
2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-01-26 17:38 - 2014-01-30 22:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-26 14:50 - 2014-01-26 14:51 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip
2014-01-25 22:25 - 2014-01-25 22:26 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe
2014-01-24 16:11 - 2014-01-24 16:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images
2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp
2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp
2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe
2014-01-18 17:52 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:51 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 17:51 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 17:51 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk
2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-16 20:17 - 2014-01-16 21:49 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt
2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits
2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx
2014-01-16 00:01 - 2014-01-16 01:58 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp
2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx
2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx
2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx
2014-01-15 23:50 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx
2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt
2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt
2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt
2014-01-15 11:46 - 2014-01-15 11:47 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie
2014-01-15 10:52 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:52 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 10:52 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx
2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt
2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample
2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip
2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip
2014-01-12 15:12 - 2014-01-16 20:03 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique
2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F}
2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip
2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip
2014-01-08 22:13 - 2014-01-08 22:14 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip
2014-01-08 18:36 - 2014-01-08 19:03 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2014-01-08 00:18 - 2013-12-17 18:21 - 00000701 _____ C:\Users\Bill Gates\Desktop\Nouveau Document texte.txt
2014-01-06 23:58 - 2014-01-08 18:40 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk
2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll
2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll
2014-01-06 23:57 - 2014-01-06 23:59 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2)
2014-01-06 23:57 - 2014-01-06 23:58 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe
2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm
2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk
2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe
2014-01-06 21:59 - 2014-01-06 22:00 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-01-06 21:56 - 2014-01-06 21:57 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe
2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant
2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip
2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip
2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip
2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip
2014-01-05 17:25 - 2014-01-05 17:26 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv
2014-01-05 17:13 - 2014-01-05 17:36 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv
2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD}
2014-01-05 16:07 - 2014-01-05 16:08 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx
2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel
2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr
2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe
2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe
2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 04:36 - 2014-01-07 07:50 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test
2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507}
2014-01-01 18:23 - 2014-01-01 18:25 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano
==================== One Month Modified Files and Folders =======
2014-01-31 22:15 - 2014-01-31 22:09 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt
2014-01-31 22:15 - 2014-01-31 22:07 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt
2014-01-31 22:15 - 2014-01-31 22:06 - 00000000 ____D C:\FRST
2014-01-31 22:12 - 2012-04-03 11:29 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 22:10 - 2013-05-11 16:49 - 01953792 ___SH C:\Users\Bill Gates\Desktop\Thumbs.db
2014-01-31 22:07 - 2012-03-29 20:34 - 00000000 ____D C:\Users\OA
2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe
2014-01-31 21:57 - 2013-04-23 17:02 - 01059169 _____ C:\Windows\WindowsUpdate.log
2014-01-31 21:55 - 2013-11-12 17:48 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000UA.job
2014-01-31 21:35 - 2013-10-18 00:54 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003UA.job
2014-01-31 21:25 - 2012-07-05 04:23 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 20:13 - 2011-11-04 22:50 - 00745534 _____ C:\Windows\system32\perfh00C.dat
2014-01-31 20:13 - 2011-11-04 22:50 - 00149020 _____ C:\Windows\system32\perfc00C.dat
2014-01-31 20:13 - 2009-07-14 06:13 - 01662638 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\PMB Files
2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-31 17:25 - 2012-07-05 04:23 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 17:10 - 2013-12-06 18:52 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBill Gates
2014-01-31 17:10 - 2013-12-06 18:52 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBill Gates.job
2014-01-31 17:00 - 2012-04-06 15:28 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-31 17:00 - 2012-03-30 15:26 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-31 06:55 - 2013-11-12 17:48 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000Core.job
2014-01-31 06:30 - 2012-04-13 20:17 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\Adobe
2014-01-31 06:29 - 2013-10-18 00:54 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003Core.job
2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip
2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-30 22:38 - 2014-01-26 17:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-30 21:40 - 2012-06-09 10:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\vlc
2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp
2014-01-30 18:48 - 2012-04-12 16:43 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBILLGATES-HP$
2014-01-30 18:48 - 2012-04-12 16:43 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBILLGATES-HP$.job
2014-01-28 22:38 - 2013-05-10 22:07 - 00000000 ___RD C:\Users\Bill Gates\SkyDrive
2014-01-28 22:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 23:42 - 2012-03-30 17:20 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\CrashDumps
2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk
2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty
2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty
2014-01-26 23:50 - 2014-01-26 23:41 - 00000169 _____ C:\Windows\SysWOW64\test.aok
2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-01-26 14:51 - 2014-01-26 14:50 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip
2014-01-25 22:26 - 2014-01-25 22:25 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe
2014-01-24 16:12 - 2014-01-24 16:11 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images
2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp
2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp
2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe
2014-01-18 17:53 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:51 - 2013-07-19 15:24 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk
2014-01-18 11:25 - 2011-11-04 14:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 11:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-18 11:21 - 2011-11-04 14:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 11:16 - 2011-11-04 14:38 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 11:06 - 2011-02-10 20:23 - 00000000 ____D C:\SWSetup
2014-01-16 21:49 - 2014-01-16 20:17 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt
2014-01-16 20:03 - 2014-01-12 15:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique
2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits
2014-01-16 18:27 - 2009-07-14 05:45 - 00732000 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 03:05 - 2013-07-13 02:18 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 03:01 - 2012-03-31 17:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 01:58 - 2014-01-16 00:01 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp
2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx
2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx
2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx
2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx
2014-01-15 23:51 - 2014-01-15 23:50 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx
2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt
2014-01-15 19:59 - 2013-10-16 20:48 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\ZHP
2014-01-15 19:58 - 2013-10-16 20:49 - 00000040 _____ C:\Users\Bill
2014-01-15 19:55 - 2013-07-17 22:40 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt
2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt
2014-01-15 11:47 - 2014-01-15 11:46 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie
2014-01-15 10:43 - 2013-09-27 20:13 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\CodeBlocks
2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx
2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt
2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample
2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip
2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip
2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F}
2014-01-08 22:25 - 2012-05-31 07:20 - 00000000 ____D C:\Users\Bill Gates\Documents\Nicolas Dossiers
2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip
2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip
2014-01-08 22:14 - 2014-01-08 22:13 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip
2014-01-08 19:03 - 2014-01-08 18:36 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2014-01-08 19:03 - 2011-11-04 14:47 - 00001881 _____ C:\Users\Public\Desktop\Magic Desktop.lnk
2014-01-08 18:40 - 2014-01-06 23:58 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk
2014-01-08 05:39 - 2012-03-29 11:59 - 00000000 ____D C:\Users\Bill Gates\Documents\Youcam
2014-01-08 03:04 - 2012-04-28 02:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-08 03:04 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2014-01-08 00:20 - 2012-03-29 20:35 - 00003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{079F9E90-17B0-44CB-ACA6-4E05982DC2DC}
2014-01-07 07:50 - 2014-01-02 04:36 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test
2014-01-07 02:42 - 2013-10-20 20:47 - 00000000 ____D C:\Users\OA\AppData\Roaming\CodeBlocks
2014-01-06 23:59 - 2014-01-06 23:57 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2)
2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll
2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll
2014-01-06 23:58 - 2014-01-06 23:57 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe
2014-01-06 23:58 - 2011-11-04 14:47 - 00325640 _____ (Easybits Software AS) C:\Windows\SysWOW64\ezseng.exe
2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm
2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk
2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe
2014-01-06 22:00 - 2014-01-06 21:59 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-01-06 21:59 - 2013-12-28 22:10 - 00001091 _____ C:\Users\OA\Desktop\CodeBlocks.lnk
2014-01-06 21:59 - 2013-12-28 22:10 - 00000000 ____D C:\Program Files (x86)\CodeBlocks
2014-01-06 21:57 - 2014-01-06 21:56 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe
2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant
2014-01-06 21:48 - 2013-12-24 23:05 - 00000000 ____D C:\Users\Bill Gates\Desktop\TP9
2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip
2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip
2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip
2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip
2014-01-05 17:36 - 2014-01-05 17:13 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv
2014-01-05 17:26 - 2014-01-05 17:25 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv
2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD}
2014-01-05 16:08 - 2014-01-05 16:07 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx
2014-01-04 21:26 - 2012-04-24 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-04 05:12 - 2012-07-09 05:33 - 00000000 ____D C:\Users\Bill Gates\Documents\Vicnesh Dossiers
2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel
2014-01-03 14:32 - 2012-03-29 11:53 - 00000000 ____D C:\Users\Bill Gates
2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr
2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe
2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe
2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507}
2014-01-01 18:25 - 2014-01-01 18:23 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano
Some content of TEMP:
====================
C:\Users\Bill Gates\AppData\Local\Temp\avgnt.exe
C:\Users\Bill Gates\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\OA\AppData\Local\Temp\6_Offer_17.exe
C:\Users\OA\AppData\Local\Temp\avgnt.exe
C:\Users\OA\AppData\Local\Temp\DownloadManager.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {158181c0-9a00-11db-8a1d-b11d19fd3102}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
LastRegBack: 2014-01-29 22:27
==================== End Of Log ============================
Ran by Bill Gates (administrator) on BILLGATES-HP on 31-01-2014 22:15:15
Running from C:\Users\Bill Gates\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
() C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick-connector.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [612872 2014-01-03] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-08] (RealNetworks, Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-04] ()
HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKCU\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation)
HKCU\...\Run: [SkyDrive] - C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-15] (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Bill Gates\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-20] (Google Inc.)
