~ Rapport de ZHPDiag v2015.3.29.33 - Nicolas Coolman  (29/03/2015)
~ Lancé par Administrateur (01/04/2015 15:47:20)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.5730.13 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Logiciels de protection du système

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player Plugin
Adobe Reader 8.1.2 - Français

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 503 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 93 GB (94%) free of 98 GB

---\\ Mode de connexion au système
~ Computer Name: SWEET-95AB1F0E4
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Administrateur\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 93 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 98 Go)
E: Hard drive, Flash drive, Thumb drive (Free 2 Go of 84 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Free 0 Go of 0 Go)
I: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.78B6A4915684E96F4DFE1645B6C90A39] - (.Microsoft Corporation - Explorateur Windows.) (.25/06/2008 - 18:30:17.) -- C:\WINDOWS\Explorer.exe [1601536]
[MD5.B8FCD84F253A7EB9F14DE1163FD68379] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/06/2008 - 18:31:07.) -- C:\WINDOWS\system32\wininet.dll [971264]
[MD5.DE669722494CF41F6E39A62B3B08525C] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.25/06/2008 - 18:31:07.) -- C:\WINDOWS\system32\Winlogon.exe [561152]
[MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/06/2008 - 18:29:53.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 12:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.25/06/2008 - 18:29:57.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.25/06/2008 - 18:29:58.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.25/06/2008 - 18:30:17.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.25/06/2008 - 18:30:19.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.25/06/2008 - 18:30:21.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.25/06/2008 - 18:30:22.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.25/06/2008 - 18:30:24.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.25/06/2008 - 18:30:23.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.25/06/2008 - 18:30:30.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.25/06/2008 - 18:30:43.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.25/06/2008 - 18:30:47.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.25/06/2008 - 18:30:13.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.25/06/2008 - 18:30:53.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/06/2008 - 18:31:05.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 2/86
~ Mon Bureau (My Desktop) : 0/4
~ Menu demarrer (Programs) : 1/64
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648] [PID.1364]
[MD5.5EE43A644A38B717F2BCF32BE7D04E62] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe   [122880] [PID.2040]
[MD5.5D4AEE7958F96E91B42A112A0ED6AA70] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe   [106496] [PID.140]
[MD5.05830C930C90B3ED5F7D4E11C5CC9F89] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe   [143360] [PID.208]
[MD5.5BDB73A72DF2D271E236C2DFBDA7373E] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe   [43520] [PID.248]
[MD5.DF9539CFE88978D7C2150C65440C6652] - (.DAEMON'S HOME - Virtual DAEMON Manager.) -- C:\Program Files\D-Tools\daemon.exe   [110592] [PID.272]
[MD5.A999702EB96C16C66DD4F2D12CE1B0E4] - (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe   [37888] [PID.440]
[MD5.25F3D590811CD1DA50696C8B83B61AB5] - (.Microsoft Corporation - Application MFC WORDPAD.) -- C:\Program Files\Windows NT\Accessoires\WORDPAD.exe   [321024] [PID.2568]
[MD5.EE8961506F0D89AF7CFACAD08D27872E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8218624] [PID.2764]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 1.0.30401.0.) -- c:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2852] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1662] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
~ Firefox Browser: 9 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} . (.IniCom Networks, Inc. - Pas de description.) -- C:\Program Files\FlashFXP\IEFlash.dll
~ BHO: 12 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe 
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe 
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe 
O4 - HKLM\..\Run: [Mmm] . (...) -- C:\WINDOWS\system32\mmm.exe 
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe 
O4 - HKLM\..\Run: [DAEMON Tools-1033] . (.DAEMON'S HOME - Virtual DAEMON Manager.) -- C:\Program Files\D-Tools\daemon.exe 
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe 
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe 
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe 
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe 
O4 - HKCU\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe 
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 
O4 - HKUS\S-1-5-19\..\RunOnce: [IE7-10] rundll32 advpack.dll,LaunchINFSectionEx NR_IE7en.inf,AfterUserStart,,4,N 
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 
O4 - HKUS\S-1-5-21-1547161642-790525478-1417001333-500\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe 
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 5 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc
~ Services: 1 Scanned in 00mn 01s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job   [1052]
~ Scheduled Task: 6 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\WINDOWS\system32\iedkcs32.dll
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe  =>.Microsoft Corporation
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_06\bin\regutils.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf  =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0  r124.) -- C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
O40 - ASIC: Installed Component - S-1-5-21-1547161642-790525478-1417001333-500 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-1547161642-790525478-1417001333-500 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 21 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver:  (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver:  (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver:  (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver:  (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver:  (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver:  (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 60 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ACDSee 10 Gestionnaire de photos - (.ACD Systems International.) [HKLM] -- {F8B98EB6-FC06-45BF-87D4-9784E0408611}
O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems Inc..) [HKLM] -- {211E8730-5681-49ED-BC6A-78C9F88E95F5}
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Attribute Changer 6.0a - (.Romain Petges.) [HKLM] -- AC
O42 - Logiciel: CMenu - (.Michael Heath.) [HKLM] -- CMenu
O42 - Logiciel: Chrono Shutdown - (...) [HKLM] -- ChronoShutdown
O42 - Logiciel: ClipName - (.MainSoft.) [HKLM] -- ClipName
O42 - Logiciel: Combined Community Codec Pack 2008-01-24 - (.CCCP Project.) [HKLM] -- Combined Community Codec Pack_is1
O42 - Logiciel: Console 2 - (.Marko Bozikovic.) [HKLM] -- Console
O42 - Logiciel: DAEMON Tools - (.DAEMON'S HOME.) [HKLM] -- {3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
O42 - Logiciel: DAMN NFO Viewer Setup - (.DAMN.) [HKLM] -- {D5DE2E28-2BA1-4CF8-A4C5-D3D2AE0A9E38}
O42 - Logiciel: File Case Shell Extension - (.Synesis Software.) [HKLM] -- FileCase
O42 - Logiciel: FlashFXP v3 - (.IniCom Networks, Inc..) [HKLM] -- {96E3AED5-3D0B-4BB0-84C2-1EDADB204487}
O42 - Logiciel: GOM Player - (.Gretech Crop..) [HKLM] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google, Inc..) [HKLM] -- {D0759C6C-1F01-345D-8F59-E3B43977D754}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HashTab 2.1 - (.Cody Batt.) [HKLM] -- HashTab
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: InstallWatch Pro 2.5 - (...) [HKLM] -- InstallWatch Pro 2.5
O42 - Logiciel: Intel(R) Extreme Graphics 2 Driver - (...) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile
O42 - Logiciel: Java(TM) 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160060}
O42 - Logiciel: MakeISO - (.Yzöwl.) [HKLM] -- MakeISO
O42 - Logiciel: Media Player Classic fr - (...) [HKLM] -- Media Player Classic
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mmm - (.Paraglider.) [HKLM] -- MMM
O42 - Logiciel: ModifyPE - (.metheus.) [HKLM] -- ModifyPE
O42 - Logiciel: Mozilla Thunderbird (2.0.0.14) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (2.0.0.14)  =>.Mozilla Corporation
O42 - Logiciel: Nero 8 Lite 8.3.2.1b - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1
O42 - Logiciel: NewsLeecher v3.9 Final - (...) [HKLM] -- NewsLeecher_is1
O42 - Logiciel: Notepad++ - (...) [HKLM] -- Notepad++
O42 - Logiciel: PuTTY - (...) [HKLM] -- PuTTY
O42 - Logiciel: QT Lite 2.6.0 - (...) [HKLM] -- qt7lite_is1
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Real Alternative 1.8.0 Lite - (...) [HKLM] -- RealAlt_is1
O42 - Logiciel: RefreshEM - (.Camtech.) [HKLM] -- RefreshEM
O42 - Logiciel: Reg File Merger - (.XPero.) [HKLM] -- RegMerger
O42 - Logiciel: RegShot - (.Paraglider.) [HKLM] -- RegShot
O42 - Logiciel: Replacer - (.Undefined.) [HKLM] -- Replacer
O42 - Logiciel: Resource Hacker - (.Angus Johnson.) [HKLM] -- Reshack
O42 - Logiciel: Run Program Shell Extension - (.Synesis Software.) [HKLM] -- RunWith
O42 - Logiciel: Unlocker 1.8.7 - (.Cedrick Collomb.) [HKLM] -- Unlocker
O42 - Logiciel: Utilitaires "Envoyer vers" - (...) [HKLM] -- SendTo
O42 - Logiciel: WhyReboot - (.Exodus Development.) [HKLM] -- WhyReboot
O42 - Logiciel: WinMover 3.2.0.6 - (.Andreas Eliasson (EliasAE).) [HKLM] -- WinMover_is1
O42 - Logiciel: Windows Vista Wallpapers - (...) [HKLM] -- VistaWalls
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC
O42 - Logiciel: XPero's eXPander - (.XPero.) [HKLM] -- eXPander
O42 - Logiciel: Xtremsplit - (...) [HKLM] -- Xtremsplit
~ Logic: 65 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ACD Systems]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DAMN]
[HKCU\Software\EliasAE]
[HKCU\Software\Epsilon Squared]
[HKCU\Software\FlashFXP]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\HACE]
[HKCU\Software\Haali]
[HKCU\Software\HashTab]
[HKCU\Software\IM Providers]
[HKCU\Software\ImgBurn]
[HKCU\Software\Intel]
[HKCU\Software\JetCar]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Policies]
[HKCU\Software\QuickPar]
[HKCU\Software\RealNetworks]
[HKCU\Software\Revenger inc.]
[HKCU\Software\TuneUp]
[HKCU\Software\WPI]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKLM\Software\7F68A003]
[HKLM\Software\ACD Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Combined-Community-Codec-Pack]
[HKLM\Software\D-Tools]
[HKLM\Software\DAMN]
[HKLM\Software\Epsilon Squared]
[HKLM\Software\FlashFXP]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Huawei technologies]
[HKLM\Software\INTEL]
[HKLM\Software\InstalledOptions]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\QTLite]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Revenger inc.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Windows 3.1 Migration Status]
~ Key Software: 193 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/03/2015 - 23:47:12 - [] ----D C:\Program Files\ACD Systems
O43 - CFD: 27/03/2015 - 23:47:43 - [] ----D C:\Program Files\Adobe
O43 - CFD: 30/03/2015 - 01:20:41 - [] ----D C:\Program Files\ANGEL LOVE
O43 - CFD: 27/03/2015 - 23:47:51 - [] ----D C:\Program Files\Chrono Shutdown
O43 - CFD: 27/03/2015 - 23:45:37 - [] ----D C:\Program Files\CMenu
O43 - CFD: 27/03/2015 - 23:48:14 - [] ----D C:\Program Files\Combined Community Codec Pack
O43 - CFD: 27/03/2015 - 23:17:50 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 27/03/2015 - 23:48:36 - [] ----D C:\Program Files\D-Tools
O43 - CFD: 27/03/2015 - 23:46:51 - [] ----D C:\Program Files\DAMN NFO Viewer
O43 - CFD: 27/03/2015 - 23:45:29 - [] ----D C:\Program Files\Epsilon Squared
O43 - CFD: 27/03/2015 - 23:47:43 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 27/03/2015 - 23:45:11 - [] ----D C:\Program Files\FlashFXP
O43 - CFD: 27/03/2015 - 23:59:23 - [] ----D C:\Program Files\Google
O43 - CFD: 28/03/2015 - 00:00:25 - [] ----D C:\Program Files\GRETECH
O43 - CFD: 27/03/2015 - 23:46:28 - [] ----D C:\Program Files\ImgBurn
O43 - CFD: 29/03/2015 - 05:12:32 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 29/03/2015 - 04:55:09 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 31/03/2015 - 22:07:58 - [] ----D C:\Program Files\Internet Mobile
O43 - CFD: 27/03/2015 - 23:44:11 - [] ----D C:\Program Files\Java
O43 - CFD: 27/03/2015 - 23:48:18 - [] ----D C:\Program Files\Media Player Classic
O43 - CFD: 27/03/2015 - 23:21:25 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 27/03/2015 - 23:19:24 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 27/03/2015 - 23:44:30 - [] ----D C:\Program Files\Mozilla Thunderbird  =>.Mozilla Corporation
O43 - CFD: 27/03/2015 - 23:16:35 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/03/2015 - 23:44:55 - [] ----D C:\Program Files\Nero
O43 - CFD: 27/03/2015 - 23:19:41 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 27/03/2015 - 23:46:56 - [] ----D C:\Program Files\NewsLeecher
O43 - CFD: 01/04/2015 - 15:25:29 - [] ----D C:\Program Files\Notepad++
O43 - CFD: 27/03/2015 - 23:19:37 - [] ----D C:\Program Files\Outlook Express  =>.Microsoft Corporation
O43 - CFD: 27/03/2015 - 23:45:47 - [] ----D C:\Program Files\PuTTY
O43 - CFD: 27/03/2015 - 23:47:55 - [] ----D C:\Program Files\QT Lite
O43 - CFD: 27/03/2015 - 23:45:21 - [] ----D C:\Program Files\QuickPar
O43 - CFD: 27/03/2015 - 23:48:06 - [] ----D C:\Program Files\Real Alternative
O43 - CFD: 27/03/2015 - 23:20:14 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 27/03/2015 - 23:50:10 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 27/03/2015 - 23:48:33 - [] ----D C:\Program Files\Unlocker
O43 - CFD: 27/03/2015 - 23:45:38 - [] ----D C:\Program Files\Utilitaires
O43 - CFD: 27/03/2015 - 23:17:28 - [] ----D C:\Program Files\Windows Media Connect 2
O43 - CFD: 27/03/2015 - 23:21:40 - [] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 27/03/2015 - 23:16:27 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 27/03/2015 - 23:20:17 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 27/03/2015 - 23:45:23 - [] ----D C:\Program Files\WinMover
O43 - CFD: 27/03/2015 - 23:46:26 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 27/03/2015 - 23:46:53 - [] ----D C:\Program Files\Xtremsplit
O43 - CFD: 01/04/2015 - 15:45:45 - [] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 27/03/2015 - 23:47:16 - [] ----D C:\Program Files\Fichiers communs\ACD Systems
O43 - CFD: 30/03/2015 - 01:21:41 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 27/03/2015 - 23:43:52 - [] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 27/03/2015 - 23:50:19 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 27/03/2015 - 23:19:35 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 27/03/2015 - 23:44:46 - [] ----D C:\Program Files\Fichiers communs\Nero
O43 - CFD: 28/03/2015 - 00:10:27 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 27/03/2015 - 23:19:39 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 28/03/2015 - 00:10:23 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 27/03/2015 - 23:18:44 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 27/03/2015 - 23:47:14 - [] ----D C:\Documents and Settings\All Users\Application Data\ACD Systems
O43 - CFD: 27/03/2015 - 23:47:45 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 27/03/2015 - 23:45:07 - [] ----D C:\Documents and Settings\All Users\Application Data\FlashFXP
O43 - CFD: 29/03/2015 - 05:14:12 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 27/03/2015 - 23:44:41 - [] ----D C:\Documents and Settings\All Users\Application Data\Nero
O43 - CFD: 27/03/2015 - 23:48:05 - [0] ----D C:\Documents and Settings\All Users\Application Data\Real
O43 - CFD: 27/03/2015 - 23:49:38 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 27/03/2015 - 23:47:16 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ACD Systems
O43 - CFD: 27/03/2015 - 23:48:16 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Combined Community Codec Pack
O43 - CFD: 27/03/2015 - 23:45:41 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Console 2
