Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01 Ran by Bill Gates (administrator) on BILLGATES-HP on 31-01-2014 22:15:15 Running from C:\Users\Bill Gates\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe () C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe (Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Akamai Technologies, Inc.) C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe () C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick-connector.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-08-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [612872 2014-01-03] (EasyBits Software AS) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-08] (RealNetworks, Inc.) HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Bill Gates\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-04] () HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) HKCU\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [945856 2013-03-06] (Microsoft Corporation) HKCU\...\Run: [SkyDrive] - C:\Users\Bill Gates\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-15] (Microsoft Corporation) HKCU\...\Run: [Google Update] - C:\Users\Bill Gates\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-20] (Google Inc.) HKU\OA\...\Run: [Google Update] - C:\Users\OA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-29] (Google Inc.) HKU\OA\...\Run: [DAEMON Tools Lite] - C:\Users\Bill Gates\Documents\DT\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd) HKU\OA\...\Policies\system: [DisableLockWorkstation] 0 HKU\OA\...\Policies\system: [DisableChangePassword] 0 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DB3BFB7E9CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=http://www.ebay.fr/sch/i.html?_nkw={searchTerms} SearchScopes: HKLM - {E2F3799C-66D3-4E63-A94A-852705019087} URL = http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks: - {E54729E8-643D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook64.dll [773192 2014-01-06] () ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] ShellExecuteHooks-x32: - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook32.dll [484936 2014-01-06] () ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 FireFox: ======== FF ProfilePath: C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: google.fr FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll () FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @ogplanet.com/npOGPPlugin - C:\Windows\system32\npOGPPlugin.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bill Gates\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Bill Gates\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-france.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\cnrtl-tlfi-fr.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-france.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-france.xml FF Extension: DownloadHelper - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-30] FF Extension: DebrideurStreaming - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi [2014-01-03] FF Extension: Adblock Plus - C:\Users\Bill Gates\AppData\Roaming\Mozilla\Firefox\Profiles\biwm1wgv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-24] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] Chrome: ======= CHR HomePage: https://www.google.fr/ CHR Extension: (Adblock Plus) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-28] CHR Extension: (Readium) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-01-19] CHR Extension: (AdBlock) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-28] CHR Extension: (Google Wallet) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (DebrideurStreaming - Add-On) - C:\Users\Bill Gates\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipaffcpmobohfilpejhaciheebhaaej [2013-11-28] CHR HKLM-x32\...\Chrome\Extension: [dbpebffoameokfhnaaedmefjncfboino] - C:\Program Files (x86)\SecretSauce\dbpebffoameokfhnaaedmefjncfboino.crx [2013-11-28] CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-28] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR StartMenuInternet: Google Chrome - C:\Users\Bill Gates\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-13] (Avira Operations GmbH & Co. KG) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent) R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard) R2 InstallClick; C:\Program Files (x86)\RIFT Technologies\InstallClick Connector\installclick.exe [149872 2012-06-06] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-01-05] () R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-13] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-26] (DT Soft Ltd) S3 GGSAFERDriver; C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [27744 2012-12-30] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.) S3 X6va005; \??