cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.4.28.44 - Nicolas Coolman (28/04/2015)
~ Lancé par Australien (30/04/2015 01:38:45)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.10011.0
MFIE: Mozilla Firefox 37.0.2 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : HQRJR
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 10 Pro Insider Preview, 64-bit (Build 10074)

---\\ Logiciels de protection du système

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 2 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 7038 MB (78% free)
System Restore: Activé (Enable)
System drive C: has 84 GB (84%) free of 100 GB

---\\ Mode de connexion au système
~ Computer Name: AUSTRALIEN
~ User Name: Australien
~ All Users Names: UpdatusUser, DefaultAccount, Australien, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Australien\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Australien\AppData\Roaming\
~ %Desktop% : C:\Users\Australien\Desktop\
~ %Favorites% : C:\Users\Australien\Favorites\
~ %LocalAppData% : C:\Users\Australien\AppData\Local\
~ %StartMenu% : C:\Users\Australien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 84 Go of 100 Go)
D: Hard drive, Flash drive, Thumb drive (Free 756 Go of 800 Go)
E: Hard drive, Flash drive, Thumb drive (Free 2 Go of 31 Go)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 40 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.26509DA9B774B733403BDD56F0814744] - (.Microsoft Corporation - Explorateur Windows.) (.25/04/2015 - 04:17:08.) -- C:\Windows\Explorer.exe [3755624]
[MD5.F3BF1475C2CD9FDE3BE65AEC7F2CB925] - (.Microsoft Corporation - Application de démarrage de Windows.) (.25/04/2015 - 04:15:14.) -- C:\Windows\System32\Wininit.exe [232088]
[MD5.848D9FD699810130ACD4EA6937E3DF46] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/04/2015 - 04:40:30.) -- C:\Windows\System32\wininet.dll [2678784]
[MD5.39C72E3C2C501B5C08C94F8F2C33FE79] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.25/04/2015 - 04:15:07.) -- C:\Windows\System32\Winlogon.exe [566784]
[MD5.1F803E94F54E82BBF4CDB855C83A9D90] - (.Microsoft Corporation - Bibliothèque de licences.) (.25/04/2015 - 04:15:06.) -- C:\Windows\System32\sppcomapi.dll [430080]
[MD5.876E45D4E97B7EECEA626BE7BBC82E88] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.25/04/2015 - 04:16:09.) -- C:\Windows\system32\Drivers\AFD.sys [574952]
[MD5.0E96CE4BC77739E8B16FEE9C5E30A4F0] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.25/04/2015 - 04:12:29.) -- C:\Windows\system32\Drivers\atapi.sys [28136]
[MD5.472011DABF88E2E1230DB57091BA4251] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/04/2015 - 04:16:50.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.138D65E67D5AA6AC4BFD53F656EA9DC0] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/04/2015 - 04:12:31.) -- C:\Windows\system32\Drivers\Cdrom.sys [173056]
[MD5.C7B25B26FAD9B3FE879C2F27C5E4AD3C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.25/04/2015 - 04:14:42.) -- C:\Windows\system32\Drivers\DfsC.sys [141824]
[MD5.0ACC366AF0458B3F21BE3A85FE0B23AF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.25/04/2015 - 04:11:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [80384]
[MD5.E99EC8F22548671D78011A259251C1CE] - (.Microsoft Corporation - Pilote de port i8042.) (.25/04/2015 - 04:12:28.) -- C:\Windows\system32\Drivers\i8042prt.sys [103936]
[MD5.D1ACE39DF0F0E127F00ACC23710F4810] - (.Microsoft Corporation - IP Network Address Translator.) (.25/04/2015 - 04:14:09.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.63B4D040D092D105F929F05842AAE2CB] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.25/04/2015 - 04:14:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [425472]
[MD5.63C89677B5734E5E67101C965B64DAC5] - (.Microsoft Corporation - MBT Transport driver.) (.25/04/2015 - 04:16:46.) -- C:\Windows\system32\Drivers\netBT.sys [280064]
[MD5.54DCCE70454F1E06F49D14AE7CFB6E0A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.25/04/2015 - 04:16:09.) -- C:\Windows\system32\Drivers\ntfs.sys [2099176]
[MD5.BDD5E6FEF8BD92E9B35669D85CC4794B] - (.Microsoft Corporation - Pilote de port parallèle.) (.25/04/2015 - 04:12:29.) -- C:\Windows\system32\Drivers\Parport.sys [96256]
[MD5.078521DF6793BF10101403E0D525BD11] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/04/2015 - 04:14:03.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [104448]
[MD5.A2805F72A4285C41BC6690F30B97CF4C] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.25/04/2015 - 09:18:44.) -- C:\Windows\system32\Drivers\rdpdr.sys [172032]
[MD5.80B370562F0E0B8F5926E34DA5518BDA] - (.Microsoft Corporation - TDI Translation Driver.) (.25/04/2015 - 04:16:10.) -- C:\Windows\system32\Drivers\tdx.sys [114152]
[MD5.83476AAF0475220EDF11F501F42DFB12] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/04/2015 - 04:12:32.) -- C:\Windows\system32\Drivers\volsnap.sys [377320]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4
~ Mes Favoris (My Favorites) : 1/3
~ Mon Bureau (My Desktop) : 1/2
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.5420880623BD70F2EB6BB62C43620590] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8204800] [PID.3788]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: Extension [Australien - 09gbl9p3.default] uBlock0@raymondhill.net.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Windows10FirewallControl] . (.Sphinx Software - Windows 10 Firewall Control.) -- C:\Program Files\Windows10FirewallControl\Windows10FirewallControl.exe