HKU\OA\...\Run: [Google Update] - C:\Users\OA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-29] (Google Inc.)
HKU\OA\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\OA\...\Policies\system: [DisableLockWorkstation] 0
HKU\OA\...\Policies\system: [DisableChangePassword] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DB3BFB7E9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM - {E2F3799C-66D3-4E63-A94A-852705019087} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2014-01-06] ()
ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellExecuteHooks-x32: - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2014-01-06] ()
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
FireFox:
========
FF ProfilePath: C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: google.fr
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bill Gates\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml
FF Extension: DownloadHelper - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-30]
FF Extension: DebrideurStreaming - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi [2014-01-03]
FF Extension: Adblock Plus - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-24]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
Chrome:
=======
CHR HomePage: https://www.google.fr/
CHR Extension: (Adblock Plus) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-28]
CHR Extension: (Readium) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-01-19]
CHR Extension: (AdBlock) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-28]
CHR Extension: (Google Wallet) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (DebrideurStreaming - Add-On) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipaffcpmobohfilpejhaciheebhaaej [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-13] (Avira Operations GmbH & Co. KG)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
R2 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149872 2012-06-06] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-26] (DT Soft Ltd)
S3 GGSAFERDriver; C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [27744 2012-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 X6va005; \??\C:\Users\BILLGA~1\AppData\Local\Temp\005B19E.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys F784F9BF32E708C71A63220E89A58496
C:\Windows\System32\DRIVERS\atikmpag.sys 43FD45C0DFE0A0FF2B8BE0D4AC165E18
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 53BD875C7C0808235BFB803C1A8BE009
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Program Files (x86)\Garena Plus\Room\safedrv.sys 9C50A5AD2218F133E48F9F35B749E9F4
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdpmd64.sys 33FAA40B288002C89529DBD14F3AB72C
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 31609B481CC202BFB441E37FEBCDEA05
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtsPStor.sys 6E5C3D18C3BCC72AA527DBC5FA61AB8F
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys EBC1A5E076A9BE314D3D9E8ED19ABB0A
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 0C0195C48B6B8582FA6F6373032118DA
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 22:09 - 2014-01-31 22:15 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt
2014-01-31 22:07 - 2014-01-31 22:15 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt
2014-01-31 22:06 - 2014-01-31 22:15 - 00000000 ____D C:\FRST
2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe
2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip
2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp
2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk
2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty
2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty
2014-01-26 23:41 - 2014-01-26 23:50 - 00000169 _____ C:\Windows\SysWOW64\test.aok
2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-01-26 17:38 - 2014-01-30 22:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-26 14:50 - 2014-01-26 14:51 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip
2014-01-25 22:25 - 2014-01-25 22:26 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe
2014-01-24 16:11 - 2014-01-24 16:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images
2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp
2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp
2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe
2014-01-18 17:52 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:51 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 17:51 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 17:51 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk
2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-16 20:17 - 2014-01-16 21:49 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt
2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits
2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx
2014-01-16 00:01 - 2014-01-16 01:58 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp
2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx
2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx
2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx
2014-01-15 23:50 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx
2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt
2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt
2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt
2014-01-15 11:46 - 2014-01-15 11:47 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie
2014-01-15 10:52 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 10:52 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 10:52 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 10:52 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx
2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt
2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample
2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip
2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip
2014-01-12 15:12 - 2014-01-16 20:03 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique
2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F}
2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip
2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip
2014-01-08 22:13 - 2014-01-08 22:14 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip
2014-01-08 18:36 - 2014-01-08 19:03 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2014-01-08 00:18 - 2013-12-17 18:21 - 00000701 _____ C:\Users\Bill Gates\Desktop\Nouveau Document texte.txt
2014-01-06 23:58 - 2014-01-08 18:40 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk
2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll
2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll
2014-01-06 23:57 - 2014-01-06 23:59 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2)
2014-01-06 23:57 - 2014-01-06 23:58 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe
2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm
2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk
2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe
2014-01-06 21:59 - 2014-01-06 22:00 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-01-06 21:56 - 2014-01-06 21:57 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe
2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant
2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip
2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip
2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip
2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip
2014-01-05 17:25 - 2014-01-05 17:26 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv
2014-01-05 17:13 - 2014-01-05 17:36 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv
2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD}
2014-01-05 16:07 - 2014-01-05 16:08 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx
2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel
2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr
2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe
2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe
2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 04:36 - 2014-01-07 07:50 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test
2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507}
2014-01-01 18:23 - 2014-01-01 18:25 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano
==================== One Month Modified Files and Folders =======
2014-01-31 22:15 - 2014-01-31 22:09 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt
2014-01-31 22:15 - 2014-01-31 22:07 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt
2014-01-31 22:15 - 2014-01-31 22:06 - 00000000 ____D C:\FRST
2014-01-31 22:12 - 2012-04-03 11:29 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 22:10 - 2013-05-11 16:49 - 01953792 ___SH C:\Users\Bill Gates\Desktop\Thumbs.db
2014-01-31 22:07 - 2012-03-29 20:34 - 00000000 ____D C:\Users\OA
2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe
2014-01-31 21:57 - 2013-04-23 17:02 - 01059169 _____ C:\Windows\WindowsUpdate.log
2014-01-31 21:55 - 2013-11-12 17:48 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000UA.job
2014-01-31 21:35 - 2013-10-18 00:54 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003UA.job
2014-01-31 21:25 - 2012-07-05 04:23 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 20:13 - 2011-11-04 22:50 - 00745534 _____ C:\Windows\system32\perfh00C.dat
2014-01-31 20:13 - 2011-11-04 22:50 - 00149020 _____ C:\Windows\system32\perfc00C.dat
2014-01-31 20:13 - 2009-07-14 06:13 - 01662638 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\PMB Files
2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-31 17:25 - 2012-07-05 04:23 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 17:10 - 2013-12-06 18:52 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBill Gates
2014-01-31 17:10 - 2013-12-06 18:52 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBill Gates.job
2014-01-31 17:00 - 2012-04-06 15:28 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-31 17:00 - 2012-03-30 15:26 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-31 06:55 - 2013-11-12 17:48 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000Core.job
2014-01-31 06:30 - 2012-04-13 20:17 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\Adobe
2014-01-31 06:29 - 2013-10-18 00:54 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003Core.job
2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip
2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-30 22:38 - 2014-01-26 17:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-30 21:40 - 2012-06-09 10:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\vlc
2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp
2014-01-30 18:48 - 2012-04-12 16:43 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBILLGATES-HP$
2014-01-30 18:48 - 2012-04-12 16:43 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBILLGATES-HP$.job
2014-01-28 22:38 - 2013-05-10 22:07 - 00000000 ___RD C:\Users\Bill Gates\SkyDrive
2014-01-28 22:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 23:42 - 2012-03-30 17:20 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\CrashDumps
2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk
2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty
2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty
2014-01-26 23:50 - 2014-01-26 23:41 - 00000169 _____ C:\Windows\SysWOW64\test.aok
2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2014-01-26 14:51 - 2014-01-26 14:50 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip
2014-01-25 22:26 - 2014-01-25 22:25 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe
2014-01-24 16:12 - 2014-01-24 16:11 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images
2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp
2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp
2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe
2014-01-18 17:53 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:51 - 2013-07-19 15:24 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk
2014-01-18 11:25 - 2011-11-04 14:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 11:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-18 11:21 - 2011-11-04 14:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 11:16 - 2011-11-04 14:38 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 11:06 - 2011-02-10 20:23 - 00000000 ____D C:\SWSetup
2014-01-16 21:49 - 2014-01-16 20:17 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt
2014-01-16 20:03 - 2014-01-12 15:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique
2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits
2014-01-16 18:27 - 2009-07-14 05:45 - 00732000 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 03:05 - 2013-07-13 02:18 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 03:01 - 2012-03-31 17:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 01:58 - 2014-01-16 00:01 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp
2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx
2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx
2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx
2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx
2014-01-15 23:51 - 2014-01-15 23:50 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx
2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt
2014-01-15 19:59 - 2013-10-16 20:48 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\ZHP
2014-01-15 19:58 - 2013-10-16 20:49 - 00000040 _____ C:\Users\Bill
2014-01-15 19:55 - 2013-07-17 22:40 - 00000000 ____D C:\Program Files (x86)\ZHPDiag
2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt
2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt
2014-01-15 11:47 - 2014-01-15 11:46 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie
2014-01-15 10:43 - 2013-09-27 20:13 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\CodeBlocks
2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx
2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt
2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample
2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip
2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip
2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F}
2014-01-08 22:25 - 2012-05-31 07:20 - 00000000 ____D C:\Users\Bill Gates\Documents\Nicolas Dossiers
2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip
2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip
2014-01-08 22:14 - 2014-01-08 22:13 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip
2014-01-08 19:03 - 2014-01-08 18:36 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2014-01-08 19:03 - 2011-11-04 14:47 - 00001881 _____ C:\Users\Public\Desktop\Magic Desktop.lnk
2014-01-08 18:40 - 2014-01-06 23:58 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk
2014-01-08 05:39 - 2012-03-29 11:59 - 00000000 ____D C:\Users\Bill Gates\Documents\Youcam
2014-01-08 03:04 - 2012-04-28 02:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-08 03:04 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2014-01-08 00:20 - 2012-03-29 20:35 - 00003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{079F9E90-17B0-44CB-ACA6-4E05982DC2DC}
2014-01-07 07:50 - 2014-01-02 04:36 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test
2014-01-07 02:42 - 2013-10-20 20:47 - 00000000 ____D C:\Users\OA\AppData\Roaming\CodeBlocks
2014-01-06 23:59 - 2014-01-06 23:57 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2)
2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll
2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll
2014-01-06 23:58 - 2014-01-06 23:57 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe
2014-01-06 23:58 - 2011-11-04 14:47 - 00325640 _____ (Easybits Software AS) C:\Windows\SysWOW64\ezseng.exe
2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm
2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk
2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe
2014-01-06 22:00 - 2014-01-06 21:59 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-01-06 21:59 - 2013-12-28 22:10 - 00001091 _____ C:\Users\OA\Desktop\CodeBlocks.lnk
2014-01-06 21:59 - 2013-12-28 22:10 - 00000000 ____D C:\Program Files (x86)\CodeBlocks
2014-01-06 21:57 - 2014-01-06 21:56 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe
2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant
2014-01-06 21:48 - 2013-12-24 23:05 - 00000000 ____D C:\Users\Bill Gates\Desktop\TP9
2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip
2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip
2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip
2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip
2014-01-05 17:36 - 2014-01-05 17:13 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv
2014-01-05 17:26 - 2014-01-05 17:25 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv
2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD}
2014-01-05 16:08 - 2014-01-05 16:07 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx
2014-01-04 21:26 - 2012-04-24 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-04 05:12 - 2012-07-09 05:33 - 00000000 ____D C:\Users\Bill Gates\Documents\Vicnesh Dossiers
2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel
2014-01-03 14:32 - 2012-03-29 11:53 - 00000000 ____D C:\Users\Bill Gates
2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr
2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe
2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll
2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe
2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507}
2014-01-01 18:25 - 2014-01-01 18:23 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano
Some content of TEMP:
====================
C:\Users\Bill Gates\AppData\Local\Temp\avgnt.exe
C:\Users\Bill Gates\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\OA\AppData\Local\Temp\6_Offer_17.exe
C:\Users\OA\AppData\Local\Temp\avgnt.exe
C:\Users\OA\AppData\Local\Temp\DownloadManager.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {572bcd60-ffa7-11d9-aae0-0007e994107d}
device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.exe
description Microsoft Windows PE 2.0
osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
detecthal Yes
winpe Yes
ems Yes
Chargeur de d‚marrage Windows
-----------------------------
identificateur {7a5ba12a-24a2-11e1-b024-83d0fe2948fc}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {158181c0-9a00-11db-8a1d-b11d19fd3102}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {7a5ba12b-24a2-11e1-b024-83d0fe2948fc}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Options Ramdisk du programme d'installation
-------------------------------------------
identificateur {ramdiskoptions}
description Ramdisk Options
ramdisksdidevice boot
ramdisksdipath \boot\boot.sdi
LastRegBack: 2014-01-29 22:27
==================== End Of Log ============================