\C:\Users\BILLGA~1\AppData\Local\Temp\005B19E.tmp [x] S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x] S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [x] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atikmdag.sys F784F9BF32E708C71A63220E89A58496 C:\Windows\System32\DRIVERS\atikmpag.sys 43FD45C0DFE0A0FF2B8BE0D4AC165E18 C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72 C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bcmwl664.sys 9E84A931DBEE0292E38ED672F6293A99 C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\clwvd.sys 50F92C943F18B070F166D019DFAB3D9A C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8 C:\Windows\System32\drivers\dxgkrnl.sys 53BD875C7C0808235BFB803C1A8BE009 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Program Files (x86)\Garena Plus\Room\safedrv.sys 9C50A5AD2218F133E48F9F35B749E9F4 C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99 C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381 C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\igdpmd64.sys 33FAA40B288002C89529DBD14F3AB72C C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64 C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910 C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567 C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netr28x.sys 31609B481CC202BFB441E37FEBCDEA05 C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RtsPStor.sys 6E5C3D18C3BCC72AA527DBC5FA61AB8F C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys 9140DB0911DE035FED0A9A77A2D156EA C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit C:\Windows\system32\drivers\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8 C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04 C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\stwrt64.sys EBC1A5E076A9BE314D3D9E8ED19ABB0A C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\SynTP.sys AC3CC98B1BDB6540021D3FFB105AC2B9 C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24 C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys 0C0195C48B6B8582FA6F6373032118DA C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-31 22:09 - 2014-01-31 22:15 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt 2014-01-31 22:07 - 2014-01-31 22:15 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt 2014-01-31 22:06 - 2014-01-31 22:15 - 00000000 ____D C:\FRST 2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe 2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip 2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp 2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk 2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty 2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty 2014-01-26 23:41 - 2014-01-26 23:50 - 00000169 _____ C:\Windows\SysWOW64\test.aok 2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk 2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2014-01-26 17:38 - 2014-01-30 22:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2014-01-26 14:50 - 2014-01-26 14:51 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip 2014-01-25 22:25 - 2014-01-25 22:26 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe 2014-01-24 16:11 - 2014-01-24 16:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images 2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp 2014-01-20 06:59 - 2014-01-20 07:00 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp 2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe 2014-01-18 17:52 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-18 17:51 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-01-18 17:51 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-01-18 17:51 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk 2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-01-16 20:17 - 2014-01-16 21:49 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt 2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits 2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx 2014-01-16 00:01 - 2014-01-16 01:58 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp 2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx 2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx 2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx 2014-01-15 23:50 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx 2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt 2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt 2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt 2014-01-15 11:46 - 2014-01-15 11:47 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie 2014-01-15 10:52 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 10:52 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 10:52 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 10:52 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx 2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt 2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample 2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip 2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip 2014-01-12 15:12 - 2014-01-16 20:03 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique 2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F} 2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip 2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip 2014-01-08 22:13 - 2014-01-08 22:14 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip 2014-01-08 18:36 - 2014-01-08 19:03 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids 2014-01-08 00:18 - 2013-12-17 18:21 - 00000701 _____ C:\Users\Bill Gates\Desktop\Nouveau Document texte.txt 2014-01-06 23:58 - 2014-01-08 18:40 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk 2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll 2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll 2014-01-06 23:57 - 2014-01-06 23:59 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2) 2014-01-06 23:57 - 2014-01-06 23:58 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe 2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm 2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk 2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe 2014-01-06 21:59 - 2014-01-06 22:00 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2014-01-06 21:56 - 2014-01-06 21:57 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe 2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant 2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip 2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip 2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip 2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip 2014-01-05 17:25 - 2014-01-05 17:26 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv 2014-01-05 17:13 - 2014-01-05 17:36 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv 2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD} 2014-01-05 16:07 - 2014-01-05 16:08 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx 2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel 2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr 2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe 2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe 2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2014-01-02 04:36 - 2014-01-07 07:50 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test 2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507} 2014-01-01 18:23 - 2014-01-01 18:25 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano ==================== One Month Modified Files and Folders ======= 2014-01-31 22:15 - 2014-01-31 22:09 - 00051924 _____ C:\Users\Bill Gates\Desktop\Addition.txt 2014-01-31 22:15 - 2014-01-31 22:07 - 00042057 _____ C:\Users\Bill Gates\Desktop\FRST.txt 2014-01-31 22:15 - 2014-01-31 22:06 - 00000000 ____D C:\FRST 2014-01-31 22:12 - 2012-04-03 11:29 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-31 22:10 - 2013-05-11 16:49 - 01953792 ___SH C:\Users\Bill Gates\Desktop\Thumbs.db 2014-01-31 22:07 - 2012-03-29 20:34 - 00000000 ____D C:\Users\OA 2014-01-31 22:05 - 2014-01-31 22:05 - 02079744 _____ (Farbar) C:\Users\Bill Gates\Desktop\FRST64.exe 2014-01-31 21:57 - 2013-04-23 17:02 - 01059169 _____ C:\Windows\WindowsUpdate.log 2014-01-31 21:55 - 2013-11-12 17:48 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000UA.job 2014-01-31 21:35 - 2013-10-18 00:54 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003UA.job 2014-01-31 21:25 - 2012-07-05 04:23 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-31 20:13 - 2011-11-04 22:50 - 00745534 _____ C:\Windows\system32\perfh00C.dat 2014-01-31 20:13 - 2011-11-04 22:50 - 00149020 _____ C:\Windows\system32\perfc00C.dat 2014-01-31 20:13 - 2009-07-14 06:13 - 01662638 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\PMB Files 2014-01-31 19:36 - 2012-03-29 17:42 - 00000000 ____D C:\ProgramData\PMB Files 2014-01-31 17:25 - 2012-07-05 04:23 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-31 17:10 - 2013-12-06 18:52 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBill Gates 2014-01-31 17:10 - 2013-12-06 18:52 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBill Gates.job 2014-01-31 17:00 - 2012-04-06 15:28 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-01-31 