O43 - CFD: 28/03/2015 - 00:10:00 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 28/03/2015 - 00:00:32 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GOM Player
O43 - CFD: 27/03/2015 - 23:59:43 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 27/03/2015 - 23:45:41 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\InstallWatch Pro 2.5
O43 - CFD: 31/03/2015 - 22:05:12 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Internet Mobile
O43 - CFD: 27/03/2015 - 23:18:03 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 27/03/2015 - 23:44:31 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Thunderbird  =>.Mozilla Corporation
O43 - CFD: 27/03/2015 - 23:44:51 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero
O43 - CFD: 27/03/2015 - 23:46:56 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\NewsLeecher
O43 - CFD: 27/03/2015 - 23:45:01 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Notepad++
O43 - CFD: 27/03/2015 - 23:21:49 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 27/03/2015 - 23:47:55 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime Alternative
O43 - CFD: 27/03/2015 - 23:48:06 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Real Alternative
O43 - CFD: 27/03/2015 - 23:45:41 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Utilitaires
O43 - CFD: 27/03/2015 - 23:46:26 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 01/04/2015 - 15:32:37 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP  =>.Nicolas Coolman
O43 - CFD: 31/03/2015 - 13:27:34 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 31/03/2015 - 01:17:26 - [] ----D C:\Documents and Settings\Administrateur\Application Data\DMCache
O43 - CFD: 27/03/2015 - 23:45:23 - [] ----D C:\Documents and Settings\Administrateur\Application Data\EliasAE
O43 - CFD: 28/03/2015 - 00:28:36 - [] ----D C:\Documents and Settings\Administrateur\Application Data\GRETECH
O43 - CFD: 27/03/2015 - 23:50:14 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 29/03/2015 - 19:28:44 - [] ----D C:\Documents and Settings\Administrateur\Application Data\IDM
O43 - CFD: 28/03/2015 - 15:25:50 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
O43 - CFD: 27/03/2015 - 23:42:48 - [] -S--D C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 28/03/2015 - 01:40:47 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Notepad++
O43 - CFD: 27/03/2015 - 23:48:05 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Real
O43 - CFD: 27/03/2015 - 23:43:45 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 27/03/2015 - 23:49:42 - [] ----D C:\Documents and Settings\Administrateur\Application Data\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 01/04/2015 - 12:37:13 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 01/04/2015 - 15:47:23 - [] ----D C:\Documents and Settings\Administrateur\Application Data\ZHP  =>.Nicolas Coolman
O43 - CFD: 30/03/2015 - 01:25:21 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 28/03/2015 - 00:01:25 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
O43 - CFD: 29/03/2015 - 01:06:46 - [] -S--D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
O43 - CFD: 27/03/2015 - 23:48:05 - [0] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Real
O43 - CFD: 27/03/2015 - 23:49:42 - [] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 27/03/2015 - 23:50:21 - [] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 29/03/2015 - 05:07:47 - [] R---D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 27/03/2015 - 23:49:38 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\ImgBurn
O43 - CFD: 01/04/2015 - 15:25:29 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Notepad++
O43 - CFD: 27/03/2015 - 23:45:24 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\WinMover
O43 - CFD: 27/03/2015 - 23:46:26 - [] ----D C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\WinRAR
~ Program Folder: 106 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01/04/2015 - 10:37:59 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [2048]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/04/2015 - 10:38:09 ---A- . (...) -- C:\WINDOWS\0.log   [0]
O44 - LFC:[MD5.DB2468F9E04B43A8F8C82D141674A7F1] - 01/04/2015 - 13:18:23 ---A- . (...) -- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt   [9288]
O44 - LFC:[MD5.3A56A8A403AD3845C5D5577445DAB0D1] - 01/04/2015 - 14:25:53 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [73307]
O44 - LFC:[MD5.0D4C93BC12D2FD857641DFCB355AEA22] - 01/04/2015 - 14:28:27 ---A- . (.Microsoft Corporation - Pages de propriétés pour les périphériques.) -- C:\WINDOWS\system32\OLD51.tmp   [78336]
O44 - LFC:[MD5.B826E6D1DE6F3F8C1C957BA7042C8300] - 01/04/2015 - 14:28:34 ---A- . (...) -- C:\WINDOWS\setupapi.log   [1102199]
O44 - LFC:[MD5.E37D69920466CFC00B95CDD8E07E7FE9] - 01/04/2015 - 14:32:20 ---A- . (...) -- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt   [9138]
O44 - LFC:[MD5.755F124B20A052DF1014AA0856A5C488] - 01/04/2015 - 14:45:47 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 27/03/2015 - 22:15:05 -SH-- . (...) -- C:\boot.ini   [212]
O44 - LFC:[MD5.0C27D82CE07AF92779284B1B8923BBD5] - 27/03/2015 - 22:15:30 ---A- . (...) -- C:\WINDOWS\cmsetacl.log   [200]
O44 - LFC:[MD5.15CABD0F7C00C47C70124907916AF3F1] - 27/03/2015 - 22:15:49 ---A- . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys   [196224]
O44 - LFC:[MD5.88155247177638048422893737429D9E] - 27/03/2015 - 22:15:49 ---A- . (.Microsoft Corporation - Terminal Server Driver.) -- C:\WINDOWS\system32\Drivers\termdd.sys   [40840]
O44 - LFC:[MD5.A060863D71C75F0235D230BE6E9650F7] - 27/03/2015 - 22:15:54 ---A- . (.Microsoft Corporation - Composant logiciel enfichable WMI.) -- C:\WINDOWS\system32\cmprops.dll   [314880]
O44 - LFC:[MD5.8BC58C4B4471EA21D80FC28FF5788B3B] - 27/03/2015 - 22:15:54 ---A- . (.Microsoft Corporation - Windows Product Activation Configuration WM.) -- C:\WINDOWS\system32\licwmi.dll   [58880]
O44 - LFC:[MD5.60101662853FA56F3F18F1DEA937FECB] - 27/03/2015 - 22:15:55 ---A- . (.Microsoft Corporation - Application d'assistance du composant de lo.) -- C:\WINDOWS\system32\mmfutil.dll   [17920]
O44 - LFC:[MD5.5AF6EBAC19F3ADB5D025B905CCECE90E] - 27/03/2015 - 22:15:55 ---A- . (.Microsoft Corporation - WMI Snapins.) -- C:\WINDOWS\system32\servdeps.dll   [141312]
O44 - LFC:[MD5.6B9D6177E2852C103114C07D62072851] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrv.dll   [226304]
O44 - LFC:[MD5.32278ADD920546C94E035549D183A5C1] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrvps.dll   [85504]
O44 - LFC:[MD5.BEB9AD8CD1E53495D4F584C9F7C1DB3E] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\catsrvut.dll   [625664]
O44 - LFC:[MD5.3E7E079AF9CFF7AFC4EDCC332E94F42E] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\clbcatex.dll   [110592]
O44 - LFC:[MD5.BD6C84E39CB7073BDA60A0B16B9298C2] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\clbcatq.dll   [498688]
O44 - LFC:[MD5.67217D3DF13594B3EE2A5F37ABA953B3] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comsnap.dll   [167424]
O44 - LFC:[MD5.4FC412747440950E8C0D24203ECCCD88] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comsvcs.dll   [1267200]
O44 - LFC:[MD5.D408E96DE7D1DCFC7D37A0C38B31EBF1] - 27/03/2015 - 22:16:01 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comuid.dll   [539648]
O44 - LFC:[MD5.E50B24FDA8A526F58EE313C3768575AE] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - MS DTC console program.) -- C:\WINDOWS\system32\msdtc.exe   [59392]
O44 - LFC:[MD5.8245A3D7C3C42DFA3536E7F38ACBA1FE] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\colbact.dll   [60416]
O44 - LFC:[MD5.84179A6F77F264A71651CE75DCDD7947] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comaddin.dll   [28160]
O44 - LFC:[MD5.C01BE55479D4323CFFE90C283C7E944D] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\comrepl.dll   [97792]
O44 - LFC:[MD5.AC081BECC2A6E85B985DC4BA05DBB683] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\dcomcnfg.exe   [33792]
O44 - LFC:[MD5.DD421F87FD528E330088581E232431DB] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxdm.dll   [30720]
O44 - LFC:[MD5.47E17AB71B070D0020D765753D3026AB] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxex.dll   [4096]
O44 - LFC:[MD5.C725F25A2622BF21A761A609DAB360A9] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\mtxlegih.dll   [34304]
O44 - LFC:[MD5.79D221D6ECCF243CA4560F4BE7BAD9F5] - 27/03/2015 - 22:16:02 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\stclient.dll   [59392]
O44 - LFC:[MD5.2275F850DFCE63C9BE9ADBF42664CFAD] - 27/03/2015 - 22:16:03 ---A- . (.Microsoft Corporation - MS DTC helper APIs DLL.) -- C:\WINDOWS\system32\xolehlp.dll   [11776]
O44 - LFC:[MD5.02675B394D2078A72A7E1F04EF2EC481] - 27/03/2015 - 22:16:03 ---A- . (.Microsoft Corporation - MS DTC log manager DLL.) -- C:\WINDOWS\system32\msdtclog.dll   [58880]
O44 - LFC:[MD5.912797ACCD9C4361593F23BBDC01EE71] - 27/03/2015 - 22:16:03 ---A- . (.Microsoft Corporation - MS DTC transaction manager DLL.) -- C:\WINDOWS\system32\msdtctm.dll   [956928]
O44 - LFC:[MD5.BB0175779746E7DF14182EC461D55CDD] - 27/03/2015 - 22:16:04 ---A- . (.Microsoft Corporation - MS DTC OLE Transactions interface proxy DLL.) -- C:\WINDOWS\system32\msdtcprx.dll   [427008]
O44 - LFC:[MD5.0B7B1CD44A4B7A8B0B3E122B529629BB] - 27/03/2015 - 22:16:05 ---A- . (.Microsoft Corporation - Configuration Backend Interface.) -- C:\WINDOWS\system32\cfgbkend.dll   [39424]
O44 - LFC:[MD5.1BDA51C28FAAB97D8A88D59C8A221485] - 27/03/2015 - 22:16:05 ---A- . (.Microsoft Corporation - DLL Interface to TermDD Device Driver.) -- C:\WINDOWS\system32\icaapi.dll   [11264]
O44 - LFC:[MD5.D926AEC879EE607570EE97CE48388CA6] - 27/03/2015 - 22:16:05 ---A- . (.Microsoft Corporation - MS DTC administrative component DLL.) -- C:\WINDOWS\system32\msdtcuiu.dll   [161792]
O44 - LFC:[MD5.69AB25E73007E9A527A55754820D2D8A] - 27/03/2015 - 22:16:05 ---A- . (.Microsoft Corporation - Microsoft database support DLL for Oracle.) -- C:\WINDOWS\system32\mtxoci.dll   [91648]
O44 - LFC:[MD5.AB7D258A6655BF95C8EB8EBEB8EA72DE] - 27/03/2015 - 22:16:05 ---A- . (.Microsoft Corporation - Utilitaire d'interrogation de processus.) -- C:\WINDOWS\system32\qprocess.exe   [48640]
O44 - LFC:[MD5.CD7F8C8A8A70FA30B661E413BC413A4F] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Extension du Panneau de configuration Sessi.) -- C:\WINDOWS\system32\remotepg.dll   [218624]
O44 - LFC:[MD5.09E3EFE13D50333C29A679326095F10C] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- C:\WINDOWS\system32\sessmgr.exe   [170496]
O44 - LFC:[MD5.BB64A2DDB96BAB0F4F3C4D7DA2B912C7] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop TSRDP Session Add-.) -- C:\WINDOWS\system32\rdsaddin.exe   [41472]
O44 - LFC:[MD5.C3E6A7A4B35DD176B5D17C0EA485996B] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Pilote multimédia du service Terminal Serve.) -- C:\WINDOWS\system32\rdpsnd.dll   [19968]
O44 - LFC:[MD5.5CF919481FA9CE3E96A1943C3BF971C8] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - RDP Clip Monitor.) -- C:\WINDOWS\system32\rdpclip.exe   [90624]
O44 - LFC:[MD5.70413FB509C8E5248C84F17767557F24] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - RDP Extension DLL.) -- C:\WINDOWS\system32\rdpwsx.dll   [87176]
O44 - LFC:[MD5.7BC4641B6C54338593D19130EB674620] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - RDSHost Client Module.) -- C:\WINDOWS\system32\rdchost.dll   [147968]
O44 - LFC:[MD5.2BF64220A2C5773B53B9B1AE8763031E] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - RDSHost Server Module.) -- C:\WINDOWS\system32\rdshost.exe   [94720]
O44 - LFC:[MD5.ABBFD09381333AE419D323833363C005] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Remote Desktop Connection.) -- C:\WINDOWS\system32\mstsc.exe   [705536]
O44 - LFC:[MD5.710BC85A8C22626EE094439E3EA0D38C] - 27/03/2015 - 22:16:06 ---A- . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\system32\termsrv.dll   [297984]
O44 - LFC:[MD5.A6A06A89A6ABC8964F7D147B3245F217] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - Anywhere access client.) -- C:\WINDOWS\system32\aaclient.dll   [136192]
O44 - LFC:[MD5.3EFE86DBFD6B34FE2ADF6602D657342D] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - Fournisseur d'infrastructure WMI de configu.) -- C:\WINDOWS\system32\tscfgwmi.dll   [94208]
O44 - LFC:[MD5.6471A66807F5E104E4885F5B67349397] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys   [12040]
O44 - LFC:[MD5.6728E45B66F93C08F11DE2E316FC70DD] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only,.) -- C:\WINDOWS\system32\Drivers\rdpwd.sys   [139656]
O44 - LFC:[MD5.87B6A9310687594F315798D532721F65] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - RPC/HTTP Downlevel Side-by-side Runtime.) -- C:\WINDOWS\system32\rhttpaa.dll   [290304]
O44 - LFC:[MD5.C56B6D0402371CF3700EB322EF3AAF61] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys   [21896]
O44 - LFC:[MD5.B7BD738EBA6E3C4C0744B4947CB54572] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - TSGateway QEC.) -- C:\WINDOWS\system32\tsgqec.dll   [53248]
O44 - LFC:[MD5.F31CC69F407BEEA05C4440BEA3FEDDE9] - 27/03/2015 - 22:16:07 ---A- . (.Microsoft Corporation - Terminal Services ActiveX Client.) -- C:\WINDOWS\system32\mstscax.dll   [2061824]
O44 - LFC:[MD5.A96F88292565A18EE0F4F80719765031] - 27/03/2015 - 22:16:08 ---A- . (.Microsoft Corporation - Spider.) -- C:\WINDOWS\system32\spider.exe   [1592832]
O44 - LFC:[MD5.25975EFA87BBF0FC7A713CA0E6068BF7] - 27/03/2015 - 22:16:09 ---A- . (.Microsoft Corporation - Afficheur de l'album Windows NT.) -- C:\WINDOWS\system32\clipbrd.exe   [236032]
O44 - LFC:[MD5.21DABEC3434D550B4FEDC0FE7925FD7E] - 27/03/2015 - 22:16:09 ---A- . (.Microsoft Corporation - Paint.) -- C:\WINDOWS\system32\mspaint.exe   [471040]
O44 - LFC:[MD5.6A1D9675F87094A7FAB33A67A4C25F1C] - 27/03/2015 - 22:16:10 ---A- . (.Hilgraeve, Inc. - Bibliothèque d'applications HyperTerminal.) -- C:\WINDOWS\system32\hypertrm.dll   [354304]
O44 - LFC:[MD5.0C36DEF2653329B7E0616AA955AEE842] - 27/03/2015 - 22:16:10 ---A- . (.Microsoft Corporation - Media Player.) -- C:\WINDOWS\system32\mplay32.exe   [306176]
O44 - LFC:[MD5.1CD2F5D43B5310CC3EFF45E923EE48C4] - 27/03/2015 - 22:16:11 ---A- . (.Microsoft Corporation - Accessoires du magnétophone.) -- C:\WINDOWS\system32\sndrec32.exe   [209920]
O44 - LFC:[MD5.72882F0BE29F55A4E87ED67018219987] - 27/03/2015 - 22:16:11 ---A- . (.Microsoft Corporation - Assistant Accessibilité Microsoft.) -- C:\WINDOWS\system32\accwiz.exe   [481792]
O44 - LFC:[MD5.0DF62FC2ABA87682FB4046443D505714] - 27/03/2015 - 22:16:11 ---A- . (.Microsoft Corporation - DLL du Panneau de configuration.) -- C:\WINDOWS\system32\access.cpl   [71680]
O44 - LFC:[MD5.741856B15DCF6A281B7F674FBDB354CE] - 27/03/2015 - 22:16:12 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc   [92286]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 27/03/2015 - 22:16:17 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h   [768]
O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 27/03/2015 - 22:16:17 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini   [3914]
O44 - LFC:[MD5.2CA1060C5CF9C03B865977F12123C3F8] - 27/03/2015 - 22:16:17 ---A- . (.Microsoft Corporation - Modem Connection Driver.) -- C:\WINDOWS\system32\cdmodem.dll   [15872]
O44 - LFC:[MD5.B6F4DA9865E6831D83E221D01F27C21E] - 27/03/2015 - 22:16:17 ---A- . (.Microsoft Corporation - Utilitaire de déconnexion de session.) -- C:\WINDOWS\system32\logoff.exe   [43520]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 27/03/2015 - 22:16:18 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h   [3286]
O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 27/03/2015 - 22:16:18 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini   [27768]
O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 27/03/2015 - 22:16:18 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd   [1263]
O44 - LFC:[MD5.4701BA735D535D9F46AB2A285610A04B] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Extension de configuration de connexion Ter.) -- C:\WINDOWS\system32\rdpcfgex.dll   [4608]
O44 - LFC:[MD5.6154C05691B845BD32AF9C4D41A93212] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Registry Initializer.) -- C:\WINDOWS\system32\regini.exe   [61440]
O44 - LFC:[MD5.3CDD0BE280BCCC9368685FA25B004D5A] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire d'arrêt de processus des service.) -- C:\WINDOWS\system32\tskill.exe   [44544]
O44 - LFC:[MD5.1093072381A117515D6705A736D20ECE] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire d'arrêt du système.) -- C:\WINDOWS\system32\tsshutdn.exe   [45056]