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Australien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe
O4 - HKUS\S-1-5-21-1365879078-3121897854-3934030656-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Australien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{39364147-de28-4d18-a4f6-12333d89dcba}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{39364147-de28-4d18-a4f6-12333d89dcba}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 2 Legitimates Filtered in 00mn 05s



---\\ HKCU & HKLM Software Keys
[HKLM\Software\Partner]
~ Key Software: 93 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/04/2015 - 05:36:53 - [0] ----D C:\ProgramData\Comms
O43 - CFD: 29/04/2015 - 19:41:54 - [] ----D C:\ProgramData\Users
O43 - CFD: 29/04/2015 - 09:18:19 - [] ----D C:\ProgramData\USOPrivate
O43 - CFD: 25/04/2015 - 10:19:04 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 29/04/2015 - 18:50:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10FirewallControl
O43 - CFD: 29/04/2015 - 20:43:38 - [] ----D C:\Users\Australien\AppData\Local\ActiveSync
O43 - CFD: 29/04/2015 - 19:43:54 - [] ----D C:\Users\Australien\AppData\Local\Comms
O43 - CFD: 29/04/2015 - 09:12:24 - [0] ----D C:\Users\Australien\AppData\Local\GameDVR
O43 - CFD: 29/04/2015 - 13:43:56 - [0] ----D C:\Users\Australien\AppData\Local\PeerDistRepub
O43 - CFD: 29/04/2015 - 23:51:40 - [] ----D C:\Users\Australien\AppData\Local\Spartan
~ Program Folder: 76 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.25349D0B334E528667980948ED107D89] - 25/04/2015 - 04:12:24 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O44 - LFC:[MD5.37FCF629B537DDB5D60E41AF15B1674C] - 25/04/2015 - 04:12:28 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [59880]
O44 - LFC:[MD5.73B425833EB78914A87B7A3A2DE7D28E] - 25/04/2015 - 04:12:28 ---A- . (.Mellanox - Kernel WinMad.) -- C:\Windows\System32\Drivers\winmad.sys [27112]
O44 - LFC:[MD5.E102E70F9309871AD039E9A2F363DD1C] - 25/04/2015 - 04:12:28 ---A- . (.Mellanox - MLX4 Bus Driver.) -- C:\Windows\System32\Drivers\mlx4_bus.sys [705512]
O44 - LFC:[MD5.705F3CEDC9D87A0AA3308B32FAB223FA] - 25/04/2015 - 04:12:28 ---A- . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\Windows\System32\Drivers\ndfltr.sys [76264]
O44 - LFC:[MD5.E6FEAD7220127F49A4ED31DE335E66AE] - 25/04/2015 - 04:12:29 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\percsas3i.sys [58856]
O44 - LFC:[MD5.386A74B9CC73C925F940AC4B872C8536] - 25/04/2015 - 04:12:29 ---A- . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\Windows\System32\Drivers\ibbus.sys [424936]
O44 - LFC:[MD5.DD4A847A468071F6B3E43060FE021EFA] - 25/04/2015 - 04:12:29 ---A- . (.Mellanox - Kernel WinVerbs.) -- C:\Windows\System32\Drivers\winverbs.sys [59368]
O44 - LFC:[MD5.1F3FEFC4768892160F39CCAD50584EAB] - 25/04/2015 - 04:12:29 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\Drivers\stexstor.sys [31208]
O44 - LFC:[MD5.D1E3D48C460757EB50C49304260EE05D] - 25/04/2015 - 04:13:38 ---A- . (...) -- C:\Windows\System32\Drivers\Udecx.sys [43008]
O44 - LFC:[MD5.FC87E04EE9CF3D87CDC5272CC399A818] - 25/04/2015 - 04:13:43 ---A- . (...) -- C:\Windows\System32\facecredentialprovider.dll [201728]
O44 - LFC:[MD5.17251A101F683FF834CB5DBC799C5D31] - 25/04/2015 - 04:13:48 ---A- . (...) -- C:\Windows\System32\diagtrack_wininternal.dll [379904]
O44 - LFC:[MD5.C146E873B22C3B300B21A859FE66C27A] - 25/04/2015 - 04:13:54 ---A- . (...) -- C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [21656]
O44 - LFC:[MD5.83117CD98D1230F41FE62B71003CCB50] - 25/04/2015 - 04:13:54 ---A- . (...) -- C:\Windows\System32\gatherNetworkInfo.vbs [75634]
O44 - LFC:[MD5.3A77C18665A4C8428768CE186A5BC1EF] - 25/04/2015 - 04:13:54 ---A- . (...) -- C:\Windows\System32\rasctrnm.h [1820]
O44 - LFC:[MD5.9ED84D86676B79DFC7A9DD1B537E1883] - 25/04/2015 - 04:13:55 ---A- . (...) -- C:\Windows\System32\WF.msc [115091]
O44 - LFC:[MD5.86166DAA04A6C154826508304CC6D4AC] - 25/04/2015 - 04:13:58 ---A- . (...) -- C:\Windows\System32\NdfEventView.xml [565]
O44 - LFC:[MD5.23AF90D2355D8C83AA4567EF1763B467] - 25/04/2015 - 04:13:58 ---A- . (...) -- C:\Windows\mib.bin [43131]
O44 - LFC:[MD5.7F4739822DCAD824BEADC3C8791047C3] - 25/04/2015 - 04:13:58 ---A- . (.Pas de propriétaire - Gestionnaire de contexte pour réseau person.) -- C:\Windows\System32\BthpanContextHandler.dll [93696]
O44 - LFC:[MD5.BDE6152B584ABDA7DA102B363E58354F] - 25/04/2015 - 04:14:03 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [396419]
O44 - LFC:[MD5.684DDBD6ED4066B10660A3A06655B59A] - 25/04/2015 - 04:14:08 ---A- . (...) -- C:\Windows\System32\xwizard.dtd [4014]
O44 - LFC:[MD5.007893E8374C766471239EB291BA8C17] - 25/04/2015 - 04:14:10 ---A- . (...) -- C:\Windows\System32\psmodulediscoveryprovider.mof [4148]
O44 - LFC:[MD5.E0ADDCE97EE521C9AC4F53EE17A05BD5] - 25/04/2015 - 04:14:13 ---A- . (...) -- C:\Windows\System32\WmiMgmt.msc [144673]
O44 - LFC:[MD5.F04C119C159670C9271623454BEC3254] - 25/04/2015 - 04:14:13 ---A- . (...) -- C:\Windows\System32\compmgmt.msc [113256]
O44 - LFC:[MD5.D6CBFA113B69C491DE370E85EBAC80E9] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\WsmPty.xsl [1559]
O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\WsmTxt.xsl [2426]