17:00 - 2012-03-30 15:26 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log 2014-01-31 06:55 - 2013-11-12 17:48 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1000Core.job 2014-01-31 06:30 - 2012-04-13 20:17 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\Adobe 2014-01-31 06:29 - 2013-10-18 00:54 - 00001014 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2068963316-1541744968-104418768-1003Core.job 2014-01-30 23:20 - 2014-01-30 23:20 - 08685681 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.L2SV_S4_2014.Cours.zip 2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-30 22:43 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-30 22:38 - 2014-01-26 17:38 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS 2014-01-30 21:40 - 2012-06-09 10:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\vlc 2014-01-30 21:14 - 2014-01-30 21:14 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk 2014-01-30 21:10 - 2014-01-30 21:10 - 00000000 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Piratage informatique Virage morte.3gp 2014-01-30 18:48 - 2012-04-12 16:43 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBILLGATES-HP$ 2014-01-30 18:48 - 2012-04-12 16:43 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForBILLGATES-HP$.job 2014-01-28 22:38 - 2013-05-10 22:07 - 00000000 ___RD C:\Users\Bill Gates\SkyDrive 2014-01-28 22:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-27 23:42 - 2012-03-30 17:20 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\CrashDumps 2014-01-26 23:58 - 2014-01-26 23:58 - 00001402 _____ C:\Users\Bill Gates\Desktop\WinX Free FLV to 3GP Converter.lnk 2014-01-26 23:58 - 2014-01-26 23:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\Digiarty 2014-01-26 23:57 - 2014-01-26 23:57 - 00000000 ____D C:\Program Files (x86)\Digiarty 2014-01-26 23:50 - 2014-01-26 23:41 - 00000169 _____ C:\Windows\SysWOW64\test.aok 2014-01-26 23:41 - 2014-01-26 23:41 - 00001283 _____ C:\Users\OA\Desktop\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk 2014-01-26 23:41 - 2014-01-26 23:41 - 00000000 ____D C:\Program Files (x86)\FLV to AVI MPEG WMV 3GP MP4 iPod Converter 2014-01-26 14:51 - 2014-01-26 14:50 - 07377710 _____ C:\Users\Bill Gates\Desktop\Devoirs_géographie.zip 2014-01-25 22:26 - 2014-01-25 22:25 - 03792384 _____ C:\Users\Bill Gates\Desktop\RogueKiller.exe 2014-01-24 16:12 - 2014-01-24 16:11 - 00000000 ____D C:\Users\Bill Gates\Desktop\Nokia Images 2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute-1.3gp 2014-01-20 07:00 - 2014-01-20 06:59 - 31343908 _____ C:\Users\Bill Gates\Desktop\Les Enquêtes Impossibles, Mort sans filtre Meurtres en haute.3gp 2014-01-18 17:54 - 2014-01-18 17:54 - 00921000 _____ (Oracle Corporation) C:\Users\Bill Gates\Downloads\chromeinstall-7u51.exe 2014-01-18 17:53 - 2013-10-18 19:22 - 00000000 ____D C:\ProgramData\Oracle 2014-01-18 17:51 - 2014-01-18 17:51 - 00005310 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log 2014-01-18 17:51 - 2013-07-19 15:24 - 00000000 ____D C:\Program Files (x86)\Java 2014-01-18 11:25 - 2014-01-18 11:25 - 00002217 _____ C:\Users\Bill Gates\Desktop\HP Support Assistant.lnk 2014-01-18 11:25 - 2011-11-04 14:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2014-01-18 11:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2014-01-18 11:21 - 2011-11-04 14:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2014-01-18 11:18 - 2014-01-18 11:18 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-01-18 11:16 - 2011-11-04 14:38 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2014-01-18 11:06 - 2011-02-10 20:23 - 00000000 ____D C:\SWSetup 2014-01-16 21:49 - 2014-01-16 20:17 - 00009552 _____ C:\Users\Bill Gates\Desktop\Robot.odt 2014-01-16 20:03 - 2014-01-12 15:12 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique 2014-01-16 18:28 - 2014-01-16 18:28 - 00000000 ____D C:\ProgramData\Easybits 2014-01-16 18:27 - 2009-07-14 05:45 - 00732000 _____ C:\Windows\system32\FNTCACHE.DAT 2014-01-16 03:05 - 2013-07-13 02:18 - 00000000 ____D C:\Windows\system32\MRT 2014-01-16 03:01 - 2012-03-31 17:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-01-16 01:58 - 2014-01-16 00:01 - 01306842 _____ C:\Users\Bill Gates\Desktop\Genie Robotique.odp 2014-01-16 00:38 - 2014-01-16 00:38 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (2).pptx 2014-01-15 23:55 - 2014-01-15 23:55 - 00479766 _____ C:\Users\Bill Gates\Downloads\TS103431374.potx 2014-01-15 23:52 - 2014-01-15 23:52 - 00964025 _____ C:\Users\Bill Gates\Downloads\TS102895266.potx 2014-01-15 23:51 - 2014-01-15 23:51 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026 (1).potx 2014-01-15 23:51 - 2014-01-15 23:50 - 00988473 _____ C:\Users\Bill Gates\Downloads\TS102901026.potx 2014-01-15 20:05 - 2014-01-15 20:05 - 00046378 _____ C:\Users\Bill Gates\Desktop\ZHPDiag.txt 2014-01-15 19:59 - 2013-10-16 20:48 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\ZHP 2014-01-15 19:58 - 2013-10-16 20:49 - 00000040 _____ C:\Users\Bill 2014-01-15 19:55 - 2013-07-17 22:40 - 00000000 ____D C:\Program Files (x86)\ZHPDiag 2014-01-15 19:52 - 2014-01-15 19:52 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFix[R1].txt 2014-01-15 19:50 - 2014-01-15 19:50 - 00001869 _____ C:\Users\Bill Gates\Desktop\ZHPFixReport.txt 2014-01-15 11:47 - 2014-01-15 11:46 - 00000000 ____D C:\Users\Bill Gates\Desktop\TD Outil Logistique - Copie 2014-01-15 10:43 - 2013-09-27 20:13 - 00000000 ____D C:\Users\Bill Gates\AppData\Roaming\CodeBlocks 2014-01-14 20:53 - 2014-01-14 20:53 - 00125360 _____ C:\Users\Bill Gates\Downloads\exposé (1).pptx 2014-01-13 01:11 - 2014-01-13 01:11 - 00267415 _____ C:\Users\Bill Gates\Downloads\PS22_TD2_val_moy_eff_A08_ericb.odt 2014-01-12 21:40 - 2014-01-12 21:40 - 00000000 ____D C:\Users\Bill Gates\Desktop\Fl Studio Sample 2014-01-12 21:39 - 2014-01-12 21:39 - 00471412 _____ C:\Users\Bill Gates\Downloads\Strong Hip-Hop Producciones - A Millie.zip 2014-01-12 15:16 - 2014-01-12 15:16 - 00886351 _____ C:\Users\Bill Gates\Desktop\TD Outil Logistique.zip 2014-01-11 18:21 - 2014-01-11 18:21 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{9D76FAB4-C59A-4206-B385-F5AC4ABFB58F} 2014-01-08 22:25 - 2012-05-31 07:20 - 00000000 ____D C:\Users\Bill Gates\Documents\Nicolas Dossiers 2014-01-08 22:23 - 2014-01-08 22:23 - 19924635 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4O2.complete.zip 2014-01-08 22:22 - 2014-01-08 22:22 - 55299730 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4P5.complete.zip 2014-01-08 22:14 - 2014-01-08 22:13 - 08118782 _____ C:\Users\Bill Gates\Downloads\Elearning Smbh.S4F1.complete.zip 2014-01-08 19:03 - 2014-01-08 18:36 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids 2014-01-08 19:03 - 2011-11-04 14:47 - 00001881 _____ C:\Users\Public\Desktop\Magic Desktop.lnk 2014-01-08 18:40 - 2014-01-06 23:58 - 00001020 _____ C:\Users\Public\Desktop\Magic Control.lnk 2014-01-08 05:39 - 2012-03-29 11:59 - 00000000 ____D C:\Users\Bill Gates\Documents\Youcam 2014-01-08 03:04 - 2012-04-28 02:29 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-08 03:04 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini 2014-01-08 00:20 - 2012-03-29 20:35 - 00003940 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{079F9E90-17B0-44CB-ACA6-4E05982DC2DC} 2014-01-07 07:50 - 2014-01-02 04:36 - 00000000 ____D C:\Users\Bill Gates\Desktop\Test 2014-01-07 02:42 - 2013-10-20 20:47 - 00000000 ____D C:\Users\OA\AppData\Roaming\CodeBlocks 2014-01-06 23:59 - 2014-01-06 23:57 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids - Backup (2) 2014-01-06 23:58 - 2014-01-06 23:58 - 00773192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll 2014-01-06 23:58 - 2014-01-06 23:58 - 00484936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll 2014-01-06 23:58 - 2014-01-06 23:57 - 00176488 _____ (*Rapiddown*) C:\Users\OA\Downloads\Psn Code Generator 2013 (2).exe 2014-01-06 23:58 - 2011-11-04 14:47 - 00325640 _____ (Easybits Software AS) C:\Windows\SysWOW64\ezseng.exe 2014-01-06 23:56 - 2014-01-06 23:56 - 00013788 _____ C:\Users\OA\Documents\Magic Desktop Coupon.htm 2014-01-06 23:56 - 2014-01-06 23:56 - 00001328 _____ C:\Users\OA\Desktop\Continue Key Generator Setup.lnk 2014-01-06 23:54 - 2014-01-06 23:54 - 00622544 _____ (Key Generator Setup) C:\Users\OA\Downloads\Psn Gift Code Generator 2013.exe 2014-01-06 22:00 - 2014-01-06 21:59 - 00000000 ____D C:\Users\OA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2014-01-06 21:59 - 2013-12-28 22:10 - 00001091 _____ C:\Users\OA\Desktop\CodeBlocks.lnk 2014-01-06 21:59 - 2013-12-28 22:10 - 00000000 ____D C:\Program Files (x86)\CodeBlocks 2014-01-06 21:57 - 2014-01-06 21:56 - 100600973 _____ (The Code::Blocks Team) C:\Users\OA\Downloads\codeblocks-12.11mingw-setup.exe 2014-01-06 21:52 - 2014-01-06 21:52 - 00000000 ____D C:\Users\OA\Desktop\Croissant Decroissant 2014-01-06 21:48 - 2013-12-24 23:05 - 00000000 ____D C:\Users\Bill Gates\Desktop\TP9 2014-01-05 20:14 - 2014-01-05 20:14 - 00180805 _____ C:\Users\Bill Gates\Downloads\moteur-asynchrone-triphas.zip 2014-01-05 19:09 - 2014-01-05 19:09 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri (1).zip 2014-01-05 19:08 - 2014-01-05 19:08 - 03768672 _____ C:\Users\Bill Gates\Downloads\Energie tri.zip 2014-01-05 18:51 - 2014-01-05 18:51 - 03899748 _____ C:\Users\Bill Gates\Downloads\Energie.zip 2014-01-05 17:36 - 2014-01-05 17:13 - 