O44 - LFC:[MD5.2DC5348D9D488426AEE36D0E33674039] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire d'interrogation Terminal Server.) -- C:\WINDOWS\system32\qappsrv.exe   [45056]
O44 - LFC:[MD5.57CA4972FB6CEA8FFD18E2946765744C] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de connexion de session.) -- C:\WINDOWS\system32\tscon.exe   [43008]
O44 - LFC:[MD5.A6E3138B599E4B991DE740037EA9E2F8] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de contrôle à distance de sessio.) -- C:\WINDOWS\system32\shadow.exe   [43008]
O44 - LFC:[MD5.9B7AA9AAEA3AC697458B7E01C5CCB6E1] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de déconnexion de session.) -- C:\WINDOWS\system32\tsdiscon.exe   [42496]
O44 - LFC:[MD5.D313696C01BA3F45B1FFE84C2EA28932] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de gestion des sessions de requê.) -- C:\WINDOWS\system32\qwinsta.exe   [50176]
O44 - LFC:[MD5.70DEE7AC300D77F466CC0712ECAA15E3] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de message.) -- C:\WINDOWS\system32\msg.exe   [50176]
O44 - LFC:[MD5.0AC372DF64CA99D209AD46145F79A2C6] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de réinitialisation de session.) -- C:\WINDOWS\system32\rwinsta.exe   [44032]
O44 - LFC:[MD5.198317858E7ACC93E4E1478CA5548A49] - 27/03/2015 - 22:16:18 ---A- . (.Microsoft Corporation - Utilitaire de réinitialisation des services.) -- C:\WINDOWS\system32\reset.exe   [37888]
O44 - LFC:[MD5.AA095AF946763FDA365CEDEED742D3D1] - 27/03/2015 - 22:16:19 ---A- . (.Microsoft Corporation - Applet du jeu Solitaire.) -- C:\WINDOWS\system32\sol.exe   [86528]
O44 - LFC:[MD5.F3AB8F20FE6033BAF1D62FCA77885FA1] - 27/03/2015 - 22:16:19 ---A- . (.Microsoft Corporation - Application Calculatrice de Windows.) -- C:\WINDOWS\system32\calc.exe   [143872]
O44 - LFC:[MD5.EE9D6C69048CE0FDFFB743EDEE4B5C7B] - 27/03/2015 - 22:16:19 ---A- . (.Microsoft Corporation - Jeu Démineur du pack Entertainment.) -- C:\WINDOWS\system32\winmine.exe   [149504]
O44 - LFC:[MD5.F6A3EC1D573689DCDA607F9EE2E759F5] - 27/03/2015 - 22:16:19 ---A- . (.Microsoft Corporation - Jeu FreeCell du pack Entertainment.) -- C:\WINDOWS\system32\freecell.exe   [84992]
O44 - LFC:[MD5.BFBA408FDCF797C2155AEE61315B8864] - 27/03/2015 - 22:16:19 ---A- . (.Microsoft Corporation - La Dame de Pique en réseau.) -- C:\WINDOWS\system32\mshearts.exe   [157696]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 27/03/2015 - 22:16:20 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce   [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 27/03/2015 - 22:16:20 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce   [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 27/03/2015 - 22:16:20 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce   [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 27/03/2015 - 22:16:20 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce   [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 27/03/2015 - 22:16:20 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce   [8484]
O44 - LFC:[MD5.C525A8A367F9641ABB8FF32C96BD08A4] - 27/03/2015 - 22:16:20 ---A- . (.Microsoft Corporation - DLL des noms UNICODE pour UCE.) -- C:\WINDOWS\system32\getuname.dll   [634880]
O44 - LFC:[MD5.B6EF4EC5E6CCF838E56571A1682A9042] - 27/03/2015 - 22:16:20 ---A- . (.Microsoft Corporation - Table des caractères.) -- C:\WINDOWS\system32\charmap.exe   [110080]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp   [65978]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp   [26582]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp   [17336]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Plume.bmp   [16730]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp   [1272]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp   [17062]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\system32\korean.uce   [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce   [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 27/03/2015 - 22:16:21 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce   [93702]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 27/03/2015 - 22:16:22 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp   [65832]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 27/03/2015 - 22:16:22 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp   [17362]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 27/03/2015 - 22:16:22 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp   [26680]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 27/03/2015 - 22:16:22 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp   [65954]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 27/03/2015 - 22:16:22 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp   [9522]
O44 - LFC:[MD5.9686BFBD5B1928ACD72DF94D865A1DCD] - 27/03/2015 - 22:16:25 ---A- . (.Microsoft Corporation - Conversation pour Windows NT.) -- C:\WINDOWS\system32\winchat.exe   [73728]
O44 - LFC:[MD5.E7EF0C8FE4CAE6B9CA990D5B15A079CE] - 27/03/2015 - 22:16:26 ---A- . (.Microsoft Corporation - Contrôles de mesure.) -- C:\WINDOWS\system32\avmeter.dll   [16384]
O44 - LFC:[MD5.128CEA94B381C19C655AA18DA74ECA0A] - 27/03/2015 - 22:16:26 ---A- . (.Microsoft Corporation - Numéroteur TAPI 3.0 et Visualisateur de con.) -- C:\WINDOWS\system32\avtapi.dll   [232960]
O44 - LFC:[MD5.F7B2FA971A70A335F92785DEF9478B62] - 27/03/2015 - 22:16:26 ---A- . (.Microsoft Corporation - Wave Manipulation Component.) -- C:\WINDOWS\system32\avwav.dll   [73216]
O44 - LFC:[MD5.36B14AD54214F6AC9A24B447E12D5E1B] - 27/03/2015 - 22:16:27 ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- C:\WINDOWS\system32\hticons.dll   [70144]
O44 - LFC:[MD5.43DD53C2DA7EBE32D7A00B01E3D22E4B] - 27/03/2015 - 22:16:27 ---A- . (.Microsoft Corporation - Contrôle du volume.) -- C:\WINDOWS\system32\sndvol32.exe   [244736]
O44 - LFC:[MD5.CA30409EB04C1C6743ED952FC404112B] - 27/03/2015 - 22:16:35 ---A- . (.Microsoft Corporation - Windows Write.) -- C:\WINDOWS\system32\write.exe   [63488]
O44 - LFC:[MD5.1B26CF070C67085E0D529332C411DBC5] - 27/03/2015 - 22:16:39 ---A- . (...) -- C:\WINDOWS\system32\IE7Eula.rtf   [74715]
O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 27/03/2015 - 22:16:39 ---A- . (...) -- C:\WINDOWS\system32\icrav03.rat   [8798]
O44 - LFC:[MD5.35F55D694AD31A65D5B2D41614F91B08] - 27/03/2015 - 22:16:39 ---A- . (.Microsoft Corporation - ADVPACK.) -- C:\WINDOWS\system32\advpack.dll.mui   [12288]
O44 - LFC:[MD5.86CC1806D0719F3196802B3A000FB44B] - 27/03/2015 - 22:16:40 ---A- . (.Microsoft Corporation - Internet Explorer.) -- C:\WINDOWS\system32\ieframe.dll.mui   [1048576]
O44 - LFC:[MD5.7D2F35E0FBF49B46683E4C05E835ACC7] - 27/03/2015 - 22:16:41 ---A- . (.Microsoft Corporation - Microsoft Feeds Background Sync.) -- C:\WINDOWS\system32\msfeedsbs.dll   [52224]
O44 - LFC:[MD5.08AD8D745F1818309E9BB0F692E50F97] - 27/03/2015 - 22:16:42 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\WINDOWS\system32\msfeedssync.exe   [39936]
O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 27/03/2015 - 22:16:43 ---A- . (...) -- C:\WINDOWS\system32\ticrf.rat   [1988]
O44 - LFC:[MD5.61EB23E4CB4EC5163F4E63749E30110F] - 27/03/2015 - 22:16:43 ---A- . (.Microsoft Corporation - WinFX Runtime Components.) -- C:\WINDOWS\system32\winfxdocobj.exe   [233984]
O44 - LFC:[MD5.99020BA68725602E8475F9628707A386] - 27/03/2015 - 22:17:09 ---A- . (.AutoIt Team - AutoIt v3 ActiveX Control.) -- C:\WINDOWS\system32\autoitx3.dll   [294920]
O44 - LFC:[MD5.7E04D46B430873BA2DB5DBE92B567CCB] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - ATL Module for Windows (Unicode).) -- C:\WINDOWS\system32\atl70.dll   [86016]
O44 - LFC:[MD5.1F1D608ABCC34CA2A5369C95B47605F0] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - ATL Module for Windows (Unicode).) -- C:\WINDOWS\system32\atl71.dll   [89600]
O44 - LFC:[MD5.AB412429F1E5FB9708A8CDEA07479099] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - CMDialog ActiveX Control DLL.) -- C:\WINDOWS\system32\comdlg32.ocx   [152848]
O44 - LFC:[MD5.1B63AF252CFEFF520871F0AE37C80C5E] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - Microsoft Common Controls 2 ActiveX Control.) -- C:\WINDOWS\system32\comct232.ocx   [164144]
O44 - LFC:[MD5.34FA3D84D7EBF3085F0E59AA6856C589] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - Microsoft Common Controls 3 ActiveX Control.) -- C:\WINDOWS\system32\comct332.ocx   [416528]
O44 - LFC:[MD5.2640AD05AB39321E6C9D3C71236CA0DF] - 27/03/2015 - 22:17:10 ---A- . (.Microsoft Corporation - Windows Common Controls ActiveX Control DLL.) -- C:\WINDOWS\system32\comctl32.ocx   [1351392]
O44 - LFC:[MD5.F08F19FEAA26FB2DAC62E4AA4C44020C] - 27/03/2015 - 22:17:10 ---A- . (.Red Hat - Cygwin® POSIX Emulation DLL.) -- C:\WINDOWS\system32\cygwin1.dll   [1872666]
O44 - LFC:[MD5.C54EB1E578EEF0552DB2480096C20877] - 27/03/2015 - 22:17:11 ---A- . (...) -- C:\WINDOWS\system32\cygwinb19.dll   [394752]
O44 - LFC:[MD5.331F570AA7C20BC93DEB7B237B21CC9C] - 27/03/2015 - 22:17:11 ---A- . (.GNU <www.gnu.org> - LibIconv: convert between character encodin.) -- C:\WINDOWS\system32\libiconv2.dll   [898048]
O44 - LFC:[MD5.FAE53FAD924A437AF259649419C806E2] - 27/03/2015 - 22:17:11 ---A- . (.Microsoft Corporation - DBList.) -- C:\WINDOWS\system32\dblist32.ocx   [200496]
O44 - LFC:[MD5.80E41408F6D641DC1C0F5353A0CC8125] - 27/03/2015 - 22:17:11 ---A- . (.Pas de propriétaire - zlib data compression library.) -- C:\WINDOWS\system32\zlib1.dll   [59904]
O44 - LFC:[MD5.CDBDEF73515997355E81A99421C1D721] - 27/03/2015 - 22:17:11 ---A- . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libeay32.dll   [1015808]
O44 - LFC:[MD5.DB7AABF38D66B4F8152F12E0F313D00C] - 27/03/2015 - 22:17:12 ---A- . (.GNU <www.gnu.org> - GetText: library and tools for native langu.) -- C:\WINDOWS\system32\libintl3.dll   [101888]
O44 - LFC:[MD5.4AE28E2FB7DEDFD5F725CDBC0EC05959] - 27/03/2015 - 22:17:12 ---A- . (.Intel Corporation - Math Library for Intel(r) Compilers (thread.) -- C:\WINDOWS\system32\libmmd.dll   [2887680]
O44 - LFC:[MD5.6C5346D995B1AC78DD71E44C848152FC] - 27/03/2015 - 22:17:12 ---A- . (.Microsoft Corporation - MCI OLE Control DLL.) -- C:\WINDOWS\system32\mci32.ocx   [198848]
O44 - LFC:[MD5.5D3C0F40336B490EDE971C394CFB8F78] - 27/03/2015 - 22:17:12 ---A- . (.Microsoft Corporation - MFCDLL Shared Library - Retail Version.) -- C:\WINDOWS\system32\mfc70.dll   [1024000]
O44 - LFC:[MD5.6C06FB9E1D818FDE8D142EE180A65646] - 27/03/2015 - 22:17:12 ---A- . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libssl32.dll   [196608]
O44 - LFC:[MD5.C440493ABF8CF179FF3351357C1EB426] - 27/03/2015 - 22:17:13 ---A- . (.Microsoft Corporation - MFCDLL Shared Library - Retail Version.) -- C:\WINDOWS\system32\mfc70u.dll   [1017344]
O44 - LFC:[MD5.4B1BC262B76232056F3B247C37F26940] - 27/03/2015 - 22:17:13 ---A- . (.Microsoft Corporation - MFCDLL Shared Library - Retail Version.) -- C:\WINDOWS\system32\mfc71.dll   [1060864]
O44 - LFC:[MD5.DF92EAE4AE8A897879B4A2AE8A8001DE] - 27/03/2015 - 22:17:13 ---A- . (.Microsoft Corporation - MFCDLL Shared Library - Retail Version.) -- C:\WINDOWS\system32\mfc71u.dll   [1053184]
O44 - LFC:[MD5.AE47A8A5FE8193BB84FFCD338115D8EF] - 27/03/2015 - 22:17:13 ---A- . (.Microsoft Corporation - Microsoft Common Controls 2 ActiveX Control.) -- C:\WINDOWS\system32\mscomct2.ocx   [662288]
O44 - LFC:[MD5.D268668751EE22997D7EF1417034CB04] - 27/03/2015 - 22:17:13 ---A- . (.Microsoft Corporation - Windows Common Controls ActiveX Control DLL.) -- C:\WINDOWS\system32\mscomctl.ocx   [1071088]
O44 - LFC:[MD5.2C6119DA3993F410E74B15112F840CB0] - 27/03/2015 - 22:17:14 ---A- . (.Microsoft Corporation - MSComm.) -- C:\WINDOWS\system32\mscomm32.ocx   [103744]
O44 - LFC:[MD5.01FA6CB13556E951FADBAB8FF009B631] - 27/03/2015 - 22:17:14 ---A- . (.Microsoft Corporation - MSDatGrd.OCX.) -- C:\WINDOWS\system32\msdatgrd.ocx   [275216]
O44 - LFC:[MD5.E074F2504DE473F92A519D8BF1A11D77] - 27/03/2015 - 22:17:14 ---A- . (.Microsoft Corporation - MSDatLst.) -- C:\WINDOWS\system32\msdatlst.ocx   [232640]
O44 - LFC:[MD5.3F7A98D7BE824143C7C88FC447E944AC] - 27/03/2015 - 22:17:14 ---A- . (.Microsoft Corporation - MSFlexGrid.) -- C:\WINDOWS\system32\msflxgrd.ocx   [260880]
O44 - LFC:[MD5.714CF24FC19A20AE0DC701B48DED2CF6] - 27/03/2015 - 22:17:14 ---A- . (.Microsoft Corporation - Windows Common Controls ActiveX Control DLL.) -- C:\WINDOWS\system32\mscomctl32.ocx   [1066176]
O44 - LFC:[MD5.F0AC7872C32CD3AEB4FC9EAC782C6F37] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - MSMask.) -- C:\WINDOWS\system32\msmask32.ocx   [166600]
O44 - LFC:[MD5.90A39346E9B67F132EF133725C487FF6] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft Internet Transfer Control DLL.) -- C:\WINDOWS\system32\msinet.ocx   [132880]
O44 - LFC:[MD5.719E0F4D1114F700F564E9AE47F0E3EE] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft Standard Data Formating Object DL.) -- C:\WINDOWS\system32\msstdfmt.dll   [119808]
O44 - LFC:[MD5.8D8A3965D5D4CCBBE4489DA028CEF6FC] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\WINDOWS\system32\msvcr70.dll   [339968]
O44 - LFC:[MD5.07B8A966FA4D08B797DE3FCC5C67EAB6] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft® C++ Runtime Library.) -- C:\WINDOWS\system32\msvci70.dll   [54784]
O44 - LFC:[MD5.D04F7AACA2319A3BCDB2C5D5DD6F6026] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft® C++ Runtime Library.) -- C:\WINDOWS\system32\msvcp70.dll   [487424]
O44 - LFC:[MD5.1874BBAD9AE4C993B74B7ABAA8B9D535] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - Microsoft® C++ Runtime Library.) -- C:\WINDOWS\system32\msvcp71.dll   [503808]
O44 - LFC:[MD5.D08A99C462298C041139789627168A0B] - 27/03/2015 - 22:17:15 ---A- . (.Microsoft Corporation - msprop32.ocx.) -- C:\WINDOWS\system32\msstkprp.dll   [94208]
O44 - LFC:[MD5.E8A2190A9E8EE5E5D2E0B599BBF9DDA6] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - Microsoft Winsock Control DLL.) -- C:\WINDOWS\system32\mswinsck.ocx   [124688]
O44 - LFC:[MD5.837B1E310F2AA8B20F07A9B1CE90AC4F] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\WINDOWS\system32\msvcr71.dll   [344064]
O44 - LFC:[MD5.90502F80C58D513AC3FA15B4E226FDFA] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - PicClip.) -- C:\WINDOWS\system32\picclp32.ocx   [83144]
O44 - LFC:[MD5.045A16822822426C305EA7280270A3D6] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - RichTx32.OCX.) -- C:\WINDOWS\system32\richtx32.ocx   [212240]
O44 - LFC:[MD5.0DB04D84B06F760BE7A852A8CFC20DF2] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - SysInfo.) -- C:\WINDOWS\system32\sysinfo.ocx   [67376]
O44 - LFC:[MD5.DC925B6D77BA9ECB532E2F6750BE943B] - 27/03/2015 - 22:17:16 ---A- . (.Microsoft Corporation - TABCTL32 OLE Control DLL.) -- C:\WINDOWS\system32\tabctl32.ocx   [224016]
O44 - LFC:[MD5.9203B18119216943B4BDE32AB99E3B30] - 27/03/2015 - 22:17:16 ---A- . (.NVIDIA Corporation - Standard OpenAL(TM) Implementation.) -- C:\WINDOWS\system32\openal32.dll   [21504]
O44 - LFC:[MD5.6C06FB9E1D818FDE8D142EE180A65646] - 27/03/2015 - 22:17:16 ---A- . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\WINDOWS\system32\ssleay32.dll   [196608]
O44 - LFC:[MD5.9C24ED831DDFA8319382B2BFD9691AA9] - 27/03/2015 - 22:17:17 ---A- . (.Creative Labs - OpenAL32.) -- C:\WINDOWS\system32\wrap_oal.dll   [413696]
O44 - LFC:[MD5.73978DD6DD93DFD1FDD83620AE604DD4] - 27/03/2015 - 22:17:17 ---A- . (.Microsoft Corporation - Visual Basic 4.0 runtime library.) -- C:\WINDOWS\system32\vb40032.dll   [722192]
O44 - LFC:[MD5.CC3658475EF8B220B534EBFAF80AB29F] - 27/03/2015 - 22:17:41 ---A- . (...) -- C:\WINDOWS\DtcInstall.log   [130]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 27/03/2015 - 22:17:48 ---A- . (...) -- C:\WINDOWS\vb.ini   [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 27/03/2015 - 22:17:48 ---A- . (...) -- C:\WINDOWS\vbaddin.ini   [37]
O44 - LFC:[MD5.E51AACE548EB3903882B7346B55CA16F] - 27/03/2015 - 22:17:58 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat   [21892]
O44 - LFC:[MD5.DADB3267CF9AA47E7EF8BBF043FBC4B8] - 27/03/2015 - 22:18:31 ---A- . (...) -- C:\WINDOWS\sessmgr.setup.log   [1022]
O44 - LFC:[MD5.B3EB0AA0E194CD030C4A85BFA45F124B] - 27/03/2015 - 22:18:40 ---A- . (.Microsoft Corporation - Assistant Connexion Internet.) -- C:\WINDOWS\system32\icwphbk.dll   [65536]
O44 - LFC:[MD5.B9FCC5FB3EBB7F924F0E8DAC62C46016] - 27/03/2015 - 22:18:40 ---A- . (.Microsoft Corporation - Bibliothèque de l'Assistant Connexion Inter.) -- C:\WINDOWS\system32\inetcfg.dll   [933888]