O44 - LFC:[MD5.DCCA682FEA47192106EC4F2001EAE182] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\certlm.msc [63081]
O44 - LFC:[MD5.4C7390A1FF613FBBF59141CA0BE8AE89] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\certmgr.msc [63070]
O44 - LFC:[MD5.33C138E3A498083EF8792EAC3FD707BA] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\winrm.cmd [35]
O44 - LFC:[MD5.9D7684F978EBD77E6A3EA7EF1330B946] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\winrm.vbs [204105]
O44 - LFC:[MD5.930423065AB3F5DB52D5726C7FC66385] - 25/04/2015 - 04:14:15 ---A- . (...) -- C:\Windows\System32\wsmanconfig_schema.xml [4675]
O44 - LFC:[MD5.9B8CE26C1425C46784C5211D9420087F] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\AppxProvisioning.xml [1181]
O44 - LFC:[MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\EventViewer_EventDetails.xsl [17935]
O44 - LFC:[MD5.C5B3E109B3B88B0CC420304EA7BF6B70] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\azman.msc [41587]
O44 - LFC:[MD5.9BDCCC1A87CCA27ADEACE8144F385165] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\eventvwr.msc [145127]
O44 - LFC:[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\settings.dat [8192]
O44 - LFC:[MD5.AB2A58839814D2EA5EE621B5DBF944FF] - 25/04/2015 - 04:14:16 ---A- . (...) -- C:\Windows\System32\taskschd.msc [145059]
O44 - LFC:[MD5.97AED7FC6C2B38F34CA1A3C10D2F5A60] - 25/04/2015 - 04:14:21 ---A- . (...) -- C:\Windows\System32\fsmgmt.msc [144909]
O44 - LFC:[MD5.2D8D95469EC26AAA986AAD1CE424E631] - 25/04/2015 - 04:14:22 ---A- . (...) -- C:\Windows\System32\services.msc [92746]
O44 - LFC:[MD5.7DD7A13D2CD16D64F3F3E0F57F5F14CD] - 25/04/2015 - 04:14:23 ---A- . (...) -- C:\Windows\System32\DiskSnapshot.conf [111609]
O44 - LFC:[MD5.22D9945B4AAE36DD59620A918F2E65F4] - 25/04/2015 - 04:14:29 ---A- . (...) -- C:\Windows\System32\boot.sdi [3170304]
O44 - LFC:[MD5.3972B8D1A036CD4389655E3414C9570F] - 25/04/2015 - 04:14:29 ---A- . (...) -- C:\Windows\System32\diskmgmt.msc [47679]
O44 - LFC:[MD5.AE7A0ECEFBE2758816D9D1E2DFBAA842] - 25/04/2015 - 04:14:30 ---A- . (...) -- C:\Windows\System32\srms.dat [54890]
O44 - LFC:[MD5.0D143112394173967A3647096F74E743] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_037.NLS [66082]
O44 - LFC:[MD5.90F5232D99D17AA1BBA3CE2228CF1B2A] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_500.NLS [66082]
O44 - LFC:[MD5.77F127766D758EB2C6451E221A0C7F7D] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_708.NLS [66082]
O44 - LFC:[MD5.C050215D8D21DF5658E94187973FB89C] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_720.NLS [66594]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_737.NLS [66594]
O44 - LFC:[MD5.0E61D6CD6391CE9BF007BAF0DC905320] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_775.NLS [66594]
O44 - LFC:[MD5.CAAF621DC0936CCAC5106EA62F350E80] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_850.NLS [66594]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_852.NLS [66594]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_855.NLS [66594]
O44 - LFC:[MD5.B124A84735113A699F0413F1D6875975] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_860.NLS [66594]
O44 - LFC:[MD5.DDE3D4D8C117B5A67F7898DA547F0E4E] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_861.NLS [66594]
O44 - LFC:[MD5.A99203A3397A9DB352C5D8DFBDA230A8] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_862.NLS [66594]
O44 - LFC:[MD5.0220888BDD435156DE91C5D390FE0166] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_863.NLS [66594]
O44 - LFC:[MD5.C58563DF50115E935BC811FFBCE1FC89] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_864.NLS [66594]
O44 - LFC:[MD5.4091021638E2591CFAED8E1CF9D54E1F] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_865.NLS [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_866.NLS [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_869.NLS [66594]
O44 - LFC:[MD5.48841546AC3B8698C93991E99851F0CF] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_870.NLS [66082]
O44 - LFC:[MD5.7A0EE54F89FFE0F038660BA580FB4440] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_874.NLS [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 25/04/2015 - 04:14:31 ---A- . (...) -- C:\Windows\System32\C_875.NLS [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_857.NLS [66594]
O44 - LFC:[MD5.42518F84AA761C84B4F5F366C6E424F1] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_858.NLS [66594]
O44 - LFC:[MD5.DFFAFA40198800BA2933977F67B956C2] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_932.NLS [162850]
O44 - LFC:[MD5.17028718996FCBCEEE59F38F2D944281] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_936.NLS [196642]
O44 - LFC:[MD5.D2558C26CDBF05740348451DB6A5B955] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_949.NLS [196642]
O44 - LFC:[MD5.8557D3EDA30586685DAD701ABA69D0DD] - 25/04/2015 - 04:14:32 ---A- . (...) -- C:\Windows\System32\C_950.NLS [196642]
O44 - LFC:[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - 25/04/2015 - 04:14:35 ---A- . (...) -- C:\Windows\System32\WdsUnattendTemplate.xml [614]
O44 - LFC:[MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - 25/04/2015 - 04:14:35 ---A- . (...) -- C:\Windows\System32\chs_singlechar_pinyin.dat [167640]
O44 - LFC:[MD5.A716B23BA6632B7F0DABB5B8AC078F27] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10000.NLS [66082]