308414305 _____ C:\Users\Bill Gates\Downloads\VID_20140105_164600.wmv 2014-01-05 17:26 - 2014-01-05 17:25 - 82911167 _____ C:\Users\Bill Gates\Desktop\tekkenTag2Feng.wmv 2014-01-05 16:58 - 2014-01-05 16:58 - 00000000 ____D C:\Users\Bill Gates\AppData\Local\{E8B7541D-26CF-4C16-BB92-49BE67A338CD} 2014-01-05 16:08 - 2014-01-05 16:07 - 00120855 _____ C:\Users\Bill Gates\Downloads\exposé.pptx 2014-01-04 21:26 - 2012-04-24 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2014-01-04 05:12 - 2012-07-09 05:33 - 00000000 ____D C:\Users\Bill Gates\Documents\Vicnesh Dossiers 2014-01-03 14:32 - 2014-01-03 14:32 - 00004324 _____ C:\Users\Bill Gates\.recently-used.xbel 2014-01-03 14:32 - 2012-03-29 11:53 - 00000000 ____D C:\Users\Bill Gates 2014-01-03 12:00 - 2014-01-03 12:00 - 01376264 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezShell7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 01331200 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezBook7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 01030664 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezPrint7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00750592 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezUtils7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00738888 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScrSvr.scr 2014-01-03 12:00 - 2014-01-03 12:00 - 00682504 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezLicPrompt7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00654920 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezScore7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00605704 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezEMail7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00571976 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMenu7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00526344 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezMDUninstall.exe 2014-01-03 12:00 - 2014-01-03 12:00 - 00348680 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezHints7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00332296 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezWizard7.dll 2014-01-03 12:00 - 2014-01-03 12:00 - 00257032 _____ (EasyBits Software AS) C:\Windows\SysWOW64\ezSetupMgr.exe 2014-01-02 06:11 - 2014-01-02 06:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2014-01-02 04:35 - 2014-01-02 04:35 - 00003222 _____ C:\Windows\System32\Tasks\{7800B4EF-54E5-4AC0-A07F-A94659B62507} 2014-01-01 18:25 - 2014-01-01 18:23 - 00000000 ____D C:\Users\Bill Gates\Desktop\Beyond two souls piano Some content of TEMP: ==================== C:\Users\Bill Gates\AppData\Local\Temp\avgnt.exe C:\Users\Bill Gates\AppData\Local\Temp\vlc-2.1.2-win32.exe C:\Users\OA\AppData\Local\Temp\6_Offer_17.exe C:\Users\OA\AppData\Local\Temp\avgnt.exe C:\Users\OA\AppData\Local\Temp\DownloadManager.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} extendedinput Yes default {current} resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102} displayorder {current} toolsdisplayorder {memdiag} timeout 30 customactions 0x1000085000001 0x5400000f custom:5400000f {7a5ba12a-24a2-11e1-b024-83d0fe2948fc} Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale fr-FR inherit {bootloadersettings} recoverysequence {7a5ba12a-24a2-11e1-b024-83d0fe2948fc} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {158181c0-9a00-11db-8a1d-b11d19fd3102} nx OptIn Chargeur de d‚marrage Windows ----------------------------- identificateur {572bcd60-ffa7-11d9-aae0-0007e994107d} device ramdisk=[boot]\sources\boot.wim,{ramdiskoptions} path \windows\system32\boot\winload.exe description Microsoft Windows PE 2.0 osdevice ramdisk=[boot]\sources\boot.wim,{ramdiskoptions} systemroot \windows detecthal Yes winpe Yes ems Yes Chargeur de d‚marrage Windows ----------------------------- identificateur {7a5ba12a-24a2-11e1-b024-83d0fe2948fc} device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{7a5ba12b-24a2-11e1-b024-83d0fe2948fc} systemroot \windows nx OptIn winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {158181c0-9a00-11db-8a1d-b11d19fd3102} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems Yes ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {7a5ba12b-24a2-11e1-b024-83d0fe2948fc} description Ramdisk Options ramdisksdidevice partition=D: ramdisksdipath \Recovery\WindowsRE\boot.sdi Options Ramdisk du programme d'installation ------------------------------------------- identificateur {ramdiskoptions} description Ramdisk Options ramdisksdidevice boot ramdisksdipath \boot\boot.sdi LastRegBack: 2014-01-29 22:27 ==================== End Of Log ============================