O44 - LFC:[MD5.984747DE9BB043D21B01FA06C6E63CBD] - 27/03/2015 - 22:18:40 ---A- . (.Microsoft Corporation - Numéroteur automatique de l'Assistant Conne.) -- C:\WINDOWS\system32\icwdial.dll   [126976]
O44 - LFC:[MD5.16EFD8E3760BE22816B320A6BA39FDF8] - 27/03/2015 - 22:18:40 ---A- . (.Microsoft Corporation - Processus d'abonnement à Internet.) -- C:\WINDOWS\system32\isign32.dll   [155648]
O44 - LFC:[MD5.AB622535491660CF4E02897E10CAF513] - 27/03/2015 - 22:18:41 ---A- . (.Microsoft Corporation - Fichier DLL d'interface du Planificateur de.) -- C:\WINDOWS\system32\mstask.dll   [333312]
O44 - LFC:[MD5.3B4FC18B563787AF31814C9C6ECF7DD5] - 27/03/2015 - 22:18:41 ---A- . (.Microsoft Corporation - Fichier d'installation du Planificateur de.) -- C:\WINDOWS\system32\mstinit.exe   [39936]
O44 - LFC:[MD5.55F5C5C1BE1A78E285033E432BA01597] - 27/03/2015 - 22:18:41 ---A- . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [194560]
O44 - LFC:[MD5.CFCFE96EDD7E6FD246F160368B87A13F] - 27/03/2015 - 22:18:43 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll   [691712]
O44 - LFC:[MD5.8170A1C343FEACE33B23DD6715BF86C8] - 27/03/2015 - 22:18:43 ---A- . (.Microsoft Corporation - Ressources API de Microsoft Internet Messag.) -- C:\WINDOWS\system32\inetres.dll   [123904]
O44 - LFC:[MD5.11FB4109191437CE765779F10EBBDFAB] - 27/03/2015 - 22:18:45 ---A- . (.Microsoft Corporation - Gestionnaire de comptes Internet.) -- C:\WINDOWS\system32\msoeacct.dll   [252928]
O44 - LFC:[MD5.B150D1485996C0A40C8E397B141C3D8B] - 27/03/2015 - 22:18:45 ---A- . (.Microsoft Corporation - Microsoft Outlook Express RT Lib.) -- C:\WINDOWS\system32\msoert2.dll   [105984]
O44 - LFC:[MD5.BBAD7CF865D87515AA62707B1D1A4AC2] - 27/03/2015 - 22:18:47 ---A- . (.Microsoft Corporation - Dll de l'utilitaire de conférence.) -- C:\WINDOWS\system32\msconf.dll   [131072]
O44 - LFC:[MD5.71ECBA795A063026843F70F31EF02689] - 27/03/2015 - 22:18:48 ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- C:\WINDOWS\system32\isrdbg32.dll   [32768]
O44 - LFC:[MD5.B8D4B3C6E0E9746EF93CC988EB00F9E8] - 27/03/2015 - 22:18:48 ---A- . (.Microsoft Corporation - Application Sharing Display Driver.) -- C:\WINDOWS\system32\mnmdd.dll   [34560]
O44 - LFC:[MD5.83CFBB693483E664CC12C8ED132BBDEA] - 27/03/2015 - 22:18:48 ---A- . (.Microsoft Corporation - Bibliothèque NMMKCERT.) -- C:\WINDOWS\system32\nmmkcert.dll   [28672]
O44 - LFC:[MD5.92D6C52A23419C4B82A84919A074E0CC] - 27/03/2015 - 22:18:48 ---A- . (.Microsoft Corporation - Partage de Bureau à distance NetMeeting.) -- C:\WINDOWS\system32\mnmsrvc.exe   [81920]
O44 - LFC:[MD5.B4B61B3F41002E68D01A371C671B5F78] - 27/03/2015 - 22:18:48 ---A- . (.Microsoft Corporation - Pilote ICM Microsoft H.261.) -- C:\WINDOWS\system32\msh261.drv   [188416]
O44 - LFC:[MD5.987A84CD549E6EFC653A9B4B3E2B24B2] - 27/03/2015 - 22:18:48 ---A- . (.Microsoft Corporation - User Location Services Component Module.) -- C:\WINDOWS\system32\ils.dll   [81920]
O44 - LFC:[MD5.10AEB8569F5816E5CA90AD8D52856A55] - 27/03/2015 - 22:18:49 ---A- . (.Microsoft Corporation - Bibliothèque d'opérations Restauration du s.) -- C:\WINDOWS\system32\srrstr.dll   [267776]
O44 - LFC:[MD5.28474BE310C44503129D786763AD4C19] - 27/03/2015 - 22:18:49 ---A- . (.Microsoft Corporation - Dll du client SR.) -- C:\WINDOWS\system32\srclient.dll   [78848]
O44 - LFC:[MD5.39626E6DC1FB39434EC40C42722B660A] - 27/03/2015 - 22:18:49 ---A- . (.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) -- C:\WINDOWS\system32\Drivers\sr.sys   [73600]
O44 - LFC:[MD5.6ED29124A1C83BD0CF6B26BD01CA6F6F] - 27/03/2015 - 22:18:49 ---A- . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll   [171520]
O44 - LFC:[MD5.64A3919D5606CE42660247DB1CB9CB88] - 27/03/2015 - 22:18:50 ---A- . (.Microsoft Corporation - Filter Library.) -- C:\WINDOWS\system32\fltlib.dll   [16896]
O44 - LFC:[MD5.4243EFD9CF6F0968717E97289FE90028] - 27/03/2015 - 22:18:50 ---A- . (.Microsoft Corporation - Filter Manager Control Program.) -- C:\WINDOWS\system32\fltMc.exe   [50688]
O44 - LFC:[MD5.B2CF4B0786F8212CB92ED2B50C6DB6B0] - 27/03/2015 - 22:18:50 ---A- . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- C:\WINDOWS\system32\Drivers\fltMgr.sys   [129792]
O44 - LFC:[MD5.FF84939E5219562530EB627CC726E65C] - 27/03/2015 - 22:18:53 ---A- . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\racpldlg.dll   [43520]
O44 - LFC:[MD5.068E36F77A5BC2067927C17FF8A7B63E] - 27/03/2015 - 22:18:53 ---A- . (.Microsoft Corporation - Contrôles Fichier/Ouvrir et Enregistrer de.) -- C:\WINDOWS\system32\safrcdlg.dll   [43520]
O44 - LFC:[MD5.E84A20DABF81C9A5D08E1DE8C49B0005] - 27/03/2015 - 22:18:53 ---A- . (.Microsoft Corporation - Gestionnaire du bureau du centre d'Aide Mic.) -- C:\WINDOWS\system32\safrdm.dll   [29696]
O44 - LFC:[MD5.B94996F7C1B88942D6F95EFD93C236AA] - 27/03/2015 - 22:18:53 ---A- . (.Microsoft Corporation - Microsoft Help Center Session Resolver.) -- C:\WINDOWS\system32\safrslv.dll   [45568]
O44 - LFC:[MD5.86A1348BBC6ADA3009D18585AC6C6DBA] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Automatic Updates Control Panel.) -- C:\WINDOWS\system32\wuaucpl.cpl   [350040]
O44 - LFC:[MD5.92A7AA8BBD4DDA38B012EDB223420FD4] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service 2.0.) -- C:\WINDOWS\system32\bitsprx3.dll   [7168]
O44 - LFC:[MD5.5C5D4A7893B3A0FD9AEBEAED1E45E3B2] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service 2.5.) -- C:\WINDOWS\system32\bitsprx4.dll   [7168]
O44 - LFC:[MD5.6B219C1EC5A6521332A41E7FA1DB07E9] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service Pro.) -- C:\WINDOWS\system32\bitsprx2.dll   [8192]
O44 - LFC:[MD5.8E012E8D84724CB521E3BE09741980FB] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Background Intelligent Transfer Service Pro.) -- C:\WINDOWS\system32\qmgrprxy.dll   [18944]
O44 - LFC:[MD5.82A2C0F5914D815ECB2DCBBD3640E6F4] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Client Mise à jour automatique Windows Upda.) -- C:\WINDOWS\system32\wuauclt1.exe   [375296]
O44 - LFC:[MD5.BAA0B6E647C1AD593E9BAE5CC31BCFFB] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll   [409088]
O44 - LFC:[MD5.01D64A90525E6F8E2AB55497E87FB535] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Windows Update Automatic Updates.) -- C:\WINDOWS\system32\wuauclt.exe   [53592]
O44 - LFC:[MD5.4A80BE98762AA02CF749C96E2B5CE290] - 27/03/2015 - 22:19:28 ---A- . (.Microsoft Corporation - Windows Update Client API.) -- C:\WINDOWS\system32\wuapi.dll   [665432]
O44 - LFC:[MD5.EF5FC91FC368E6CC47217E9A36B3F691] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Moteur de mises à jour automatique Windows.) -- C:\WINDOWS\system32\wuaueng1.dll   [184320]
O44 - LFC:[MD5.25D9D1F659E9B67752380E43ABF59BD8] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll   [1743704]
O44 - LFC:[MD5.727F02F3B19BAB3639E9358FFDD295E0] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll   [25944]
O44 - LFC:[MD5.ADB94DFF362C467983D2C3E95996653E] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Windows Update Client UI Plugin.) -- C:\WINDOWS\system32\wucltui.dll   [485208]
O44 - LFC:[MD5.AABF7F9CF777A221BE0AB7E3E6C98C82] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Windows Update Web Control.) -- C:\WINDOWS\system32\wuweb.dll   [230232]
O44 - LFC:[MD5.E2886890A3B9DE0B9FBAE93700FBAE60] - 27/03/2015 - 22:19:29 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\WINDOWS\system32\wups.dll   [36184]
O44 - LFC:[MD5.13D8419CD73E6D14FE093A0066E36F18] - 27/03/2015 - 22:19:37 ---A- . (.Microsoft Corporation - Internet Connection Wizard.) -- C:\WINDOWS\system32\icfgnt5.dll   [16384]
O44 - LFC:[MD5.22E92265BAB0D26CE8B6558A673BB099] - 27/03/2015 - 22:19:40 ---A- . (.Microsoft Corporation - Ressources du gestionnaire de comptes Micro.) -- C:\WINDOWS\system32\acctres.dll   [117760]
O44 - LFC:[MD5.34A92A72CC0E0653828344DB5378B1E0] - 27/03/2015 - 22:19:41 ---A- . (.Microsoft Corporation - Codec Microsoft G.723.1 pour MSACM.) -- C:\WINDOWS\system32\msg723.acm   [118784]
O44 - LFC:[MD5.8014838B3025DDFF6C476FCC7C18CD82] - 27/03/2015 - 22:19:41 ---A- . (.Microsoft Corporation - DLL d'enregistrement d'événements NetMeetin.) -- C:\WINDOWS\system32\nmevtmsg.dll   [12288]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 27/03/2015 - 22:19:47 ---A- . (...) -- C:\WINDOWS\desktop.ini   [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 27/03/2015 - 22:19:47 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini   [2]
O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 27/03/2015 - 22:19:47 -SH-- . (...) -- C:\WINDOWS\winnt.bmp   [49102]
O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 27/03/2015 - 22:19:47 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp   [49102]
O44 - LFC:[MD5.D935270C569D1E4F224F861AB0559E1E] - 27/03/2015 - 22:19:49 ---A- . (.Microsoft Corporation - Async Trace DLL.) -- C:\WINDOWS\system32\atrace.dll   [11264]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest   [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/03/2015 - 22:20:23 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest   [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 27/03/2015 - 22:20:28 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest   [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 27/03/2015 - 22:20:28 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest   [488]
O44 - LFC:[MD5.2350BD4176A218B4ADF7303C321334C7] - 27/03/2015 - 22:21:21 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log   [138354]
O44 - LFC:[MD5.442386DDD57A6F7DEBE86CC7A4818065] - 27/03/2015 - 22:21:26 ---A- . (...) -- C:\Silverlight0.log   [1224]
O44 - LFC:[MD5.0EF3D2653B366FFB2CA0B59052D009FD] - 27/03/2015 - 22:21:26 ---A- . (...) -- C:\SilverlightMSI.log   [193796]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 27/03/2015 - 22:21:26 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI   [4205]
O44 - LFC:[MD5.0F816849E07E26C0AE4EFA584B4CA1DC] - 27/03/2015 - 22:21:26 ---A- . (.Microsoft Corporation - Extended MAPI 1.0 for Windows NT.) -- C:\WINDOWS\system32\mapi32.dll   [203776]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 27/03/2015 - 22:21:34 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx   [316640]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 27/03/2015 - 22:21:36 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb   [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 27/03/2015 - 22:21:36 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb   [23392]
O44 - LFC:[MD5.2A44570770236D602FF1C0B51B61FBA1] - 27/03/2015 - 22:21:41 ---A- . (...) -- C:\WINDOWS\win.ini   [507]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 22:21:43 ---A- . (...) -- C:\AUTOEXEC.BAT   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 22:21:43 ---A- . (...) -- C:\CONFIG.SYS   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 22:21:43 ---A- . (...) -- C:\WINDOWS\control.ini   [0]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 27/03/2015 - 22:21:43 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT   [3072]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 22:21:43 RSHA- . (...) -- C:\IO.SYS   [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 22:21:43 RSHA- . (...) -- C:\MSDOS.SYS   [0]
O44 - LFC:[MD5.F59926543FFCBEDC460EC6D7DD3E393B] - 27/03/2015 - 22:39:20 ---A- . (.Pas de propriétaire - Commandline Window Utility for NT4/2000/XP.) -- C:\WINDOWS\system32\cmdow.exe   [58880]
O44 - LFC:[MD5.47CDD8E898D172433DC1C68EBB315615] - 27/03/2015 - 22:39:44 ---A- . (...) -- C:\WINDOWS\setupact.log   [234713]
O44 - LFC:[MD5.EAE5EB875C386D7BEFAB2CED29B30A80] - 27/03/2015 - 22:39:44 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf   [1376]
O44 - LFC:[MD5.6323FBC507E67EE3105142884D0F2291] - 27/03/2015 - 22:41:23 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD   [8192]
O44 - LFC:[MD5.63DC5FB22215EFAE50FD7A5329D4DE93] - 27/03/2015 - 22:42:45 ---A- . (...) -- C:\WINDOWS\oobeact.log   [52]
O44 - LFC:[MD5.9A2787975EB2EEFB2DF376281FF4CA83] - 27/03/2015 - 22:42:45 ---A- . (...) -- C:\WINDOWS\setuplog.txt   [876892]
O44 - LFC:[MD5.937AC8A0068A97B85A865920EF0CE942] - 27/03/2015 - 22:43:04 ---A- . (...) -- C:\WINDOWS\DPsFnshr.log   [95699]
O44 - LFC:[MD5.1748F3900995967DC9CEC055B077B865] - 27/03/2015 - 22:44:11 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.6.0_06-b02.log   [6508]
O44 - LFC:[MD5.B30E0EF35AB5A09D568F3AFDA7C91AAB] - 27/03/2015 - 22:44:11 ---A- . (.Sun Microsystems, Inc. - Java(TM) Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl   [69632]
O44 - LFC:[MD5.4735FA56CBC1173CC9F8232FF43CB296] - 27/03/2015 - 22:44:11 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\java.exe   [163840]
O44 - LFC:[MD5.A2D987A3C4536C64A1B7450E409BDFCA] - 27/03/2015 - 22:44:11 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe   [163840]
O44 - LFC:[MD5.29024442E07B8EBC95671BE2DDEF89AF] - 27/03/2015 - 22:44:11 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe   [167936]
O44 - LFC:[MD5.D08CBF8A5BAD84DD90F79252EE785742] - 27/03/2015 - 22:44:42 ---A- . (.Pegasus Imaging Corp. - ImagX7 Dynamic Link Library.) -- C:\WINDOWS\system32\imagX7.dll   [1757184]
O44 - LFC:[MD5.78E4758D673780F9F7FE9F5585341765] - 27/03/2015 - 22:44:42 ---A- . (.Pegasus Imaging Corp. - ImagXR7 Dynamic Link Library.) -- C:\WINDOWS\system32\imagXR7.dll   [258048]
O44 - LFC:[MD5.CE691B8DF308F0195E4D20954EC1C807] - 27/03/2015 - 22:44:42 ---A- . (.Pegasus Imaging Corp. - ImagXRA7 Dynamic Link Library.) -- C:\WINDOWS\system32\imagXRA7.dll   [802816]
O44 - LFC:[MD5.30CFD905BA1F1B85DC8E98CBF79F1D57] - 27/03/2015 - 22:44:42 ---A- . (.Pegasus Imaging Corp. - ImagXpr7 Module.) -- C:\WINDOWS\system32\imagXpr7.dll   [497296]
O44 - LFC:[MD5.963D09AB5FD2E0DDA844CD692E86F846] - 27/03/2015 - 22:44:42 ---A- . (.Pegasus Imaging Corporation - TwnLib4.) -- C:\WINDOWS\system32\TwnLib4.dll   [368640]
O44 - LFC:[MD5.68C00FF0BAA8FB69A71F36A846AD925F] - 27/03/2015 - 22:45:01 ---A- . (...) -- C:\WINDOWS\notepad.original.exe   [64512]
O44 - LFC:[MD5.A580FAC229D817E1F11D79399E019F60] - 27/03/2015 - 22:45:01 ---A- . (...) -- C:\WINDOWS\system32\notepad.original.exe   [64512]
O44 - LFC:[MD5.C67C7C16AE5EEC860FC67C84362FCB68] - 27/03/2015 - 22:45:27 ---A- . (...) -- C:\WINDOWS\system32\Cabarc.exe   [142336]
O44 - LFC:[MD5.F6C1C0E1A881B40B2D08FF26CA66834D] - 27/03/2015 - 22:45:27 ---A- . (...) -- C:\WINDOWS\system32\Cabtool.exe   [49664]
O44 - LFC:[MD5.7C8DC436CF4E2D81AC8154A0B5C44917] - 27/03/2015 - 22:45:27 ---A- . (...) -- C:\WINDOWS\system32\Cdimage.exe   [406016]
O44 - LFC:[MD5.4120763505E717CACBB861C91C0BC105] - 27/03/2015 - 22:45:30 ---A- . (.XPero - eXPander.) -- C:\WINDOWS\system32\eXPander.exe   [126976]
O44 - LFC:[MD5.1B723599E2A370CED1C7F717C698F2FD] - 27/03/2015 - 22:45:30 ---A- . (.n7Epsilon - FileGather Handler.) -- C:\WINDOWS\system32\FGCBAHandler.exe   [122880]
O44 - LFC:[MD5.92C25DEB01B0767515A64F53F09AE678] - 27/03/2015 - 22:45:30 ---A- . (.n7Epsilon - FileGather.) -- C:\WINDOWS\system32\Fgcba.exe   [151552]
O44 - LFC:[MD5.D9B2675CC85AEA7A4317C3623FC9F41A] - 27/03/2015 - 22:45:31 ---A- . (.Pas de propriétaire - Extract Windows Hotfix`s.) -- C:\WINDOWS\system32\HFExtract.exe   [1152165]
O44 - LFC:[MD5.ED4741BC97C10C1F164DEB4C63883DFF] - 27/03/2015 - 22:45:32 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\WINDOWS\IsUninst.exe   [331776]
O44 - LFC:[MD5.BA730B23A2F4E31B14D068C57C023D05] - 27/03/2015 - 22:45:32 ---A- . (.Lucersoft - LCISOCreator.) -- C:\WINDOWS\system32\LCISOCreator.exe   [80896]
O44 - LFC:[MD5.6132CBF0705227585B5D339D5F2C9BD3] - 27/03/2015 - 22:45:33 ---A- . (...) -- C:\WINDOWS\system32\MMM.dll   [175616]
O44 - LFC:[MD5.BD13698682DDC9A729EABF90C70B3E30] - 27/03/2015 - 22:45:33 ---A- . (...) -- C:\WINDOWS\system32\MMM.exe   [860160]
O44 - LFC:[MD5.461EAD991A5F6922D0C32D687845D4BD] - 27/03/2015 - 22:45:33 ---A- . (...) -- C:\WINDOWS\system32\MakeISO.cmd   [1503]
O44 - LFC:[MD5.3370990CD17F9ACA3739E3859EE2BEDD] - 27/03/2015 - 22:45:33 ---A- . (...) -- C:\WINDOWS\system32\Modifype.exe   [39936]
O44 - LFC:[MD5.D74CC7953BE48EC1F3DEFF4741977887] - 27/03/2015 - 22:45:33 ---A- . (.Microsoft Corporation - Microsoft (R) Red ISAM.) -- C:\WINDOWS\system32\Msrd2x35.dll   [251664]
O44 - LFC:[MD5.5773425A2BB778684B57D042A0CD5247] - 27/03/2015 - 22:45:33 ---A- . (.Microsoft Corporation - Microsoft Jet Database Engine Error DLL.) -- C:\WINDOWS\system32\Msjter35.dll   [24336]
O44 - LFC:[MD5.8472C0E32802199891D76D57879BD9D9] - 27/03/2015 - 22:45:33 ---A- . (.Microsoft Corporation - Microsoft Jet Database Engine International.) -- C:\WINDOWS\system32\Msjint35.dll   [37136]