O44 - LFC:[MD5.157A2706E78D7B581642F6F787EC37E5] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10001.NLS [162850]
O44 - LFC:[MD5.05C0B7F8FA403E6DA75671685A58A940] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10002.NLS [195618]
O44 - LFC:[MD5.1855E6398A2E937E47809FD8B83647E4] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10003.NLS [177698]
O44 - LFC:[MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10004.NLS [66082]
O44 - LFC:[MD5.72233F1A1D788A84D4687A258CC97CBF] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10005.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10006.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10007.NLS [66082]
O44 - LFC:[MD5.23C1E8F026FB81824388E8EC457CF75E] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10008.NLS [173602]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10010.NLS [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10017.NLS [66082]
O44 - LFC:[MD5.F3C139AD492C4F73353057442E6995CE] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10021.NLS [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10029.NLS [66082]
O44 - LFC:[MD5.29B5AF5B12D955C316821F277C5B4D7D] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10079.NLS [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10081.NLS [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_10082.NLS [66082]
O44 - LFC:[MD5.947813F75A56A20EF65DC9E479EBEA4D] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20273.NLS [66082]
O44 - LFC:[MD5.2AB1DF9DFBD49E343AF5D5FA7D17024E] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20280.NLS [66082]
O44 - LFC:[MD5.E37E1766C1D7C21C5EFAD0F20D923039] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20284.NLS [66082]
O44 - LFC:[MD5.BCD8AC4CE06E227A2FBA81862B5F0D42] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20285.NLS [66082]
O44 - LFC:[MD5.B2B3B6A63D9A1837673A2B2C44455A20] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20290.NLS [66082]
O44 - LFC:[MD5.C3581190325F812CB7F5F928E722F132] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20297.NLS [66082]
O44 - LFC:[MD5.61FBE3736279973CBA71EE0CDEAAAA6C] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20871.NLS [66082]
O44 - LFC:[MD5.8464E9CAB0DA3F209320D782631DD5A2] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_20880.NLS [66082]
O44 - LFC:[MD5.E45ECA3F540E09C039710EF00219A61B] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28591.NLS [66082]
O44 - LFC:[MD5.0F8F998263E4C090C9C9B31D84C41654] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28592.NLS [66082]
O44 - LFC:[MD5.082453B28A3F457FFF330DBDDB32FF45] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28593.NLS [66082]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28594.NLS [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28595.NLS [66082]
O44 - LFC:[MD5.4D4C7CED88E5621F21A4911A44CADACC] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28596.NLS [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28597.NLS [66082]
O44 - LFC:[MD5.BDD5D78F5DB2204A9247C53861357FAF] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28598.NLS [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\C_28599.NLS [66082]
O44 - LFC:[MD5.1337FA3B3B885556F22C8FF2D8CB4628] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\normidna.nls [72286]
O44 - LFC:[MD5.9814F3AA6D4992B2C063D01B1D45E526] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\normnfc.nls [50112]
O44 - LFC:[MD5.2288FE4F6518F8A836E1FE31E808C401] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\normnfd.nls [43566]
O44 - LFC:[MD5.BBD02FA36D24E43EF5FF51266D1B71A4] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\normnfkc.nls [71824]
O44 - LFC:[MD5.A492147939DE74E189BB270144CDA7FB] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\normnfkd.nls [65698]
O44 - LFC:[MD5.9359341F78E00134B527814B4868ECD5] - 25/04/2015 - 04:14:36 ---A- . (...) -- C:\Windows\System32\tpm.msc [144862]
O44 - LFC:[MD5.AAB0740BCBDCE107E0BABEE466905EB4] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20000.NLS [180258]
O44 - LFC:[MD5.48699E0B2F0B56E132D8200BA23E7176] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20001.NLS [186402]
O44 - LFC:[MD5.A5D79E78E4412AC3C79DED42CD95C3EA] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20002.NLS [173602]
O44 - LFC:[MD5.971E382CB790C07536F380C172848C92] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20003.NLS [185378]
O44 - LFC:[MD5.A47DBDBAEA690F4713185EBB5790BBFF] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20004.NLS [180258]
O44 - LFC:[MD5.9C78D8BC06315FE97936167F5063F924] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20005.NLS [187938]
O44 - LFC:[MD5.1F55C295A71290992C95CF1F41CDB0E4] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20105.NLS [66082]
O44 - LFC:[MD5.00E11B5E8C252190DEC893FD84D3B06D] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20106.NLS [66082]
O44 - LFC:[MD5.EB7AD61171B280F1CA90CF3AC0F43717] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20107.NLS [66082]
O44 - LFC:[MD5.C8FBDF3805D2F229DE3CA2EF5A248CCC] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20108.NLS [66082]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20127.NLS [66082]
O44 - LFC:[MD5.7D07126E0ED768C04B245A43AF2F94ED] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20261.NLS [139810]
O44 - LFC:[MD5.BA660D994876755C9E90871B919BB5EC] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20269.NLS [66082]
O44 - LFC:[MD5.947B06BC793BFF9A4808C8CF57B0E273] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20277.NLS [66082]
O44 - LFC:[MD5.AF4F8AEC071515D6FC6E8203A0DBF655] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20278.NLS [66082]
O44 - LFC:[MD5.4FEA99284FA34D8E69C8D865D9426D2B] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20420.NLS [66082]
O44 - LFC:[MD5.E3AAE11859C598FB936017816567FD96] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20423.NLS [66082]
O44 - LFC:[MD5.3A0FA5F25C5FF909766347627B446511] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20424.NLS [66082]
O44 - LFC:[MD5.E27DCCEEFABD04FC7D81BE65B233C653] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20833.NLS [66082]
O44 - LFC:[MD5.A124CAA7470CCF0354A57AB30808293F] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20838.NLS [66082]
O44 - LFC:[MD5.DD7F9900C070890C59417B5271581ED3] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20866.NLS [66082]
O44 - LFC:[MD5.1ADCE2879B486ACB126750EF18B2E658] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20905.NLS [66082]
O44 - LFC:[MD5.E4642396D2098F65C7E88C0AC1EE7379] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20924.NLS [66082]
O44 - LFC:[MD5.3FEF4EEFC8827A03B19124575B17205E] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20932.NLS [180770]
O44 - LFC:[MD5.32919D0DA9A834E8197203C4858ABCF6] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20936.NLS [173602]
O44 - LFC:[MD5.232094E602642181A5A508975665D11B] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_20949.NLS [177698]
O44 - LFC:[MD5.85D74656F26B33F21B5129252B1578D0] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_21025.NLS [66082]
O44 - LFC:[MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_21027.NLS [66082]
O44 - LFC:[MD5.41034D46626ECC2CC635FD884E878D6D] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_21866.NLS [66082]
O44 - LFC:[MD5.DA11C0F72C41A6B3CA24FB83E52D7043] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\C_28605.NLS [66082]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 25/04/2015 - 04:14:42 ---A- . (...) -- C:\Windows\System32\c_28603.nls [66082]
O44 - LFC:[MD5.71E7F8B0F28585439E95B3D3B296984B] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1026.NLS [66082]
O44 - LFC:[MD5.7CB90B3604A45355218E6A20BD7B7A0B] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1047.NLS [66082]
O44 - LFC:[MD5.F0C0509A9A633332B99F009D1DAA7612] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1141.NLS [66082]
O44 - LFC:[MD5.69316F1B309BA5AC371EFD09267BD670] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1142.NLS [66082]
O44 - LFC:[MD5.3EA8E21340AF59C80CB35A6A53FE52D7] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1143.NLS [66082]
O44 - LFC:[MD5.FD2D28063FB4FD12BC6EF18A6D10769E] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1144.NLS [66082]
O44 - LFC:[MD5.123B711FF0BF69B4462C279D342380AF] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1145.NLS [66082]
O44 - LFC:[MD5.D288777605A2F4E12A9C6E360CE44987] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1146.NLS [66082]
O44 - LFC:[MD5.7623492F4FCB5E317578F897A7476E16] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1147.NLS [66082]
O44 - LFC:[MD5.32CA3320D8C8F37770764BDFF1C2FE15] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1148.NLS [66082]
O44 - LFC:[MD5.484A1C398A16DD464E8468046526985C] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1149.NLS [66082]
O44 - LFC:[MD5.0E91B896B81CF0B7DF62C824224B891A] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1251.NLS [66082]
O44 - LFC:[MD5.E1858EDF032363E84922CDB91E75797A] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1253.NLS [66082]
O44 - LFC:[MD5.808CCC573F51DC7AB3D5151A2D2AF1BF] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1254.NLS [66082]
O44 - LFC:[MD5.C386BDB1A653A4390313AE192EFF2732] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1255.NLS [66082]
O44 - LFC:[MD5.6F42B3E7ED97C9EAC38615B907F08721] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1256.NLS [66082]
O44 - LFC:[MD5.AF381A5B093736A3A28EFDC1BB4F5FCB] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1257.NLS [66082]
O44 - LFC:[MD5.43B0D0C38C885CCF742740FFC1F00535] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1258.NLS [66082]
O44 - LFC:[MD5.A337491EA01F4BE0779A981CB7ACB999] - 25/04/2015 - 04:14:43 ---A- . (...) -- C:\Windows\System32\C_1361.NLS [189986]
O44 - LFC:[MD5.27E1CBE7F0DF21CA0892D16FD1961F29] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\C_1140.NLS [66082]
O44 - LFC:[MD5.2E0B152ED60DE2431DFC0C436363385E] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\C_1250.NLS [66082]
O44 - LFC:[MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\RestartManager.mof [714]
O44 - LFC:[MD5.3F75A221A01F68D6CE67FE99A868BD8F] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\RestartManagerUninstall.mof [176]
O44 - LFC:[MD5.D87FB0D2599BAE25F3A6D29589AF0D98] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\WimBootCompress.ini [2269]
O44 - LFC:[MD5.DDB99F7FE6C9875A2B0696AA06ED0223] - 25/04/2015 - 04:14:44 ---A- . (...) -- C:\Windows\System32\devmgmt.msc [145640]
O44 - LFC:[MD5.AD91FDAF3060559248146B81C12FA7FE] - 25/04/2015 - 04:14:48 ---A- . (.Windows (R) Win 7 DDK provider - SQLite is a software library that implement.) -- C:\Windows\System32\winsqlite3.dll [653104]