O44 - LFC:[MD5.E8A31571E9B0F79BC30AD7B8AFA75C08] - 27/03/2015 - 22:45:33 ---A- . (.Microsoft Corporation - Microsoft Jet Engine Library.) -- C:\WINDOWS\system32\Msjet35.dll   [1039360]
O44 - LFC:[MD5.9EBB704CFD9C4C55548ECA303A5E10BC] - 27/03/2015 - 22:45:36 ---A- . (...) -- C:\WINDOWS\system32\Reg2InfHandler.cmd   [1373]
O44 - LFC:[MD5.4C8E8E8E55CC92740F5F8417A8DA6044] - 27/03/2015 - 22:45:36 ---A- . (.n7Epsilon - Reg2Inf.) -- C:\WINDOWS\system32\Reg2inf.exe   [94208]
O44 - LFC:[MD5.D604F7BD9540155732B22ED8D8C98905] - 27/03/2015 - 22:45:37 ---A- . (...) -- C:\WINDOWS\system32\Replacer.cmd   [18030]
O44 - LFC:[MD5.D790D38D72408A383ABD20AA0A6B5212] - 27/03/2015 - 22:45:38 ---A- . (...) -- C:\WINDOWS\system32\Wc.com   [1128]
O44 - LFC:[MD5.9D1864AE5F6FF8BBDE86A3F5A448110D] - 27/03/2015 - 22:45:38 ---A- . (.Microsoft Corporation - Visual Basic for Applications Runtime - Exp.) -- C:\WINDOWS\system32\Vbar332.dll   [368912]
O44 - LFC:[MD5.A601471368FD5E15A2212ADD3982004A] - 27/03/2015 - 22:45:38 ---A- . (.Pas de propriétaire - Upx Gui.) -- C:\WINDOWS\system32\Upxgui.exe   [797465]
O44 - LFC:[MD5.CE05C025433085B7E856E7214F7CE8B1] - 27/03/2015 - 22:45:39 ---A- . (...) -- C:\WINDOWS\system32\xpBoot.img   [2048]
O44 - LFC:[MD5.400F36C95231E94CD112A348A3B0ED79] - 27/03/2015 - 22:45:59 ----- . (.Microsoft Corporation - Print Ticket Services Module.) -- C:\WINDOWS\system32\prntvpt.dll   [124928]
O44 - LFC:[MD5.24985AAB37AF7E13A257C3990061131E] - 27/03/2015 - 22:46:02 ----- . (.Microsoft Corporation - Native Code Xps Services Library.) -- C:\WINDOWS\system32\XpsSvcs.dll   [1683280]
O44 - LFC:[MD5.25C1B17A3FD3E551E52C059ACD4B4A69] - 27/03/2015 - 22:46:02 ----- . (.Microsoft Corporation - Package Document Shell Extension Handler.) -- C:\WINDOWS\system32\XPSSHHDR.dll   [583504]
O44 - LFC:[MD5.AFFD4BAD6EC797C0FBB635D9181A447F] - 27/03/2015 - 22:46:04 ---A- . (...) -- C:\WINDOWS\WIC.log   [882]
O44 - LFC:[MD5.992A7D28AD5CBC4CAE6DB83948BEBB57] - 27/03/2015 - 22:46:04 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\rgb9rast_2.dll   [150808]
O44 - LFC:[MD5.37044DA1F53A8A6E5C54FCA4C974511A] - 27/03/2015 - 22:46:06 ----- . (.Microsoft Corporation - Service Pack Messages.) -- C:\WINDOWS\system32\spmsg2.dll   [14048]
O44 - LFC:[MD5.72EB21DC82132064065CFFC1417AD9FF] - 27/03/2015 - 22:46:06 ---A- . (.Microsoft Corporation - Update RunOnce Service.) -- C:\WINDOWS\system32\spupdsvc.exe   [22752]
O44 - LFC:[MD5.02958C00B5E87416F69F80162A983FE9] - 27/03/2015 - 22:46:08 ---A- . (...) -- C:\WINDOWS\XpsEPSC.log   [4641]
O44 - LFC:[MD5.3598268885862E4EAA57E40669CFDF6A] - 27/03/2015 - 22:46:21 ---A- . (...) -- C:\WINDOWS\XPSEPSCLP.log   [3540]
O44 - LFC:[MD5.8A6E7FD6F2609CE663CEDA17E90D40B0] - 27/03/2015 - 22:46:21 ---A- . (...) -- C:\WINDOWS\imsins.BAK   [1374]
O44 - LFC:[MD5.CB37155265973A1F2FEB7107487368B3] - 27/03/2015 - 22:46:42 ---A- . (...) -- C:\WINDOWS\DPINST.LOG   [6312]
O44 - LFC:[MD5.13001EB0A58B4DE96126B16AB15FD8CC] - 27/03/2015 - 22:48:05 ---A- . (.Real Networks, Inc - Real Networks C/C++ Runtime Library.) -- C:\WINDOWS\system32\pncrt.dll   [278528]
O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 27/03/2015 - 22:48:05 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\WINDOWS\system32\pndx5016.dll   [6656]
O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 27/03/2015 - 22:48:05 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\WINDOWS\system32\pndx5032.dll   [5632]
O44 - LFC:[MD5.5776322F93CDB91086111F5FFBFDA2A0] - 27/03/2015 - 22:48:36 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys   [155136]
O44 - LFC:[MD5.B49F79ACE459763F4E0380071BE9CB45] - 27/03/2015 - 22:48:36 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys   [5248]
O44 - LFC:[MD5.B028D4C3A947B10C046CEF41600E677D] - 27/03/2015 - 22:49:33 ---A- . (...) -- C:\WPI.log   [12629]
O44 - LFC:[MD5.CDBC160D6A3062D2D4C9CEF5BBD6A2B7] - 27/03/2015 - 22:50:14 ---A- . (.Microsoft Corporation - Windows Media Player Applet Support DLL.) -- C:\WINDOWS\system32\wmpns.dll   [221184]
O44 - LFC:[MD5.8018072337D1CD6B833741004CD97DB2] - 27/03/2015 - 22:50:15 ---A- . (...) -- C:\WINDOWS\wmsetup.log   [3637]
O44 - LFC:[MD5.948E2B75E7AD782FBEE3D6F857855824] - 27/03/2015 - 22:50:17 ---A- . (...) -- C:\WINDOWS\OEWABLog.txt   [833]
O44 - LFC:[MD5.35A9E9F3CFF9C9050E11AF00BA19782A] - 27/03/2015 - 22:50:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxres.dll   [147456]
O44 - LFC:[MD5.F3C139AD492C4F73353057442E6995CE] - 27/03/2015 - 22:51:32 ---A- . (...) -- C:\WINDOWS\system32\c_10021.nls   [66082]
O44 - LFC:[MD5.DCE6C200965B21A6A1F3AF9BDB0ECA0C] - 27/03/2015 - 22:51:32 ---A- . (.Microsoft Corporation - Thai Wordbreaker.) -- C:\WINDOWS\system32\ftlx041e.dll   [6144]
O44 - LFC:[MD5.7D352AB808790C2E9E9DB6C105CF612F] - 27/03/2015 - 22:51:32 R--A- . (.Microsoft Corporation - Thai Kedmanee (non-ShiftLock) Keyboard Layo.) -- C:\WINDOWS\system32\kbdth2.dll   [6144]
O44 - LFC:[MD5.117165FB781152E40C2180F66CBAC891] - 27/03/2015 - 22:51:32 R--A- . (.Microsoft Corporation - Thai Kedmanee Keyboard Layout.) -- C:\WINDOWS\system32\kbdth0.dll   [5632]
O44 - LFC:[MD5.D99EC6E644373B10B4C84048CEBCAF21] - 27/03/2015 - 22:51:32 R--A- . (.Microsoft Corporation - Thai Pattachote (non-ShiftLock) Keyboard La.) -- C:\WINDOWS\system32\kbdth3.dll   [6144]
O44 - LFC:[MD5.095B7A282AEF532A31CD5AB5DB2B9A49] - 27/03/2015 - 22:51:32 R--A- . (.Microsoft Corporation - Thai Pattachote Keyboard Layout.) -- C:\WINDOWS\system32\kbdth1.dll   [5632]
O44 - LFC:[MD5.72233F1A1D788A84D4687A258CC97CBF] - 27/03/2015 - 22:51:35 ---A- . (...) -- C:\WINDOWS\system32\c_10005.nls   [66082]
O44 - LFC:[MD5.A99203A3397A9DB352C5D8DFBDA230A8] - 27/03/2015 - 22:51:35 ---A- . (...) -- C:\WINDOWS\system32\c_862.nls   [66594]
O44 - LFC:[MD5.42F5D1376CA979E956A86964FA0D358F] - 27/03/2015 - 22:51:35 R--A- . (.Microsoft Corporation - KBDHEB Keyboard Layout.) -- C:\WINDOWS\system32\kbdheb.dll   [5632]
O44 - LFC:[MD5.4D4C7CED88E5621F21A4911A44CADACC] - 27/03/2015 - 22:51:37 ---A- . (...) -- C:\WINDOWS\system32\C_28596.NLS   [66082]
O44 - LFC:[MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - 27/03/2015 - 22:51:37 ---A- . (...) -- C:\WINDOWS\system32\c_10004.nls   [66082]
O44 - LFC:[MD5.77F127766D758EB2C6451E221A0C7F7D] - 27/03/2015 - 22:51:37 ---A- . (...) -- C:\WINDOWS\system32\c_708.nls   [66082]
O44 - LFC:[MD5.C050215D8D21DF5658E94187973FB89C] - 27/03/2015 - 22:51:37 ---A- . (...) -- C:\WINDOWS\system32\c_720.nls   [66594]
O44 - LFC:[MD5.C58563DF50115E935BC811FFBCE1FC89] - 27/03/2015 - 22:51:37 ---A- . (...) -- C:\WINDOWS\system32\c_864.nls   [66594]
O44 - LFC:[MD5.465E698788EC46B5E59A755CB0DE850A] - 27/03/2015 - 22:51:37 ---A- . (.Microsoft Corporation - US IBM Arabic 238_L Keyboard Layout.) -- C:\WINDOWS\system32\kbdusa.dll   [5632]
O44 - LFC:[MD5.BDAAC25FA476984ED44719BEBE908A08] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Arabic_2 Keyboard Layout.) -- C:\WINDOWS\system32\kbda2.dll   [5632]
O44 - LFC:[MD5.D3C4347C5BEC57226ACA73BFFDC22E40] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Arabic_English_101 Keyboard Layout.) -- C:\WINDOWS\system32\kbda1.dll   [5632]
O44 - LFC:[MD5.187351E6E2EA64DE1F179D1C79909E74] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Arabic_French_102 Keyboard Layout.) -- C:\WINDOWS\system32\kbda3.dll   [5632]
O44 - LFC:[MD5.D69D0521B115D3E859183283754B5DF2] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Divehi Phonetic Keyboard Layout.) -- C:\WINDOWS\system32\kbddiv1.dll   [5632]
O44 - LFC:[MD5.96BE5DEF930D2F8BA4DCB98B3B4DB47E] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Divehi Typewriter Keyboard Layout.) -- C:\WINDOWS\system32\kbddiv2.dll   [5632]
O44 - LFC:[MD5.6A3F192C65B05AAD670570A184204FA0] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Farsi Keyboard Layout.) -- C:\WINDOWS\system32\kbdfa.dll   [5632]
O44 - LFC:[MD5.22C2AF66D10FB47153706E1EA3B21AC8] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Syriac Phoenetic Keyboard Layout.) -- C:\WINDOWS\system32\kbdsyr2.dll   [5632]
O44 - LFC:[MD5.402870DEF2B91ABA38DF8BFCA129BCA1] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Syriac Standard Keyboard Layout.) -- C:\WINDOWS\system32\kbdsyr1.dll   [5632]
O44 - LFC:[MD5.FD72905E46F0250D7C1C4E1FD38B77F4] - 27/03/2015 - 22:51:37 R--A- . (.Microsoft Corporation - Urdu Keyboard Layout.) -- C:\WINDOWS\system32\kbdurdu.dll   [5632]
O44 - LFC:[MD5.89FD6D6E233393794FB75CF79DDC1E06] - 27/03/2015 - 22:51:38 R--A- . (.Microsoft Corporation - Vietnamese Keyboard Layout.) -- C:\WINDOWS\system32\kbdvntc.dll   [5632]
O44 - LFC:[MD5.CF6F4A013A9B41E0321E3A0DDDDCA9B9] - 27/03/2015 - 22:51:39 ---A- . (.Microsoft Corporation - ISCII Code Page Translation DLL.) -- C:\WINDOWS\system32\c_iscii.dll   [10752]
O44 - LFC:[MD5.1BC1AE513105BD2AEE27583A5DB650D6] - 27/03/2015 - 22:51:39 ---A- . (.Microsoft Corporation - Thai Word Breaker.) -- C:\WINDOWS\system32\Thawbrkr.dll   [185344]
O44 - LFC:[MD5.94CEB7ACA994968685E18F6155EA86E8] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Devanagari Keyboard Layout.) -- C:\WINDOWS\system32\kbdindev.dll   [5632]
O44 - LFC:[MD5.0EC03162E932B49E635A79445CCE1E4C] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Eastern Armenian Keyboard Layout.) -- C:\WINDOWS\system32\kbdarme.dll   [5120]
O44 - LFC:[MD5.E98DC261A6D62610293FF0CBDA8CAF65] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Georgian Keyboard Layout.) -- C:\WINDOWS\system32\kbdgeo.dll   [5120]
O44 - LFC:[MD5.F514F89F4903C7FC56BE62A4BDE20C60] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Gujarati Keyboard Layout.) -- C:\WINDOWS\system32\kbdinguj.dll   [5632]
O44 - LFC:[MD5.0E445D2CEE6F1454973D84E1FFAA6140] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Hindi Keyboard Layout.) -- C:\WINDOWS\system32\kbdinhin.dll   [5632]
O44 - LFC:[MD5.38709AC2F9012F620DD1043DF0BF86DE] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Kannada Keyboard Layout.) -- C:\WINDOWS\system32\kbdinkan.dll   [5632]
O44 - LFC:[MD5.5174B929760629FEE0450F821F836CBA] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Marathi Keyboard Layout.) -- C:\WINDOWS\system32\kbdinmar.dll   [5632]
O44 - LFC:[MD5.76B29E1C9AEF011AFCE0F591234933BE] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Punjabi/Gurmukhi Keyboard Layout.) -- C:\WINDOWS\system32\kbdinpun.dll   [6144]
O44 - LFC:[MD5.DCC32B8533FA6C84D64620BE49E110E3] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Tamil Keyboard Layout.) -- C:\WINDOWS\system32\kbdintam.dll   [5632]
O44 - LFC:[MD5.4DA25F026970A630B0F5FE5002BA7ECA] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Telugu Keyboard Layout.) -- C:\WINDOWS\system32\kbdintel.dll   [5632]
O44 - LFC:[MD5.1004B259E77BEF2033CAF435760D95A6] - 27/03/2015 - 22:51:39 R--A- . (.Microsoft Corporation - Western Armenian Keyboard Layout.) -- C:\WINDOWS\system32\kbdarmw.dll   [5120]
O44 - LFC:[MD5.7EC1E78DED45863F8100DE4248BFCAC1] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout Stub driver.) -- C:\WINDOWS\system32\kbdjpn.dll   [8704]
O44 - LFC:[MD5.F6B8D77B57DF76EDCC157296124FDEAA] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for 106.) -- C:\WINDOWS\system32\kbd106.dll   [6144]
O44 - LFC:[MD5.D496BA4B92B3E7B6C9D9A70137765523] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - KO Hangeul Keyboard Layout Stub driver.) -- C:\WINDOWS\system32\kbdkor.dll   [8192]
O44 - LFC:[MD5.15CC5E30A8CFFFAC6056EC7CF2070187] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - KO Hangeul Keyboard Layout for 101(Type B).) -- C:\WINDOWS\system32\kbd101b.dll   [6144]
O44 - LFC:[MD5.E1CB8EE6C0DC70E0DBCFA8D32C849E91] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - KO Hangeul Keyboard Layout for 101(Type C).) -- C:\WINDOWS\system32\kbd101c.dll   [6144]
O44 - LFC:[MD5.1AB5B6C627EBC61883EA311367F51130] - 27/03/2015 - 22:51:40 ---A- . (.Microsoft Corporation - KO Hangeul Keyboard Layout for 103.) -- C:\WINDOWS\system32\kbd103.dll   [5632]
O44 - LFC:[MD5.1DFB59B3EA5DDDB87F6A5D19CC72C2C1] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - DEC LK411-AJ Keyboard Layout.) -- C:\WINDOWS\system32\kbdlk41a.dll   [6656]
O44 - LFC:[MD5.FD7B1BFF0D85CAEB7FA1F91F9F2736A8] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - DEC LK411-JJ Keyboard Layout.) -- C:\WINDOWS\system32\kbdlk41j.dll   [6144]
O44 - LFC:[MD5.F7EAF04EC91A7EE4613F04E4FE4EA522] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for 101.) -- C:\WINDOWS\system32\kbd101.dll   [6144]
O44 - LFC:[MD5.2155B0B79E19765A0A19F8E48DEC5FB1] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for 106.) -- C:\WINDOWS\system32\kbd106n.dll   [6144]
O44 - LFC:[MD5.2A52FD8ECF7C8AAFEB614D18DA8B6869] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for AX2.) -- C:\WINDOWS\system32\kbdax2.dll   [6144]
O44 - LFC:[MD5.A7766CC128FD832C0A510862309E429A] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for Fujitsu FMV.) -- C:\WINDOWS\system32\f3ahvoas.dll   [7168]
O44 - LFC:[MD5.BF8AFF969F478E5945AF48421EE5BB9F] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for IBM 5576-00.) -- C:\WINDOWS\system32\kbdibm02.dll   [7168]
O44 - LFC:[MD5.C82117E3D8BB31E5D663E5130453AEA0] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - Microsoft IME Standard.) -- C:\WINDOWS\system32\imjp81.ime   [340023]
O44 - LFC:[MD5.8C95C271374A3784890430538EB3EAC3] - 27/03/2015 - 22:51:48 ---A- . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\system32\imjp81k.dll   [811064]
O44 - LFC:[MD5.62F7532931EFAB61619DC5F6DFFC2C4D] - 27/03/2015 - 22:51:49 ---A- . (.Microsoft Corporation - GB18030 DBCS-Unicode Conversion DLL.) -- C:\WINDOWS\system32\c_g18030.dll   [218112]
O44 - LFC:[MD5.DDB816614FC940DB688DEAB9A9260A96] - 27/03/2015 - 22:51:49 ---A- . (.Microsoft Corporation - Microsoft Korean IME 2002.) -- C:\WINDOWS\system32\imekr61.ime   [94720]
O44 - LFC:[MD5.FC1A66821AAF471900392947203062AC] - 27/03/2015 - 22:51:49 ---A- . (.Microsoft Corporation - 全拼输入法 5.0 版.) -- C:\WINDOWS\system32\WINPY.IME   [156672]
O44 - LFC:[MD5.72EAFD3A7E9359BE4DCE6D275FD33CFE] - 27/03/2015 - 22:51:49 ---A- . (.Microsoft Corporation - 区位输入法 5.0 版.) -- C:\WINDOWS\system32\WINGB.IME   [72704]
O44 - LFC:[MD5.D7A8B92D457F02118DC36B26B5792F3C] - 27/03/2015 - 22:51:50 ---A- . (.Microsoft Corporation - 双拼输入法 5.0 版.) -- C:\WINDOWS\system32\WINSP.IME   [156672]
O44 - LFC:[MD5.2ADED35C1C9F219EE4293FC114A305DD] - 27/03/2015 - 22:51:50 ---A- . (.Microsoft Corporation - 郑码输入法 5.0 版.) -- C:\WINDOWS\system32\WINZM.IME   [156672]
O44 - LFC:[MD5.28945873DFD303658CF9EB2DC8C6DBC3] - 27/03/2015 - 22:51:53 ---A- . (.Microsoft Corporation - 微软拼音输入法 3.0.) -- C:\WINDOWS\system32\PINTLGNT.IME   [482304]
O44 - LFC:[MD5.69682C1A36E5C591EFDD0FD19DC4AAC7] - 27/03/2015 - 22:51:56 ---A- . (.Microsoft Corporation - 倉頡輸入法 5.0 版.) -- C:\WINDOWS\system32\chajei.ime   [78336]
O44 - LFC:[MD5.645B55CEAC455A4C8F3B63E9D8775115] - 27/03/2015 - 22:51:56 ---A- . (.Microsoft Corporation - 大易輸入法 5.0 版.) -- C:\WINDOWS\system32\dayi.ime   [78848]
O44 - LFC:[MD5.A90F74C54D2D4A301C55AD48ED59C0E6] - 27/03/2015 - 22:51:56 ---A- . (.Microsoft Corporation - 注音輸入法 5.0 版.) -- C:\WINDOWS\system32\phon.ime   [79360]
O44 - LFC:[MD5.973358A8E97DF3B2D16EC62052D90A90] - 27/03/2015 - 22:51:56 ---A- . (.Microsoft Corporation - 英數輸入法 5.0 版.) -- C:\WINDOWS\system32\romanime.ime   [26112]
O44 - LFC:[MD5.6F3B7A6EBD933738915963D292818B9D] - 27/03/2015 - 22:51:57 ---A- . (.Microsoft Corporation - Generic IME 5.0 version.) -- C:\WINDOWS\system32\uniime.dll   [76288]
O44 - LFC:[MD5.55CACBA5C963F16B46B9FE03A5638709] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 內碼輸入法 5.0 版.) -- C:\WINDOWS\system32\winime.ime   [65536]
O44 - LFC:[MD5.6D78A7826A8D57FC2DF8B4536B20FE5D] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 單碼輸入法 5.0 版.) -- C:\WINDOWS\system32\unicdime.ime   [65024]
O44 - LFC:[MD5.EBA1F4CD698123177B5D71A5D0135549] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\TINTLGNT.IME   [571392]
O44 - LFC:[MD5.A5F28CD5091F4D211A4279D6AB115868] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 行列輸入法 5.0 版.) -- C:\WINDOWS\system32\winar30.ime   [79360]
O44 - LFC:[MD5.C40CF89D7E855DE1FCDA27DB5F3CE424] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 通用輸入法 5.0 版.) -- C:\WINDOWS\system32\miniime.tpl   [11776]
O44 - LFC:[MD5.D83546845D96A5CA26133ED3945D4E91] - 27/03/2015 - 22:51:59 ---A- . (.Microsoft Corporation - 速成輸入法 5.0 版.) -- C:\WINDOWS\system32\quick.ime   [77824]
O44 - LFC:[MD5.157A2706E78D7B581642F6F787EC37E5] - 27/03/2015 - 22:52:00 ---A- . (...) -- C:\WINDOWS\system32\c_10001.nls   [162850]
O44 - LFC:[MD5.B2B3B6A63D9A1837673A2B2C44455A20] - 27/03/2015 - 22:52:00 ---A- . (...) -- C:\WINDOWS\system32\c_20290.nls   [66082]