O44 - LFC:[MD5.2901049544FDF863362FABA2363EB647] - 25/04/2015 - 04:14:49 ---A- . (...) -- C:\Windows\System32\onlinesetup.cmd [843]
O44 - LFC:[MD5.AC27746CE65F3A7A1329BEBA7A64E08F] - 25/04/2015 - 04:14:50 ---A- . (...) -- C:\Windows\System32\comexp.msc [124118]
O44 - LFC:[MD5.7447FD17E1C9BDB920F48E7A05AE5374] - 25/04/2015 - 04:15:05 ---A- . (...) -- C:\Windows\System32\efsext.dll [27648]
O44 - LFC:[MD5.3903BCAB32A4A853DFA54962112D4D02] - 25/04/2015 - 04:15:07 ---A- . (...) -- C:\Windows\System32\slmgr.vbs [142904]
O44 - LFC:[MD5.5D27362AF3BCAA75A418F5416A35934E] - 25/04/2015 - 04:15:25 ---A- . (...) -- C:\Windows\System32\odbcconf.rsp [263]
O44 - LFC:[MD5.7111BFA692A22E4B3C07F1E6C6FF6F72] - 25/04/2015 - 04:15:36 ---A- . (...) -- C:\Windows\System32\Drivers\gmreadme.txt [646]
O44 - LFC:[MD5.7F29903CB8F5590D52DB0C9F97049A25] - 25/04/2015 - 04:15:37 ---A- . (...) -- C:\Windows\System32\Drivers\gm.dls [3440660]
O44 - LFC:[MD5.AF12D7AF9F5C4944BD613517BF1C3B26] - 25/04/2015 - 04:15:44 ---A- . (...) -- C:\Windows\System32\HrtfApo.dll [321024]
O44 - LFC:[MD5.871A849E2E4F91575A96803F7EABD947] - 25/04/2015 - 04:15:54 ---A- . (...) -- C:\Windows\System32\DefaultHrtfs.bin [8429600]
O44 - LFC:[MD5.AB058B79F2ACF2E0993B825E785ACB46] - 25/04/2015 - 04:15:54 ---A- . (...) -- C:\Windows\System32\LargeRoom.bin [475648]
O44 - LFC:[MD5.777388273810DFDEA50BB1AA84D6821C] - 25/04/2015 - 04:15:54 ---A- . (...) -- C:\Windows\System32\MediumRoom.bin [295248]
O44 - LFC:[MD5.CE69D0C9B2A6E75ECE3E50C35928FDBE] - 25/04/2015 - 04:15:54 ---A- . (...) -- C:\Windows\System32\OutdoorAudioEnvironment.bin [131248]
O44 - LFC:[MD5.7E25040A7A6FAD06463DE5A384F86D0E] - 25/04/2015 - 04:15:54 ---A- . (...) -- C:\Windows\System32\SmallRoom.bin [164048]
O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 25/04/2015 - 04:15:55 -SHA- . (...) -- C:\BOOTNXT [1]
O44 - LFC:[MD5.6C6E22A1D30816D23CC4337AFA42A26D] - 25/04/2015 - 04:15:58 ---A- . (...) -- C:\Windows\System32\CoreUIComponents.dll [2211792]
O44 - LFC:[MD5.03229055F0FAA5C2C4BEBA079490F89F] - 25/04/2015 - 04:16:05 ---A- . (...) -- C:\Windows\System32\EditBufferTestHook.dll [71680]
O44 - LFC:[MD5.C2B237A298B1FBC1A814691DDC5A8DD9] - 25/04/2015 - 04:16:05 ---A- . (...) -- C:\Windows\System32\InputService.dll [2401792]
O44 - LFC:[MD5.A57795FB3050E78FADF4B0358D511CAC] - 25/04/2015 - 04:16:05 ---A- . (...) -- C:\Windows\System32\TextInputFramework.dll [281600]
O44 - LFC:[MD5.4E47253D2F1EF626C01CECC2B702C3FF] - 25/04/2015 - 04:16:05 ---A- . (...) -- C:\Windows\System32\WpKbdLayout.dll [62976]
O44 - LFC:[MD5.E0EE279C3F7C107032F445221431A93B] - 25/04/2015 - 04:16:06 ---A- . (...) -- C:\Windows\System32\InputLocaleManager.dll [105472]
O44 - LFC:[MD5.887ACD855AE7267099CE5FF9360D4428] - 25/04/2015 - 04:16:06 ---A- . (...) -- C:\Windows\System32\WordBreakers.dll [25600]
O44 - LFC:[MD5.45B09EB2747445654C1CD2B07D2727E2] - 25/04/2015 - 04:16:08 ---A- . (...) -- C:\Windows\System32\Windows.Devices.Perception.dll [1287168]
O44 - LFC:[MD5.B6B479B04C64AF5EF36C24EBDF278302] - 25/04/2015 - 04:16:08 ---A- . (...) -- C:\Windows\System32\wpr.config.xml [726]
O44 - LFC:[MD5.ACB769EC498FB62316EAB45ADB680F22] - 25/04/2015 - 04:16:09 ---A- . (...) -- C:\Windows\System32\C_1252.NLS [66082]
O44 - LFC:[MD5.0BD539284D746E022BDA27C1F85A525A] - 25/04/2015 - 04:16:09 ---A- . (...) -- C:\Windows\System32\C_437.NLS [66594]
O44 - LFC:[MD5.3EC1A12B4841F7CCD65B12D792FC8FDA] - 25/04/2015 - 04:16:09 ---A- . (...) -- C:\Windows\System32\l_intl.nls [9926]
O44 - LFC:[MD5.B2241C7E71A7CA5B4CE86FB28FA97373] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-appcmd.searchconnector-ms [543]
O44 - LFC:[MD5.2B405BCB2A2BDEC47D35D0A921E5B10B] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-contacts.searchconnector-ms [528]
O44 - LFC:[MD5.8A063B4755E352DD772D43D5E8123BBB] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-history.searchconnector-ms [539]
O44 - LFC:[MD5.A727FC8376E18F7506A6BB6BC389E602] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-music.searchconnector-ms [525]
O44 - LFC:[MD5.80CC9D3D6A70AAA255C0FEDB4C7BB692] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-paths.searchconnector-ms [522]
O44 - LFC:[MD5.1420FE34B31CBD3B81011E03ACAD94F2] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-protocol.searchconnector-ms [530]
O44 - LFC:[MD5.E7B53AF004BEE5112F787A6E5B04D737] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [11109]
O44 - LFC:[MD5.ACB02726235DF588BF8D5A4FF54379DF] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-suggestions.searchconnector-ms [7784]
O44 - LFC:[MD5.0E3D116A4DC1D2ABDD0692C6173E09E6] - 25/04/2015 - 04:16:35 ---A- . (...) -- C:\Windows\System32\connectedsearch-zeroinput.searchconnector-ms [7152]
O44 - LFC:[MD5.3279476E39DE235B426D69CFE8DEBF55] - 25/04/2015 - 04:16:45 ---A- . (...) -- C:\Windows\System32\lusrmgr.msc [144998]
O44 - LFC:[MD5.39B85DA8AA68F25B12CD31E6AC9447EB] - 25/04/2015 - 04:16:46 ---A- . (...) -- C:\Windows\System32\MTF.dll [225792]
O44 - LFC:[MD5.0F2C89E1C9819CE291E8F7AE211247AD] - 25/04/2015 - 04:16:46 ---A- . (...) -- C:\Windows\System32\MTFServer.dll [259072]
O44 - LFC:[MD5.D384D1D884214B0437300C14A05DF572] - 25/04/2015 - 04:16:47 ---A- . (...) -- C:\Windows\System32\Drivers\NetAdapterCx.sys [66560]
O44 - LFC:[MD5.E2426F6E3330ED953B2026C0AAA72F74] - 25/04/2015 - 04:16:47 ---A- . (...) -- C:\Windows\System32\WppRecorderUM.dll [8704]