O44 - LFC:[MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - 27/03/2015 - 22:52:00 ---A- . (...) -- C:\WINDOWS\system32\c_21027.nls   [66082]
O44 - LFC:[MD5.09E420F90A329BDA68477FA4AF43CB28] - 27/03/2015 - 22:52:00 ---A- . (...) -- C:\WINDOWS\system32\xjis.nls   [28288]
O44 - LFC:[MD5.2F46E8D51384E594857AA61617549FA3] - 27/03/2015 - 22:52:00 ---A- . (.Microsoft Corporation - 微軟新倉頡輸入法 98b.) -- C:\WINDOWS\system32\CINTLGNT.IME   [21504]
O44 - LFC:[MD5.AAB0740BCBDCE107E0BABEE466905EB4] - 27/03/2015 - 22:52:01 ---A- . (...) -- C:\WINDOWS\system32\c_20000.nls   [180258]
O44 - LFC:[MD5.3FEF4EEFC8827A03B19124575B17205E] - 27/03/2015 - 22:52:01 ---A- . (...) -- C:\WINDOWS\system32\c_20932.nls   [180770]
O44 - LFC:[MD5.32919D0DA9A834E8197203C4858ABCF6] - 27/03/2015 - 22:52:01 ---A- . (...) -- C:\WINDOWS\system32\c_20936.nls   [173602]
O44 - LFC:[MD5.232094E602642181A5A508975665D11B] - 27/03/2015 - 22:52:01 ---A- . (...) -- C:\WINDOWS\system32\c_20949.nls   [177698]
O44 - LFC:[MD5.DBE8C6C58DE48CEB43B079C9EF6F86C7] - 27/03/2015 - 22:52:01 ---A- . (.Microsoft Corporation - ISO-2022 Code Page Translation DLL.) -- C:\WINDOWS\system32\c_is2022.dll   [6656]
O44 - LFC:[MD5.C4674F556D1C0B797DD5BADB7A64F7E6] - 27/03/2015 - 22:52:14 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for (NEC PC-980.) -- C:\WINDOWS\system32\kbdnec95.dll   [7168]
O44 - LFC:[MD5.33356389C4760487E71D24D4F3083D18] - 27/03/2015 - 22:52:14 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for (NEC PC-980.) -- C:\WINDOWS\system32\kbdnecAT.dll   [9216]
O44 - LFC:[MD5.664285630FD21995F24A2551E34A7237] - 27/03/2015 - 22:52:14 ---A- . (.Microsoft Corporation - JP Japanese Keyboard Layout for (NEC PC-980.) -- C:\WINDOWS\system32\kbdnecNT.dll   [7680]
O44 - LFC:[MD5.1855E6398A2E937E47809FD8B83647E4] - 27/03/2015 - 22:52:15 ---A- . (...) -- C:\WINDOWS\system32\c_10003.nls   [177698]
O44 - LFC:[MD5.A337491EA01F4BE0779A981CB7ACB999] - 27/03/2015 - 22:52:15 ---A- . (...) -- C:\WINDOWS\system32\c_1361.nls   [189986]
O44 - LFC:[MD5.DB4F8D50EDA4C0C51BDD0753880FA20B] - 27/03/2015 - 22:52:15 ---A- . (...) -- C:\WINDOWS\system32\ksc.nls   [47066]
O44 - LFC:[MD5.AAF2CFDFCEAE84151060465A4C4506DA] - 27/03/2015 - 22:52:21 ---A- . (...) -- C:\WINDOWS\system32\WINPY.MB   [1783864]
O44 - LFC:[MD5.23C1E8F026FB81824388E8EC457CF75E] - 27/03/2015 - 22:52:21 ---A- . (...) -- C:\WINDOWS\system32\c_10008.nls   [173602]
O44 - LFC:[MD5.54144F43EDF5AA8F504A30E7C1D1A7B5] - 27/03/2015 - 22:52:21 ---A- . (...) -- C:\WINDOWS\system32\prc.nls   [83748]
O44 - LFC:[MD5.901863C68E6523336CAC602FE9320ABC] - 27/03/2015 - 22:52:21 ---A- . (...) -- C:\WINDOWS\system32\prcp.nls   [83748]
O44 - LFC:[MD5.22757DEB6FC0968F5B10270DBBA7DB05] - 27/03/2015 - 22:52:21 ---A- . (.Microsoft Corporation - KO Hangeul Keyboard Layout for 101 (Type A).) -- C:\WINDOWS\system32\kbd101a.dll   [6144]
O44 - LFC:[MD5.FBA8EDF2418C8754D7199B7DCAD9F159] - 27/03/2015 - 22:52:22 ---A- . (...) -- C:\WINDOWS\system32\WINSP.MB   [1564868]
O44 - LFC:[MD5.5A651B76C819817A2B992F34C3A8BC8D] - 27/03/2015 - 22:52:23 ---A- . (...) -- C:\WINDOWS\system32\WINZM.MB   [1223500]
O44 - LFC:[MD5.EA2A501A6EE240361FA42FBA90E93611] - 27/03/2015 - 22:52:26 ---A- . (...) -- C:\WINDOWS\system32\PINTLPAD.HLP   [14821]
O44 - LFC:[MD5.6D62961C6936709C4FE55CE5F7BE4AC1] - 27/03/2015 - 22:52:26 ---A- . (...) -- C:\WINDOWS\system32\PINTLPAE.HLP   [16254]
O44 - LFC:[MD5.C01B81BB10AD14DBC5C4ECD350638096] - 27/03/2015 - 22:52:26 ---A- . (...) -- C:\WINDOWS\system32\big5.nls   [66728]
O44 - LFC:[MD5.EE1F60F8774D74BED8B13498F3FE737A] - 27/03/2015 - 22:52:26 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.nls   [82172]
O44 - LFC:[MD5.6556B40EBEB0879DB90B7AC32B41379B] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\a15.tbl   [1460]
O44 - LFC:[MD5.9CF1E26D5CFC4747AF8BA76297353523] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\a234.tbl   [44370]
O44 - LFC:[MD5.FF0ABF80940C1A6A9E0DB36EB431EB8E] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\acode.tbl   [44370]
O44 - LFC:[MD5.217BC5677C19491A22846324300A363C] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\arphr.tbl   [110566]
O44 - LFC:[MD5.BB30616600212D6EA337441AAC516F22] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\arptr.tbl   [16312]
O44 - LFC:[MD5.2D37D46049C16DEDCF89BF76EC734877] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\array30.tab   [146126]
O44 - LFC:[MD5.1924C588038F922AAB8CB66DF42EA4D6] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\arrayhw.tab   [18600]
O44 - LFC:[MD5.05C0B7F8FA403E6DA75671685A58A940] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\c_10002.nls   [195618]
O44 - LFC:[MD5.2511B0F32128156F4C7F9F1164D5A108] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\dayiphr.tbl   [520]
O44 - LFC:[MD5.F649C69497F99AA0E87EE81A1E140D0A] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\dayiptr.tbl   [700]
O44 - LFC:[MD5.531FE5A2634D87A078017259F21D9736] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\lcphrase.tbl   [211938]
O44 - LFC:[MD5.D3C85593F8C4576FCF9B42AC48CA4368] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\lcptr.tbl   [24114]
O44 - LFC:[MD5.805EE17EB45B370D75BD8DE1986EE0D5] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\msdayi.tbl   [116285]
O44 - LFC:[MD5.87027AC38E50D8185F83F27F92C41330] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\phon.tbl   [4071]
O44 - LFC:[MD5.84E0FC05489B2E05B1F7CD41B3E7FD3B] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\phoncode.tbl   [43242]
O44 - LFC:[MD5.1C47CF06E760E1865C9AAF04710D517C] - 27/03/2015 - 22:52:27 ---A- . (...) -- C:\WINDOWS\system32\phonptr.tbl   [2714]
O44 - LFC:[MD5.55DCED5F0946C03E70B255A3AFC932B1] - 27/03/2015 - 22:52:36 ---A- . (...) -- C:\WINDOWS\system32\korwbrkr.lex   [1158818]
O44 - LFC:[MD5.C04D36BBEF5B9BAA8D8DA0B57F22BE20] - 27/03/2015 - 22:52:36 ---A- . (...) -- C:\WINDOWS\system32\noise.jpn   [2060]
O44 - LFC:[MD5.ECC48F386F8B79D809AEDA327ACA7B0B] - 27/03/2015 - 22:52:36 ---A- . (.Microsoft Corporation - Japanese Word Breaker.) -- C:\WINDOWS\system32\msir3jp.lex   [1875968]
O44 - LFC:[MD5.A4F56712788B631F9291D7179571744E] - 27/03/2015 - 22:52:36 ---A- . (.Microsoft Corporation - Japanese Wordbreaker and Stemmer.) -- C:\WINDOWS\system32\msir3jp.dll   [98304]
O44 - LFC:[MD5.FFF61527F4CC62056DF92E4897C2590E] - 27/03/2015 - 22:52:36 ---A- . (.Microsoft Corporation - Korean WordBreaker.) -- C:\WINDOWS\system32\korwbrkr.dll   [70656]
O44 - LFC:[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - 27/03/2015 - 22:52:37 ---A- . (...) -- C:\WINDOWS\system32\noise.kor   [1486]
O44 - LFC:[MD5.74DB8D22B25C414851E919D0296F6973] - 27/03/2015 - 22:52:37 ---A- . (.Microsoft Corporation - Microsoft Chinese_Simplified Word Breaker C.) -- C:\WINDOWS\system32\chsbrkr.dll   [1677824]
O44 - LFC:[MD5.9B384A73AE6349799602A4E1D81C5C7E] - 27/03/2015 - 22:52:37 ---A- . (.Microsoft Corporation - Microsoft Traditional Chinese Word Breaker.) -- C:\WINDOWS\system32\chtbrkr.dll   [838144]
O44 - LFC:[MD5.A32426D9B14A089EAA1D922E0C5801A9] - 27/03/2015 - 22:56:08 ---A- . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\WINDOWS\system32\Drivers\USBSTOR.SYS   [26368]
O44 - LFC:[MD5.95123464EEBF34BFE8725542C6E384EA] - 27/03/2015 - 23:01:10 ---A- . (...) -- C:\WINDOWS\system32\igxpxa32.cpa   [524850]
O44 - LFC:[MD5.437B1D1A97CEF611EC1473B427E7AA3C] - 27/03/2015 - 23:01:10 ---A- . (.Intel Corporation - igfxcpl Module.) -- C:\WINDOWS\system32\igfxcpl.cpl   [77824]
O44 - LFC:[MD5.9671B8C93FE9DC1E8464A17481CD5E42] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrara.lrc   [122880]
O44 - LFC:[MD5.DEC837062BBE1E00231793A8B76278F0] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrchs.lrc   [81920]
O44 - LFC:[MD5.6419CD7FF0DEC6BC73C95F3E48C366D1] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrcht.lrc   [81920]
O44 - LFC:[MD5.B0D0F6721A6686E09812C069E3F7AD4B] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrcsy.lrc   [139264]
O44 - LFC:[MD5.E5D2A56C4A2E947CA89AF6C87741D3DA] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrdan.lrc   [139264]
O44 - LFC:[MD5.57E1EE11CC9D5A36543BE86CA8991E8A] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrdeu.lrc   [155648]
O44 - LFC:[MD5.3A9466B291A966EAEEA1BAC39E590860] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrell.lrc   [155648]
O44 - LFC:[MD5.41B2B21ABE8D2029AFE0F6194E0A8BBA] - 27/03/2015 - 23:01:26 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrenu.lrc   [135168]
O44 - LFC:[MD5.5D84713804CBCE20C428E57CDB4F52A1] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxresp.lrc   [151552]
O44 - LFC:[MD5.AF33D280EEE99BE29F85ABC94C0813E9] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrfin.lrc   [139264]
O44 - LFC:[MD5.35A9E9F3CFF9C9050E11AF00BA19782A] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrfra.lrc   [147456]
O44 - LFC:[MD5.3690DFD2B9ED01927BF565151BCA2F0F] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrheb.lrc   [122880]
O44 - LFC:[MD5.D074B0010F7BB6ABA010B1C043565FF1] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrhun.lrc   [147456]
O44 - LFC:[MD5.9390B43F207E1875005209EB9DA8FF7D] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrita.lrc   [151552]
O44 - LFC:[MD5.DA56D42F6365C721F8EFB6C1AD1631AD] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrjpn.lrc   [98304]
O44 - LFC:[MD5.22019A264521E079F75B52E74FDA4657] - 27/03/2015 - 23:01:27 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrkor.lrc   [98304]
O44 - LFC:[MD5.5D6651EED58D29029877615CF36AD3F8] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrnld.lrc   [151552]
O44 - LFC:[MD5.8EE517704BD125B9FE133CB20AECC278] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrnor.lrc   [139264]
O44 - LFC:[MD5.60C0D4776807AFC47F2639D6271F6DF0] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrplk.lrc   [143360]
O44 - LFC:[MD5.F666F4C7A95C7A91E64F1BABAA1BB1E0] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrptb.lrc   [143360]
O44 - LFC:[MD5.18AD4EE85DCC256459B5D0EB653EA259] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrptg.lrc   [143360]
O44 - LFC:[MD5.2B79CE1271B8909B37A8BAA1394350DC] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrrus.lrc   [143360]
O44 - LFC:[MD5.4F8ABD34B0843752395E36569C79BCA2] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrsve.lrc   [139264]
O44 - LFC:[MD5.5B1D0BB9082CC36478D6B13898DA4528] - 27/03/2015 - 23:01:28 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrtha.lrc   [126976]
O44 - LFC:[MD5.4CCA8EA7427CD27CA40D0B2F4F4B51ED] - 27/03/2015 - 23:01:29 ---A- . (.Intel Corporation - igfxres Module.) -- C:\WINDOWS\system32\igfxrtrk.lrc   [139264]
O44 - LFC:[MD5.1037CD764D18B8E6D05CE006A771F9E9] - 27/03/2015 - 23:01:30 ---A- . (...) -- C:\WINDOWS\system32\igxpxa32.vp   [929]
O44 - LFC:[MD5.765CB03717D62E6F7C9F0D42D6420BE3] - 27/03/2015 - 23:01:30 ---A- . (...) -- C:\WINDOWS\system32\igxpxk32.vp   [58704]
O44 - LFC:[MD5.4F61B041FB6D605845E834BD4EAF0E00] - 27/03/2015 - 23:01:30 ---A- . (...) -- C:\WINDOWS\system32\igxpxs32.vp   [24736]
O44 - LFC:[MD5.9D6C301BFC900354F906E69E7EA37953] - 27/03/2015 - 23:01:43 ---A- . (.Intel Corporation - CoInstaller: Almador Second Function, AIM 3.) -- C:\WINDOWS\system32\iAlmCoIn_v4396.dll   [61440]
O44 - LFC:[MD5.888B8611F99649A61F0306056C204523] - 27/03/2015 - 23:01:43 ---A- . (.Intel Corporation - Component GHAL Driver.) -- C:\WINDOWS\system32\ialmdev5.dll   [213274]
O44 - LFC:[MD5.E8244B7C635202E5A4326653168B595E] - 27/03/2015 - 23:01:43 ---A- . (.Intel Corporation - Controller Hub for Intel Graphics Driver.) -- C:\WINDOWS\system32\ialmdnt5.dll   [118395]
O44 - LFC:[MD5.A3E3FA1DF677FE52F2AACA38735F8E54] - 27/03/2015 - 23:01:43 ---A- . (.Intel Corporation - DirectDraw(R) Driver for Intel(R) Graphics.) -- C:\WINDOWS\system32\ialmdd5.dll   [900218]
O44 - LFC:[MD5.CF833AC004268E1C3C4BF543656200A9] - 27/03/2015 - 23:01:43 ---A- . (.Intel Corporation - hccutils Module.) -- C:\WINDOWS\system32\hccutils.dll   [73728]
O44 - LFC:[MD5.0CC6C7600EC5AE4373779A79A610796C] - 27/03/2015 - 23:01:44 ---A- . (.Intel Corporation - Controller Hub for Intel Graphics Driver.) -- C:\WINDOWS\system32\ialmrnt5.dll   [36990]
O44 - LFC:[MD5.F141F5F3A60513D7C1DB6C15352E0BF1] - 27/03/2015 - 23:01:44 ---A- . (.Intel Corporation - Uninstall Utility for Intel(R) Graphics Tec.) -- C:\WINDOWS\system32\ialmrem.dll   [49152]
O44 - LFC:[MD5.032622313D3C84CFD9C30C18E337555C] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuARA.dll   [40960]
O44 - LFC:[MD5.5F80A6D20140044872CBF9C27402E7E6] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuARB.dll   [40960]
O44 - LFC:[MD5.01FCBEAB36F6F72A5B6E2587B91FCE76] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuCHS.dll   [40960]
O44 - LFC:[MD5.54A5814FFE14E276D9EB5543E34A6A52] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuCHT.dll   [40960]
O44 - LFC:[MD5.C20C460BD9714DF6D52549079C9F7291] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuCSY.dll   [40960]
O44 - LFC:[MD5.35C4650EE5F1C353B8BBDCD4C1A2ABEF] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuDAN.dll   [40960]
O44 - LFC:[MD5.7CC4934AADB62B69E4A494CC3E1CADC0] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuDEU.dll   [40960]
O44 - LFC:[MD5.D35BA47A4D81C635A2C230293014B944] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuELL.dll   [40960]
O44 - LFC:[MD5.C1348F73AD0D29628658C094F18EAE98] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuENG.dll   [40960]
O44 - LFC:[MD5.E5BDED07D314B2B4720ED5D347BE391A] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuESP.dll   [40960]
O44 - LFC:[MD5.B6ABA3B38B8CA80A6E15E42229E94520] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuFIN.dll   [40960]
O44 - LFC:[MD5.4628AD341E154583C870EA75D8F143CC] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuFRA.dll   [40960]
O44 - LFC:[MD5.32B51C3806E38CD78D6B4129A94CB2FA] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuFRC.dll   [40960]
O44 - LFC:[MD5.6CE41144ECCAE3D746C67CDAA33C3373] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuHEB.dll   [40960]
O44 - LFC:[MD5.483622BD39E6F7C17B3684FF0C8E9503] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuHUN.dll   [40960]
O44 - LFC:[MD5.2D6643FDD22A7C0799CFAA6D57ACA5D0] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuITA.dll   [40960]
O44 - LFC:[MD5.22585DA2D56B9210A9DF1ECCA7620E1E] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuJPN.dll   [40960]
O44 - LFC:[MD5.8EBFC605B99ACE8A3AC444D699A8A000] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuKOR.dll   [40960]
O44 - LFC:[MD5.EA2F7C5AEE00D7788D3C4C53E1671070] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuNLD.dll   [40960]
O44 - LFC:[MD5.0128C152A13CC488A35CD62531732B13] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuNOR.dll   [40960]
O44 - LFC:[MD5.F656E1C556ECDE31EC59719F814269B9] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuPLK.dll   [40960]
O44 - LFC:[MD5.982A754B174FE0DD7CAA69CDE3CDDC82] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuPTB.dll   [40960]
O44 - LFC:[MD5.DBDEE03ED91D14FD1D3060876C6956B4] - 27/03/2015 - 23:01:44 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuPTG.dll   [40960]
O44 - LFC:[MD5.09DC1F2A2293E5536FE31D23AF3E8C05] - 27/03/2015 - 23:01:45 ---A- . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll   [135168]
O44 - LFC:[MD5.174FE6D9FF04B46B7A7A23E3EF9D6B1D] - 27/03/2015 - 23:01:45 ---A- . (.Intel Corporation - igfxdo Module.) -- C:\WINDOWS\system32\igfxdo.dll   [86016]
O44 - LFC:[MD5.82453DBBD198BBF10DB91E50BB1FE42E] - 27/03/2015 - 23:01:45 ---A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxexps.dll   [40960]
O44 - LFC:[MD5.3AB3A2948B034B1C7F18B2B20E13D4E8] - 27/03/2015 - 23:01:45 ---A- . (.Intel Corporation - igfxpph Module.) -- C:\WINDOWS\system32\igfxpph.dll   [147456]
O44 - LFC:[MD5.153B848696C7E969E2341A348CB203F2] - 27/03/2015 - 23:01:45 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuRUS.dll   [40960]
O44 - LFC:[MD5.633FBF7A68CEEA7259DF9E6D40C8FC83] - 27/03/2015 - 23:01:45 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuSVE.dll   [40960]
O44 - LFC:[MD5.2192F0D80E9090C99F4DEEECD20DDB0F] - 27/03/2015 - 23:01:45 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuTHA.dll   [40960]
O44 - LFC:[MD5.96A1D5F58F657D3F33E70CFD8CE6358B] - 27/03/2015 - 23:01:45 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmuTRK.dll   [40960]
O44 - LFC:[MD5.1A096FAC65424352D6C0F460E4D742F7] - 27/03/2015 - 23:01:46 ---A- . (.Intel Corporation - OpenGL(R) Device Driver for Intel(R) Graphi.) -- C:\WINDOWS\system32\igldev32.dll   [524288]