O44 - LFC:[MD5.66D58077CC739E4B8166E33AB0BA4639] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\pcl.sep [150]
O44 - LFC:[MD5.C09741B9886EF0D15EC3B1443352FB62] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\pscript.sep [51]
O44 - LFC:[MD5.81B14F1AD906AC1CF9102796C97A54FE] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\sysprint.sep [3317]
O44 - LFC:[MD5.58A67EC6B00A54A69DC364194CA171E0] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\sysprtj.sep [3666]
O44 - LFC:[MD5.31B010EF50D54D548B4B8B211F421318] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\tcpbidi.xml [1673]
O44 - LFC:[MD5.D602CA245CC6774A0981B607F0675609] - 25/04/2015 - 04:16:59 ---A- . (...) -- C:\Windows\System32\tcpmon.ini [60124]
O44 - LFC:[MD5.9C67CA295446A649E28B39B436460E71] - 25/04/2015 - 04:17:06 ---A- . (...) -- C:\Windows\System32\@OpenWithToastLogo.png [160]
O44 - LFC:[MD5.54C4E9832FFBCD9476FE4D31D837EF28] - 25/04/2015 - 04:17:08 ---A- . (.Pas de propriétaire - Application ContextH.) -- C:\Windows\System32\BWContextHandler.dll [54784]
O44 - LFC:[MD5.9971B035154F5C54948B73A86D6C6874] - 25/04/2015 - 04:17:25 ---A- . (...) -- C:\Windows\System32\@TileEmpty1x1Image.png [120]
O44 - LFC:[MD5.ED434A3EBE29070A7E0138C42482EB93] - 25/04/2015 - 04:17:27 ---A- . (...) -- C:\Windows\System32\mlang.dat [673088]
O44 - LFC:[MD5.C844CA459F3B209329984772269B6E56] - 25/04/2015 - 04:17:35 R-HA- . (...) -- C:\Windows\WindowsShell.Manifest [670]
O44 - LFC:[MD5.432FE318B461B9010B6CC42DAD8755FC] - 25/04/2015 - 04:17:53 ---A- . (...) -- C:\Windows\System32\SensorDataService.exe [918528]
O44 - LFC:[MD5.531FE5A2634D87A078017259F21D9736] - 25/04/2015 - 04:17:53 ---A- . (...) -- C:\Windows\System32\lcphrase.tbl [211938]
O44 - LFC:[MD5.D3C85593F8C4576FCF9B42AC48CA4368] - 25/04/2015 - 04:17:53 ---A- . (...) -- C:\Windows\System32\lcptr.tbl [24114]
O44 - LFC:[MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - 25/04/2015 - 04:19:34 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [3458]
O44 - LFC:[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - 25/04/2015 - 04:19:36 ---A- . (...) -- C:\Windows\WMSysPr9.prx [316640]
O44 - LFC:[MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - 25/04/2015 - 04:19:47 ---A- . (...) -- C:\Windows\System32\WpcNBModel.bin [1520828]
O44 - LFC:[MD5.B59958CD06C9F89C39281FB12F1BB233] - 25/04/2015 - 04:19:47 ---A- . (...) -- C:\Windows\System32\staticurllist.bin [526068]
O44 - LFC:[MD5.7A495CA1402C2F9F5D035092AD808669] - 25/04/2015 - 04:20:16 ---A- . (...) -- C:\Windows\System32\manage-bde.wsf [874]
O44 - LFC:[MD5.D7936DB0183356DD94873AC36E57061F] - 25/04/2015 - 04:20:45 ---A- . (...) -- C:\Windows\Professional.xml [30628]
O44 - LFC:[MD5.1D67521AB45143FBB026BD9F35C207B3] - 25/04/2015 - 04:21:36 ---A- . (...) -- C:\Windows\System32\diagtrack_win.dll [355328]
O44 - LFC:[MD5.8E4F97AAE77AC5C3C79327E66FA1B693] - 25/04/2015 - 04:21:37 ---A- . (...) -- C:\Windows\System32\ResPriImageList [7408]
O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 25/04/2015 - 04:21:37 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429]
O44 - LFC:[MD5.67313E787BB3491E63D87073C2146A3F] - 25/04/2015 - 04:21:56 ---A- . (...) -- C:\Windows\System32\SecurityAndMaintenance.png [15803]
O44 - LFC:[MD5.B9553012DFF98EFAB0DF2AA1A9F73DDB] - 25/04/2015 - 04:21:56 ---A- . (...) -- C:\Windows\System32\SecurityAndMaintenance_Alert.png [28567]
O44 - LFC:[MD5.77D77E42887A67A4D5C71E2B2CA94AE1] - 25/04/2015 - 04:21:56 ---A- . (...) -- C:\Windows\System32\SecurityAndMaintenance_Error.png [30747]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\ShiftJIS.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\SubRange.uce [93702]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 25/04/2015 - 04:22:04 ---A- . (...) -- C:\Windows\System32\korean.uce [12876]
O44 - LFC:[MD5.E0974EE3F592223A950B3B0C04797212] - 25/04/2015 - 04:23:43 ---A- . (...) -- C:\Windows\System32\WindowsCodecsRaw.txt [1649]
O44 - LFC:[MD5.9D6B8FC71167D22849424084F0F3D9E9] - 25/04/2015 - 04:23:47 ---A- . (...) -- C:\Windows\System32\xpsrchvw.xml [76060]
O44 - LFC:[MD5.14899A13E6D2F655B07FDAF643F79712] - 25/04/2015 - 04:24:47 ---A- . (.Windows (R) Win 7 DDK provider - DSC.) -- C:\Windows\System32\DscCoreConfProv.dll [199680]
O44 - LFC:[MD5.286A9EDB379DC3423A528B0864A0F111] - 25/04/2015 - 04:29:21 ---A- . (...) -- C:\Windows\system.ini [219]
O44 - LFC:[MD5.23CF8138F49416231807E6DE371FB9E6] - 25/04/2015 - 04:29:21 ---A- . (...) -- C:\Windows\win.ini [92]
O44 - LFC:[MD5.D638E3AD81E149A75EEF59E9C743E27C] - 25/04/2015 - 04:29:30 ---A- . (...) -- C:\Windows\System32\AutoWorkplace.exe.config [389]
O44 - LFC:[MD5.664AA698FC0106A2B075A641E8DC6302] - 25/04/2015 - 04:29:31 ---A- . (...) -- C:\Windows\System32\DefaultQuestions.json [858]
O44 - LFC:[MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - 25/04/2015 - 04:29:31 ---A- . (...) -- C:\Windows\System32\dssec.dat [215943]
O44 - LFC:[MD5.DE78E0C57BC478D47CC2F470B68E1A45] - 25/04/2015 - 04:29:32 ---A- . (...) -- C:\Windows\System32\NOISE.DAT [741]
O44 - LFC:[MD5.84B8C5BEA03C01B8121E1509D51B1F68] - 25/04/2015 - 04:29:32 ---A- . (...) -- C:\Windows\System32\OEMDefaultAssociations.xml [11823]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 25/04/2015 - 04:29:32 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 25/04/2015 - 04:29:33 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988]