O44 - LFC:[MD5.00AF94456853B3C24E27EDB969483F2E] - 27/03/2015 - 23:01:46 ---A- . (.Intel Corporation - OpenGL(R) Driver for Intel(R) Graphics Acce.) -- C:\WINDOWS\system32\iglicd32.dll   [2310144]
O44 - LFC:[MD5.95C346BF3B8856AC84D158FAA3E3F2B6] - 27/03/2015 - 23:01:46 ---A- . (.Intel Corporation - igfxress Module.) -- C:\WINDOWS\system32\igfxress.dll   [1503232]
O44 - LFC:[MD5.25A2C1F0A75AB0B6508784220D1B102C] - 27/03/2015 - 23:01:46 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.dll   [57344]
O44 - LFC:[MD5.5D4AEE7958F96E91B42A112A0ED6AA70] - 27/03/2015 - 23:02:06 ---A- . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe   [106496]
O44 - LFC:[MD5.5EE43A644A38B717F2BCF32BE7D04E62] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe   [122880]
O44 - LFC:[MD5.EA633C426ABE500CFB24501E230BA595] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - igfxcfg Module.) -- C:\WINDOWS\system32\igfxcfg.exe   [475136]
O44 - LFC:[MD5.8DB6A4ECD5A4DD6767E98A20B20094C3] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - igfxext Module.) -- C:\WINDOWS\system32\igfxext.exe   [122880]
O44 - LFC:[MD5.3177A1706CFF87F579CE08634FF65F5C] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe   [188416]
O44 - LFC:[MD5.89E5626E4AA56D4009EA3633040C275C] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - igfxzoom Module.) -- C:\WINDOWS\system32\igfxzoom.exe   [143360]
O44 - LFC:[MD5.05830C930C90B3ED5F7D4E11C5CC9F89] - 27/03/2015 - 23:02:07 ---A- . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe   [143360]
O44 - LFC:[MD5.19D71EE881DD23BDE536A7A24CF5FFFC] - 27/03/2015 - 23:02:07 ---A- . (.Intel(r) Corporation - Uninstset Installation Utility.) -- C:\WINDOWS\system32\ialmudlg.exe   [143360]
O44 - LFC:[MD5.9A883C3C4D91292C0D09DE7C728E781C] - 27/03/2015 - 23:02:09 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ialmnt5.sys   [1302332]
O44 - LFC:[MD5.E470738B601A7FBB1E1C34CEC8355F5D] - 27/03/2015 - 23:03:17 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1.) -- C:\WINDOWS\system32\Drivers\b57xp32.sys   [161792]
O44 - LFC:[MD5.CA766F99CF167151BAD175EAC06CF4F3] - 27/03/2015 - 23:05:11 ---A- . (.Sensaura Ltd - Audio3D.) -- C:\WINDOWS\system32\a3d.dll   [720896]
O44 - LFC:[MD5.E696E749BEDCDA8B23757B8B5EA93780] - 27/03/2015 - 23:05:20 ---A- . (.Andrea Electronics Corporation - Andrea Audio Noise Cancellation Driver.) -- C:\WINDOWS\system32\Drivers\aeaudio.sys   [100224]
O44 - LFC:[MD5.F1771926A47A18BD3A3EDAC334FC78E0] - 27/03/2015 - 23:05:25 ---A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\Drivers\smsens.sys   [3744]
O44 - LFC:[MD5.FA3368A7039F5ABAA4B933703AC34763] - 27/03/2015 - 23:05:26 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\Drivers\smwdm.sys   [578304]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 23:06:19 ---A- . (...) -- C:\WINDOWS\setuperr.log   [0]
O44 - LFC:[MD5.A799EA2E17F8C6747801E37F25FE078F] - 27/03/2015 - 23:07:00 R--A- . (...) -- C:\WINDOWS\SET3.tmp   [1246130]
O44 - LFC:[MD5.7DEBF83AF61B07063EF0CEEADD4B4E59] - 27/03/2015 - 23:07:02 R--A- . (...) -- C:\WINDOWS\SET4.tmp   [1088840]
O44 - LFC:[MD5.619D9DD12A0BFDB080A86CE19F09CA10] - 27/03/2015 - 23:07:04 R--A- . (...) -- C:\WINDOWS\SET8.tmp   [16825]
O44 - LFC:[MD5.47F46F3A9039C4E19873D771DD9913F9] - 27/03/2015 - 23:07:18 R--A- . (...) -- C:\WINDOWS\SET2E.tmp   [6176]
O44 - LFC:[MD5.43AA2D36F78CB7F4F4E8E5EE09844A52] - 27/03/2015 - 23:07:47 R--A- . (...) -- C:\WINDOWS\SET33.tmp   [4731]
O44 - LFC:[MD5.0D4C93BC12D2FD857641DFCB355AEA22] - 27/03/2015 - 23:10:08 ---A- . (.Microsoft Corporation - Pages de propriétés pour les périphériques.) -- C:\WINDOWS\system32\storprop.dll   [78336]
O44 - LFC:[MD5.68C00FF0BAA8FB69A71F36A846AD925F] - 27/03/2015 - 23:10:09 ---A- . (...) -- C:\WINDOWS\NOTEPAD.EXE   [64512]
O44 - LFC:[MD5.575891492CF1B199ED45DBAF38D06541] - 27/03/2015 - 23:10:09 ---A- . (.Microsoft Corporation - Battery Class Installer.) -- C:\WINDOWS\system32\batt.dll   [34304]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 27/03/2015 - 23:10:10 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP   [3072]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 27/03/2015 - 23:10:10 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT   [1896]
O44 - LFC:[MD5.F9CBCB1A77E76B32504994C756AAA97E] - 27/03/2015 - 23:10:10 ---A- . (.Microsoft Corporation - Gestionnaire des tâches.) -- C:\WINDOWS\TASKMAN.EXE   [43520]
O44 - LFC:[MD5.C93C9FF7B04D772627A3646D89F7BF89] - 27/03/2015 - 23:10:10 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\WINDOWS\system32\Drivers\irenum.sys   [11264]
O44 - LFC:[MD5.1E9B88D340481EDA7A9BF53A949E1F42] - 27/03/2015 - 23:10:12 ---A- . (.Digi International - DGSETUP DLL.) -- C:\WINDOWS\system32\dgsetup.dll   [86044]
O44 - LFC:[MD5.7AE4CDB4AD25A08B711ECC5BE12EF3D7] - 27/03/2015 - 23:10:12 ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- C:\WINDOWS\system32\dgrpsetu.dll   [176157]
O44 - LFC:[MD5.F899213C79DEE079DCE1EE730D82594F] - 27/03/2015 - 23:10:12 ---A- . (.Equinox Systems Inc. - Co-installeur série multiport Equinox.) -- C:\WINDOWS\system32\EqnClass.Dll   [103424]
O44 - LFC:[MD5.0C9CD2AE79F58E25DC28CE41BE820A95] - 27/03/2015 - 23:10:12 ---A- . (.Microsoft Corporation - Co-installateur de classe Infrarouge.) -- C:\WINDOWS\system32\irclass.dll   [37888]
O44 - LFC:[MD5.FA511331A48B582A7D584FC2408E8C1A] - 27/03/2015 - 23:10:12 ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- C:\WINDOWS\system32\spxcoins.dll   [24661]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 27/03/2015 - 23:10:13 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls   [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 27/03/2015 - 23:10:14 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls   [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 27/03/2015 - 23:10:14 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls   [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 27/03/2015 - 23:10:14 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls   [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 27/03/2015 - 23:10:14 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls   [66594]
O44 - LFC:[MD5.615DDBB5CBBAE8301C1E7FA95F1E66A3] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Albania Keyboard Layout.) -- C:\WINDOWS\system32\KBDAL.DLL   [6656]
O44 - LFC:[MD5.5B46568257EE49714564511D58E0DE53] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Croatian/Slovenian Keyboard Layout.) -- C:\WINDOWS\system32\kbdcr.dll   [6656]
O44 - LFC:[MD5.36E68E02AF2206FC4A8C73CAEABE1FB0] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Czech Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz.dll   [7168]
O44 - LFC:[MD5.AFA30A44ED11A5F9A059A2767AB6A81A] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Czech_101 Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz1.dll   [6656]
O44 - LFC:[MD5.90535C13EB54E1F2C95478F1B99DCCEB] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Czech_Programmer's Keyboard Layout.) -- C:\WINDOWS\system32\kbdcz2.dll   [6656]
O44 - LFC:[MD5.552221E92D6BF55F8358B927F00696C3] - 27/03/2015 - 23:10:14 R--A- . (.Microsoft Corporation - Serbian_Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdycl.dll   [6656]
O44 - LFC:[MD5.F3D1EEC756847C70E65335E8CA1AE64B] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Hungarian 101-key Keyboard Layout.) -- C:\WINDOWS\system32\kbdhu1.dll   [5632]
O44 - LFC:[MD5.CF92D95B5CB6649CB9D7E8D7616487A7] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Hungarian Keyboard Layout.) -- C:\WINDOWS\system32\kbdhu.dll   [6656]
O44 - LFC:[MD5.D199B05901C2407FC0F87444A24A4F3C] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Polish Keyboard Layout.) -- C:\WINDOWS\system32\kbdpl.dll   [6656]
O44 - LFC:[MD5.897663C8606357A8E86E57CDEA8EE219] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Polish Programmer's Keyboard Layout.) -- C:\WINDOWS\system32\kbdpl1.dll   [5632]
O44 - LFC:[MD5.C2E62748C875A310A6D5B10498238A68] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Romanian Keyboard Layout.) -- C:\WINDOWS\system32\kbdro.dll   [5632]
O44 - LFC:[MD5.DCCE231E5BDF1401AC0F770EE16902AA] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Slovak Keyboard Layout.) -- C:\WINDOWS\system32\kbdsl.dll   [6656]
O44 - LFC:[MD5.93033C3EA80FB24B198B24DDECA07D4A] - 27/03/2015 - 23:10:15 R--A- . (.Microsoft Corporation - Slovak(QWERTY) Keyboard Layout.) -- C:\WINDOWS\system32\kbdsl1.dll   [6656]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 27/03/2015 - 23:10:16 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS   [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 27/03/2015 - 23:10:16 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls   [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 27/03/2015 - 23:10:16 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls   [66594]
O44 - LFC:[MD5.BBB6C3346064C6AECEE6AD9F144B1AEA] - 27/03/2015 - 23:10:16 R--A- . (.Microsoft Corporation - Estonia Keyboard Layout.) -- C:\WINDOWS\system32\kbdest.dll   [6144]
O44 - LFC:[MD5.C047165ED75FF85DB5A89EFEE3DA1133] - 27/03/2015 - 23:10:16 R--A- . (.Microsoft Corporation - Latvia Keyboard Layout.) -- C:\WINDOWS\system32\kbdlv.dll   [6144]
O44 - LFC:[MD5.27D72BCF2B495FCDA073DBA5F189D7A1] - 27/03/2015 - 23:10:16 R--A- . (.Microsoft Corporation - Latvia-QWERTY Keyboard Layout.) -- C:\WINDOWS\system32\kbdlv1.dll   [6144]
O44 - LFC:[MD5.F5B3B152A1D2752BC88928EB1E031B7E] - 27/03/2015 - 23:10:16 R--A- . (.Microsoft Corporation - Lithuania Keyboard Layout.) -- C:\WINDOWS\system32\kbdlt.dll   [5632]
O44 - LFC:[MD5.AF05A41DBD1B0424B5CB47092152C7F6] - 27/03/2015 - 23:10:16 R--A- . (.Microsoft Corporation - Lithuanian Keyboard Layout.) -- C:\WINDOWS\system32\kbdlt1.dll   [5632]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 27/03/2015 - 23:10:17 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS   [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 27/03/2015 - 23:10:17 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls   [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 27/03/2015 - 23:10:17 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls   [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 27/03/2015 - 23:10:17 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls   [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 27/03/2015 - 23:10:17 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls   [66082]
O44 - LFC:[MD5.1E81E1F3D5ACB3371CF73C1DE8F800BF] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek IBM 220 Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe220.dll   [5632]
O44 - LFC:[MD5.D26533FDF72381947F823882BBA4A196] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek IBM 220 Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdhela2.dll   [6144]
O44 - LFC:[MD5.AC81A176BA35D1D7A5CD53137F3160FE] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek IBM 319 Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe319.dll   [5632]
O44 - LFC:[MD5.F2312B8A76FD584ACD1D956688BEB6F8] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek IBM 319 Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdhela3.dll   [6656]
O44 - LFC:[MD5.83C99B438B3D6DBE7B838DA783E173AC] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek Keyboard Layout.) -- C:\WINDOWS\system32\kbdhe.dll   [5632]
O44 - LFC:[MD5.A93447C87DDB6B1945F1F5F87EAB68DC] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek_Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdgkl.dll   [6144]
O44 - LFC:[MD5.90CC52E8B52F0EC3A41D14FFBE789324] - 27/03/2015 - 23:10:17 R--A- . (.Microsoft Corporation - Greek_Polytonic Keyboard Layout.) -- C:\WINDOWS\system32\kbdhept.dll   [8192]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 27/03/2015 - 23:10:18 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS   [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 27/03/2015 - 23:10:18 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls   [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 27/03/2015 - 23:10:18 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls   [66082]
O44 - LFC:[MD5.A1FA7A83F9D98D84419A8E64286284F4] - 27/03/2015 - 23:10:18 R--A- . (.Microsoft Corporation - Belarusian Keyboard Layout.) -- C:\WINDOWS\system32\kbdblr.dll   [5632]
O44 - LFC:[MD5.1DF6E4758611E1328567BFE4D1B28E27] - 27/03/2015 - 23:10:18 R--A- . (.Microsoft Corporation - Bulgarian Keyboard Layout.) -- C:\WINDOWS\system32\kbdbu.dll   [5632]
O44 - LFC:[MD5.B6E962B7AC1CB4A78876953D369BE6DD] - 27/03/2015 - 23:10:18 R--A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\WINDOWS\system32\kbdru1.dll   [5632]
O44 - LFC:[MD5.C6F23BC1411E91C179B0635893BB40A1] - 27/03/2015 - 23:10:18 R--A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\WINDOWS\system32\kbdru.dll   [5632]
O44 - LFC:[MD5.0304318F189E3CC4A99FCCCB0A68147F] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Azerbaijan_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdaze.dll   [5632]
O44 - LFC:[MD5.95D9106D39AB410A7F7EE513F181F84C] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Kazak_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdkaz.dll   [5632]
O44 - LFC:[MD5.1696413C242327A0AF8AF8E5CBD8AE04] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Kyrgyz Keyboard Layout.) -- C:\WINDOWS\system32\kbdkyr.dll   [5632]
O44 - LFC:[MD5.6AEDBCEE8C0475B10A5C244A35572737] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Mongolian Keyboard Layout.) -- C:\WINDOWS\system32\kbdmon.dll   [5632]
O44 - LFC:[MD5.E5D4673C83271FEEE1ED73E1E281A42B] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Serbian_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdycc.dll   [5632]
O44 - LFC:[MD5.F2D1EEF5ADCD5995C015AB3CB15C9415] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Tatar_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbdtat.dll   [5632]
O44 - LFC:[MD5.3DDE3DC57C54452A313DC20F3019F8E3] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Ukrainian Keyboard Layout.) -- C:\WINDOWS\system32\kbdur.dll   [5632]
O44 - LFC:[MD5.4F9CFFBF05831BB81833FC64A5329C36] - 27/03/2015 - 23:10:19 R--A- . (.Microsoft Corporation - Uzbek_Cyrillic Keyboard Layout.) -- C:\WINDOWS\system32\kbduzb.dll   [5632]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 27/03/2015 - 23:10:20 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls   [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 27/03/2015 - 23:10:20 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls   [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 27/03/2015 - 23:10:20 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls   [66594]
O44 - LFC:[MD5.712A218557F99D136735E0545E5AE223] - 27/03/2015 - 23:10:20 R--A- . (.Microsoft Corporation - Azeri-Latin Keyboard Layout.) -- C:\WINDOWS\system32\kbdazel.dll   [5632]
O44 - LFC:[MD5.188E56B70419D8353B8D4F3E381D9E52] - 27/03/2015 - 23:10:20 R--A- . (.Microsoft Corporation - Turkish F Keyboard Layout.) -- C:\WINDOWS\system32\kbdtuf.dll   [6144]
O44 - LFC:[MD5.5D569F2951F878EF01D7723DC08682E9] - 27/03/2015 - 23:10:20 R--A- . (.Microsoft Corporation - Turkish Q Keyboard Layout.) -- C:\WINDOWS\system32\kbdtuq.dll   [6144]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 27/03/2015 - 23:10:21 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls   [66082]
O44 - LFC:[MD5.92DAC0454E7E0643469B44977DB8C304] - 27/03/2015 - 23:10:22 ---A- . (...) -- C:\WINDOWS\regopt.log   [1406]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 27/03/2015 - 23:10:22 ---A- . (...) -- C:\WINDOWS\system.ini   [231]
O44 - LFC:[MD5.33D279B4701D06EEF165092E838D203B] - 27/03/2015 - 23:10:32 ---A- . (...) -- C:\WINDOWS\system32\pid.PNF   [4444]
O44 - LFC:[MD5.B790E730543353033D1C03116FE6CBC6] - 27/03/2015 - 23:12:52 ---A- . (.Microsoft Corporation - DLL de l'interface utilisateur USB.) -- C:\WINDOWS\system32\usbui.dll   [86528]
O44 - LFC:[MD5.6CB08593487F5701D2D2254E693EAFCE] - 27/03/2015 - 23:13:03 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\WINDOWS\system32\Drivers\drmk.sys   [60160]
O44 - LFC:[MD5.E82A496C3961EFC6828B508C310CE98F] - 27/03/2015 - 23:13:03 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport.) -- C:\WINDOWS\system32\Drivers\portcls.sys   [146048]
O44 - LFC:[MD5.C8B7941F9824E9F4D3D7B9B9BAE14FEE] - 27/03/2015 - 23:13:03 ---A- . (.Microsoft Corporation - User CSA Library.) -- C:\WINDOWS\system32\ksuser.dll   [4096]
O44 - LFC:[MD5.CB02AED45257FEB8D3B294DCFC0CE7C7] - 27/03/2015 - 23:13:03 ---A- . (.Microsoft Corporation - WDM Streaming ActiveMovie Proxy.) -- C:\WINDOWS\system32\ksproxy.ax   [129536]
O44 - LFC:[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 27/03/2015 - 23:13:47 ---A- . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\system32\Drivers\redbook.sys   [58752]
O44 - LFC:[MD5.A3B9B4A68BC839CE5A264D5908092261] - 27/03/2015 - 23:14:22 ---A- . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll   [21504]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 23:14:32 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log   [0]
O44 - LFC:[MD5.D9F724AA26C010A217C97606B160ED68] - 27/03/2015 - 23:14:41 ---A- . (.Microsoft Corporation - AudStub Driver.) -- C:\WINDOWS\system32\Drivers\audstub.sys   [3072]
O44 - LFC:[MD5.8B83F3ED0F1688B4958F77CD6D2BF290] - 27/03/2015 - 23:14:46 ---A- . (.Microsoft Corporation - System Audio WDM Filter.) -- C:\WINDOWS\system32\Drivers\sysaudio.sys   [60800]
O44 - LFC:[MD5.692BCF44383D056AED41B045A323D378] - 27/03/2015 - 23:14:47 ---A- . (.Microsoft Corporation - Kernel Mode Audio Mixer.) -- C:\WINDOWS\system32\Drivers\kmixer.sys   [172416]
O44 - LFC:[MD5.6768ACF64B18196494413695F0C3A00F] - 27/03/2015 - 23:14:48 ---A- . (.Microsoft Corporation - MMSYSTEM Wave/Midi API mapper.) -- C:\WINDOWS\system32\Drivers\wdmaud.sys   [83072]
O44 - LFC:[MD5.325BB26842FC7CCC1FCCE2C457317F3E] - 27/03/2015 - 23:14:50 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\system32\Drivers\MSPCLOCK.sys   [5376]
O44 - LFC:[MD5.BAD59648BA099DA4A17680B39730CB3D] - 27/03/2015 - 23:14:51 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\system32\Drivers\MSPQM.sys   [4992]
O44 - LFC:[MD5.D1575E71568F4D9E14CA56B7B0453BF1] - 27/03/2015 - 23:14:53 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\system32\Drivers\MSKSSRV.sys   [7552]
O44 - LFC:[MD5.8F5FCFF8E8848AFAC920905FBD9D33C8] - 27/03/2015 - 23:14:54 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Audio Descrambler Filt.) -- C:\WINDOWS\system32\Drivers\drmkaud.sys   [2944]
O44 - LFC:[MD5.8A208DFCF89792A484E76C40E5F50B45] - 27/03/2015 - 23:14:55 ---A- . (.Microsoft Corporation - Microsoft Kernel DLS Synthesizer.) -- C:\WINDOWS\system32\Drivers\DMusic.sys   [52864]
O44 - LFC:[MD5.8CE882BCC6CF8A62F2B2323D95CB3D01] - 27/03/2015 - 23:14:57 ---A- . (.Microsoft Corporation - Microsoft GS Wavetable Synthesizer.) -- C:\WINDOWS\system32\Drivers\swmidi.sys   [56576]
O44 - LFC:[MD5.8BED39E3C35D6A489438B8141717A557] - 27/03/2015 - 23:14:58 ---A- . (.Microsoft Corporation - Microsoft Acoustic Echo Canceller.) -- C:\WINDOWS\system32\Drivers\aec.sys   [142592]
O44 - LFC:[MD5.AB8B92451ECB048A4D1DE7C3FFCB4A9F] - 27/03/2015 - 23:14:59 ---A- . (.Microsoft Corporation - Microsoft Kernel Audio Splitter.) -- C:\WINDOWS\system32\Drivers\splitter.sys   [6272]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/03/2015 - 23:15:04 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt   [0]
O44 - LFC:[MD5.E2F57520F1870F394D988D852130AF72] - 29/03/2015 - 04:29:41 ---A- . (...) -- C:\WINDOWS\msmqinst.log   [14376]
O44 - LFC:[MD5.2ADB52D25F8D9CF42E10B6B671BE18AE] - 29/03/2015 - 04:29:42 ---A- . (...) -- C:\WINDOWS\FaxSetup.log   [23957]
O44 - LFC:[MD5.FCB3811DEEF2AC1725C11EF6B799A076] - 29/03/2015 - 04:29:42 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log   [2337]
O44 - LFC:[MD5.D5A162D712917A2448EC9693CDCBFBD7] - 29/03/2015 - 04:29:42 ---A- . (...) -- C:\WINDOWS\msgsocm.log   [1386]
O44 - LFC:[MD5.DDA2492DF1BBFE987DB2973C2CE4880F] - 29/03/2015 - 04:29:42 ---A- . (...) -- C:\WINDOWS\netfxocm.log   [4956]
O44 - LFC:[MD5.07D3D8695546DD28025DD242F45EF393] - 29/03/2015 - 04:29:42 ---A- . (...) -- C:\WINDOWS\ocgen.log   [36159]
O44 - LFC:[MD5.3006DE769A8D07BACC11DE516BF78BD0] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\XPSEPSCLPUninst.log   [3219]
O44 - LFC:[MD5.D6BA7F56E044FE72D8E309462F616C45] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\comsetup.log   [20350]
O44 - LFC:[MD5.092C9C8EC5608D70A8ED22BD8B113E1A] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\iis6.log   [63222]
O44 - LFC:[MD5.04A7D6579CC7598B61913583E2D6D39F] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\imsins.log   [1374]
O44 - LFC:[MD5.C9A560BBF271BE51526170C98585DE21] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log   [10588]
O44 - LFC:[MD5.E63089E9B83DDF45602BC489914A0F81] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\ocmsn.log   [1525]
O44 - LFC:[MD5.7B2355C05D8F60D5B3029EBDD6674EAA] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\tabletoc.log   [1874]
O44 - LFC:[MD5.162EAAF2BDE48DD79567F36F1A14A2C1] - 29/03/2015 - 04:29:50 ---A- . (...) -- C:\WINDOWS\tsoc.log   [16526]
O44 - LFC:[MD5.4C8325FB8B81E93A3B061CA1995E7443] - 31/03/2015 - 12:10:03 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.7535A890E9F8902765F6BA46F6446968] - 31/03/2015 - 12:43:06 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [411]
O44 - LFC:[MD5.0D4C93BC12D2FD857641DFCB355AEA22] - 31/03/2015 - 20:52:38 ---A- . (.Microsoft Corporation - Pages de propriétés pour les périphériques.) -- C:\WINDOWS\system32\OLD1D.tmp   [78336]
O44 - LFC:[MD5.0D4C93BC12D2FD857641DFCB355AEA22] - 31/03/2015 - 20:55:48 ---A- . (.Microsoft Corporation - Pages de propriétés pour les périphériques.) -- C:\WINDOWS\system32\OLD37.tmp   [78336]
O44 - LFC:[MD5.908B9B5FD07F8D5FCBFAD171EEC5CAC2] - 31/03/2015 - 20:59:28 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT   [157160]
O44 - LFC:[MD5.96A58E868552BC1F22CC2A1BD5F472D3] - 31/03/2015 - 20:59:42 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl   [2206]
O44 - LFC:[MD5.4183BE439981BBC77EF2C1D66629F124] - 31/03/2015 - 21:05:08 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\Drivers\ewdcsc.sys   [24448]
O44 - LFC:[MD5.B93D3C81EF1D372DC5BD5E6275362E1A] - 31/03/2015 - 21:05:08 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\Drivers\ewusbdev.sys   [100480]
O44 - LFC:[MD5.60AEC3F4EC355D9F46D545A0FA08CE87] - 31/03/2015 - 21:05:08 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\Drivers\ewusbmdm.sys   [102528]
O44 - LFC:[MD5.9032405F762F1AFA92DFEF99CB078306] - 31/03/2015 - 21:05:08 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ewusbnet.sys   [112640]
O44 - LFC:[MD5.B7B344A383243B32862FE90C66568265] - 31/03/2015 - 21:08:54 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI   [775210]
O44 - LFC:[MD5.8772EF5F4B6DB1E9D7B3CD549CC23F14] - 31/03/2015 - 21:08:54 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat   [40128]
O44 - LFC:[MD5.1D7C7EDBA138956CBF8C71EBF5BD30A8] - 31/03/2015 - 21:08:54 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat   [48856]
O44 - LFC:[MD5.C0800DEE54F833AAF875DF29E9AD89D6] - 31/03/2015 - 21:08:54 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat   [311740]
O44 - LFC:[MD5.8CA5EDB7F6FF04B78428DDDBF8AAA0AE] - 31/03/2015 - 21:08:54 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat   [368076]
~ Files: 661 Scanned in 00mn 02s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O47 - AAKE:Key Export SP - "\??\C:\WINDOWS\system32\winlogon.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\winlogon.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
~ Keys Export: 7 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 21 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
~ TDSD: 12 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "NoInternetOpenWith"=1
~ MWPS: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMBalloonTip"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMConfigurePrograms"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceClassicControlPanel"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInternetIcon"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRemoteRecursiveEvents"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInternetIcon"=0
~ MWPE Keys: 16 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:15/08/2006 - 16:48:22 ---A- . (.Andrea Electronics Corporation - Andrea Audio Noise Cancellation Driver.) -- C:\WINDOWS\system32\Drivers\aeaudio.sys   [100224]
O58 - SDL:22/10/2007 - 09:24:14 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver..) -- C:\WINDOWS\system32\Drivers\b57xp32.sys   [161792]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys   [262528]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys   [11776]
O58 - SDL:22/08/2004 - 16:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys   [155136]
O58 - SDL:22/08/2004 - 16:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys   [5248]
O58 - SDL:25/06/2008 - 18:30:08 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys   [800256]
O58 - SDL:25/06/2008 - 18:30:08 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys   [154496]
O58 - SDL:25/06/2008 - 18:30:08 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys   [5888]
O58 - SDL:09/08/2007 - 03:13:04 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\Drivers\ewdcsc.sys   [24448]
O58 - SDL:22/06/2009 - 18:24:48 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\Drivers\ewusbdev.sys   [100480]
O58 - SDL:22/06/2009 - 18:38:18 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\Drivers\ewusbmdm.sys   [102528]
O58 - SDL:22/06/2009 - 19:00:48 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ewusbnet.sys   [112640]
O58 - SDL:25/06/2008 - 18:30:19 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys   [144384]
O58 - SDL:20/09/2005 - 12:00:54 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\Drivers\ialmnt5.sys   [1302332]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys   [12032]
O58 - SDL:25/06/2008 - 18:30:52 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys   [17792]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys   [12032]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys   [12032]
O58 - SDL:25/06/2008 - 18:30:55 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\Drivers\secdrv.sys   [20480]
O58 - SDL:15/08/2006 - 16:48:22 ---A- . (.Analog Devices, Inc. - SoundMAX Stub Driver.) -- C:\WINDOWS\system32\Drivers\smsens.sys   [3744]
O58 - SDL:15/08/2006 - 16:48:24 ---A- . (.Analog Devices, Inc. - SoundMAX Integrated Digital Audio.) -- C:\WINDOWS\system32\Drivers\smwdm.sys   [578304]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys   [21376]
O58 - SDL:25/06/2008 - 18:30:13 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys   [58112]
O58 - SDL:25/06/2008 - 18:29:54 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
O58 - SDL:25/06/2008 - 18:30:01 ---A- . (...) -- C:\WINDOWS\system32\country.sys   [27097]
O58 - SDL:25/06/2008 - 18:30:20 ---A- . (...) -- C:\WINDOWS\system32\himem.sys   [4912]
O58 - SDL:25/06/2008 - 18:30:25 ---A- . (...) -- C:\WINDOWS\system32\key01.sys   [42809]
O58 - SDL:25/06/2008 - 18:30:25 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys   [42537]
O58 - SDL:25/06/2008 - 18:30:46 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys   [27916]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys   [29146]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys   [29370]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys   [29274]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys   [29146]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys   [34000]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys   [34560]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys   [35648]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys   [35424]
O58 - SDL:25/06/2008 - 18:30:47 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys   [34560]
~ Drivers: 39 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/04/2015 - 15:47:29 ---A- . (...) -- C:\Documents and Settings\Administrateur\Application Data\Adobe\Acrobat\8.0\UserCache.bin   [26385]
O61 - LFC: 27/03/2015 - 15:47:29 ---A- . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Temp\nsg1EB.tmp\NSISArray.dll   [209826]
O61 - LFC: 27/03/2015 - 15:47:29 ---A- . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Temp\nsn1E6.tmp\NSISArray.dll   [209782]
~ 137 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 3 Scanned in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 25/06/2008 - C:\WINDOWS\system32\drivers\dmload.sys (dmload)  .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 09/11/1745 - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys (mbr) .(...) - LEGACY_MBR
~ Legacy: 90 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 9 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {5A171114-24D8-435B-8A2C-D28AC20D125C} - (Wikipedia) - http://en.wikipedia.org
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {91821537-42FB-4108-AF1C-851E2C002716} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {E50C76D9-48D9-4941-9327-A3498F3B0E84} [DefaultScope] - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll   [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll   [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll   [77824]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll   [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll   [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll   [127488]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll   [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll   [246272]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135680]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll   [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll   [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll   [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll   [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll   [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll   [247808]  =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll   [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll   [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll   [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll   [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [194560]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll   [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll   [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll   [332288]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll   [171520]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll   [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135680]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll   [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll   [178176]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll   [483840]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll   [685568]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll   [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll   [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll   [129024]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll   [293376]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll   [61440]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll   [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll   [25944]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135680]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll   [38400]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll   [27136]
~ Services: 40 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Administrateur at 01/04/2015 15:47:46
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x81F7BD68]<< 
1 nt!IofCallDriver[0x804E37C5] >> \Device\Harddisk0\DR0[0x81F65030]
3 CLASSPNP[0xF8581FD7] >> nt!IofCallDriver[0x804E37C5] >> \Device\00000054[0x81D1F978]
5 ACPI[0xF84D1620] >> nt!IofCallDriver[0x804E37C5] >> \Device\Ide\IdeDeviceP0T0L0-3[0x81F8AD98]
\Driver\atapi[0x81D2D628] >> IRP_MJ_CREATE >> 0x81F7BD68
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi >> 0x81f7bd68
user & kernel MBR OK 
Warning: possible MBR rootkit infection !
~ MBR: 36 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 01/04/2015 15:47:48
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:22/08/2004 - 16:31:10 ---A- . (.Pas de propriétaire - PnP BIOS Extension.) -- C:\WINDOWS\system32\Drivers\d347bus.sys   [155136]
O58 - SDL:22/08/2004 - 16:31:48 ---A- . (.Pas de propriétaire - SCSI miniport.) -- C:\WINDOWS\system32\Drivers\d347prt.sys   [5248]
O42 - Logiciel: DAEMON Tools - (.DAEMON'S HOME.) [HKLM] -- {3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
~ Emulateurs:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

~ Additionnel Scan: 101137 Items scanned in 00mn 17s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/  =>.Image File Execution Options (IFEO) (O50)
~ AMI: 4 Scanned in 00mn 00s



End of the scan (1589 lines in 00mn 54s)(0.4)