O44 - LFC:[MD5.6E895B40DE47E003A7054A1B00328C91] - 25/04/2015 - 05:07:48 ---A- . (...) -- C:\Windows\lsasetup.log [1344]
O44 - LFC:[MD5.E64DD11ABF62677F934F622284EE57F7] - 25/04/2015 - 05:10:06 ---A- . (...) -- C:\Windows\System32\WIN-SJUIO6QOOVU_Administrator_ploc_HistoryPrediction.bin [16148]
O44 - LFC:[MD5.4856202475EFE0D66FA11EE1DCF6D0D3] - 25/04/2015 - 09:18:43 ---A- . (...) -- C:\Windows\System32\printmanagement.msc [146389]
O44 - LFC:[MD5.2BC2546831B054680C6F59888F295E44] - 25/04/2015 - 09:18:47 ---A- . (...) -- C:\Windows\System32\secpol.msc [120458]
O44 - LFC:[MD5.6C054DA115C2CA2C523ABD159ED7814B] - 25/04/2015 - 09:18:56 ---A- . (...) -- C:\Windows\System32\gpedit.msc [147439]
O44 - LFC:[MD5.49525986566A050AA233A428AA50D83F] - 25/04/2015 - 09:18:56 ---A- . (...) -- C:\Windows\System32\rsop.msc [43566]
O44 - LFC:[MD5.C64ACE23F23FD4F3FA33657341696B9D] - 26/04/2015 - 06:14:40 ---A- . (...) -- C:\Windows\System32\weretw.dll [194824]
O44 - LFC:[MD5.0607AE19D1AACF87AFD680D2062CFC3C] - 29/04/2015 - 08:06:27 ---A- . (...) -- C:\Windows\DtcInstall.log [2133]
O44 - LFC:[MD5.0C8A31FDCB9279786609E5E21EF85A94] - 29/04/2015 - 08:12:00 ---A- . (...) -- C:\Windows\System32\WIN-NJDUSSMUKDL_defaultuser0_HistoryPrediction.bin [16148]
O44 - LFC:[MD5.4D81C0A2CAA29B06AAF0B178B66592D6] - 29/04/2015 - 08:15:21 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [1952722]
O44 - LFC:[MD5.017BE0BD6DDB8CB860FA68694783C447] - 29/04/2015 - 08:29:34 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [17616]
O44 - LFC:[MD5.07DCB317FE99D1892060348CC1E8400F] - 29/04/2015 - 13:44:00 ---A- . (...) -- C:\Windows\System32\WIN-NJDUSSMUKDL_Australien_HistoryPrediction.bin [16148]
O44 - LFC:[MD5.AF362364C5DF750A7352B3880849B203] - 29/04/2015 - 19:43:05 ---A- . (...) -- C:\Windows\certenroll.log [782]
O44 - LFC:[MD5.1336D2BBC7A34F53AC4B8933A6A9A743] - 29/04/2015 - 21:28:38 ---A- . (...) -- C:\Windows\WindowsUpdate_AU_deprecated.log [24017]
O44 - LFC:[MD5.806F8591720379121C3FD5E9AB01AB00] - 29/04/2015 - 22:59:04 ---A- . (...) -- C:\Windows\System32\NetSetupSvc.log [1836]
O44 - LFC:[MD5.0C3AB396F8550FCD30A2C1113A1C406D] - 30/04/2015 - 00:05:54 ---A- . (...) -- C:\Windows\System32\AUSTRALIEN_Australien_HistoryPrediction.bin [16148]
~ Files: 3971 Legitimates Filtered in 00mn 10s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "DSCAutomationHostEnabled"=2
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:25/04/2015 - 04:12:24 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:25/04/2015 - 04:12:29 ---A- . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\Windows\System32\Drivers\ibbus.sys [424936]
O58 - SDL:25/04/2015 - 04:12:28 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [59880]
O58 - SDL:25/04/2015 - 04:12:28 ---A- . (.Mellanox - MLX4 Bus Driver.) -- C:\Windows\System32\Drivers\mlx4_bus.sys [705512]
O58 - SDL:25/04/2015 - 04:12:28 ---A- . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\Windows\System32\Drivers\ndfltr.sys [76264]
O58 - SDL:25/04/2015 - 04:16:47 ---A- . (...) -- C:\Windows\System32\Drivers\NetAdapterCx.sys [66560]
O58 - SDL:25/04/2015 - 04:12:29 ---A- . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\percsas3i.sys [58856]
O58 - SDL:25/04/2015 - 04:12:29 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31208]
O58 - SDL:25/04/2015 - 04:13:38 ---A- . (...) -- C:\Windows\System32\Drivers\Udecx.sys [43008]
O58 - SDL:25/04/2015 - 04:12:28 ---A- . (.Mellanox - Kernel WinMad.) -- C:\Windows\System32\Drivers\winmad.sys [27112]
O58 - SDL:25/04/2015 - 04:12:29 ---A- . (.Mellanox - Kernel WinVerbs.) -- C:\Windows\System32\Drivers\winverbs.sys [59368]
~ Drivers: 41 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 29/04/2015 - 01:39:23 ---A- . (...) -- C:\Users\Australien\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\CollectOneDriveLogs.bat [5843]
O61 - LFC: 29/04/2015 - 01:39:23 ---A- . (...) -- C:\Users\Australien\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [430255]
O61 - LFC: 29/04/2015 - 01:39:23 ---A- . (...) -- C:\Users\Australien\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992]
~ 19 Fichiers temporaires (Temporary files)
~ 11 Fichiers cookies (Cookies files)
~ Files: 37 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 25/04/2015 918528 | (SensorDataService) . (...) - C:\Windows\System32\SensorDataService.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 31/01/2015 878400 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 31/01/2015 1258312 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 29/04/2015 293080 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 30/03/2015 3903032 | (Windows10FirewallService) . (.Sphinx Software.) - C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
SR - | Demand 25/04/2015 39992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Australien at 30/04/2015 01:39:56
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Australien at 30/04/2015 01:39:58
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (28/04/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 166350 Items scanned in 00mn 23s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



~ 4411 Legitimates filtered by white list
End of the scan (582 lines in 01mn 39s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité