ZHPDiag Rapport

~ Rapport de ZHPDiag v2014.4.16.
27 - Nicolas Coolman (16/04/2014)

~ Lanc par Armin Metovic (16/04/2014 10:14:34)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance la dsinfection : http://nicolascoolman.webs.com/ap
ps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Dsactive par l'utilisateur
~ Elvation des Privilges : OK
~ User Account Control (UAC): Activate by user
---\\
MSIE:
MFIE:
GCIE:
Navigateurs Internet
Internet Explorer v11.0.9600.16659
Mozilla Firefox 27.0.1
Google Chrome v34.0.1847.116 (Defaut)
---\\ Informations sur les produits Windows

~ Langage: Franais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
---\\ Logiciels de protection du systme
avast! Free Antivirus v9.0.2013
Trend Micro Titanium Internet Security v3.00
Windows Defender W7
---\\ Logiciels d'optimisation du systme
CCleaner v4.12 =>.Piriform Ltd
---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le systme
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8098 MB (75% free)
System Restore: Activ (Enable)
System drive C: has 47 GB (16%) free of 293 GB
---\\ Mode de connexion au systme
~ Computer Name: ARMETOV
~ User Name: Armin Metovic
~ All Users Names: Armin Metovic, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Armin Metovic\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Armin Metovic\AppData\Roaming\
~ %Desktop% : C:\Users\Armin Metovic\Desktop\
~ %Favorites% : C:\Users\Armin Metovic\Favorites\
~ %LocalAppData% : C:\Users\Armin Metovic\AppData\Local\
~ %StartMenu% : C:\Users\Armin Metovic\AppData\Roaming\Microsoft\Windows\Start M

enu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumration des units disques
C: Hard drive, Flash drive, Thumb drive
D: Hard drive, Flash drive, Thumb drive
E: Hard drive, Flash drive, Thumb drive
F: Hard drive, Flash drive, Thumb drive
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Free 0 Go of 19 Go)
I: Floppy drive, Flash card reader, USB
(Free
(Free
(Free
(Free
47 Go of 293 Go)
77 Go of 349 Go)
238 Go of 349 Go)
325 Go of 381 Go)
Key (Free 12 Go of 15 Go)
---\\ Etat du Centre de Scurit Windows

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDeskt
opChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\
SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Applicati
on: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Result
s\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s
---\\ Recherche particulire de fichiers gnriques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur W
indows.) (.24/02/2011 - 22:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application d
e dmarrage de Windows.) (.13/07/2009 - 17:39:52.) -- C:\Windows\System32\Wininit.
exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions In
ternet pour Win32.) (.28/02/2014 - 19:10:28.) -- C:\Windows\System32\wininet.dll
[2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application do
uverture de session Windows.) (.20/11/2010 - 05:25:32.) -- C:\Windows\System32\W
inlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothque de
licences.) (.20/11/2010 - 05:27:28.) -- C:\Windows\System32\sppcomapi.dll [2324
48]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Fun
ction Driver for WinSock.) (.27/09/2013 - 17:09:10.) -- C:\Windows\system32\Driv
ers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Min
iport Driver.) (.13/07/2009 - 17:52:21.) -- C:\Windows\system32\Drivers\atapi.sy
s [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File S
ystem Driver.) (.13/07/2009 - 15:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys
[92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM D
river.) (.20/11/2010 - 01:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [1474
56]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace
Client Driver.) (.20/11/2010 - 01:26:34.) -- C:\Windows\system32\Drivers\DfsC.s
ys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definiti
on Audio Bus Driver.) (.20/11/2010 - 02:43:44.) -- C:\Windows\system32\Drivers\H
DAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de por
t i8042.) (.13/07/2009 - 15:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys
[105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Ad
dress Translator.) (.13/07/2009 - 16:10:03.) -- C:\Windows\system32\Drivers\IpNa
t.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SM
B Minirdr.) (.26/04/2011 - 18:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys
[158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport
driver.) (.20/11/2010 - 01:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [26
1632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du sys
tme de fichiers NT.) (.23/01/2014 - 18:37:55.) -- C:\Windows\system32\Drivers\ntf
s.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de por
t parallle.) (.13/07/2009 - 16:00:41.) -- C:\Windows\system32\Drivers\Parport.sys
[97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini
-port/call-manager driver.) (.20/11/2010 - 02:52:36.) -- C:\Windows\system32\Dri
vers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport
driver.) (.13/07/2009 - 16:09:09.) -- C:\Windows\system32\Drivers\smb.sys [9318
4]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translati
on Driver.) (.20/11/2010 - 01:21:58.) -- C:\Windows\system32\Drivers\tdx.sys [11
9296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cli
ch instantan du volume.) (.20/11/2010 - 05:34:04.) -- C:\Windows\system32\Drivers\
volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachs (Cach/Total)

~ Mes images (My Pictures) : 1/19
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/1004
~ Mon Bureau (My Desktop) : 1/14843
~ Menu demarrer (Programs) : 1/54
~ Hidden Files: Scanned in 00mn 16s
---\\ Processus lancs

[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propritaire - ALU.) -- C:\Progr
am Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2764]
[MD5.BC3DA234CDA880578526DAB028F40268] - (.ASUS - SmartLogon Application.) -- C:
\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792] [PID.2820]
[MD5.7D2C5F5A9DF7AE26B4E62E2D7032B96B] - (.ASUS - ACMON.) -- C:\Program Files (x
86)\ASUS\Splendid\ACMON.exe [82944] [PID.2788]

[MD5.A391896CD406E6377F5CEF31FDC12019] - (.ASUSTeK - ACEngSvr Module.) -- C:\Win
dows\SysWOW64\ACEngSvr.exe [155648] [PID.3100]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files
(x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.3344]
[MD5.EE73B56ED71EB6383F25FA5468923BB2] - (.NVIDIA Corporation - NVIDIA GeForce E
xperience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvB
ackend.exe [2234144] [PID.3788]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScr
Pro.exe [3058304] [PID.3840]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Ser
vice.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.
3608]
[MD5.DF552350CDC2AA39C01CE40612DF82A8] - (.Samsung - Kies.) -- C:\Program Files
(x86)\Samsung\Kies\Kies.exe [1564528] [PID.4252]
[MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focu
s - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.
exe [984400] [PID.4760]
[MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program File
s (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.4812]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program F
iles (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4828]
[MD5.58FC1B36032F03342E4C02813F80DAC1] - (.Dropbox, Inc. - Dropbox.) -- C:\Users
\Armin Metovic\AppData\Roaming\Dropbox\bin\Dropbox.exe [30714328] [PID.4844]
[MD5.36E7CE6EA4C190AA88C25CDD3C89D84C] - (.ASUS - Wireless Console 3.) -- C:\Pro
gram Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360] [PID.4868]
[MD5.FA18468460906465C6A181904F5B706B] - (.AVAST Software - avast! Antivirus.) - C:\Program Files\AVAST Software\Avast\avastui.exe [3774312] [PID.4912]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update
Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[254336] [PID.4952]
[MD5.6407D56278190B304212464DFDCD0B8B] - (.Samsung Electronics Co., Ltd. - Kies
TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
[311152] [PID.4980]
[MD5.405A2343A4A4337EA221603D69D8061A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Pro
gram Files (x86)\ZHPDiag\ZHPDiag.exe [8217088] [PID.5352]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Dmarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Armin Metovic\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Goog
leStore v.0.2 (Activ)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Goog
leDrive v.6.3 (Activ)
G2 - GCE: Preference [User Data\Default] [bmocjakdebljhipodkekdabihgkbeepj] Zzze
lpScript v.0.40 (Activ)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Book
mark Manager v.0.1 (Activ)
G2 - GCE: Preference [User Data\Default] [eihldfliihmchkgbfkchomgndbeldhcc] Grea
zzz v.3.1 (Activ)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Sett
ings v.0.2 (Activ)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feed
back v.1.0 (Activ)
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBl
ock v.2.6.18, (Activ)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avas
t! Online Security v.9.0.2018.93, (Dsactiv)

G2 - GCE: Preference [User Data\Default] [kmhifjihihhjppngfjocphcicajknmkj]
lpScript v.2.103 (Activ)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng]
d Print v.0.1 (Activ)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf]
me v.0.1 (Activ)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd]
le Network Speech v.1.0 (Activ)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome]
out Services v.1.0 (Activ)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda]
leWallet v.0.0.6.1 (Activ)
Zzze
Clou
Chro
Goog
Hang
Goog
---\\ Liste des dossiers d'extension Google Chrome

G2 - EXT: C:\Users\Armin Metovic\AppData\Local\Google\Chrome\User Data\Default\E
xtensions\apdfllckaahabafndbhieahigkjlhalf [GoogleDrive]
xtensions\bmocjakdebljhipodkekdabihgkbeepj [ZzzelpScript]
xtensions\eihldfliihmchkgbfkchomgndbeldhcc [Greazzz]
xtensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
xtensions\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
xtensions\kmhifjihihhjppngfjocphcicajknmkj [ZzzelpScript]
xtensions\nmmhkkegccagdldgiimedpiccmgmieda [GoogleWallet]
~ Google Lines Browser: 23 Scanned in 00mn 25s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows
you to have a better experience with Microsoft Lync.) -- C:\Program Files (x86)\
Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For
Firefox and Netscape 11.0.06.) -- C:\Program Files (x86)\Mozilla Firefox\Plugin
s\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macrome
d\Flash\NPSWF64_12_0_0_77.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation
- 5.1.30214.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporat
ion - The plugin allows you to have a better experience with Microsoft Share.) - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Li
mited - Facebook Video Calling Plugin.) -- C:\Users\Armin Metovic\AppData\Local\
Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando W
eb Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlu
gin.dll
~ Firefox Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Dmarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn
.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.micro
soft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = htt
p://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.micr
osoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://as
us.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.micr
osoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go
.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:
noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:s
ecurityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = ht
tp://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL
= http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_U
RL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off P
age = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Pa
ge = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99C
B-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16
428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,Enable
dV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
r = no key
e = 0
xy = 1
1_1 = 1
Proxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
Settings,ProxyServe
Settings,ProxyEnabl
Settings,MigratePro
Settings,EnableHttp
Settings,AutoConfig
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.ex
e
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)

~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Trend Micro NSC BHO [64Bits] - {1CA1377B-DC1D-4A52-9585-6E06050FAC53}
. (.Trend Micro Inc. - Trend Micro NSC IE Plug-In.) -- C:\Program Files\Trend Mi
cro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605D
A} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Micros
oft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1
D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Fil
es (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D0
6} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Av
ast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-516
4760863C6} . (.Microsoft Corp. - Microsoft Windows Live ID Login Helper.) -- C:\P
rogram Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.d
ll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} .
(.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Progra
m Files (x86)\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: TmBpIeBHO [64Bits] - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} . (.Trend
Micro Inc. - Trend Micro Browser Plug-In (IE).) -- C:\Program Files\Trend Micro\
AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A
9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Ex
tensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.dll =>.
Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25
C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program F
iles (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl orphelin
e
~ BHO: 17 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4C
F5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\A
vast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C0
2F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\A
vast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)

O4 - GS\Desktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity, the Free
, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe =>
.The Audacity Team

O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast!
Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Prog
ram Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - GS\Desktop [Public]: Fallout New Vegas.lnk . (.Bethesda Softworks, Obsidian
Entertainment - Fallout New Vegas Launcher.) -- C:\Program Files (x86)\Bethesd
a Softworks\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
O4 - GS\Desktop [Public]: FMRTE 14.lnk . (.BraCa Soft - FMRTE 14.) -- C:\BraCa
Soft\FMRTE 14\FMRTE.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.
) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Sa
msung\Kies\KiesAgent.exe
O4 - GS\Program [Public]: Adobe Bridge CS6 (64bit).lnk . (.Adobe Systems, Inc. Adobe Bridge CS6.) -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.
exe =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Bridge CS6.lnk . (.Adobe Systems, Inc. - Adobe B
ridge CS6.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe =>.Ad
obe Systems Incorporated
O4 - GS\Program [Public]: Adobe ExtendScript Toolkit CS6.lnk . (.Adobe Systems I
ncorporated - ExtendScript Toolkit CS6 and Debugger (32 b.) -- C:\Program Files
(x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit
.exe =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Extension Manager CS6.lnk . (.Adobe Systems Inco
rporated - Adobe Extension Manager CS6.) -- C:\Program Files (x86)\Adobe\Adobe
Extension Manager CS6\Adobe Extension Manager CS6.exe
O4 - GS\Program [Public]: Adobe Photoshop CS6 (64 Bit).lnk . (.Adobe Systems, In
corporated - Adobe Photoshop CS6.) -- C:\Program Files\Adobe\Adobe Photoshop CS
6 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Photoshop CS6.lnk . (.Adobe Systems, Incorporate
d - Adobe Photoshop CS6.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\P
hotoshop.exe =>.Adobe Systems Incorporated
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{
AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Audacity.lnk . (.The Audacity Team - Audacity, the Free
, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe =>
.The Audacity Team
O4 - GS\Program [Public]: Cabela's Big Game Hunter Pro Hunts.lnk . (...) -- C:\
Program Files (x86)\Cabela's Big Game Hunter Pro Hunts\bgh_2014.exe
O4 - GS\Program [Public]: JDownloader Uninstaller.lnk . (.AppWork GmbH - JDownlo
ader.) -- C:\Program Files (x86)\JDownloader\JDUninstall.exe
O4 - GS\Program [Public]: JDownloader Update.lnk . (...) -- C:\Program Files (x
86)\JDownloader\JDUpdate.exe
O4 - GS\Program [Public]: JDownloader.lnk . (.AppWork GmbH - JDownloader 0.9.)
-- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows M
edia Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.
) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bur
eau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Micros
oft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation
- Interface utilisateur de Mise niveau expr.) -- C:\Windows\system32\WindowsAny
timeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x8
6)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - M

icrosoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft
Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Wind
ows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Mic
rosoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnm
sgr.exe
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation
- Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gall
ery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporati
on - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo
Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - L
ecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.
exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse
XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft C
orporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe =>.Micro
soft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calcula
trice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Affi
cher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft C
orporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - A
ccessoire du panneau de saisie mathmatiqu.) -- C:\Program Files (x86)\Common Fil
es\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Ce
ntre de mobilit Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corpo
ration
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corpor
ation - Connexion Bureau distance.) -- C:\Windows\system32\mstsc.exe =>.Micro
soft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outi
l Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Mag
ntophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corpo
ration
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense
-bte.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Micros
oft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mis
e en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Applicatio
n Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.ex
e =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Tabl
e des caractres.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Dfragmenteur
de disque Microsoft.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporat
ion
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gesti
onnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe
=>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - M
oniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation Informations systme.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corpor
ation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Res
tauration du systme de Microsoft Windo.) -- C:\Windows\system32\rstrui.exe =>.M
icrosoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32
\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Co
rporation - Application post-migration de transfert de.) -- C:\Windows\system32
\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporatio
n - Application Transfert de fichiers et param.) -- C:\Windows\system32\migwiz\m
igwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [Armin Metovic]: Fake Webcam 7.3.lnk . (.Web Solution Mart Pas de description.) -- C:\Program Files (x86)\Fake Webcam 7.3\7.3.0.0\FakeWeb
cam.exe
O4 - GS\QuickLaunch [Armin Metovic]: GOM Audio.lnk . (.Gretech Corporation - GOM
Audio.) -- C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe
O4 - GS\QuickLaunch [Armin Metovic]: GOM Player.lnk . (...) -- C:\Program Files
(x86)\GRETECH\GomPlayer\GOM.exe
O4 - GS\QuickLaunch [Armin Metovic]: Google Chrome.lnk . (.Google Inc. - Google
Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Armin Metovic]: JDownloader.lnk . (.AppWork GmbH - JDownloa
der 0.9.) -- C:\Program Files (x86)\JDownloader\JDownloaderPortable.exe
O4 - GS\QuickLaunch [Armin Metovic]: Launch Internet Explorer Browser.lnk . (.Mi
crosoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Ex
plorer\iexplore.exe
O4 - GS\QuickLaunch [Armin Metovic]: PokerStars.be.lnk . (.PokerStars - PokerSta
rs Update.) -- C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe
O4 - GS\QuickLaunch [Armin Metovic]: Samsung Kies (Lite).lnk . (...) -- C:\Prog
ram Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch [Armin Metovic]: Samsung Kies.lnk . (...) -- C:\Program Fil
es (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch [Armin Metovic]: Torrent.lnk . (.BitTorrent Inc. - Torrent.)
-- C:\Users\Armin Metovic\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorre
nt
O4 - GS\TaskBar [Armin Metovic]: Google Chrome.lnk . (.Google Inc. - Google Chro
me.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Armin Metovic]: Intel(R) Turbo Boost Technology Monitor 2.0.lnk
. (...) -- C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe (.not fi
le.)
O4 - GS\TaskBar [Armin Metovic]: Notepad.lnk . (.Microsoft Corporation - Bloc-no
tes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Program [Armin Metovic]: Internet Explorer.lnk . (.Microsoft Corporation
- Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [Armin Metovic]: Command Prompt.lnk . (.Microsoft Corporatio
n - Interprteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Micro
soft Corporation
O4 - GS\Accessories [Armin Metovic]: Notepad.lnk . (.Microsoft Corporation - Blo
c-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Armin Metovic]: Run.lnk - Cl orpheline
O4 - GS\Accessories [Armin Metovic]: Windows Explorer.lnk . (.Microsoft Corporat
ion - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporati
on
O4 - GS\SystemTools [Armin Metovic]: Internet Explorer (No Add-ons).lnk . (.Micr

osoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Expl
orer\iexplore.exe
O4 - GS\SystemTools [Armin Metovic]: Private Character Editor.lnk . (.Microsoft
Corporation - diteur de caractres privs.) -- C:\Windows\system32\eudcedit.exe
.Microsoft Corporation
O4 - GS\SendTo [Armin Metovic]: Dropbox.lnk . (...) -- C:\Users\Armin Metovic\D
ropbox
O4 - GS\SendTo [Armin Metovic]: Skype.lnk . (.Skype Technologies S.A. - Skype.)
-- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\SendTo [Armin Metovic]: Transfert de fichiers Bluetooth.LNK . (.Microsof
t Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\Desktop [Armin Metovic]: Armin Metovic - Raccourci.lnk . (...) -- C:\Us
ers\Armin Metovic
O4 - GS\Desktop [Armin Metovic]: bgh_2014 - Raccourci.lnk . (...) -- C:\Program
Files (x86)\Cabela's Big Game Hunter Pro Hunts\bgh_2014.exe
O4 - GS\Desktop [Armin Metovic]: ck2game - Raccourci.lnk . (...) -- C:\Program
Files (x86)\Crusader Kings II 2.0.4\ck2game.exe
O4 - GS\Desktop [Armin Metovic]: CLIENTS INVOICE STATUS LIST - Raccourci.lnk . (
...) -- C:\Users\Armin Metovic\Desktop\TRADE SHOW WINTER ANALYSIS\CLIENTS INVOI
CE STATUS LIST.xlsx
O4 - GS\Desktop [Armin Metovic]: DAEMON Tools Lite.lnk . (.Disc Soft Ltd - DAEMO
N Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT S
oft Ltd
O4 - GS\Desktop [Armin Metovic]: Documents - Raccourci.lnk . (...) -- C:\Users\
Armin Metovic\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Armin Metovic]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C
:\Users\Armin Metovic\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Desktop [Armin Metovic]: Fake Webcam 7.3.lnk . (.Web Solution Mart - Pas
de description.) -- C:\Program Files (x86)\Fake Webcam 7.3\7.3.0.0\FakeWebcam.
exe
O4 - GS\Desktop [Armin Metovic]: FISCAL AMOUNT ANALYSIS 10-11-12-13 - Raccourci.
lnk . (...) -- C:\Users\Armin Metovic\Desktop\FISCAL AMOUNT ANALYSIS\FISCAL AMO
UNT ANALYSIS 10-11-12-13.xlsx
O4 - GS\Desktop [Armin Metovic]: Football Manager 2014.lnk . (.Sports Interactiv
e - Football Manager 2014 14.1.3f438735.) -- C:\Program Files (x86)\Sports Inte
ractive\Football Manager 2014\fm.exe =>.Sports Interactive
O4 - GS\Desktop [Armin Metovic]: Inpaint.lnk . (...) -- C:\Program Files (x86)\
Inpaint\Inpaint.exe
O4 - GS\Desktop [Armin Metovic]: inSSIDer Office.lnk . (...) -- C:\Users\Armin
Metovic\AppData\Roaming\Microsoft\Installer\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C52
6}\Icon.ico
O4 - GS\Desktop [Armin Metovic]: LIST BY CUSTOMER BY STATE AREA - Raccourci.lnk
. (...) -- C:\Users\Armin Metovic\Desktop\FISCAL AMOUNT ANALYSIS\LIST BY CUSTOM
ER BY STATE AREA.xlsx
O4 - GS\Desktop [Armin Metovic]: LIST ITEMS PER QTY AND AMOUNT - Raccourci.lnk .
(...) -- C:\Users\Armin Metovic\Desktop\CATALOG\LIST ITEMS PER QTY AND AMOUNT.
xlsx
O4 - GS\Desktop [Armin Metovic]: Ordinateur - Raccourci.lnk - Cl orpheline
O4 - GS\Desktop [Armin Metovic]: PhotoFiltre Studio X.lnk . (.PhotoFiltre - Phot
oFiltre Studio X.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - GS\Desktop [Armin Metovic]: Pirates!.lnk . (.Firaxis Games - Sid Meier's Pi
rates!.) -- C:\Program Files (x86)\Firaxis Games\Sid Meier's Pirates!\Pirates!.
exe
O4 - GS\Desktop [Armin Metovic]: Skype.lnk . (.Skype Technologies S.A. - Skype.)
-- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [Armin Metovic]: SR2_pc - Raccourci.lnk . (...) -- C:\Program F
iles (x86)\Saints Row 2\SR2_pc.exe
O4 - GS\Desktop [Armin Metovic]: Steam.lnk . (.Valve Corporation - Steam Client
=>
Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

O4 - GS\Desktop [Armin Metovic]: theHunter - Raccourci.lnk . (.Expansive Worlds
- theHunter.) -- C:\Program Files (x86)\theHunter\game\theHunter.exe
O4 - GS\Desktop [Armin Metovic]: TreeSize Free.lnk . (.JAM Software - TreeSize F
ree hard disk space manager.) -- C:\Program Files (x86)\JAM Software\TreeSize F
ree\TreeSizeFree.exe
O4 - GS\Desktop [Armin Metovic]: Tlchargement.lnk . (...) -- C:\Users\Armin Metov
ic\Downloads
O4 - GS\Desktop [Armin Metovic]: Video Time Reversal 2.lnk . (.Xander - Video Ti
me Reversal 2.) -- C:\Program Files (x86)\Video Time Reversal 2\Video Time Reve
rsal 2.exe
O4 - GS\Desktop [Armin Metovic]: Voipwise.lnk . (.Voipwise - Client to make VoIP
calls..) -- C:\Program Files (x86)\Voipwise.com\Voipwise\Voipwise.exe
O4 - GS\Desktop [Armin Metovic]: WINTER TRADE SHOW ANALYSIS 13-14 - Raccourci.ln
k . (...) -- C:\Users\Armin Metovic\Desktop\TRADE SHOW WINTER ANALYSIS\WINTER T
RADE SHOW ANALYSIS 13-14.xlsx
O4 - GS\Desktop [Armin Metovic]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup
.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Armin Metovic]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.
) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Armin Metovic]: Torrent.lnk . (.BitTorrent Inc. - Torrent.) -- C
:\Users\Armin Metovic\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 110 Scanned in 00mn 05s
---\\ Applications lances au dmarrage du systme (O4)

O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (...) -- C:\Program Files (x86
)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - GS\Startup [Armin Metovic]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C
:\Users\Armin Metovic\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - GS\Startup [Armin Metovic]: Intel(R) Turbo Boost Technology Monitor 2.0.lnk
. (...) -- C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe (.not fi
le.)
O4 - HKLM\..\Run: [VizorHtmlDialog.exe] . (.Trend Micro Inc. - Trend Titanium.)
-- C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Mi
cro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiF
rmWrk\UIWatchDog.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - VizorShortCut Dy
namic Link Library.) -- C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Win
dows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Win
dows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Proc
ess.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utili
ty for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.e
xe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
(.not file.)
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft Windows
Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAc
pi.exe (.not file.)
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd (.not file.)
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Pro
gram Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe U
pdater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp
\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience
Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.ex
e
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Pr
oxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Window
s.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\S
amsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMe
ssage.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - Torrent.) -- C:\Users\Armin Me
tovic\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [AdobeBridge] Cl orpheline
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation
de Facebook.) -- C:\Users\Armin Metovic\AppData\Local\Facebook\Update\FacebookU
pdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Nuance PDF Reader-reminder] . (.Nuance Communicat
ions, Inc. - Ereg.) -- C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [SonicMasterTray] . (.Virage Logic Corporation / S
onic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicF
ocusTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files
(x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Fi
les (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Pro
gram Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUS - Wireless Console 3
.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI Star
tMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\M
UIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI Sta
rtMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MU
IStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antiviru
s.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [WsmUpdater] . (.Web Solution Mart - Updater.) -C:\Program Files (x86)\Web Solution Mart\Fake Webcam Codecs Pack\Updater.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe
Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1
.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java
(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\
jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogen
ie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd.
- Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAg
ent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - Swi
tchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBo

ard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorpo
rated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe
\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsof
t Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bure
au Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsof
t Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.)
-- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [Sidebar] . (.M
icrosoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows S
idebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [DAEMON Tools L
ite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON To
ols Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [KiesPreload] .
(.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [KiesAirMessage
] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [uTorrent] . (.
BitTorrent Inc. - Torrent.) -- C:\Users\Armin Metovic\AppData\Roaming\uTorrent\uT
orrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [AdobeBridge] C
l orpheline
O4 - HKUS\S-1-5-21-3048322979-3292302662-2064094741-1001\..\Run: [Facebook Updat
e] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Armin
Metovic\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Invisibilit de l'icne d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situs sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C
6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A
-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\
Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &lies OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB
0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Lo
cation Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseu
r Shim daffectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

r despace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
r despace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows So
ckets Helper DLL.) -- C:\Windows\system32\wshbth.dll
r de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.d
ll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR P
rovider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft Windows
Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft S
hared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft Windows
Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft S
hared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 9 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{4624EA88-4D16-4A81-9E4D-A5BE3BDB7DA3}:
DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F51A3DA-8491-4B91-A115-28211C4108B3}:
O17 - HKLM\System\CS1\Services\Tcpip\..\{4624EA88-4D16-4A81-9E4D-A5BE3BDB7DA3}:
O17 - HKLM\System\CS1\Services\Tcpip\..\{4F51A3DA-8491-4B91-A115-28211C4108B3}:
O17 - HKLM\System\CS2\Services\Tcpip\..\{4624EA88-4D16-4A81-9E4D-A5BE3BDB7DA3}:
O17 - HKLM\System\CS2\Services\Tcpip\..\{4F51A3DA-8491-4B91-A115-28211C4108B3}:
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Mic
rosoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Comm
on Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cls Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Wi
ndows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cls Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Ver
sion 335.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File n
ot found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non dsactivs (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems
Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Fi
les\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) C:\Windows\system32\FBAgent.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Prog
ram Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program
Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! S
ervice.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Progr
amme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpd
ate.exe =>.Google Inc
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS)
. (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\
Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation
- NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetServic
e\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NV
IDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstre
amsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NV
IDIA Driver Helper Service, Version 335.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Update
r Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA
Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)
\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS)
. (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\In
tel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 13 Scanned in 00mn 07s
---\\ Enumration Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumre les donnes de BootExecute (BEX) (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tches planifies en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Update
r.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1
-5-21-3048322979-3292302662-2064094741-1001Core.job [938]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1
-5-21-3048322979-3292302662-2064094741-1001UA.job [960]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCo
re.job [1078]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA
.job [1082]
[MD5.7D2C5F5A9DF7AE26B4E62E2D7032B96B] [APT] [ACMON] (.ASUS.) -- C:\Program File
s (x86)\ASUS\Splendid\ACMON.exe [82944]
[MD5.9D96B0D5855FD1B98023B3EEC9F06786] [APT] [Adobe Flash Player Updater] (.Adob
e Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdate
Service.exe [257928]
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Prog
ram Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768]
[MD5.09C748AB133FA903E115793B714EE786] [APT] [ASUS P4G] (.ASUS.) -- C:\Program F
iles\P4G\BatteryLife.exe [1001088]
[MD5.BC3DA234CDA880578526DAB028F40268] [APT] [ASUS SmartLogon Console Sensor] (.
ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305792]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Fi
les (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992]
[MD5.14739B9810A47332D81AE72A29ECCAAE] [APT] [AutoKMS] (...) -- C:\Windows\AutoK
MS\AutoKMS.exe [3334144] =>Trojan.Keygen
[MD5.F82F374417148CF545221DD88876219F] [APT] [avast! Emergency Update] (.AVAST S
oftware.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [783728]
[MD5.DB1654ADB276501C44DB0FE5E8A0841D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.)
-- C:\Program Files\CCleaner\CCleaner.exe [4613912] =>.Piriform Ltd
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-304
8322979-3292302662-2064094741-1001Core] (.Facebook Inc..) -- C:\Users\Armin Meto
vic\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-304
8322979-3292302662-2064094741-1001UA] (.Facebook Inc..) -- C:\Users\Armin Metovi
c\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Goo
gle Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Googl
e Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.00000000000000000000000000000000] [APT] [{BC38F4D4-36FC-498B-8B95-1052F741E
708}] (...) -- H:\RZRSETUP.exe (.not file.) [0]
~ Scheduled Task: 23 Scanned in 00mn 07s
---\\ Composants installs (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.)
-- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-9
4ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) - C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.M
icrosoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47}
. (.Microsoft Corporation - Interprteur de commandes Windows.) -- C:\Windows\syst
em32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C}
. (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mai
l\WinMail.exe =>.Microsoft Corporation

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bb
c9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet E
xplorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-0
0C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) - C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4
340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\Sy
stem32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA
005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Exp
lorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Micr
osoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\syst
em32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s
---\\ Pilotes lancs au dmarrage du systme (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporatio
n - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sy
s
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\W
indows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:
\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:
\Windows\system32\drivers\aswSP.sys
O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program File
s (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Win
dows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Win
dows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporat
ion - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft
Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discac
he.sys
O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver
.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Dri
ver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.)
- C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corpor
ation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft
Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corpo
ration - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation Pilote du sous-systme de mise en mmoire t.) - C:\Windows\System32\DRIVERS\rdbss.s
ys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corp
oration - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft
Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft

Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdpr
efmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver
.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (tmtdi) . (.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre)
.) - C:\Windows\System32\DRIVERS\tmtdi.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.)
- C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver
.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporatio
n - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wana
rp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Fi
lter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels installs (O42)

O42 - Logiciel: ASUS AI Recovery - (.ASUS.) [HKLM][64Bits] -- {D39F0676-163E-459
5-A917-E28F99BBD4D2}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0
-A7CC-56CBDE488158}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {E657B243-9AD4-4EC
C-BE81-4CCF8D667FD0}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {33B98264-A8
89-4913-A0CA-C364A75032B3}
O42 - Logiciel: ASUS SmartLogon - (.ASUS.) [HKLM][64Bits] -- {64452561-169F-4A36
-A2FF-B5E118EC65F5}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64B
its] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: ASUS Virtual Camera - (.asus.) [HKLM][64Bits] -- {EC8BD21F-0CA04BBF-97D9-4A52B30041A1}
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM][64Bits]
-- ASUS WebStorage
O42 - Logiciel: ASUS_Screensaver - (...) [HKLM][64Bits] -- ASUS_Screensaver
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B31
4-9C83A49B94BE}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [
HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [H
KLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bi
ts] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader XI (11.0.06) - Franais - (.Adobe Systems Incorporate
d.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bit
s] -- InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM][64Bits] -- Asus Vibe2.0
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is
1
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media Inc..) [HKLM][64Bits] -- Bookwo
rm Deluxe
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform
Ltd
O42 - Logiciel: Cabela's Big Game Hunter Pro Hunts - (...) [HKLM][64Bits] -- Q2F
iZWxhc0JpZ0dhbWVIdW50ZXJQcm9IdW50cw==_is1
O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy
-PhotoPrint EX
O42 - Logiciel: Canon MP Navigator EX 3.0 - (...) [HKLM][64Bits] -- MP Navigator
EX 3.0
O42 - Logiciel: Canon MP270 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD
5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series
O42 - Logiciel: Canon My Printer - (...) [HKLM][64Bits] -- CanonMyPrinter
O42 - Logiciel: Cheat Engine 6.3 - (.Cheat Engine.) [HKLM][64Bits] -- Cheat Engi
ne 6.3_is1
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] - {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {5
1C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {E
D5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Cooking Dash - (.Oberon Media Inc..) [HKLM][64Bits] -- Cooking D
ash
O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM][64Bits] -- Steam App 2
40
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- Ins
tallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C5
9C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- Insta
llShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF
1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A63
1-8EA7239923AF}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON T
ools Lite =>.DT Soft Ltd
O42 - Logiciel: Don't Starve - (.Klei Entertainment.) [HKLM][64Bits] -- Steam Ap
p 219740
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: FMRTE 14.3.0.32 - (.Raul Bravo.) [HKLM][64Bits] -- {067E314C-050
5-406F-ABF5-AC601646E8B4}_is1
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM][64Bi
ts] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Fake Webcam 7.3 - (.Web Solution Mart.) [HKLM][64Bits] -- fakewe
bcam7.3.0_is1
O42 - Logiciel: Fake Webcam Codecs Pack 1.0.0 - (.Web Solution Mart.) [HKLM][64B
its] -- fwccpsetup_is1
O42 - Logiciel: Fallout New Vegas Ultimate Edition - (...) [HKLM][64Bits] -- Fal
lout New Vegas Ultimate Edition_is1
O42 - Logiciel: Fast Boot - (.ASUS.) [HKLM][64Bits] -- {13F4A7F3-EABC-4261-AF6B1317777F0755}
O42 - Logiciel: Football Manager 2014 - (...) [HKLM][64Bits] -- Football Manager
2014_is1
O42 - Logiciel: GOM Audio - (.Gretech Corporation.) [HKLM][64Bits] -- GomAudio
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Playe
r
O42 - Logiciel: Game Park Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {E7
1E60C1-533E-45A5-8D80-E475E88D2B17}_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {4AB54F11-2F
8C-11E3-B09F-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB
39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Governor of Poker - (.Oberon Media Inc..) [HKLM][64Bits] -- Gove
rnor of Poker
O42 - Logiciel: Hotel Dash Suite Success - (.Oberon Media Inc..) [HKLM][64Bits]
-- Hotel Dash Suite Success
O42 - Logiciel: Inpaint 5.4 - (.Teorex.) [HKLM][64Bits] -- {2AEDC172-479F-47AE-8
A48-A0524D4AED5B}_is1
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] - {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [H
KLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bit
s] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Turbo Boost Technology Monitor 2.0 - (.Intel.) [HKLM][6
4Bits] -- {B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}
O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM][64Bits] -- 5513-1208-7
298-9440
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4
CA4-87B4-2F83217045FF}
O42 - Logiciel: Jewel Quest 3 - (.Oberon Media Inc..) [HKLM][64Bits] -- Jewel Qu
est 3
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bit
s] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Lagarith lossless video codec (Remove Only) - (...) [HKLM][64Bit
s] -- LAGARITH
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- League of L
egends 3.0.1
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {3E75652D-9
9B1-417E-B163-BEF33CAD3F16}
O42 - Logiciel: Les Sims 3 - (.Electronic Arts.) [HKLM][64Bits] -- {C05D8CDB-417D
-4335-A38C-A0659EDFD6B8}
O42 - Logiciel: Luxor 3 - (.Oberon Media Inc..) [HKLM][64Bits] -- Luxor 3
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70
A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-49
2D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bi
ts] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bi
ts] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mahjongg dimensions - (.Oberon Media Inc..) [HKLM][64Bits] -- Ma
hjongg dimensions
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D
6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [
HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKL
M][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [H
KLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [
HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.)
[HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HK
LM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.)
[HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} =>.Microsoft Corporati
on
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.)
[HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation
.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.
) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits]
-- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] - {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HK
LM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE}
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -Mozilla Firefox 27.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- Mozi
llaMaintenanceService
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: NVIDIA GeForce Experience 1.8.2.1 - (.NVIDIA Corporation.) [HKLM
][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA Logiciel systme PhysX 9.13.1220 - (.NVIDIA Corporation.) [
HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {80407BA
7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: NVIDIA Pilote 3D Vision 335.23 - (.NVIDIA Corporation.) [HKLM][6
4Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 335.23 - (.NVIDIA Corporation.) [HKLM][6
4Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64
Bits] -- NVIDIAStereo
O42 - Logiciel: NVIDIA Virtual Audio 1.2.20 - (.NVIDIA Corporation.) [HKLM][64Bi
ts] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver
O42 - Logiciel: Nuance PDF Reader - (.Nuance Communications, Inc..) [HKLM][64Bit
s] -- {B480904D-F73F-4673-B034-8A5F492C9184}
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits]
-- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -{980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU][64Bits] -- PhotoFiltre Studi
o X
O42 - Logiciel: Plants vs Zombies - (.Oberon Media Inc..) [HKLM][64Bits] -- Plan
ts vs Zombies
O42 - Logiciel: PokerStars.be - (.PokerStars.be.) [HKLM][64Bits] -- PokerStars.b
e
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {
8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor C
orp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Rust - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 252490
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co.
, Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]
-- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits]
-- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Sid Meier's Pirates! - (.Firaxis Games.) [HKLM][64Bits] -- Insta
llShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}
O42 - Logiciel: Skype 6.14 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7
E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Sonic Focus - (.Synopsys .) [HKLM][64Bits] -- {09BCB9CE-964B-4BD
A-AE46-B5A0ABEF1D3F}
O42 - Logiciel: Sony RAW Driver - (.Sony Corporation.) [HKLM][64Bits] -- {166FCF
01-AC98-4288-A01C-90BEB808C059}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [H

KLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bi
ts] -- {A407FC22-36BF-4C82-A516-59D94BC505A9}
O42 - Logiciel: The Elder Scrolls V Skyrim version 1.0 - (.Bethesda Softworks.)
[HKLM][64Bits] -- {5EFE0504-0BC4-11E1-8EDD-B32C4824019B}_is1
O42 - Logiciel: TreeSize Free V3.0 - (.JAM Software.) [HKLM][64Bits] -- TreeSize
Free_is1
O42 - Logiciel: Trend Micro Titanium Internet Security - (.Trend Micro Inc..) [H
KLM][64Bits] -- {ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: Trend Micro Titanium Internet Security - (.Trend Micro Inc..) [H
KLM][64Bits] -- {ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM][64Bits] -- VLC medi
a player =>.VideoLAN
O42 - Logiciel: Video Time Reversal 2.06 - (.Xander.) [HKLM][64Bits] -- Video Ti
me Reversal 2_is1
O42 - Logiciel: Voipwise - (.Finarea S.A. Switzerland.) [HKLM][64Bits] -- Voipwi
se_is1
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4
370A73E346D}
O42 - Logiciel: WinRAR 5.00 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR
archiver
O42 - Logiciel: Wireless Console 3 - (.ASUS.) [HKLM][64Bits] -- {8150221C-8F7E-4
997-AD4E-AFDEE7F4B410}
O42 - Logiciel: World of Goo - (.Oberon Media Inc..) [HKLM][64Bits] -- World of
Goo
O42 - Logiciel: avast! Free Antivirus v9.0.2013 - (.Avast Software.) [HKLM][64Bi
ts] -- Avast
O42 - Logiciel: inSSIDer Office - (.MetaGeek, LLC.) [HKLM][64Bits] -- {8C127DE3EC36-4BA3-A6EE-6DC4A9B6C526}
O42 - Logiciel: syncables desktop SE - (.syncables.) [HKLM][64Bits] -- {341697D8
-9923-445E-B42A-529E5A99CB7A}
O42 - Logiciel: theHunter Launcher - (.Expansive Worlds.) [HKLM][64Bits] -- FBDF
BE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1
O42 - Logiciel: Torrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.B
itTorrent
~ Logic: 81 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASUS]
[HKCU\Software\ATK0100]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AnchorFree]
[HKCU\Software\AppDataLow\Software\AppDataLow]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow]
[HKCU\Software\Audacity]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Borland]
[HKCU\Software\Bugsplat]
[HKCU\Software\Camfrog]
[HKCU\Software\Canon]
[HKCU\Software\Cheat Engine]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\CyberLink]
[HKCU\Software\Disc Soft]
[HKCU\Software\ECAREME]
[HKCU\Software\Ethnos5]
[HKCU\Software\FLEXnet]
[HKCU\Software\Facebook]
[HKCU\Software\Facepunch Studios]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\GamersGate]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Intel]
[HKCU\Software\JAM Software]
[HKCU\Software\JavaSoft]
[HKCU\Software\LAV64]
[HKCU\Software\LAV]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MetaGeek, LLC]
[HKCU\Software\Modern UI Test]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Myfree Codec]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PalTalk]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SOFT CONCEPT]
[HKCU\Software\Samsung]
[HKCU\Software\Shining Rock Software LLC]
[HKCU\Software\SightSpeed Inc]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Teorex]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\Voipwise]
[HKCU\Software\Web Solution Mart]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wintertree]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Xander Software]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zeon]
[HKCU\Software\ej-technologies]
[HKCU\Software\fwc]
[HKCU\Software\kde.org]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\DTS]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\ATK0100]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AsLdr]
[HKLM\Software\Wow6432Node\Atari]
[HKLM\Software\Wow6432Node\Bethesda Softworks]
[HKLM\Software\Wow6432Node\Borland]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CodeGear]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Futuremark]
[HKLM\Software\Wow6432Node\GRETECH]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Myfree Codec]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\PocketSoft]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerPivot]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Riot Games]
[HKLM\Software\Wow6432Node\Samsung]
[HKLM\Software\Wow6432Node\ScanSoft]
[HKLM\Software\Wow6432Node\Sims]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\Sports Interactive]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Web Solution Mart]
[HKLM\Software\Wow6432Node\Zeon]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\syncables]
[HKLM\Software\Wow6432Node]
~ Key Software: 387 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 20/02/2014 - 17:13:09 - [763,306] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 1/04/2014 - 16:00:47 - [0] ----D C:\Program Files (x86)\AGEIA Technol
ogies
O43 - CFD: 5/11/2013 - 17:30:57 - [2,896] ----D C:\Program Files (x86)\AmIcoSing
Lun
O43 - CFD: 6/11/2013 - 01:00:17 - [517,058] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 14/04/2014 - 15:22:20 - [45,734] ----D C:\Program Files (x86)\Audacit
y
O43 - CFD: 11/04/2014 - 15:49:15 - [1373,535] ----D C:\Program Files (x86)\Bethe
sda Softworks
O43 - CFD: 1/04/2014 - 23:19:31 - [128,154] ----D C:\Program Files (x86)\Cabela'
s Big Game Hunter Pro Hunts
O43 - CFD: 23/12/2013 - 05:59:53 - [72,845] ----D C:\Program Files (x86)\Canon
O43 - CFD: 1/01/2014 - 16:29:15 - [27,742] ----D C:\Program Files (x86)\Cheat En
gine 6.3
O43 - CFD: 5/11/2013 - 17:31:11 - [3,432] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 11/04/2014 - 10:37:32 - [829,634] ----D C:\Program Files (x86)\Common
Files
O43 - CFD: 11/03/2014 - 00:03:32 - [1307,275] ----D C:\Program Files (x86)\Crusa
der Kings II 2.0.4
O43 - CFD: 5/11/2013 - 17:36:12 - [254,583] ----D C:\Program Files (x86)\CyberLi
nk
O43 - CFD: 17/12/2013 - 17:31:41 - [26,734] ----D C:\Program Files (x86)\DAEMON
Tools Lite =>.DT Soft Ltd

O43 - CFD: 30/12/2013 - 12:06:33 - [-708,604] ----D C:\Program Files (x86)\Elect
ronic Arts
O43 - CFD: 7/11/2013 - 11:56:53 - [25,451] ----D C:\Program Files (x86)\Fake Web
cam 7.3
O43 - CFD: 28/03/2014 - 16:35:06 - [1257,967] ----D C:\Program Files (x86)\Firax
is Games
O43 - CFD: 11/11/2013 - 06:48:05 - [543,738] ----D C:\Program Files (x86)\Google
O43 - CFD: 7/11/2013 - 08:16:42 - [52,686] ----D C:\Program Files (x86)\GRETECH
O43 - CFD: 13/11/2013 - 18:04:00 - [12,303] ----D C:\Program Files (x86)\Inpaint
O43 - CFD: 11/04/2014 - 10:37:37 - [1742,167] --H-D C:\Program Files (x86)\Insta
llShield Installation Information
O43 - CFD: 5/11/2013 - 17:24:29 - [14,965] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/03/2014 - 10:20:00 - [9,681] ----D C:\Program Files (x86)\Internet
Explorer
O43 - CFD: 1/04/2014 - 16:46:03 - [4,854] ----D C:\Program Files (x86)\JAM Softw
are
O43 - CFD: 14/03/2014 - 11:16:23 - [121,318] ----D C:\Program Files (x86)\Java
O43 - CFD: 31/12/2013 - 08:08:59 - [71,130] ----D C:\Program Files (x86)\JDownlo
ader
O43 - CFD: 19/02/2014 - 00:39:44 - [10,200] ----D C:\Program Files (x86)\MetaGee
k
O43 - CFD: 1/04/2014 - 16:43:55 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 7/11/2013 - 11:11:09 - [98,370] ----D C:\Program Files (x86)\Microsof
t Analysis Services
O43 - CFD: 28/01/2014 - 16:17:26 - [53,639] ----D C:\Program Files (x86)\Microso
ft Games
t Office
O43 - CFD: 12/03/2014 - 09:10:48 - [40,879] ----D C:\Program Files (x86)\Microso
ft Silverlight
O43 - CFD: 7/11/2013 - 11:13:40 - [0,029] ----D C:\Program Files (x86)\Microsoft
SQL Server
t SQL Server Compact Edition
t WSE
O43 - CFD: 3/04/2014 - 09:22:17 - [8,445] ----D C:\Program Files (x86)\Microsoft
.NET
O43 - CFD: 31/12/2013 - 07:58:25 - [1,224] ----D C:\Program Files (x86)\Mobogeni
e =>PUP.Mobogenie
O43 - CFD: 7/03/2014 - 01:47:05 - [52,272] ----D C:\Program Files (x86)\Mozilla
Firefox
O43 - CFD: 16/03/2014 - 23:58:09 - [0,216] ----D C:\Program Files (x86)\Mozilla
Maintenance Service
O43 - CFD: 13/07/2009 - 22:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 29/01/2014 - 18:35:38 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/01/2014 - 15:21:23 - [10,752] ----D C:\Program Files (x86)\MyFree
Codec
O43 - CFD: 12/04/2011 - 19:33:04 - [42,963] ----D C:\Program Files (x86)\Nuance
O43 - CFD: 1/04/2014 - 16:01:14 - [192,923] ----D C:\Program Files (x86)\NVIDIA
Corporation
O43 - CFD: 5/02/2014 - 15:21:07 - [7,182] ----D C:\Program Files (x86)\Pando Net
works
O43 - CFD: 13/11/2013 - 17:47:48 - [14,181] ----D C:\Program Files (x86)\PhotoFi
ltre Studio X
O43 - CFD: 29/12/2013 - 13:34:49 - [75,952] ----D C:\Program Files (x86)\PokerSt
ars.BE
O43 - CFD: 5/11/2013 - 17:31:10 - [11,877] ----D C:\Program Files (x86)\Ralink
O43 - CFD: 5/11/2013 - 17:30:06 - [12,690] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 13/07/2009 - 22:32:38 - [37,357] ----D C:\Program Files (x86)\Referen

ce Assemblies
O43 - CFD: 16/03/2014 - 00:26:12 - [-313,732] ----D C:\Program Files (x86)\Saint
s Row 2
O43 - CFD: 15/01/2014 - 15:21:55 - [218,677] ----D C:\Program Files (x86)\Samsun
g
O43 - CFD: 14/03/2014 - 11:52:21 - [23,261] R---D C:\Program Files (x86)\Skype
O43 - CFD: 3/04/2014 - 15:31:48 - [1,754] ----D C:\Program Files (x86)\Sony
O43 - CFD: 6/03/2014 - 01:06:19 - [-1000,839] ----D C:\Program Files (x86)\Sport
s Interactive
O43 - CFD: 10/04/2014 - 16:50:34 - [-985,865] ----D C:\Program Files (x86)\Steam
O43 - CFD: 12/04/2011 - 19:49:28 - [161,465] ----D C:\Program Files (x86)\syncab
les
O43 - CFD: 14/03/2014 - 11:04:18 - [0,625] ----D C:\Program Files (x86)\SystemRe
quirementsLab
O43 - CFD: 5/11/2013 - 17:30:37 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 17/12/2013 - 17:56:51 - [1339,587] ----D C:\Program Files (x86)\The E
lder Scrolls V Skyrim
O43 - CFD: 2/04/2014 - 00:03:16 - [-1912,693] ----D C:\Program Files (x86)\theHu
nter
O43 - CFD: 13/07/2009 - 21:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall In
formation
O43 - CFD: 20/11/2013 - 12:40:54 - [43,107] ----D C:\Program Files (x86)\Video T
ime Reversal 2
O43 - CFD: 10/12/2013 - 18:31:03 - [98,590] ----D C:\Program Files (x86)\VideoLA
N
O43 - CFD: 27/11/2013 - 03:03:21 - [21,967] ----D C:\Program Files (x86)\Voipwis
e.com
O43 - CFD: 7/11/2013 - 11:57:56 - [22,057] ----D C:\Program Files (x86)\Web Solu
tion Mart
O43 - CFD: 14/11/2013 - 19:02:09 - [0,500] ----D C:\Program Files (x86)\Windows
Defender
O43 - CFD: 12/04/2011 - 19:45:11 - [314,625] ----D C:\Program Files (x86)\Window
s Live
Mail =>.Microsoft Corporation
Media Player =>.Microsoft Corporation
NT
Photo Viewer
Portable Devices
Sidebar
O43 - CFD: 16/04/2014 - 10:14:15 - [17,154] ----D C:\Program Files (x86)\ZHPDiag
=>.Nicolas Coolman
Files\Adobe
O43 - CFD: 7/11/2013 - 08:16:43 - [0,208] ----D C:\Program Files (x86)\Common Fi
les\Gretech Corporation
O43 - CFD: 28/01/2014 - 16:14:08 - [8,572] ----D C:\Program Files (x86)\Common F
iles\InstallShield
iles\Intel
iles\Java
les\Microsoft Games

Files\microsoft shared
iles\Oberon Media
les\postureAgent
iles\Services
iles\Skype
Files\SpeechEngines
iles\Steam
Files\System
les\Web Solution Mart
O43 - CFD: 12/04/2011 - 19:33:36 - [0] ----D C:\Program Files (x86)\Common Files
\Windows Live
O43 - CFD: 4/03/2014 - 17:14:48 - [407,550] ----D C:\ProgramData\Adobe
O43 - CFD: 28/01/2014 - 16:37:41 - [0] ----D C:\ProgramData\Age of Empires 3
O43 - CFD: 5/11/2013 - 17:30:57 - [0] ----D C:\ProgramData\AmUStor
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 6/11/2013 - 17:40:49 - [26,797] ----D C:\ProgramData\AVAST Software
O43 - CFD: 1/12/2013 - 08:44:26 - [20,479] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 23/12/2013 - 05:56:49 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 23/12/2013 - 05:56:49 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 23/12/2013 - 06:06:59 - [0,002] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 6/11/2013 - 00:40:21 - [4,522] ----D C:\ProgramData\ChangeFolderView
O43 - CFD: 17/12/2013 - 17:27:08 - [0,045] ----D C:\ProgramData\CyberLink
O43 - CFD: 17/12/2013 - 17:32:55 - [0,002] ----D C:\ProgramData\DAEMON Tools Lit
e =>.DT Soft Ltd
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 12/04/2011 - 19:33:02 - [18,933] ----D C:\ProgramData\Downloaded Inst
allations
O43 - CFD: 9/02/2014 - 15:40:36 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 12/04/2011 - 19:33:04 - [3,807] ----D C:\ProgramData\FLEXnet
O43 - CFD: 6/11/2013 - 00:37:21 - [0,893] ----D C:\ProgramData\FolderView
O43 - CFD: 6/11/2013 - 00:38:00 - [0] ----D C:\ProgramData\Google
O43 - CFD: 7/11/2013 - 08:16:42 - [0,875] ----D C:\ProgramData\GRETECH
O43 - CFD: 1/04/2014 - 00:17:47 - [0,004] ----D C:\ProgramData\Hunter
O43 - CFD: 5/11/2013 - 17:26:02 - [0,002] ----D C:\ProgramData\Intel
O43 - CFD: 11/11/2013 - 05:32:13 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 1/04/2014 - 16:43:55 - [241,143] -S--D C:\ProgramData\Microsoft
O43 - CFD: 13/04/2014 - 16:44:08 - [0,012] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 6/11/2013 - 17:30:20 - [0,020] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/11/2013 - 05:28:29 - [0] ----D C:\ProgramData\Nuance
O43 - CFD: 16/04/2014 - 09:18:48 - [16,097] ----D C:\ProgramData\NVIDIA
O43 - CFD: 1/04/2014 - 16:02:17 - [4,324] ----D C:\ProgramData\NVIDIA Corporatio
n
O43 - CFD: 12/04/2011 - 19:48:44 - [27,601] ----D C:\ProgramData\OberonGameConso
le
O43 - CFD: 14/03/2014 - 11:19:28 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 5/11/2013 - 17:31:50 - [0,002] ----D C:\ProgramData\P4G
O43 - CFD: 6/11/2013 - 02:18:00 - [0] ----D C:\ProgramData\Partner
O43 - CFD: 6/02/2014 - 16:19:11 - [0] ----D C:\ProgramData\PMB Files =>P2P.Pand
o
O43 - CFD: 5/11/2013 - 17:31:12 - [3,877] ----D C:\ProgramData\Ralink Driver

O43 - CFD: 7/11/2013 - 11:13:29 - [0,001] ----D C:\ProgramData\regid.1991-06.com
.microsoft
O43 - CFD: 15/01/2014 - 15:21:34 - [11,161] ----D C:\ProgramData\Samsung
O43 - CFD: 12/04/2011 - 19:33:05 - [1,216] ----D C:\ProgramData\ScanSoft
O43 - CFD: 14/03/2014 - 11:52:25 - [48,281] ----D C:\ProgramData\Skype
O43 - CFD: 5/11/2013 - 17:30:21 - [0,009] ----D C:\ProgramData\SonicFocus
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 1/04/2014 - 23:41:07 - [0,005] ----D C:\ProgramData\Steam
O43 - CFD: 17/12/2013 - 12:27:12 - [0] ----D C:\ProgramData\Sun
O43 - CFD: 5/11/2013 - 17:35:52 - [0,137] ----D C:\ProgramData\Temp
O43 - CFD: 13/07/2009 - 22:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 7/11/2013 - 02:06:27 - [20,806] ----D C:\ProgramData\Trend Micro
O43 - CFD: 22/12/2013 - 07:54:03 - [299,065] ----D C:\Users\Armin Metovic\AppDat
a\Roaming\.minecraft
O43 - CFD: 14/11/2013 - 16:19:43 - [0] ----D C:\Users\Armin Metovic\AppData\Roam
ing\AC3Filter
O43 - CFD: 20/02/2014 - 17:19:54 - [2,905] ----D C:\Users\Armin Metovic\AppData\
Roaming\Adobe
O43 - CFD: 7/11/2013 - 02:07:54 - [0] ----D C:\Users\Armin Metovic\AppData\Roami
ng\ASUS WebStorage
Roaming\Audacity
O43 - CFD: 6/11/2013 - 17:42:20 - [6,236] ----D C:\Users\Armin Metovic\AppData\R
oaming\AVAST Software
Roaming\Canon
ing\CyberLink
Roaming\DAEMON Tools Lite =>.DT Soft Ltd
a\Roaming\Dropbox
ing\FLEXnet
oaming\FMRTE14
Roaming\GRETECH
ing\Identities
ng\InstallShield
oaming\JAM Software
oaming\Macromedia
ing\Media Center Programs
O43 - CFD: 30/12/2013 - 12:15:58 - [45,098] -S--D C:\Users\Armin Metovic\AppData
\Roaming\Microsoft
Roaming\Mozilla
Roaming\newnext.me =>PUP.NextLive
ing\Nuance
ing\NVIDIA
Roaming\PhotoFiltre Studio X
ng\Riot Games
oaming\Samsung
Roaming\Skype
ing\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
Roaming\theHunter
O43 - CFD: 16/04/2014 - 09:21:30 - [11,120] ----D C:\Users\Armin Metovic\AppData
\Roaming\uTorrent =>P2P.Torrent
Roaming\vlc
Roaming\Voipwise
ng\WinRAR
Roaming\Zeon
Roaming\ZHP =>.Nicolas Coolman
\Local\Adobe
O43 - CFD: 7/11/2013 - 02:04:23 - [0] -SH-D C:\Users\Armin Metovic\AppData\Local
\Application Data
O43 - CFD: 7/11/2013 - 07:51:25 - [1,600] ----D C:\Users\Armin Metovic\AppData\L
ocal\Apps
Local\cache
O43 - CFD: 6/03/2014 - 01:39:08 - [0] ----D C:\Users\Armin Metovic\AppData\Local
\Chromium
\Deployment
O43 - CFD: 29/03/2014 - 19:42:49 - [0] ----D C:\Users\Armin Metovic\AppData\Loca
l\Diagnostics
\Local\Downloaded Installations
Local\Facebook
l\FalloutNV
Local\genienext =>PUP.NextLive
\Local\Google
\Historique
Local\MetaGeek,_LLC
a\Local\Microsoft
Local\Microsoft Games
ocal\Microsoft Help
ocal\Microsoft Toolkit
Local\Mobogenie =>PUP.Mobogenie
Local\Mozilla
O43 - CFD: 19/02/2014 - 00:39:58 - [0] -SH-D C:\Users\Armin Metovic\AppData\Loca
l\ms-drivers
\Local\NVIDIA
ocal\NVIDIA Corporation
ocal\PMB Files =>P2P.Pando
Local\PokerStars.BE
ocal\Power2Go
l\Programs
Local\Samsung
Local\Skype
l\Skyrim
Local\Sports Interactive
a\Local\Temp
\Temporary Internet Files
\theHunter
Local\THQ
ocal\VirtualStore
Local\Windows Live
O43 - CFD: 13/07/2009 - 21:54:32 - [0,014] R---D C:\Users\Armin Metovic\AppData\
Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/11/2013 - 10:32:18 - [0] R---D C:\Users\Armin Metovic\AppData\Roam
ing\Microsoft\Windows\Start Menu\Programs\Administrative Tools
oaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
ing\Microsoft\Windows\Start Menu\Programs\Firaxis Games
ng\Microsoft\Windows\Start Menu\Programs\Games
Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
ing\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
Roaming\Microsoft\Windows\Start Menu\Programs\Startup
oaming\Microsoft\Windows\Start Menu\Programs\Steam
oaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Secur

ity
oaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ 8 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 231 Scanned in 00mn 39s
---\\ Derniers fichiers modifis ou cres sous Windows et System32 (O44)

O44 - LFC:[MD5.A7B21E5A7F2FBED2C0EBCEB132F5053A] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdis
pco6433523.dll [1885472]
O44 - LFC:[MD5.A7F85855BA07B5863F4F825DC0D13B23] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvdispgenco6
433523.dll [1516488]
O44 - LFC:[MD5.D1DE017D96E03ED7D3B7FA2177F18CC4] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA CUDA 6.0.1 OpenCL 1.1 Driver, Versio.) -- C:\Windo
ws\System32\nvopencl.dll [11589272]
O44 - LFC:[MD5.073FA5999FC8C2852F0667558D91049D] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA CUDA Driver, Version 335.23.) -- C:\Windows\System
32\nvcuda.dll [11636176]
O44 - LFC:[MD5.713847FFF1C21AB146EC4BC77313E09C] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 335.2.) -- C:\Windo
ws\System32\nvcuvid.dll [3143456]
O44 - LFC:[MD5.15B44E20796692FD787133F1A9B2785A] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 335.23.) -- C:\Windows
\System32\nvcuvenc.dll [2783008]
O44 - LFC:[MD5.0DE740225F2FD43C45BA6D4A3378C3C1] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvo
glv64.dll [31474976]
O44 - LFC:[MD5.D83E3F4CDDA74D3493C818EDFD64FADA] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA Compiler, Version 335.23.) -- C:\Windows\System32\
nvcompiler.dll [25255256]
O44 - LFC:[MD5.F94E505636D9D913A33F79329E2F7998] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 335.23.) -- C:\Windows\Syste
m32\nvwgf2umx.dll [18302384]
O44 - LFC:[MD5.AE8DEB3B016B10C15F9317656AA503D0] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA Front Buffer Capture Library, Versio.) -- C:\Windo
ws\System32\NvFBC64.dll [877856]
O44 - LFC:[MD5.593F9F97F6EEACA8EEE9E86FF037DC89] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA In-band Frame Rendering Library, Ver.) -- C:\Windo
ws\System32\NvIFR64.dll [892704]
O44 - LFC:[MD5.8FCD2647A7EC387CC042FDEF1E613A45] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA OpenGL Shim Driver, Version 335.23.) -- C:\Windows
\System32\nvoglshim64.dll [353504]
O44 - LFC:[MD5.3D6A11AFC01C64967DEE3114BBA15CF8] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 335.23.) -- C:\Windows\Sy
stem32\nvd3dumx.dll [17755424]
O44 - LFC:[MD5.757ACE4D4C9FF0571F86AA5D586B45E8] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Window
s\System32\Drivers\nvlddmkm.sys [12708128]
O44 - LFC:[MD5.445422B928D2FE322BB6B956EA77DC7B] - 1/04/2014 - 14:58:07 ---A- .
(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Window
s\System32\Drivers\nvpciflt.sys [33736]
O44 - LFC:[MD5.939C0FAE9CC0CDD69E6508BDE4C11FE5] - 1/04/2014 - 14:58:08 ---A- .
(.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\Driv
ers\nvvad64v.sys [39200]
O44 - LFC:[MD5.30C7FCBDA8844D1AD17F5813E0D71533] - 1/04/2014 - 14:58:08 ---A- .
(.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\nvau
dcap64v.dll [35104]
O44 - LFC:[MD5.52A94BCDEE1D8FA54B956A07408B7610] - 1/04/2014 - 15:01:14 ---A- .
(.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\System32\nvsp
cap64.dll [1179576]
O44 - LFC:[MD5.B035CB17B9C7FC419047AAAD5AA8C81D] - 1/04/2014 - 22:01:21 ---A- .
(...) -- C:\Windows\System32\ServiceFilter.ini [1392]
O44 - LFC:[MD5.C3C9CFD8E8A5F927293ACE179031F877] - 1/04/2014 - 22:01:23 ---A- .
(...) -- C:\Windows\System32\AutoRunFilter.ini [2488]
O44 - LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] - 11/04/2014 - 09:36:24 ---A- .
(...) -- C:\Windows\ODBC.INI [28]
O44 - LFC:[MD5.EB5EB52D7210B2A7182AF9097AA21FE5] - 15/04/2014 - 19:25:02 ---A- .
(...) -- C:\Windows\System32\PerfStringBackup.INI [1700612]
O44 - LFC:[MD5.D486403CF986CBA8A0127034FA5C8BA9] - 15/04/2014 - 19:25:02 ---A- .
(...) -- C:\Windows\System32\perfc009.dat [126088]
O44 - LFC:[MD5.D96E05AE2B8473CF1F95FE2597903910] - 15/04/2014 - 19:25:02 ---A- .
(...) -- C:\Windows\System32\perfc00C.dat [154138]
O44 - LFC:[MD5.0BE0FD7BC59222CF3CEAA42CC3FD37D8] - 15/04/2014 - 19:25:02 ---A- .
(...) -- C:\Windows\System32\perfh009.dat [665876]
O44 - LFC:[MD5.A040A83E6F5CF85C5F574A24F8BE0990] - 15/04/2014 - 19:25:02 ---A- .
(...) -- C:\Windows\System32\perfh00C.dat [759306]
O44 - LFC:[MD5.F40AC933F050760A2454638E0A7F3557] - 16/04/2014 - 08:18:46 -S-A- .
(...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.0F2DF9A6D71013120568E79C7D20A570] - 16/04/2014 - 08:18:58 ---A- .
(...) -- C:\Windows\setupact.log [3466]
O44 - LFC:[MD5.141B00A1333A760C8AF3EB5F814D3D72] - 16/04/2014 - 08:24:36 ---A- .
(...) -- C:\Windows\WindowsUpdate.log [1228960]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 3/04/2014 - 08:25:59 ---A- .
(...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.D9990B02B4E85B62EA2387C7FE2998EC] - 3/04/2014 - 11:37:01 ---A- .
(...) -- C:\Windows\System32\FNTCACHE.DAT [5058688]
O44 - LFC:[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 8/04/2014 - 13:13:27 ---A- .
(.Microsoft Corporation - Pilote du systme de fichiers NT.) -- C:\Windows\System3
2\Drivers\ntfs.sys [1684928]
O44 - LFC:[MD5.0F090A77E664CB0F70AB8D3B230B760C] - 8/04/2014 - 13:13:43 ---A- .
(.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll
[13312]
O44 - LFC:[MD5.D2A513EE880D71BDE7F0257F38B9D019] - 8/04/2014 - 13:13:43 ---A- .
(.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\Syst
em32\kernel32.dll [1163264]
O44 - LFC:[MD5.2A107B611C91CD256466C58C0D776E9D] - 8/04/2014 - 13:13:43 ---A- .
(.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64
.dll [243712]
O44 - LFC:[MD5.7434E01FBCA3CB86539C39412A31D5E1] - 8/04/2014 - 13:13:43 ---A- .
(.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\Sy
stem32\wow64win.dll [362496]
O44 - LFC:[MD5.74959C718FF4594369645F35B7DF19C4] - 8/04/2014 - 13:13:43 ---A- .
(.Microsoft Corporation - mulation 16 bits sur NT64.) -- C:\Windows\System32\ntvd
m64.dll [16384]
O44 - LFC:[MD5.B3222734D80013D2C73841B0C549FA63] - 8/04/2014 - 13:16:31 ---A- .
(.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Driver
s\Diskdump.sys [27584]
O44 - LFC:[MD5.1F34470A484B001CC95B66CFE4753960] - 8/04/2014 - 13:16:31 ---A- .
(.Microsoft Corporation - DLL de journalisation des E/S.) -- C:\Windows\System32
\iologmsg.dll [2048]
O44 - LFC:[MD5.A3F0BC5897F9D3786A3CB695B163633A] - 8/04/2014 - 13:16:31 ---A- .
(.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32
\Drivers\storport.sys [190912]
O44 - LFC:[MD5.96BB922A0981BC7432C8CF52B5410FE6] - 8/04/2014 - 13:16:31 ---A- .
(.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\Syste
m32\Drivers\msiscsi.sys [274880]
O44 - LFC:[MD5.14257E59C8452DCC38B8D55DEDC6EE0D] - 8/04/2014 - 13:47:12 ---A- .

(.Microsoft Corporation - Microsoft MSHTML Typelib.) -- C:\Windows\System32\mshtm
l.tlb [2724864]
O44 - LFC:[MD5.C3E3EFD320D0000BE6F9CDB00CD6086F] - 8/04/2014 - 13:47:13 ---A- .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System3
2\mshtml.dll [23134208]
O44 - LFC:[MD5.43A08EE6CC7F29FB1923A1D9C92B380E] - 9/04/2014 - 07:43:03 ---A- .
(.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Wi
ndows\System32\MRT.exe [90655440]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/04/2014 - 23:11:24 ---A- .
(...) -- C:\Windows\setuperr.log [0]
~ Files: 45 Scanned in 00mn 17s
---\\ Derniers fichiers crs dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.7CF407D7DB940ED716BF8F6DBA6C8E5D] - 14/04/2014 - C:\Windows\Prefetch\VEEDUB64.EXE-0BD6447C.pf
O45 - LFCP:[MD5.9245004388C09E0BFB8BE1E1FD2AFF8A] - 14/04/2014 - C:\Windows\Prefetch\GOMA.EXE-640D5C6C.pf
O45 - LFCP:[MD5.287ADDD3CF48E44FC3D9BAE93C6FA283] - 14/04/2014 - C:\Windows\Prefetch\VOPS-DONT_STARVE.18247390.EXE-FED114FC.pf
O45 - LFCP:[MD5.5BA7FFBC69E610992A4BF6EB823810A1] - 15/04/2014 - C:\Windows\Prefetch\ASUSVI~2.EXE-37421E5F.pf
O45 - LFCP:[MD5.AE1D0A6973776CCBA911522BB3AAC887] - 15/04/2014 - C:\Windows\Prefetch\SIGNAL~1.EXE-B603C50B.pf
O45 - LFCP:[MD5.C2B263695C07AD490CCCCE6C0E8123A5] - 15/04/2014 - C:\Windows\Prefetch\TIRESUMESRV.EXE-BD94BD71.pf
O45 - LFCP:[MD5.BF8227C8D8A23BA1537B18423BD44493] - 15/04/2014 - C:\Windows\Prefetch\VEEDUB64.EXE-8CEA13A9.pf
O45 - LFCP:[MD5.7FB415B1605394D426B9DF9A4CCDFD15] - 15/04/2014 - C:\Windows\Prefetch\DAO.18282512.EXE-231CC5E6.pf
O45 - LFCP:[MD5.D55C0655F4C5BBE5D6C050145DFB81F5] - 15/04/2014 - C:\Windows\Prefetch\VIZORHTMLDIALOG.EXE-44A0E817.pf
O45 - LFCP:[MD5.F0D18AEB3F443A311AE12BB9E9569912] - 15/04/2014 - C:\Windows\Prefetch\FM.EXE-E5B16F82.pf
O45 - LFCP:[MD5.46550AA66B2A6BB718B06E79885A3D18] - 15/04/2014 - C:\Windows\Prefetch\FMRTE.EXE-EA7C0435.pf
O45 - LFCP:[MD5.40BACC3C1C89441969C3C256F149E489] - 16/04/2014 - C:\Windows\Prefetch\NVBACKEND.EXE-00368064.pf
O45 - LFCP:[MD5.915EC078EA6D4757D0EC433BB2BC8DC5] - 16/04/2014 - C:\Windows\Prefetch\TIMINISERVICE.EXE-026C7203.pf
O45 - LFCP:[MD5.4F272C7195A1E8771B59533879B70E44] - 16/04/2014 - C:\Windows\Prefetch\INSTUP.EXE-7E543EAF.pf
~ Prefetcher: 14 Scanned in 00mn 00s
14:20:31 ---A14:30:11 ---A15:42:06 ---A08:09:08 ---A08:09:13 ---A08:09:49 ---A10:56:09 ---A15:44:12 ---A17:17:33 ---A23:15:26 ---A23:24:10 ---A08:19:55 ---A08:20:43 ---A09:13:11 ---A-
---\\ Dni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corpora
tion - Microsoft Authentication Packagev1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporati
on - Moteur du client de lditeur de configuration de scurit Windows.) -- C:\Windows\
System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation Package de scurit Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation Microsoft Authentication Packagev1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft

Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
SP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
Corporation Corporation Corporation Corp. - LiveS
---\\ Contrle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corp
oration - Pilote de filtre souris srie.) -- C:\Windows\System32\Drivers\sermouse.
sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporati
on - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windo
ws\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corpor
ation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corpo
ration - Pilote dextension du gestionnaire de volumes.) -- C:\Windows\System32\Dr
ivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corpora
tion - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corp
oration - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corp
oration - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corp
oration - Pilote de filtre souris srie.) -- C:\Windows\System32\Drivers\sermouse.
sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporati
on - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windo
ws\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corpor
ation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corpo
ration - Pilote dextension du gestionnaire de volumes.) -- C:\Windows\System32\Dr
ivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Cl de registre Shell MountPoints2 (MPKS) (O51)

O51 - MPSK:{ea7fc0f9-6767-11e3-af37-5404a6136e8f}\AutoRun\command. (.Pas de prop
ritaire - Fallout New Vegas Ultimate Edition.) -- H:\SETUP.exe
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Frau
nhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) - C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propritaire - Lagari
th.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPE

G Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3
Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pa
s de propritaire - Lagarith.) -- C:\Windows\System32\lagarith.dll
~ TDSD: 4 Scanned in 00mn 00s
---\\ Enumration des cls de registre StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsS
crPro.) -- C:\Windows\AsScrPro.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink Media
Libray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gesti
onnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =
>.Realtek Semiconductor Corp
~ SMSR Keys: 3 Scanned in 00mn 00s
---\\ Enumration des cls de registre SecurityProviders (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Micros
oft Corporation - Credential Delegation Security Package.) -- C:\Windows\System3
2\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft
Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\cr
edssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumration des cls de registre PoliciesSystem (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumration des cls de registre PoliciesExplorer (MWPE) (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du systme (SDL) (O58)

O58 - SDL:[MD5.64EDD3F59DB321947969FDF1DD747323] - 13/07/2009 - 16:06:38 ---A- .
(.Microsoft Corporation - 1394 Bus Device Driver.) -- C:\Windows\System32\Drive
rs\1394bus.sys [68096]
O58 - SDL:[MD5.A87D604AEA360176311474C87A63BB88] - 20/11/2010 - 02:44:58 ---A- .
(.Microsoft Corporation - 1394 OpenHCI Driver.) -- C:\Windows\System32\Drivers\
1394ohci.sys [229888]
O58 - SDL:[MD5.D81D9E70B8A6DD14D42D7B4EFA65D5F2] - 20/11/2010 - 05:32:48 ---A- .
(.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\Windows\System32\Drivers\
acpi.sys [334208]
O58 - SDL:[MD5.99F8E788246D495CE3794D7E7821D2CA] - 20/11/2010 - 01:30:44 ---A- .
(.Microsoft Corporation - ACPI Power Metering Driver.) -- C:\Windows\System32\D
rivers\acpipmi.sys [12800]
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 13/07/2009 - 17:52:21 ---A- .
(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\Syst
em32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 17:52:21 ---A- .
(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32
\Drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 17:52:21 ---A- .
(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\S
ystem32\Drivers\adpu320.sys [182864]
O58 - SDL:[MD5.79059559E89D06E8B80CE2944BE20228] - 27/09/2013 - 17:09:10 ---A- .
(.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows
\System32\Drivers\afd.sys [497152]
O58 - SDL:[MD5.7ECFF9B22276B73F43A99A15A6094E90] - 13/07/2009 - 16:10:24 ---A- .
(.Microsoft Corporation - RAS Agile Vpn Miniport Call Manager.) -- C:\Windows\S
ystem32\Drivers\agilevpn.sys [60416]
O58 - SDL:[MD5.608C14DBA7299D8CB6ED035A68A15799] - 13/07/2009 - 17:52:21 ---A- .
(.Microsoft Corporation - Filtre AGP 440 NT.) -- C:\Windows\System32\Drivers\AG
P440.sys [61008]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 13/07/2009 - 17:52:21 ---A- .
(.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers
\aliide.sys [15440]
O58 - SDL:[MD5.1FF8B4431C353CE385C875F194924C0C] - 13/07/2009 - 17:52:21 ---A- .
(.Microsoft Corporation - Pilote IDE AMD.) -- C:\Windows\System32\Drivers\amdid
e.sys [15440]
O58 - SDL:[MD5.7024F087CFF1833A806193EF9D22CDA9] - 13/07/2009 - 15:19:25 ---A- .
(.Microsoft Corporation - Processor Device Driver.) -- C:\Windows\System32\Driv
ers\amdk8.sys [64512]
O58 - SDL:[MD5.1E56388B3FE0D031C44144EB8C4D6217] - 13/07/2009 - 15:19:25 ---A- .
ers\amdppm.sys [60928]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 10/03/2011 - 22:41:12 ---A- .
(.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Driv
ers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 13/07/2009 - 17:52:20 ---A- .
(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for
Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 10/03/2011 - 22:41:12 ---A- .
(.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drive
rs\amdxata.sys [27008]
O58 - SDL:[MD5.9C7F164B49CADC658D1B3C575782F346] - 10/08/2010 - 22:11:26 ---A- .
(.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\Syst
em32\Drivers\AmUStor.sys [44032]
O58 - SDL:[MD5.89A69C3F2F319B43379399547526D952] - 20/11/2010 - 02:14:38 ---A- .
(.Microsoft Corporation - AppID Driver.) -- C:\Windows\System32\Drivers\appid.s
ys [61440]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 17:52:21 ---A- .
(.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers

\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 17:52:21 ---A- .
(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers
\arcsas.sys [97856]
O58 - SDL:[MD5.0ACC3F49015E628590CA4372322EB46B] - 25/02/2014 - 18:48:08 ---A- .
(.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:
\Windows\System32\Drivers\aswMonFlt.sys [78648]
O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 6/11/2013 - 16:41:35 ---A- .
(.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\a
swRdr2.sys [92544]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 6/11/2013 - 16:41:35 ---A- .
(...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.43599E630DFC30AD4E6A2B4B269EB1C0] - 25/02/2014 - 18:48:09 ---A- .
(.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Driver
s\aswSnx.sys [1038072]
O58 - SDL:[MD5.F22DE5F5BA8ADA0A861441B624B51EB5] - 25/02/2014 - 18:48:09 ---A- .
(.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drive
rs\aswsp.sys [421704]
O58 - SDL:[MD5.FD3EA14ADF6216BDF4030DB2EFD43D96] - 25/02/2014 - 18:48:09 ---A- .
(.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys
[80184]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 25/02/2014 - 18:48:09 ---A- .
(...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.769765CE2CC62867468CEA93969B2242] - 13/07/2009 - 16:10:13 ---A- .
(.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\Window
s\System32\Drivers\asyncmac.sys [23040]
O58 - SDL:[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - 17:52:21 ---A- .
(.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\Dr
ivers\atapi.sys [24128]
O58 - SDL:[MD5.059F00DEF82BF41E433B7ED465847726] - 4/08/2013 - 18:25:45 ---A- .
(.Microsoft Corporation - ATAPI Driver Extension.) -- C:\Windows\System32\Driver
s\ataport.sys [155584]
O58 - SDL:[MD5.0ACC06FCF46F64ED4F11E57EE461C1F4] - 4/10/2009 - 17:34:00 ---A- .
(.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.)
-- C:\Windows\System32\Drivers\athrx.sys [1542656]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 12:34:23 ---A- .
(.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Dr
iver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F4DE2AE7A9E1BADAC70BC71EA2C17612] - 13/07/2009 - 17:52:21 ---A- .
(.Microsoft Corporation - Battery Class Driver.) -- C:\Windows\System32\Drivers
\battc.sys [28240]
O58 - SDL:[MD5.16A47CE2DECC9B099349A5F840654746] - 13/07/2009 - 16:00:13 ---A- .
(.Microsoft Corporation - BEEP Driver.) -- C:\Windows\System32\Drivers\beep.sys
[6656]
O58 - SDL:[MD5.61583EE3C3A17003C4ACD0475646B4D3] - 13/07/2009 - 15:35:59 ---A- .
(.Microsoft Corporation - BLB Drive Driver.) -- C:\Windows\System32\Drivers\blb
drive.sys [45056]
O58 - SDL:[MD5.6C02A83164F5CC0A262F4199F0871CF5] - 4/05/2011 - 05:43:12 ---A- .
(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) -- C:\Window
s\System32\Drivers\bowser.sys [90624]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 12:41:06 ---A- .
(.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter
Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 12:41:06 ---A- .
(.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter
Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.5C2F352A4E961D72518261257AAE204B] - 13/07/2009 - 17:01:48 ---A- .
(.Microsoft Corporation - MAC Bridge Driver.) -- C:\Windows\System32\Drivers\br
idge.sys [95232]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 13/07/2009 - 17:19:07 ---A- .

(.Brother Industries Ltd. - Pilote Brother Srie I/F (WDM).) -- C:\Windows\System
32\Drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 12:41:10 ---A- .
(.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows
\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 12:41:10 ---A- .
(.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Dri
vers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 12:41:10 ---A- .
(.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\
Drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.CF98190A94F62E405C8CB255018B2315] - 13/07/2009 - 16:06:53 ---A- .
(.Microsoft Corporation - Extension de bus Bluetooth.) -- C:\Windows\System32\D
rivers\bthenum.sys [41984]
O58 - SDL:[MD5.9DA669F11D1F894AB4EB69BF546A42E8] - 13/07/2009 - 16:06:52 ---A- .
(.Microsoft Corporation - Bluetooth Communications Driver.) -- C:\Windows\Syste
m32\Drivers\bthmodem.sys [72192]
O58 - SDL:[MD5.02DD601B708DD0667E1331FA8518E9FF] - 13/07/2009 - 16:07:00 ---A- .
(.Microsoft Corporation - Bluetooth Personal Area Networking.) -- C:\Windows\Sy
stem32\Drivers\bthpan.sys [118784]
O58 - SDL:[MD5.738D0E9272F59EB7A1449C3EC118E6C4] - 6/07/2012 - 12:07:42 ---A- .
(.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\Drive
rs\bthport.sys [552960]
O58 - SDL:[MD5.F188B7394D81010767B6DF3178519A37] - 27/04/2011 - 19:54:56 ---A- .
(.Microsoft Corporation - Pilote de Miniport Bluetooth.) -- C:\Windows\System32
\Drivers\BTHUSB.SYS [80384]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 12:34:28 ---A- .
(.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System3
2\Drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - 15:19:47 ---A- .
(.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\Dr
ivers\cdfs.sys [92160]
O58 - SDL:[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - 01:19:22 ---A- .
(.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\Drivers\c
drom.sys [147456]
O58 - SDL:[MD5.D7CD5C4E1B71FA62050515314CFB52CF] - 13/07/2009 - 16:06:34 ---A- .
(.Microsoft Corporation - Consumer IR Class Driver for eHome.) -- C:\Windows\Sy
stem32\Drivers\circlass.sys [45568]
O58 - SDL:[MD5.ACFAD0B512226C7A83C7CB09FD55A9AD] - 20/11/2010 - 05:32:58 ---A- .
(.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Driver
s\Classpnp.sys [179072]
O58 - SDL:[MD5.0840155D0BDDF1190F84A663C284BD33] - 13/07/2009 - 15:31:03 ---A- .
(.Microsoft Corporation - Control Method Battery Driver.) -- C:\Windows\System3
2\Drivers\CmBatt.sys [17664]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 13/07/2009 - 17:52:31 ---A- .
(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Driver
s\cmdide.sys [17488]
O58 - SDL:[MD5.EBF28856F69CF094A902F884CF989706] - 4/07/2013 - 04:18:29 ---A- .
(.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\S
ystem32\Drivers\cng.sys [458712]
O58 - SDL:[MD5.102DE219C3F61415F964C88E9085AD14] - 13/07/2009 - 17:52:31 ---A- .
(.Microsoft Corporation - Composite Battery Driver.) -- C:\Windows\System32\Dri
vers\compbatt.sys [21584]
O58 - SDL:[MD5.03EDB043586CCEBA243D689BDDA370A8] - 20/11/2010 - 02:33:18 ---A- .
(.Microsoft Corporation - Multi-Transport Composite Bus Enumerator.) -- C:\Wind
ows\System32\Drivers\CompositeBus.sys [38912]
O58 - SDL:[MD5.3E588B60EC061686BA05D33574A344C6] - 13/07/2009 - 17:47:48 ---A- .
(.Microsoft Corporation - Crash Dump Driver.) -- C:\Windows\System32\Drivers\cr
ashdmp.sys [39504]
O58 - SDL:[MD5.1C827878A998C18847245FE1F34EE597] - 13/07/2009 - 17:47:48 ---A- .

(.Microsoft Corporation - Disk Block Verification Filter Driver.) -- C:\Windows
\System32\Drivers\crcdisk.sys [24144]
O58 - SDL:[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - 01:26:34 ---A- .
(.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\
Drivers\dfsc.sys [102400]
O58 - SDL:[MD5.13096B05847EC78F0977F2C0F79E9AB3] - 13/07/2009 - 15:37:18 ---A- .
(.Microsoft Corporation - System Indexer/Cache Driver.) -- C:\Windows\System32\
Drivers\discache.sys [40448]
O58 - SDL:[MD5.9819EEE8B5EA3784EC4AF3B137A5244C] - 13/07/2009 - 17:47:48 ---A- .
(.Microsoft Corporation - PnP Disk Driver.) -- C:\Windows\System32\Drivers\disk
.sys [73280]
O58 - SDL:[MD5.B3222734D80013D2C73841B0C549FA63] - 3/02/2014 - 18:35:35 ---A- .
(.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\Windows\System32\Driver
s\Diskdump.sys [27584]
O58 - SDL:[MD5.E0D3CD5841E5C7BE7B94BA946AF1E498] - 3/10/2013 - 18:16:30 ---A- .
(.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\System
32\Drivers\drmk.sys [116736]
O58 - SDL:[MD5.9B19F34400D24DF84C858A421C205754] - 13/07/2009 - 16:06:16 ---A- .
(.Microsoft Corporation - Microsoft Trusted Audio Drivers.) -- C:\Windows\Syste
m32\Drivers\drmkaud.sys [5632]
O58 - SDL:[MD5.6A0E850DDCB136AA3D2FB7234382DF12] - 17/12/2013 - 16:31:41 ---A- .
(.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Driv
ers\dtsoftbus01.sys [283064]
O58 - SDL:[MD5.839B5FE3D48E9F35B22C21A3D5103F6C] - 13/07/2009 - 17:47:48 ---A- .
(.Microsoft Corporation - ATAPI Dump Driver.) -- C:\Windows\System32\Drivers\Du
mpata.sys [28736]
O58 - SDL:[MD5.814DB88F2641691575A455CF25354098] - 13/07/2009 - 17:43:14 ---A- .
(.Microsoft Corporation - Bitlocker Drive Encryption Crashdump Filter.) -- C:\W
indows\System32\Drivers\dumpfve.sys [55128]
O58 - SDL:[MD5.BF24D6F2ED97FE830BFD52B246F98E67] - 13/07/2009 - 15:38:28 ---A- .
(.Microsoft Corporation - DirectX API Driver.) -- C:\Windows\System32\Drivers\d
xapi.sys [16896]
O58 - SDL:[MD5.FEDE0629ECB23650D48989517D4914DA] - 13/07/2009 - 15:38:28 ---A- .
(.Microsoft Corporation - DirectX Graphics Driver.) -- C:\Windows\System32\Driv
ers\dxg.sys [98816]
O58 - SDL:[MD5.88612F1CE3BF42256913BF6E61C70D52] - 1/08/2013 - 04:09:36 ---A- .
(.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drive
rs\dxgkrnl.sys [983488]
O58 - SDL:[MD5.1F04CFB79DD5FB7694468CE3FB3DCC31] - 9/04/2013 - 22:01:54 ---A- .
(.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\
dxgmms1.sys [265064]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 17:47:48 ---A- .
(.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System3
2\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.34A3C54752046E79A126E15C51DB409B] - 13/07/2009 - 15:31:04 ---A- .
(.Microsoft Corporation - Error Device Driver.) -- C:\Windows\System32\Drivers\
errdev.sys [9728]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 12:34:33 ---A- .
(.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\Syst
em32\Drivers\evbda.sys [3286016]
O58 - SDL:[MD5.A510C654EC00C1E9BDD91EEB3A59823B] - 13/07/2009 - 15:23:29 ---A- .
(.Microsoft Corporation - Microsoft Extended FAT File System.) -- C:\Windows\Sy
stem32\Drivers\exfat.sys [195072]
O58 - SDL:[MD5.0ADC83218B66A6DB380C330836F3E36D] - 13/07/2009 - 15:23:29 ---A- .
(.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\
Drivers\fastfat.sys [204800]
O58 - SDL:[MD5.D765D19CD8EF61F650C384F62FAC00AB] - 13/07/2009 - 16:00:54 ---A- .
(.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\Windows\System3
2\Drivers\fdc.sys [29696]
O58 - SDL:[MD5.655661BE46B5F5F3FD454E2C3095B930] - 13/07/2009 - 17:47:48 ---A- .

(.Microsoft Corporation - FileInfo Filter Driver.) -- C:\Windows\System32\Drive
rs\fileinfo.sys [70224]
O58 - SDL:[MD5.5F671AB5BC87EEA04EC38A6CD5962A47] - 13/07/2009 - 15:25:40 ---A- .
(.Microsoft Corporation - File Trace Filter Driver.) -- C:\Windows\System32\Dri
vers\filetrace.sys [34304]
O58 - SDL:[MD5.C172A0F53008EAEB8EA33FE10E177AF5] - 13/07/2009 - 16:00:54 ---A- .
(.Microsoft Corporation - Floppy Driver.) -- C:\Windows\System32\Drivers\flpydi
sk.sys [24576]
O58 - SDL:[MD5.DA6B67270FD9DB3697B20FCE94950741] - 20/11/2010 - 05:33:36 ---A- .
(.Microsoft Corporation - Gestionnaire de filtres de systme de fichiers Microsof
t.) -- C:\Windows\System32\Drivers\fltMgr.sys [289664]
O58 - SDL:[MD5.D43703496149971890703B4B1B723EAC] - 13/07/2009 - 17:47:49 ---A- .
(.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) - C:\Windows\System32\Drivers\fsdepends.sys [55376]
O58 - SDL:[MD5.6C06701BF1DB05405804D7EB610991CE] - 22/09/2010 - 23:36:48 ---A- .
(.Microsoft Corporation - Family Safety Filter Driver (WFP Callout).) -- C:\Win
dows\System32\Drivers\fssfltr.sys [48488]
O58 - SDL:[MD5.6BD9295CC032DD3077C671FCCF579A7B] - 29/02/2012 - 22:46:16 ---A- .
(.Microsoft Corporation - File System Recognizer Driver.) -- C:\Windows\System3
2\Drivers\fs_rec.sys [23408]
O58 - SDL:[MD5.8F6322049018354F45F05A2FD2D4E5E0] - 23/01/2013 - 22:01:01 ---A- .
(.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\Sys
tem32\Drivers\fvevol.sys [223752]
O58 - SDL:[MD5.41C67E4205C606A103DEC8651D0B6FE6] - 2/01/2013 - 22:00:42 ---A- .
(.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Dri
vers\FWPKCLNT.SYS [288088]
O58 - SDL:[MD5.8C778D335C9D272CFD3298AB02ABE3B6] - 13/07/2009 - 17:47:48 ---A- .
(.Microsoft Corporation - Filtre AGPv3.0 gnrique Microsoft pour plateformes de pr
ocesse.) -- C:\Windows\System32\Drivers\GAGP30KX.SYS [65088]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 12:31:59 ---A- .
(.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for e
Home.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - 02:43:44 ---A- .
(.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\Syst
em32\Drivers\hdaudbus.sys [122368]
O58 - SDL:[MD5.975761C778E33CD22498059B91E7373A] - 20/11/2010 - 02:44:24 ---A- .
(.Microsoft Corporation - High Definition Audio Function Driver.) -- C:\Windows
\System32\Drivers\HdAudio.sys [350208]
O58 - SDL:[MD5.1C6E73FC46B509EFF9D0086AA37132DF] - 21/09/2010 - 09:59:38 ---A- .
(.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\Syst
em32\Drivers\HECIx64.sys [56344]
O58 - SDL:[MD5.78E86380454A7B10A5EB255DC44A355F] - 13/07/2009 - 15:31:06 ---A- .
(.Microsoft Corporation - Hid Battery Driver.) -- C:\Windows\System32\Drivers\h
idbatt.sys [26624]
O58 - SDL:[MD5.7FD2A313F7AFE5C4DAB14798C48DD104] - 13/07/2009 - 16:06:52 ---A- .
(.Microsoft Corporation - Pilote de miniport Bluetooth pour les priphriques HID.)
-- C:\Windows\System32\Drivers\hidbth.sys [100864]
O58 - SDL:[MD5.597C3699384E53CC59587ED50CCE5CA2] - 2/07/2013 - 20:05:05 ---A- .
(.Microsoft Corporation - Hid Class Library.) -- C:\Windows\System32\Drivers\hid
class.sys [76800]
O58 - SDL:[MD5.0A77D29F311B88CFAE3B13F9C1A73825] - 13/07/2009 - 16:06:23 ---A- .
(.Microsoft Corporation - Infrared Miniport Driver for Input Devices.) -- C:\Wi
ndows\System32\Drivers\hidir.sys [46592]
O58 - SDL:[MD5.856E76B3641746ABBC2946BED1372098] - 2/07/2013 - 20:05:04 ---A- .
(.Microsoft Corporation - Hid Parsing Library.) -- C:\Windows\System32\Drivers\h
idparse.sys [32896]
O58 - SDL:[MD5.9592090A7E2B61CD582B612B6DF70536] - 20/11/2010 - 02:43:50 ---A- .
(.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\Windows
\System32\Drivers\hidusb.sys [30208]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 05:33:36 ---A- .

(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C
:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.0EA7DE1ACB728DD5A369FD742D6EEE28] - 20/11/2010 - 01:25:16 ---A- .
(.Microsoft Corporation - HTTP Pile du protocole.) -- C:\Windows\System32\Drive
rs\http.sys [753664]
O58 - SDL:[MD5.A5462BD6884960C9DC85ED49D34FF392] - 20/11/2010 - 05:33:38 ---A- .
(.Microsoft Corporation - Hardware Policy Driver.) -- C:\Windows\System32\Drive
rs\hwpolicy.sys [14720]
O58 - SDL:[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - 15:19:57 ---A- .
(.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\Drivers
\i8042prt.sys [105472]
O58 - SDL:[MD5.26CF4275034214ECEDD8EC17B0A18A99] - 25/04/2011 - 19:07:36 ---A- .
(.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windo
ws\System32\Drivers\iaStor.sys [557848]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 10/03/2011 - 22:41:26 ---A- .
(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows
\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.93C8115D4BAEB1BD047AB0A9B265EE7A] - 26/06/2011 - 02:55:48 ---A- .
(.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System3
2\Drivers\igdkmd64.sys [12231584]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 17:48:04 ---A- .
(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\
System32\Drivers\iirsp.sys [44112]
O58 - SDL:[MD5.FC727061C0F47C8059E88E05D5C8E381] - 14/10/2010 - 09:28:16 ---A- .
(.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32
\Drivers\IntcDAud.sys [317440]
O58 - SDL:[MD5.F00F20E70C6EC3AA366910083A0518AA] - 13/07/2009 - 17:48:04 ---A- .
(.Microsoft Corporation - Intel PCI IDE Driver.) -- C:\Windows\System32\Drivers
\intelide.sys [16960]
O58 - SDL:[MD5.ADA036632C664CAA754079041CF1F8C1] - 13/07/2009 - 15:19:25 ---A- .
ers\intelppm.sys [62464]
O58 - SDL:[MD5.C9F0E1BD74365A8771590E9008D22AB6] - 20/11/2010 - 02:52:20 ---A- .
(.Microsoft Corporation - IP FILTER DRIVER.) -- C:\Windows\System32\Drivers\ipf
ltdrv.sys [82944]
O58 - SDL:[MD5.0FC1AEA580957AA8817B8F305D18CA3A] - 20/11/2010 - 02:04:54 ---A- .
(.Microsoft Corporation - PILOT IPMI WMI.) -- C:\Windows\System32\Drivers\IPMID
rv.sys [78848]
O58 - SDL:[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - 16:10:03 ---A- .
(.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System3
2\Drivers\ipnat.sys [116224]
O58 - SDL:[MD5.05360B1EA5A2ABF620D1D96EBD8BD8F1] - 13/07/2009 - 16:09:02 ---A- .
(.Microsoft Corporation - IRDA Protocol Driver.) -- C:\Windows\System32\Drivers
\irda.sys [120320]
O58 - SDL:[MD5.3ABF5E7213EB28966D55D58B515D5CE9] - 13/07/2009 - 16:08:59 ---A- .
(.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\Windows\System32\Dri
vers\irenum.sys [17920]
O58 - SDL:[MD5.2F7B28DC3E1183E5EB418DF55C204F38] - 13/07/2009 - 17:48:04 ---A- .
(.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\Windows\System32\Driver
s\isapnp.sys [20544]
O58 - SDL:[MD5.BC02336F1CBA7DCC7D1213BB588A68A5] - 13/07/2009 - 17:48:04 ---A- .
(.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\Windows\System32\
Drivers\kbdclass.sys [50768]
O58 - SDL:[MD5.0705EFF5B42A9DB58548EEC3B26BB484] - 20/11/2010 - 02:33:26 ---A- .
(.Microsoft Corporation - Pilote de filtre clavier HID.) -- C:\Windows\System32
\Drivers\kbdhid.sys [33280]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 01:29:40 ---A- .
(.Pas de propritaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\k
bfiltr.sys [15416]
O58 - SDL:[MD5.24FBF5CC5C04150073C315A7C83521EE] - 20/11/2010 - 02:33:26 ---A- .

(.Microsoft Corporation - Kernel CSA Library.) -- C:\Windows\System32\Drivers\k
s.sys [243712]
O58 - SDL:[MD5.8F489706472F7E9A06BAAA198703FA64] - 24/09/2013 - 18:26:40 ---A- .
(.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Wi
ndows\System32\Drivers\ksecdd.sys [95680]
O58 - SDL:[MD5.868A2CAAB12EFC7A021682BCA0EEC54C] - 24/09/2013 - 18:26:40 ---A- .
(.Microsoft Corporation - Kernel Security Support Provider Interface Packages.)
-- C:\Windows\System32\Drivers\ksecpkg.sys [154560]
O58 - SDL:[MD5.6869281E78CB31A43E969F06B57347C4] - 13/07/2009 - 16:00:19 ---A- .
(.Microsoft Corporation - Kernel Streaming WOW Thunk Service.) -- C:\Windows\Sy
stem32\Drivers\ksthunk.sys [20992]
O58 - SDL:[MD5.655A5D8E80869781CCE23760ADA7E695] - 20/04/2011 - 01:24:56 ---A- .
(.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.
) -- C:\Windows\System32\Drivers\L1C62x64.sys [169584]
O58 - SDL:[MD5.1538831CF8AD2979A04C423779465827] - 13/07/2009 - 16:08:51 ---A- .
(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) -- C:\Windows
\System32\Drivers\lltdio.sys [60928]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System3
2\Drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System
32\Drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Dri
vers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\Syste
m32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.43D0F98E1D56CCDDB0D5254CFF7B356E] - 13/07/2009 - 15:26:13 ---A- .
(.Microsoft Corporation - Pilote de filtre de virtualisation de fichier LUA.) - C:\Windows\System32\Drivers\luafv.sys [113152]
O58 - SDL:[MD5.3C9F072F9DCA856B9FB7A20CBD4281AC] - 13/07/2009 - 16:01:06 ---A- .
(.Microsoft Corporation - Medium changer class driver.) -- C:\Windows\System32\
Drivers\mcd.sys [22016]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2
for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 17:48:04 ---A- .
(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\Sys
tem32\Drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.800BA92F7010378B09F9ED9270F07137] - 13/07/2009 - 16:10:48 ---A- .
(.Microsoft Corporation - Pilote de priphrique modem.) -- C:\Windows\System32\Dri
vers\modem.sys [40448]
O58 - SDL:[MD5.B03D591DC7DA45ECE20B3B467E6AADAA] - 13/07/2009 - 15:38:52 ---A- .
(.Microsoft Corporation - Monitor Driver.) -- C:\Windows\System32\Drivers\monit
or.sys [30208]
O58 - SDL:[MD5.7D27EA49F3C1F687D357E77A470AEA99] - 13/07/2009 - 17:48:27 ---A- .
(.Microsoft Corporation - Pilote de la classe Souris.) -- C:\Windows\System32\D
rivers\mouclass.sys [49216]
O58 - SDL:[MD5.D3BF052C40B0C4166D9FD86A4288C1E6] - 13/07/2009 - 16:00:20 ---A- .
(.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\Windows\System32\
Drivers\mouhid.sys [31232]
O58 - SDL:[MD5.32E7A3D591D671A6DF2DB515A5CBE0FA] - 20/11/2010 - 05:33:44 ---A- .
(.Microsoft Corporation - Gestionnaire des points de montage.) -- C:\Windows\Sy
stem32\Drivers\mountmgr.sys [94592]
O58 - SDL:[MD5.A44B420D30BD56E145D6A2BC8768EC58] - 20/11/2010 - 05:33:46 ---A- .
(.Microsoft Corporation - Pilote du bus de prise en charge des chemins daccs mult
iples.) -- C:\Windows\System32\Drivers\mpio.sys [155008]
O58 - SDL:[MD5.6C38C9E45AE0EA2FA5E551F2ED5E978F] - 13/07/2009 - 16:08:25 ---A- .

(.Microsoft Corporation - Microsoft Protection Service Driver.) -- C:\Windows\S
ystem32\Drivers\mpsdrv.sys [77312]
O58 - SDL:[MD5.1A4F75E63C9FB84B85DFFC6B63FD5404] - 4/07/2013 - 02:11:35 ---A- .
(.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\Windows\System32\Dri
vers\mrxdav.sys [140800]
O58 - SDL:[MD5.A5D9106A73DC88564C825D317CAC68AC] - 26/04/2011 - 18:40:40 ---A- .
(.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\Drive
rs\mrxsmb.sys [158208]
O58 - SDL:[MD5.D711B3C1D5F42C0C2415687BE09FC163] - 8/07/2011 - 18:46:28 ---A- .
(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) -- C:\Windows\System32
\Drivers\mrxsmb10.sys [288768]
O58 - SDL:[MD5.9423E9D355C8D303E76B8CFBD8A5C30C] - 26/04/2011 - 18:39:37 ---A- .
(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\
Drivers\mrxsmb20.sys [128000]
O58 - SDL:[MD5.C25F0BAFA182CBCA2DD3C851C2E75796] - 20/11/2010 - 05:33:46 ---A- .
(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) -- C:\Windows\System32\
Drivers\msahci.sys [31104]
O58 - SDL:[MD5.DB801A638D011B9633829EB6F663C900] - 20/11/2010 - 05:33:46 ---A- .
(.Microsoft Corporation - Module spcifique de priphriques Microsoft.) -- C:\Window
s\System32\Drivers\msdsm.sys [140672]
O58 - SDL:[MD5.AA3FB40E17CE1388FA1BEDAB50EA8F96] - 13/07/2009 - 15:19:47 ---A- .
(.Microsoft Corporation - Mailslot driver.) -- C:\Windows\System32\Drivers\msfs
.sys [26112]
O58 - SDL:[MD5.F9D215A46A8B9753F61767FA72A20326] - 13/07/2009 - 16:06:24 ---A- .
(.Microsoft Corporation - Pass-through HID to KMDF Filter Driver.) -- C:\Window
s\System32\Drivers\mshidkmdf.sys [8192]
O58 - SDL:[MD5.D916874BBD4F8B07BFB7FA9B3CCAE29D] - 13/07/2009 - 17:48:27 ---A- .
(.Microsoft Corporation - ISA Driver.) -- C:\Windows\System32\Drivers\msisadrv.
sys [15424]
O58 - SDL:[MD5.96BB922A0981BC7432C8CF52B5410FE6] - 3/02/2014 - 18:35:49 ---A- .
(.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\Syste
m32\Drivers\msiscsi.sys [274880]
O58 - SDL:[MD5.49CCF2C4FEA34FFAD8B1B59D49439366] - 13/07/2009 - 16:00:18 ---A- .
(.Microsoft Corporation - MS KS Server.) -- C:\Windows\System32\Drivers\mskssrv
.sys [11136]
O58 - SDL:[MD5.BDD71ACE35A232104DDD349EE70E1AB3] - 13/07/2009 - 16:00:17 ---A- .
(.Microsoft Corporation - MS Proxy Clock.) -- C:\Windows\System32\Drivers\mspcl
ock.sys [7168]
O58 - SDL:[MD5.4ED981241DB27C3383D72092B618A1D0] - 13/07/2009 - 16:00:17 ---A- .
(.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\Windows\System32\Dri
vers\mspqm.sys [6784]
O58 - SDL:[MD5.759A9EEB0FA9ED79DA1FB7D4EF78866D] - 20/11/2010 - 05:33:46 ---A- .
(.Microsoft Corporation - Kernel Remote Procedure Call Provider.) -- C:\Windows
\System32\Drivers\msrpc.sys [366976]
O58 - SDL:[MD5.0EED230E37515A0EAEE3C2E1BC97B288] - 13/07/2009 - 17:48:27 ---A- .
(.Microsoft Corporation - System Management BIOS Driver.) -- C:\Windows\System3
2\Drivers\mssmbios.sys [32320]
O58 - SDL:[MD5.2E66F9ECB30B4221A318C92AC2250779] - 13/07/2009 - 16:00:17 ---A- .
(.Microsoft Corporation - WDM Tee/Communication Transform Filter.) -- C:\Window
s\System32\Drivers\mstee.sys [8064]
O58 - SDL:[MD5.7EA404308934E675BFFDE8EDF0757BCD] - 13/07/2009 - 16:02:08 ---A- .
(.Microsoft Corporation - Pilote HID multipoint Microsoft.) -- C:\Windows\Syste
m32\Drivers\MTConfig.sys [15360]
O58 - SDL:[MD5.F9A18612FD3526FE473C1BDA678D61C8] - 13/07/2009 - 17:48:27 ---A- .
(.Microsoft Corporation - Multiple UNC Provider Driver.) -- C:\Windows\System32
\Drivers\mup.sys [60496]
O58 - SDL:[MD5.760E38053BF56E501D562B70AD796B88] - 22/08/2012 - 10:12:40 ---A- .
(.Microsoft Corporation - Pilote NDIS 6.20.) -- C:\Windows\System32\Drivers\ndi
s.sys [950128]
O58 - SDL:[MD5.9F9A1F53AAD7DA4D6FEF5BB73AB811AC] - 13/07/2009 - 16:08:13 ---A- .

(.Microsoft Corporation - NDIS Packet Capture Filter Driver.) -- C:\Windows\Sys
tem32\Drivers\ndiscap.sys [35328]
O58 - SDL:[MD5.30639C932D9FEF22B31268FE25A1B6E5] - 13/07/2009 - 16:10:00 ---A- .
(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\Windows\Sy
stem32\Drivers\ndistapi.sys [24064]
O58 - SDL:[MD5.136185F9FB2CC61E573E676AA5402356] - 20/11/2010 - 02:50:10 ---A- .
(.Microsoft Corporation - Pilote dE/S du mode utilisateur NDIS.) -- C:\Windows\S
ystem32\Drivers\ndisuio.sys [56832]
O58 - SDL:[MD5.53F7305169863F0A2BDDC49E116C2E11] - 20/11/2010 - 02:52:36 ---A- .
(.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\Win
dows\System32\Drivers\ndiswan.sys [164352]
O58 - SDL:[MD5.015C0D8E0E0421B4CFD48CFFE2825879] - 20/11/2010 - 02:52:22 ---A- .
(.Microsoft Corporation - NDIS Proxy.) -- C:\Windows\System32\Drivers\ndproxy.s
ys [57856]
O58 - SDL:[MD5.86743D9F5D2B1048062B14B1D84501C4] - 13/07/2009 - 16:09:26 ---A- .
(.Microsoft Corporation - NetBIOS interface driver.) -- C:\Windows\System32\Dri
vers\netbios.sys [44544]
O58 - SDL:[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - 01:23:22 ---A- .
(.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\Drivers
\netbt.sys [261632]
O58 - SDL:[MD5.3555BA97171CD153118F73FDCCC8BFDE] - 26/11/2013 - 03:40:00 ---A- .
(.Microsoft Corporation - Network I/O Subsystem.) -- C:\Windows\System32\Driver
s\netio.sys [376768]
O58 - SDL:[MD5.F1814E62EB6E50472AFC9903525ECEC1] - 14/10/2010 - 15:53:12 ---A- .
(.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Wind
ows\System32\Drivers\netr28x.sys [1147232]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 17:48:26 ---A- .
(.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Dr
ivers\nfrd960.sys [51264]
O58 - SDL:[MD5.1E4C4AB5C9B8DD13179BBDC75A2A01F7] - 13/07/2009 - 15:19:48 ---A- .
(.Microsoft Corporation - NPFS Driver.) -- C:\Windows\System32\Drivers\npfs.sys
[44032]
O58 - SDL:[MD5.E7F5AE18AF4168178A642A9247C63001] - 13/07/2009 - 15:21:02 ---A- .
(.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.s
ys [24576]
O58 - SDL:[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 23/01/2014 - 18:37:55 ---A- .
(.Microsoft Corporation - Pilote du systme de fichiers NT.) -- C:\Windows\System
32\Drivers\ntfs.sys [1684928]
O58 - SDL:[MD5.9899284589F75FA8724FF3D16AED75C1] - 13/07/2009 - 15:19:38 ---A- .
(.Microsoft Corporation - NULL Driver.) -- C:\Windows\System32\Drivers\null.sys
[6144]
O58 - SDL:[MD5.757ACE4D4C9FF0571F86AA5D586B45E8] - 4/03/2014 - 06:35:23 ---A- .
(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 335.23.) -- C:
\Windows\System32\Drivers\nvlddmkm.sys [12708128]
O58 - SDL:[MD5.445422B928D2FE322BB6B956EA77DC7B] - 4/03/2014 - 06:35:23 ---A- .
(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 335.23.) -- C:
\Windows\System32\Drivers\nvpciflt.sys [33736]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 10/03/2011 - 22:41:34 ---A- .
(.NVIDIA Corporation - NVIDIA nForce(TM) RAID Driver.) -- C:\Windows\System32\Dr
ivers\nvraid.sys [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 10/03/2011 - 22:41:34 ---A- .
(.NVIDIA Corporation - NVIDIA nForce(TM) Sata Performance Driver.) -- C:\Windows
\System32\Drivers\nvstor.sys [166272]
O58 - SDL:[MD5.939C0FAE9CC0CDD69E6508BDE4C11FE5] - 27/12/2013 - 10:42:26 ---A- .
(.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\Dri
vers\nvvad64v.sys [39200]
O58 - SDL:[MD5.270D7CD42D6E3979F6DD0146650F0E05] - 13/07/2009 - 17:48:26 ---A- .
(.Microsoft Corporation - Filtre AGP NForce NT.) -- C:\Windows\System32\Drivers
\NV_AGP.SYS [122960]
O58 - SDL:[MD5.1EA3749C4114DB3E3161156FFFFA6B33] - 13/07/2009 - 16:07:23 ---A- .

(.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System3
2\Drivers\nwifi.sys [318976]
O58 - SDL:[MD5.3589478E4B22CE21B41FA1BFC0B8B8A0] - 13/07/2009 - 16:06:45 ---A- .
(.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\Windows\System32\Dri
vers\ohci1394.sys [72832]
O58 - SDL:[MD5.0557CF5A2556BD58E26384169D72438D] - 20/11/2010 - 02:52:22 ---A- .
(.Microsoft Corporation - Planificateur de paquets QoS.) -- C:\Windows\System32
\Drivers\pacer.sys [131584]
O58 - SDL:[MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - 16:00:41 ---A- .
(.Microsoft Corporation - Pilote de port parallle.) -- C:\Windows\System32\Drive
rs\parport.sys [97280]
O58 - SDL:[MD5.E9766131EEADE40A27DC27D2D68FBA9C] - 16/03/2012 - 23:58:57 ---A- .
(.Microsoft Corporation - Partition Management Driver.) -- C:\Windows\System32\
Drivers\partmgr.sys [75120]
O58 - SDL:[MD5.94575C0571D1462A0F70BDE6BD6EE6B3] - 20/11/2010 - 05:33:50 ---A- .
(.Microsoft Corporation - numrateur Plug-and-Play PCI pour NT.) -- C:\Windows\Sys
tem32\Drivers\pci.sys [184704]
O58 - SDL:[MD5.B5B8B5EF2E5CB34DF8DCF8831E3534FA] - 13/07/2009 - 17:45:45 ---A- .
(.Microsoft Corporation - Generic PCI IDE Bus Driver.) -- C:\Windows\System32\D
rivers\pciide.sys [12352]
O58 - SDL:[MD5.144497DAA145BA0F7BE896064146C058] - 13/07/2009 - 17:45:46 ---A- .
(.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\Windows\System32
\Drivers\pciidex.sys [48720]
O58 - SDL:[MD5.B2E81D4E87CE48589F98CB8C05B01F2F] - 13/07/2009 - 17:45:45 ---A- .
(.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\Windows\System32\Drivers
\pcmcia.sys [220752]
O58 - SDL:[MD5.D6B9C2E1A11A3A4B26A182FFEF18F603] - 13/07/2009 - 17:45:45 ---A- .
(.Microsoft Corporation - Performance Counters for Windows Driver.) -- C:\Windo
ws\System32\Drivers\pcw.sys [50768]
O58 - SDL:[MD5.68769C3356B3BE5D1C732C97B9A80D6E] - 13/07/2009 - 17:01:19 ---A- .
(.Microsoft Corporation - Protected Environment Authentication and Authorizatio
n Export D.) -- C:\Windows\System32\Drivers\PEAuth.sys [651264]
O58 - SDL:[MD5.1E0B4CBBA91C6B041A14ECC2186F7E24] - 3/10/2013 - 17:36:04 ---A- .
(.Microsoft Corporation - Port Class (Class Driver for Port/Miniport Devices).)
-- C:\Windows\System32\Drivers\portcls.sys [230400]
O58 - SDL:[MD5.0D922E23C041EFB1C3FAC2A6F943C9BF] - 13/07/2009 - 15:19:25 ---A- .
ers\processr.sys [60416]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 13/07/2009 - 17:45:46 ---A- .
(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Window
s\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 17:45:45 ---A- .
(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\Sy
stem32\Drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.76707BB36430888D9CE9D705398ADB6C] - 13/07/2009 - 16:09:48 ---A- .
(.Microsoft Corporation - Pilote du support de Microsoft Quality Windows Audio
Video Expe.) -- C:\Windows\System32\Drivers\qwavedrv.sys [46592]
O58 - SDL:[MD5.5A0DA8AD5762FA2D91678A8A01311704] - 13/07/2009 - 16:10:09 ---A- .
(.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\Windows\Syste
m32\Drivers\rasacd.sys [14848]
O58 - SDL:[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - 02:52:36 ---A- .
(.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Window
s\System32\Drivers\rasl2tp.sys [129536]
O58 - SDL:[MD5.855C9B1CD4756C5E9A2AA58A15F58C25] - 13/07/2009 - 16:10:17 ---A- .
(.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\Windo
ws\System32\Drivers\raspppoe.sys [92672]
O58 - SDL:[MD5.F92A2C41117A11A00BE01CA01A7FCDE9] - 20/11/2010 - 02:52:34 ---A- .
(.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\Windows\Syste
m32\Drivers\raspptp.sys [111104]
O58 - SDL:[MD5.E8B1E447B008D07FF47D016C2B0EEECB] - 13/07/2009 - 16:10:25 ---A- .

(.Microsoft Corporation - RAS SSTP Miniport Call Manager.) -- C:\Windows\System
32\Drivers\rassstp.sys [83968]
O58 - SDL:[MD5.77F665941019A1594D887A74F301FA2F] - 20/11/2010 - 01:27:56 ---A- .
(.Microsoft Corporation - Pilote du sous-systme de mise en mmoire tampon de lecte
ur red.) -- C:\Windows\System32\Drivers\rdbss.sys [309248]
O58 - SDL:[MD5.302DA2A0539F2CF54D7C6CC30C1F2D8D] - 13/07/2009 - 16:17:46 ---A- .
(.Microsoft Corporation - Microsoft RDP Bus Device driver.) -- C:\Windows\Syste
m32\Drivers\rdpbus.sys [24064]
O58 - SDL:[MD5.CEA6CC257FC9B7715F1C2B4849286D24] - 13/07/2009 - 16:16:34 ---A- .
(.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\RDPCDD.
sys [7680]
O58 - SDL:[MD5.BB5971A4F00659529A5C44831AF22365] - 13/07/2009 - 16:16:34 ---A- .
(.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers
\RDPENCDD.sys [7680]
O58 - SDL:[MD5.216F3FA57533D98E1F74DED70113177A] - 13/07/2009 - 16:16:35 ---A- .
(.Microsoft Corporation - RDP Reflector Driver Miniport.) -- C:\Windows\System3
2\Drivers\RDPREFMP.sys [8192]
O58 - SDL:[MD5.E61608AA35E98999AF9AAEEEA6114B0A] - 27/04/2012 - 19:55:21 ---A- .
(.Microsoft Corporation - Pilote de pile RDP Terminal.) -- C:\Windows\System32\
Drivers\rdpwd.sys [210944]
O58 - SDL:[MD5.34ED295FA0121C241BFEF24764FC4520] - 20/11/2010 - 05:33:54 ---A- .
(.Microsoft Corporation - ReadyBoost Driver.) -- C:\Windows\System32\Drivers\rd
yboost.sys [213888]
O58 - SDL:[MD5.3DD798846E2C28102B922C56E71B7932] - 13/07/2009 - 16:06:56 ---A- .
(.Microsoft Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\System32\Driv
ers\rfcomm.sys [158720]
O58 - SDL:[MD5.CAF88D6573D21CD2AA27001DDBFDC74D] - 20/11/2010 - 02:49:52 ---A- .
(.Microsoft Corporation - Reliable Multicast Transport.) -- C:\Windows\System32
\Drivers\rmcast.sys [146432]
O58 - SDL:[MD5.0E01641D96889BDEB22DE12D30575B08] - 4/07/2012 - 12:26:03 ---A- .
(.Microsoft Corporation - Remote NDIS Miniport.) -- C:\Windows\System32\Drivers\
RNDISMP.sys [41472]
O58 - SDL:[MD5.388D3DD1A6457280F3BADBA9F3ACD6B1] - 13/07/2009 - 16:10:47 ---A- .
(.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\Windows\Sy
stem32\Drivers\rootmdm.sys [11264]
O58 - SDL:[MD5.DDC86E4F8E7456261E637E3552E804FF] - 13/07/2009 - 16:08:51 ---A- .
(.Microsoft Corporation - Link-Layer Topology Responder Driver for NDIS 6.) -C:\Windows\System32\Drivers\rspndr.sys [76800]
O58 - SDL:[MD5.DDFADF2FA49C078A9C8270F29D6958B1] - 19/07/2011 - 04:53:44 ---A- .
(.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Drive
r.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3021672]
O58 - SDL:[MD5.AC03AF3329579FFFB455AA2DAABBE22B] - 20/11/2010 - 05:33:56 ---A- .
(.Microsoft Corporation - SBP-2 Protocol Driver.) -- C:\Windows\System32\Driver
s\sbp2port.sys [103808]
O58 - SDL:[MD5.253F38D0D7074C02FF8DEB9836C97D2B] - 20/11/2010 - 02:10:00 ---A- .
(.Microsoft Corporation - Pilote de filtre de lecteur de carte puce Microsoft.)
-- C:\Windows\System32\Drivers\scfilter.sys [29696]
O58 - SDL:[MD5.1B1E264203D4EF9D3DA1987AD70355AB] - 20/11/2010 - 05:33:56 ---A- .
(.Microsoft Corporation - SCSI Port Driver.) -- C:\Windows\System32\Drivers\scs
iport.sys [171392]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 12:37:19 ---A- .
(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.CB624C0035412AF0DEBEC78C41F5CA1B] - 13/07/2009 - 16:00:33 ---A- .
(.Microsoft Corporation - Serial Port Enumerator.) -- C:\Windows\System32\Drive
rs\serenum.sys [23552]
O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 13/07/2009 - 16:00:40 ---A- .
(.Microsoft Corporation - Pilote de priphrique srie.) -- C:\Windows\System32\Drive
rs\serial.sys [94208]
O58 - SDL:[MD5.1C545A7D0691CC4A027396535691C3E3] - 13/07/2009 - 16:00:20 ---A- .

(.Microsoft Corporation - Pilote de filtre souris srie.) -- C:\Windows\System32\
Drivers\sermouse.sys [26624]
O58 - SDL:[MD5.A554811BCD09279536440C964AE35BBF] - 13/07/2009 - 16:01:01 ---A- .
(.Microsoft Corporation - Small Form Factor Disk Driver.) -- C:\Windows\System3
2\Drivers\sffdisk.sys [14336]
O58 - SDL:[MD5.FF414F0BAEFEBA59BC6C04B3DB0B87BF] - 13/07/2009 - 16:01:03 ---A- .
(.Microsoft Corporation - Small Form Factor MMC Protocol Driver.) -- C:\Windows
\System32\Drivers\sffp_mmc.sys [13824]
O58 - SDL:[MD5.DD85B78243A19B59F0637DCF284DA63C] - 20/11/2010 - 02:34:02 ---A- .
(.Microsoft Corporation - Small Form Factor SD Protocol Driver.) -- C:\Windows\
System32\Drivers\sffp_sd.sys [14336]
O58 - SDL:[MD5.A9D601643A1647211A1EE2EC4E433FF4] - 13/07/2009 - 16:01:02 ---A- .
(.Microsoft Corporation - SCSI Floppy Driver.) -- C:\Windows\System32\Drivers\s
floppy.sys [16896]
O58 - SDL:[MD5.1BC348CF6BAA90EC8E533EF6E6A69933] - 10/06/2009 - 12:35:57 ---A- .
(.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190
Ethernet Device.) -- C:\Windows\System32\Drivers\SiSG664.sys [56832]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 13/07/2009 - 17:45:45 ---A- .
(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Wind
ows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 17:45:46 ---A- .
(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\Sy
stem32\Drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - 16:09:09 ---A- .
(.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\Drivers
\smb.sys [93184]
O58 - SDL:[MD5.A80348BA03E96C70852959655CA3E084] - 13/07/2009 - 16:00:35 ---A- .
(.Microsoft Corporation - Smart Card Driver Library.) -- C:\Windows\System32\Dr
ivers\smclib.sys [20992]
O58 - SDL:[MD5.B9E31E5CACDFE584F34F730A677803F9] - 13/07/2009 - 17:45:55 ---A- .
(.Microsoft Corporation - loader for security processor.) -- C:\Windows\System3
2\Drivers\spldr.sys [19008]
O58 - SDL:[MD5.FFF95479C7AB1550F0750A5D01744211] - 10/06/2009 - 12:48:43 ---A- .
(.Microsoft Corporation - security processor.) -- C:\Windows\System32\Drivers\s
psys.sys [426496]
O58 - SDL:[MD5.441FBA48BFF01FDB9D5969EBC1838F0B] - 28/04/2011 - 19:06:10 ---A- .
(.Microsoft Corporation - Server driver.) -- C:\Windows\System32\Drivers\srv.sy
s [467456]
O58 - SDL:[MD5.B4ADEBBF5E3677CCE9651E0F01F7CC28] - 28/04/2011 - 19:05:49 ---A- .
(.Microsoft Corporation - Smb 2.0 Server driver.) -- C:\Windows\System32\Driver
s\srv2.sys [410112]
O58 - SDL:[MD5.27E461F0BE5BFF5FC737328F749538C3] - 28/04/2011 - 19:05:37 ---A- .
(.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Driver
s\srvnet.sys [168448]
O58 - SDL:[MD5.955FFE2B1D74A9E0E3E0E558E6A17F3B] - 27/10/2013 - 16:12:10 ---A- .
(.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (M
SS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288]
O58 - SDL:[MD5.BB94A5E2CEE5FD83BA5A72A37AECADDF] - 27/10/2013 - 16:12:12 ---A- .
(.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (M
SS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 17:45:55 ---A- .
(.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\
Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.A3F0BC5897F9D3786A3CB695B163633A] - 3/02/2014 - 18:35:56 ---A- .
(.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32
\Drivers\storport.sys [190912]
O58 - SDL:[MD5.001CC10FA5E71AE1119115E126C8750D] - 13/07/2009 - 16:06:18 ---A- .
(.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\Sys
tem32\Drivers\stream.sys [68864]
O58 - SDL:[MD5.D01EC09B6711A5F8E7E6564A4D0FBC90] - 13/07/2009 - 17:45:55 ---A- .

(.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\Wind
ows\System32\Drivers\swenum.sys [12496]
O58 - SDL:[MD5.7E8902F9929A5D9FFD0F545332CE0F10] - 5/05/2011 - 04:32:56 ---A- .
(.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Dr
ivers\SynTP.sys [1439792]
O58 - SDL:[MD5.6E316C01CBA8B785FE495F5CC4F48C6F] - 13/07/2009 - 16:01:04 ---A- .
(.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\Windows\System32\Drive
rs\tape.sys [29184]
O58 - SDL:[MD5.95206567C7CA71A3D485146824224C40] - 13/11/2013 - 02:51:44 ---A- .
(.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers
\taphss6.sys [42184]
O58 - SDL:[MD5.40AF23633D197905F03AB5628C558C51] - 7/09/2013 - 18:30:37 ---A- .
(.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.s
ys [1903552]
O58 - SDL:[MD5.1B16D0BD9841794A6E0CDE0CEF744ABC] - 3/10/2012 - 08:07:26 ---A- .
(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) -- C:\Windows\S
ystem32\Drivers\tcpipreg.sys [45568]
O58 - SDL:[MD5.6F020A220388ECA0AB6062DC27BD16B6] - 20/11/2010 - 01:22:08 ---A- .
(.Microsoft Corporation - TDI Wrapper.) -- C:\Windows\System32\Drivers\tdi.sys
[26624]
O58 - SDL:[MD5.3371D21011695B16333A3934340C4E7C] - 13/07/2009 - 16:16:32 ---A- .
(.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\Windows\System32\
Drivers\tdpipe.sys [15872]
O58 - SDL:[MD5.51C5ECEB1CDEE2468A1748BE550CFBC8] - 16/02/2012 - 20:57:32 ---A- .
(.Microsoft Corporation - TCP Transport Driver.) -- C:\Windows\System32\Drivers
\tdtcp.sys [23552]
O58 - SDL:[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - 01:21:58 ---A- .
(.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\Drive
rs\tdx.sys [119296]
O58 - SDL:[MD5.561E7E1F06895D78DE991E01DD0FB6E5] - 20/11/2010 - 05:33:58 ---A- .
(.Microsoft Corporation - Remote Desktop Server Driver.) -- C:\Windows\System32
\Drivers\termdd.sys [63360]
O58 - SDL:[MD5.73AAFFDD2AC3C8814B26C440E5DD9DD4] - 17/09/2010 - 00:52:28 ---A- .
(.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\Windows\System3
2\Drivers\tmactmon.sys [90704]
O58 - SDL:[MD5.360E61217D4E1E333583D0C721057F70] - 17/09/2010 - 00:52:28 ---A- .
(.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\System32\Drivers\
tmcomm.sys [144464]
O58 - SDL:[MD5.699D34EB7C670139CA23A65372BD5743] - 17/09/2010 - 00:52:28 ---A- .
(.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\Windows\System3
2\Drivers\tmevtmgr.sys [67664]
O58 - SDL:[MD5.262198EFB734012BFCD17E7479AE4A09] - 17/09/2010 - 00:52:28 ---A- .
(.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) -- C:\Windows\System3
2\Drivers\tmtdi.sys [105552]
O58 - SDL:[MD5.4CE278FC9671BA81A138D70823FCAA09] - 14/06/2013 - 20:32:16 ---A- .
(.Microsoft Corporation - TS Security Filter Driver.) -- C:\Windows\System32\Dr
ivers\tssecsrv.sys [39936]
O58 - SDL:[MD5.D11C783E3EF9A3C52C0EBE83CC5000E9] - 20/11/2010 - 03:07:06 ---A- .
(.Microsoft Corporation - Pilote de filtre pour concentrateur USB du Bureau dis
tance.) -- C:\Windows\System32\Drivers\TsUsbFlt.sys [59392]
O58 - SDL:[MD5.9CC2CCAE8A84820EAECB886D477CBCB8] - 20/11/2010 - 03:07:06 ---A- .
(.Microsoft Corporation - Remote Desktop Generic USB Driver.) -- C:\Windows\Sys
tem32\Drivers\TsUsbGD.sys [31232]
O58 - SDL:[MD5.3566A8DAAFA27AF944F5D705EAA64894] - 20/11/2010 - 02:51:52 ---A- .
(.Microsoft Corporation - Pilote dinterface de tunnel Microsoft.) -- C:\Windows\
System32\Drivers\tunnel.sys [125440]
O58 - SDL:[MD5.FD24F98D2898BE093FE926604BE7DB99] - 29/11/2010 - 15:00:04 ---A- .
(.Intel(R) Corporation - TurboB Device Driver.) -- C:\Windows\System32\Drivers\
TurboB.sys [16120]
O58 - SDL:[MD5.B4DD609BD7E282BFC683CEC7EAAAAD67] - 13/07/2009 - 17:45:55 ---A- .

(.Microsoft Corporation - Filtre MS AGPv3.5.) -- C:\Windows\System32\Drivers\UA
GP35.SYS [64080]
O58 - SDL:[MD5.FF4232A1A64012BAA1FD97C7B67DF593] - 20/11/2010 - 01:26:12 ---A- .
(.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\Drive
rs\udfs.sys [328192]
O58 - SDL:[MD5.4BFE1BC28391222894CBF1E7D0E42320] - 13/07/2009 - 17:45:55 ---A- .
(.Microsoft Corporation - Filtre ULi AGPv3.0 pour plateformes processeur K8/9.)
-- C:\Windows\System32\Drivers\ULIAGPKX.SYS [64592]
O58 - SDL:[MD5.DC54A574663A895C8763AF0FA1FF7561] - 20/11/2010 - 02:44:38 ---A- .
(.Microsoft Corporation - User-Mode Bus Enumerator.) -- C:\Windows\System32\Dri
vers\umbus.sys [48640]
O58 - SDL:[MD5.B2E8E8CB557B156DA5493BBDDCC1474D] - 13/07/2009 - 16:06:52 ---A- .
(.Microsoft Corporation - Generic pass-through driver.) -- C:\Windows\System32\
Drivers\umpass.sys [9728]
O58 - SDL:[MD5.92B3172E8C14C1444682F510843A9988] - 11/02/2013 - 20:12:05 ---A- .
(.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\Windows\System32\Drive
rs\usb8023.sys [19968]
O58 - SDL:[MD5.B0435098C81D04CAFFF80DDB746CD3A2] - 12/07/2013 - 02:40:58 ---A- .
(.Microsoft Corporation - USB Audio Class Driver.) -- C:\Windows\System32\Drive
rs\USBAUDIO.sys [109824]
O58 - SDL:[MD5.292A8E03B3FCE04E39B5BE9B14132030] - 20/11/2010 - 02:44:06 ---A- .
(.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\Windows\Sy
stem32\Drivers\USBCAMD2.sys [32896]
O58 - SDL:[MD5.DCA68B0943D6FA415F0C56C92158A83A] - 26/11/2013 - 17:41:15 ---A- .
(.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Window
s\System32\Drivers\usbccgp.sys [99840]
O58 - SDL:[MD5.80B0F7D5CCF86CEB5D402EAAF61FEC31] - 12/07/2013 - 02:41:12 ---A- .
(.Microsoft Corporation - USB Consumer IR Driver for eHome.) -- C:\Windows\Syst
em32\Drivers\usbcir.sys [100864]
O58 - SDL:[MD5.FFA06EF43987ED0DD42AD59B260C0C78] - 26/11/2013 - 17:41:03 ---A- .
(.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\
Drivers\usbd.sys [7808]
O58 - SDL:[MD5.18A85013A3E0F7E1755365D287443965] - 26/11/2013 - 17:41:11 ---A- .
(.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Dr
ivers\usbehci.sys [53248]
O58 - SDL:[MD5.8D1196CFBB223621F2C67D45710F25BA] - 26/11/2013 - 17:41:37 ---A- .
(.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\D
rivers\usbhub.sys [343040]
O58 - SDL:[MD5.765A92D428A8DB88B960DA5A8D6089DC] - 26/11/2013 - 17:41:09 ---A- .
(.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Dri
vers\usbohci.sys [25600]
O58 - SDL:[MD5.12FEB33791920678F8433701C822BCFD] - 26/11/2013 - 17:41:11 ---A- .
(.Microsoft Corporation - Pilote de port USB 1.1 & 2.0.) -- C:\Windows\System32
\Drivers\usbport.sys [325120]
O58 - SDL:[MD5.73188F58FB384E75C4063D29413CEE3D] - 13/07/2009 - 16:38:18 ---A- .
(.Microsoft Corporation - USB Printer driver.) -- C:\Windows\System32\Drivers\u
sbprint.sys [25088]
O58 - SDL:[MD5.C3EC945DEC43C00E2AD4C98DDDD064C7] - 20/11/2010 - 03:37:22 ---A- .
(.Microsoft Corporation - Gestionnaire de stratgie de redirection USB Windows.)
-- C:\Windows\System32\Drivers\usbrpm.sys [31744]
O58 - SDL:[MD5.9661DA76B4531B2DA272ECCE25A8AF24] - 2/07/2013 - 20:40:12 ---A- .
(.Microsoft Corporation - USB Scanner Driver.) -- C:\Windows\System32\Drivers\us
bscan.sys [42496]
O58 - SDL:[MD5.FED648B01349A3C8395A5169DB5FB7D6] - 10/03/2011 - 20:37:16 ---A- .
(.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\Windows\System3
2\Drivers\USBSTOR.SYS [91648]
O58 - SDL:[MD5.DD253AFC3BC6CBA412342DE60C3647F3] - 26/11/2013 - 17:41:06 ---A- .
(.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Dri
vers\usbuhci.sys [30720]
O58 - SDL:[MD5.1F775DA4CF1A3A1834207E975A72E9D7] - 12/07/2013 - 02:41:35 ---A- .

(.Microsoft Corporation - USB Video Class Driver.) -- C:\Windows\System32\Drive
rs\usbvideo.sys [185344]
O58 - SDL:[MD5.C5C876CCFC083FF3B128F933823E87BD] - 13/07/2009 - 17:45:55 ---A- .
(.Microsoft Corporation - numrateur racine de lecteur virtuel.) -- C:\Windows\Sys
tem32\Drivers\vdrvroot.sys [36432]
O58 - SDL:[MD5.53E92A310193CB3C03BEA963DE7D9CFC] - 13/07/2009 - 15:38:47 ---A- .
(.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\D
rivers\vga.sys [29184]
O58 - SDL:[MD5.DA4DA3F5E02943C2DC8C6ED875DE68DD] - 13/07/2009 - 15:38:47 ---A- .
(.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\D
rivers\vgapnp.sys [29184]
O58 - SDL:[MD5.2CE2DF28C83AEAF30084E1B1EB253CBB] - 20/11/2010 - 05:34:02 ---A- .
(.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\
vhdmp.sys [215936]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 13/07/2009 - 17:45:55 ---A- .
(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\Syste
m32\Drivers\viaide.sys [17488]
O58 - SDL:[MD5.E7353D59C9842BC7299FAEB7E7E09340] - 13/07/2009 - 15:38:51 ---A- .
(.Microsoft Corporation - Video Port Driver.) -- C:\Windows\System32\Drivers\vi
deoprt.sys [129024]
O58 - SDL:[MD5.D2AAFD421940F640B407AEFAAEBD91B0] - 20/11/2010 - 05:34:02 ---A- .
(.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Driver
s\volmgr.sys [71552]
O58 - SDL:[MD5.A255814907C89BE58B79EF2F189B843B] - 20/11/2010 - 05:34:02 ---A- .
(.Microsoft Corporation - Pilote dextension du gestionnaire de volumes.) -- C:\W
indows\System32\Drivers\volmgrx.sys [363392]
O58 - SDL:[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - 05:34:04 ---A- .
(.Microsoft Corporation - Pilote de clich instantan du volume.) -- C:\Windows\Sys
tem32\Drivers\volsnap.sys [295808]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 13/07/2009 - 17:45:55 ---A- .
(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\Sy
stem32\Drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.36D4720B72B5C5D9CB2B9C29E9DF67A1] - 13/07/2009 - 16:07:21 ---A- .
(.Microsoft Corporation - Pilote de bus WiFi virtuel.) -- C:\Windows\System32\D
rivers\vwifibus.sys [24576]
O58 - SDL:[MD5.6A3D66263414FF0D6FA754C646612F3F] - 13/07/2009 - 16:07:22 ---A- .
(.Microsoft Corporation - Virtual WiFi Filter Driver.) -- C:\Windows\System32\D
rivers\vwififlt.sys [59904]
O58 - SDL:[MD5.6A638FC4BFDDC4D9B186C28C91BD1A01] - 13/07/2009 - 16:07:28 ---A- .
(.Microsoft Corporation - Virtual WiFi Miniport Driver.) -- C:\Windows\System32
\Drivers\vwifimp.sys [17920]
O58 - SDL:[MD5.4E9440F4F152A7B944CB1663D3935A3E] - 13/07/2009 - 16:02:07 ---A- .
(.Microsoft Corporation - Wacom Serial Pen Tablet HID Driver.) -- C:\Windows\Sy
stem32\Drivers\wacompen.sys [27776]
O58 - SDL:[MD5.356AFD78A6ED4457169241AC3965230C] - 20/11/2010 - 02:52:38 ---A- .
(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\Windo
ws\System32\Drivers\wanarp.sys [88576]
O58 - SDL:[MD5.FC438D1430B28618E2D0C7C332A710AD] - 13/07/2009 - 15:37:35 ---A- .
(.Microsoft Corporation - Watchdog Driver.) -- C:\Windows\System32\Drivers\watc
hdog.sys [42496]
O58 - SDL:[MD5.72889E16FF12BA0F235467D6091B17DC] - 13/07/2009 - 17:45:55 ---A- .
(.Microsoft Corporation - Microsoft Watchdog Timer Driver.) -- C:\Windows\Syste
m32\Drivers\wd.sys [21056]
O58 - SDL:[MD5.E2C933EDBC389386EBE6D2BA953F43D8] - 25/06/2013 - 14:55:52 ---A- .
(.Microsoft Corporation - Runtime de linfrastructure de pilotes en mode noyau.)
-- C:\Windows\System32\Drivers\Wdf01000.sys [785624]
O58 - SDL:[MD5.AEA0A67275CFBA0E463E00C6E9A1DDAE] - 28/11/2012 - 14:56:52 ---A- .
(.Microsoft Corporation - Kernel Mode Driver Framework Loader.) -- C:\Windows\S
ystem32\Drivers\WdfLdr.sys [54376]
O58 - SDL:[MD5.611B23304BF067451A9FDEE01FBDD725] - 13/07/2009 - 16:09:26 ---A- .

(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) -- C:\Windo
ws\System32\Drivers\wfplwf.sys [12800]
O58 - SDL:[MD5.52DED146E4797E6CCF94799E8E22BB2A] - 23/05/2008 - 17:27:28 ---A- .
(.Microsoft Corporation - Windows Image File Mini-Filter Driver.) -- C:\Windows
\System32\Drivers\WimFltr.sys [154168]
O58 - SDL:[MD5.05ECAEC3E4529A7153B3136CEB49F0EC] - 13/07/2009 - 17:45:56 ---A- .
(.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\System32\Drive
rs\wimmount.sys [22096]
O58 - SDL:[MD5.FE88B288356E7B47B74B13372ADD906D] - 20/11/2010 - 02:43:58 ---A- .
(.Microsoft Corporation - Windows USB Class Driver BETA.) -- C:\Windows\System3
2\Drivers\winusb.sys [41984]
O58 - SDL:[MD5.F6FF8944478594D0E414D3F048F0D778] - 13/07/2009 - 15:31:02 ---A- .
(.Microsoft Corporation - Windows Management Interface for ACPI.) -- C:\Windows
\System32\Drivers\wmiacpi.sys [14336]
O58 - SDL:[MD5.FC146F46872D4C5B529B89A5131FD1E6] - 13/07/2009 - 17:45:55 ---A- .
(.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\Windows\System
32\Drivers\wmilib.sys [16464]
O58 - SDL:[MD5.6BCC1D7D2FD2453957C5479A32364E52] - 13/07/2009 - 16:10:33 ---A- .
(.Microsoft Corporation - Couche IFS Winsock2.) -- C:\Windows\System32\Drivers\
ws2ifsl.sys [21504]
O58 - SDL:[MD5.AB886378EEB55C6C75B4F2D14B6C869F] - 25/07/2012 - 18:26:45 ---A- .
(.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framewor
k Platform.) -- C:\Windows\System32\Drivers\WUDFPf.sys [87040]
O58 - SDL:[MD5.DDA4CAF29D8C0A297F886BFE561E6659] - 25/07/2012 - 18:26:06 ---A- .
(.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framewor
k Reflecto.) -- C:\Windows\System32\Drivers\WUDFRd.sys [198656]
O58 - SDL:[MD5.FE1EC06F2253F691FE36217C592A0206] - 13/07/2009 - 17:52:31 ---A- .
(.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System3
2\clfs.sys [367696]
O58 - SDL:[MD5.E918C0DE5CF2AE6BEDBF387C09627D93] - 6/02/2014 - 17:23:30 ---A- .
(.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System
32\win32k.sys [3156480]
O58 - SDL:[MD5.F6A558724F631BA04CDABFEAF99F4B2E] - 5/11/2013 - 23:56:57 ---A- .
(.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0.sys [14672]
O58 - SDL:[MD5.12CECC3C14160F32B21279C1A36B8338] - 5/11/2013 - 23:56:57 ---A- .
(.OpenLibSys.org - WinRing0.) -- C:\Windows\System32\WinRing0x64.sys [14544]
O58 - SDL:[MD5.5CF95B35E59E2A38023836FFF31BE64C] - 13/07/2009 - 17:19:10 ---A- .
(.Microsoft Corporation - Wim file system Driver.) -- C:\Windows\SysWOW64\drive
rs\wimmount.sys [19008]
~ Drivers: 16 Scanned in 00mn 12s
---\\ Derniers fichiers modifis ou cres (Utilisateur) (O61)

O61 - LFC: 14/04/2014 - 10:17:13 ---A- . (...) -- C:\Users\Armin Metovic\AppData
\Local\Windows Live\uxcore_MovieMaker_00.etl [8192]
\Roaming\Audacity\audacity.cfg [1497]
\Roaming\Audacity\plugins.cfg [0]
\Roaming\GRETECH\GomAudio\recent.asx [1954]
\Roaming\GRETECH\GomAudio\songinfo_html\index.html [4588]
O61 - LFC: 14/04/2014 - 10:18:02 ---A- . (...) -- C:\Users\Armin Metovic\Downloa
ds\South Park The Stick of Truth RePack MULTi2-SEYTER.torrent [271817]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\current_
language.xml [202]

\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\enable_s
imulated_stats.xml [200]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\fmc.xml
[202]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\keep_ran
dom_seed.xml [202]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\recent_f
olders.xml [770]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\skin.xml
[202]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\start_se
rver.xml [202]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\state-fm
-Vue d'ensemble Profil-player_overview_panel.xml [172]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\tool str
ip settings.xml [4414]
\Roaming\Microsoft\Office\Recent\Rapport_d_insertion_no3_-_2014.LNK [1187]
O61 - LFC: 15/04/2014 - 10:17:41 --H-- . (...) -- C:\Users\Armin Metovic\AppData
\Roaming\Microsoft\Office\Recent\index.dat [642]
O61 - LFC: 15/04/2014 - 10:17:58 ---A- . (...) -- C:\Users\Armin Metovic\Documen
ts\Sports Interactive\Football Manager 2014\editor data\config.xml [392]
ts\Sports Interactive\Football Manager 2014\games\config.xml [251]
ts\Sports Interactive\Football Manager 2014\skins\config.xml [251]
\Local\Google\Chrome\User Data\Certificate Revocation Lists [300313]
\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
\Local\Google\Chrome\User Data\Local State [68399]
O61 - LFC: 16/04/2014 - 10:17:09 --HA- . (...) -- C:\Users\Armin Metovic\AppData
\Local\IconCache.db [1952265]
\Local\Sports Interactive\Football Manager 2014\Logs\navigation.txt [99110]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\Profile0
.set [133959]
.xml [3642]
.set [133959]
.xml [3642]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\last_sav
ed_game.xml [372]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\match_mi

nimised.xml [200]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\play_sou
nds.xml [200]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\show_bar
s_on_match_stats.xml [200]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\show_squ
ad_depth.xml [202]
- Aprs-match-match_post_match_panel.xml [172]
-Avant-match Prsentation du match-match_preview_panel.xml [1388]
-Calendrier Prochain adversaire-past_meetings_panel.xml [1502]
-Calendrier Prog.-fixtures_list_panel.xml [1270]
-Contrat Offre de contrat-contract_offer_information_panel.xml [172]
-Effectif Joueurs-team_squad_panel.xml [6154]
-Entranement Individuel-team_training_person_table_info_panel.xml [172]
-Entranement Prparateurs-team_training_coaches_panel.xml [172]
-Entranement Vue d'ensemble-training_overview_panel.xml [172]
-Entranement quipe-team_training_overview_panel.xml [172]
-Infos Bote de rception-inbox_panel.xml [2902]
-Matchs Calendrier et rsultats-competition_fixtures_panel.xml [604]
-Prsentation Analyse du match-match_pre_match_panel.xml [172]
-Prsentation quipes de dpart-match_preview_lineups_panel.xml [172]
-Stats Notes des joueurs-both_match_team_stats_panels.xml [172]
-Stats Stats du match-match_stats_panel.xml [172]

-Slection quipe domicile Vue d'ensemble-match_team_panel.xml [7056]
-Tactique Capitaines-team_tactics_captains_panel.xml [5174]
-Tactique Coups de pied arrts-team_tactics_set_pieces_panel.xml [4570]
-Tactique Joueur-team_tactics_player_instructions_panel.xml [172]
-Tactique Penalties-team_tactics_penalty_takers_panel.xml [4570]
-Tactique Vue d'ensemble-team_tactics_overview_panel.xml [6656]
-Tactique quipe-team_tactics_team_instructions_panel.xml [172]
-Tactiques domicile Causerie-match_team_talk_panel.xml [172]
-Tactiques domicile Cons. part.-match_opposition_instructions_panel.xml [5394]
-Tactiques domicile Joueur-match_tactics_panel_base.xml [172]
-Tactiques domicile quipe-match_tactics_panel_base.xml [172]
-Terrain Plein cran-match_full_window_panel.xml [346]
-Vue d'ensemble Page d'accueil-manager_home_panel.xml [49588]
-Vue d'ensemble Profil-club_overview_panel.xml [172]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\steam_us
er_profile.xml [3556]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\switchin
g.xml [194]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\views-v1
-fm-opposition-tactic-views.xml [308]
-fm-past-meeting-fixture-views.xml [308]
-fm-team-fixture-views.xml [308]
-fm-team-squad-views.xml [308]

-fm-team-tactics-views.xml [308]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\visible_
panels.xml [168]
\Local\Sports Interactive\Football Manager 2014\Preferences\version 103\window1.
xml [666]
\Local\Sports Interactive\Football Manager 2014\Temporary\web\Default\Cookies
[6144]
\Local\Sports Interactive\Football Manager 2014\Temporary\web\Default\Preference
s [554]
\Local\Sports Interactive\Football Manager 2014\Temporary\web\Local State [851
]
\Local\Windows Live\uxcore_WLXPhotoGallery_00.etl [12288]
\Local\Windows Live\uxcore_WLXPhotoGallery_01.etl [12288]
\Roaming\FMRTE14\trk.dat [3950]
ts\Sports Interactive\Football Manager 2014\games\Brussels.fm [21033374]
ts\Sports Interactive\Football Manager 2014\tactics\ESSAI 1.tac [888]
---\\ Liste des outils de dsinfection (LATC) (O63)

O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nic
olas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)

O64 - Services: CurCS - 27/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD)
.(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 2/07/2009 - C:\Program Files (x86)\ASUS\ATK Package\ATKG
FNEX\ASMMAP64.sys (ASMMAP64) .(.ASUS - Memory mapping Driver.) - LEGACY_ASMMAP6
4
O64 - Services: CurCS - 25/02/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (
aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) LEGACY_ASWMONFLT
O64 - Services: CurCS - 6/11/2013 - C:\Windows\system32\drivers\aswRdr2.sys (asw
Rdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 6/11/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (asw
Rvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 25/02/2014 - C:\Windows\system32\drivers\aswSnx.sys (asw
Snx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 25/02/2014 - C:\Windows\system32\drivers\aswSP.sys (aswS
P) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 25/02/2014 - C:\Windows\system32\drivers\aswStm.sys (asw
Stm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 25/02/2014 - C:\Windows\System32\Drivers\aswVmm.sys (asw
Vmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\drivers\atapi.sys (atap
i) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI

O64 - Services: CurCS - 25/05/2011 - C:\Program Files (x86)\ASUS\ATK Package\ATK
WMIACPI\atkwmiacpi64.sys (ATKWMIACPIIO) .(.ASUS - ATK WMIACPI Utility.) - LEGA
CY_ATKWMIACPIIO
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep)
.(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 4/07/2012 - C:\Windows\system32\browser.dll (bowser) .(
.Microsoft Corporation - DLL du service Explorateur dordinateurs.) - LEGACY_BOWSE
R
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs)
.(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Mic
rosoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 4/07/2013 - C:\Windows\System32\Drivers\cng.sys (CNG) .
(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC)
.(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\discache.sys (d
iscache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISC
ACHE
O64 - Services: CurCS - 1/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXG
Krnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fa
stfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFA
T
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (F
ileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (Flt
Mgr) .(.Microsoft Corporation - Gestionnaire de filtres de systme de fichi.) - L
EGACY_FLTMGR
O64 - Services: CurCS - 23/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fve
vol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FV
EVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP)
.(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (h
wpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 24/09/2013 - C:\Windows\System32\Drivers\ksecdd.sys (KSe
cDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) LEGACY_KSECDD
O64 - Services: CurCS - 24/09/2013 - C:\Windows\System32\Drivers\ksecpkg.sys (KS
ecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.)
- LEGACY_KSECPKG
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (llt
dio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGAC
Y_LLTDIO
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\luafv.sys (luaf
v) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - L
EGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (m
ountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGA
CY_MOUNTMGR
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv
) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(
.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10)
.(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)
.(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\msahci.sys (msa

hci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (m
sisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup)
.(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (Nati
veWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NA
TIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)
.(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Nd
isuio) .(.Microsoft Corporation - Pilote dE/S du mode utilisateur NDIS.) - LEGAC
Y_NDISUIO
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (Ne
tBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetB
T) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (n
siproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\drivers\pciide.sys (pci
ide) .(.Microsoft Corporation - Generic PCI IDE Bus Driver.) - LEGACY_PCIIDE
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw)
.(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PC
W
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEA
UTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psch
ed) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.
Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDP
CDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (R
DPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (R
DPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RD
PREFMP
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rsp
ndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (sec
drv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driv
er.) - LEGACY_SECDRV
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spld
r) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Mi
crosoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.M
icrosoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 28/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srv
net) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .
(.Microsoft Corporation - Objets de configuration du rseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 3/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tc
pipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEG
ACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.
Microsoft Corporation - Objets de configuration du rseau.) - LEGACY_TDX
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmactmon.sys (t

mactmon) .(.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - LEGACY_TM
ACTMON
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmcomm.sys (tmc
omm) .(.Trend Micro Inc. - TrendMicro Common Module.) - LEGACY_TMCOMM
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmevtmgr.sys (t
mevtmgr) .(.Trend Micro Inc. - TrendMicro Event Management Module.) - LEGACY_TM
EVTMGR
O64 - Services: CurCS - 17/09/2010 - C:\Windows\System32\DRIVERS\tmtdi.sys (tmtd
i) .(.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) - LEGACY_TMTDI
O64 - Services: CurCS - 29/11/2010 - C:\Windows\System32\DRIVERS\TurboB.sys (Tur
boB) .(.Intel(R) Corporation - TurboB Device Driver.) - LEGACY_TURBOB
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSav
e) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (vo
lmgrx) .(.Microsoft Corporation - Pilote dextension du gestionnaire de volum.) LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (vo
lsnap) .(.Microsoft Corporation - Pilote de clich instantan du volume.) - LEGACY_
VOLSNAP
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (v
wififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFI
FLT
O64 - Services: CurCS - 13/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)
.(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (W
df01000) .(.Microsoft Corporation - Runtime de linfrastructure de pilotes en m.)
- LEGACY_WDF01000
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (Wfp
Lwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEG
ACY_WFPLWF
O64 - Services: CurCS - 25/07/2012 - C:\Windows\System32\drivers\WudfPf.sys (Wud
fPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) LEGACY_WUDFPF
~ Legacy: 83 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corp
oration - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microso
ft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - Lanceur du composant logiciel enfichable Observateur dvnements.) -- C:\Windo
ws\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corpo
ration - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporati
on - Microsoft Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corpora
tion - diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s
---\\ Menu de dmarrage Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Comm
and] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox
\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Comm
and] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\C
ommand] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Intern
et Explorer\iexplore.exe
---\\ Enumre les fichiers Crack & Keygen (CKF) (O82)

D:\DISQUE DUR\BLA\EPHEC\Ethnos_BY KMARO\Ethnos_BY KMARO\Keygen\CR-ETN30.exe =>.
Crack,Keygen
E:\PC Acer Aspire 5920G\D\Torrent\AVS.Video.Converter.v8.0.4.495.Cracked-F4CG\AVS
VideoConverter.exe =>.Crack,Keygen
E:\PC Acer Aspire 5920G\D\Torrent\AVS.Video.Converter.v8.0.4.495.Cracked-F4CG\Cra
ck\AVSVideoConverter.exe =>.Crack,Keygen
F:\EPHEC\Ethnos_BY KMARO\Ethnos_BY KMARO\Keygen\CR-ETN30.exe =>.Crack,Keygen
~ Files: Scanned in 02mn 22s
---\\ Enumre les service demarrs par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporati
on - Service Exprience dapplication.) -- C:\Windows\System32\aelupsvc.dll [72192
]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporati
on - Service de propagation de certificats de cartes puce Microsoft.) -- C:\Wind
ows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporati
on - Service de propagation de certificats de cartes puce Microsoft.) -- C:\Wind
ows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corpora
tion - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client
de stratgie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Exten
sion IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - S
ervice Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Ges
tionnaire de numrotation automatique daccs distant.) -- C:\Windows\System32\rasauto
.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gesti
onnaire de connexions daccs distant.) -- C:\Windows\System32\rasmans.dll [344064
]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corpora
tion - Gestionnaire dinterface dynamique.) -- C:\Windows\System32\mprdim.dll [9
7792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service d
e notification dvnements systme (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corpora
tion - Composants de lapplication dassistance Microsoft NAT.) -- C:\Windows\System
32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Ser
veur de tlphonie Microsoft Windows(TM).) -- C:\Windows\System32\tapisrv.dll [3169

28]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporati
on - Gestionnaire des connexions distantes du serveur hte de session Burea.) -- C
:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - A
gent de mise jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dl
l [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service d
e transfert intelligent en arrire-plan.) -- C:\Windows\System32\qmgr.dll [84992
0]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft
Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dl
l [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - S
ervice offrant une connectivit IPv6 sur un rseau IPv4..) -- C:\Windows\System32\ip
hlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - D
LL de service douverture de session secondaire.) -- C:\Windows\system32\seclogon.
dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Ser
vice Informations dapplication.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Ser
vice de dcouverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service
Planificateur de classes multimdias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI
.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation
- Service Configuration des services Bureau distance.) -- C:\Windows\System32\s
essenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL
du service Explorateur dordinateurs.) -- C:\Windows\System32\browser.dll [1367
04]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Ser
vice EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - S
ervice du Planificateur de tches.) -- C:\Windows\System32\schedsvc.dll [1110016
]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Servi
ce Gestion des cls.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corpo
ration - Rapports et solutions aux problmes.) -- C:\Windows\System32\wercplsuppor
t.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - Pro
fSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL d
u service des thmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44
544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Servi
ce BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s
---\\ Recherche particulire la racine du systme (SPRF) (O84)

[MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][6/07/2010] (...) -- C:\ProgramData
\FullRemove.exe [131472]
[MD5.6514E84EF662B96D4F9D4B08EAFF75F8] [SPRF][3/04/2014] (.Sony Corporation - Pa
s de description.) -- C:\Users\Armin Metovic\Desktop\SRD20_Installer0810a.exe

[7793096]
[MD5.3EF2FCE3C5D0AEC6F18D3AFC7A8AEC2C] [SPRF][31/03/2014] (.Expansive Worlds - t
heHunter Launcher Setup.) -- C:\Users\Armin Metovic\Desktop\theHunterLauncherSet
up.exe [19093776]
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)

O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corpora
tion - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft
Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation
- Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplaye
r.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer
.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Micro
soft Corporation - Processus hte pour les services Windows.) -- C:\Windows\system
32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Mic
rosoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\syst
em32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Micros
oft Corporation - Processus hte pour les services Windows.) -- C:\Windows\system3
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Micr
osoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\syste
m32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microso
ft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media
Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Micro
soft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Med
ia Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Micros
oft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Medi
a Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Pr
ogram Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft C
orporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\
Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft
Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Pro
gram Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Co
rporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\P
rogram Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft
Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Cor
poration - Processus hte pour les services Windows.) -- C:\Windows\system32\svcho
st.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft C
orporation - Processus hte pour les services Windows.) -- C:\Windows\system32\svc

host.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corp
oration - Processus hte pour les services Windows.) -- C:\Windows\system32\svchos
t.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Co
rporation - Processus hte pour les services Windows.) -- C:\Windows\system32\svch
ost.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Cor
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corpo
ration - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\
wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Cor
poration - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Playe
r\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corp
oration - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player
\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Fi
les (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporati
on
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program
Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corpora
tion
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Fil
es (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporatio
n
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program F
iles (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporat
ion
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpo
ration - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6
- FALSE | .(.Microsoft Corporation - Processus hte pour les services Windows.) - C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private P6 - FALSE | .(.Microsoft Corporation - Processus hte pour les services Windows.)
-- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P1
7 - FALSE | .(.Microsoft Corporation - Processus hte pour les services Windows.)
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private P17 - FALSE | .(.Microsoft Corporation - Processus hte pour les services Windows.
) -- C:\Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corpo
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Co
rporation - Processus hte pour les services Windows.) -- C:\Windows\system32\svch
ost.exe =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft
Corporation - Processus hte pour les services Windows.) -- C:\Windows\system32\s

vchost.exe =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft C
orporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsof
t Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporati
on - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpor
ation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpora
tion - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.e
xe =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corpo
ration - Voisinage immdiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Co
rporation - Voisinage immdiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft
Corporation - Voisinage immdiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microso
ft Corporation - Voisinage immdiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corpora
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corp
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsof
t Corporation - Processus hte pour les services Windows.) -- C:\Windows\system32\
svchost.exe =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Micros
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Micros
oft Corporation - Application sous-systme spouleur.) -- C:\Windows\system32\spool
sv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corp
oration - Application sous-systme spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporat
ion - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.ex
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corpor
ation - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporatio
n - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporat
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporat
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corpor
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporat

O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corpor
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corpor
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corpo
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corpo
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft
Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.e
xe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Micro
soft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\syste
m32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microso
ft Corporation - Processus hte pour les services Windows.) -- C:\Windows\system32
\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE |
.(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windo
ws\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(
.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\
system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft C
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporati
on - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corpora
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microso
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Micro
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft
Corporation - Sink to receive asynchronous callbacks for WMI client application
.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpora
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Cor

O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpora
tion - Sink to receive asynchronous callbacks for WMI client application.) -- C:
\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Micr
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Mi
crosoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\sys
tem32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Micros
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Micr
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Mi
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Micros
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Micr
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE |
.(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Window
s\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Cor
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Cor
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Micros
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Micr
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Micr
osoft Corporation - Applications Services et Contrleur.) -- C:\Windows\system32\s

ervices.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .
(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Windows
\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Co
rporation - Applications Services et Contrleur.) -- C:\Windows\system32\services.
exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Micros
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsof
t Corporation - Processus hte pour les services Windows.) -- C:\Windows\system32\
svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Mi
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpor
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft
Corporation - Processus hte pour les services Windows.) -- C:\Windows\system32\sv
chost.exe =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Cor
poration - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows
\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft C
orporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windo
ws\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microso
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microso
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation
- Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system3
2\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporati
on - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\syste
m32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.M
icrosoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\sy
stem32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE
| .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Wind
ows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Mic
rosoft Corporation - Processus hte pour les services Windows.) -- C:\Windows\syst
em32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Micro

O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Cor
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microso
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.M
icrosoft Corporation - Assistance distance Windows.) -- C:\Windows\system32\msra
.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsof
t Corporation - Assistance distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TR
UE | .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\W
indows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6
- TRUE | .(.Microsoft Corporation - Serveur COM dassistance distance Windows.) - C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain P6 - TRUE | .(.Microsoft Corporation - Serveur COM dassistance distance Windows.)
-- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - T
RUE | .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\
Windows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE
| .(.Microsoft Corporation - Assistance distance Windows.) -- C:\Windows\system
32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Mi
crosoft Corporation - Assistance distance Windows.) -- C:\Windows\system32\msra.
exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE
| .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Wind
ows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRU
E | .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Wi
ndows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE |
.(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Windo
ws\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE
| .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Win
dows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P
17 - TRUE | .(.Microsoft Corporation - Processus hte pour les services Windows.)
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRU
E | .(.Microsoft Corporation - Processus hte pour les services Windows.) -- C:\Wi
ndows\system32\svchost.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Wi
ndows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\
Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows
\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windo
ws\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\sy
stem32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\
system32\netproj.exe (.not file.)
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft
Corporation - Windows Driver Foundation - Processus hte de linfrastructure de pilo
tes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporat
ion - Windows Driver Foundation - Processus hte de linfrastructure de pilotes.) -C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Cor
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft C
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft C
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corpor
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corp
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - W
indows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporatio
n
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporat
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corpor
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporati
on - Processus hte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpora
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation
- Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporati
on
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporat
ion - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpor

O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpor
ation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corpo
O87 - FAEL: "{50D76052-134E-46DB-AF8E-63827F883C0F}" | In - None - P6 - TRUE | .
(.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program F
iles (x86)\Windows Live\Contacts\wlcomm.exe
O87 - FAEL: "{25BDD843-A815-48A8-A216-66D065687049}" | In - None - P6 - TRUE | .
(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Win
dows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" | In - None - P6 - TRUE | .
(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files (x86)
\Windows Live\Mesh\MOE.exe
O87 - FAEL: "{75A86F55-B36F-416A-9989-F387F4FFDECD}" |In - Public - P6 - FALSE |
.(...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(.not file.)
O87 - FAEL: "{A0F187E5-E772-434D-ACD2-A61C0E362A02}" |In - Public - P17 - FALSE
| .(...) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(.not file.)
O87 - FAEL: "{CC3CD9BF-ADD8-41F3-9614-67A21F5673F5}" | In - Public - P6 - TRUE |
.(.Dropbox, Inc. - Dropbox.) -- C:\Users\Armin Metovic\AppData\Roaming\Dropbox\
bin\Dropbox.exe =>.Dropbox
O87 - FAEL: "{6B48C3FD-478C-469F-897D-489AE610CF2B}" | In - Public - P17 - TRUE
| .(.Dropbox, Inc. - Dropbox.) -- C:\Users\Armin Metovic\AppData\Roaming\Dropbox
\bin\Dropbox.exe =>.Dropbox
O87 - FAEL: "{63E237A1-314C-4692-85D5-7CC94BE9F231}" | In - None - P6 - FALSE |
.(.Microsoft Corporation - SMSvcHost.exe.) -- C:\Windows\Microsoft.NET\Framework
64\v4.0.30319\SMSvcHost.exe
O87 - FAEL: "{EB7407C2-0868-4AD0-A301-4302081EAF1B}" | In - Public - P6 - TRUE |
.(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Offic
e\Office15\lync.exe
O87 - FAEL: "{83FDC22F-AEDE-48EE-80B1-E6F77854BFF4}" | In - Public - P17 - TRUE
| .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Offi
ce\Office15\lync.exe
O87 - FAEL: "{789B0890-7A85-4145-8828-C6B1CA41D25D}" | In - Public - P6 - TRUE |
.(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Offic
e\Office15\UcMapi.exe
O87 - FAEL: "{614C1C6C-AEAD-4FE7-8144-297F2D7BD3BB}" | In - Public - P17 - TRUE
ce\Office15\UcMapi.exe
O87 - FAEL: "{936A32BA-3615-428A-B9B0-0FA85D985DB5}" | In - Public - P17 - TRUE
| .(.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft O
ffice\Office15\outlook.exe
O87 - FAEL: "TCP Query User{7468B144-9116-41C0-8AB7-DA49CADA3D4C}C:\windows\micr
osoft.net\framework\v2.0.50727\vbc.exe" | In - Public - P6 - TRUE | .(.Microsoft
Corporation - Visual Basic Command Line Compiler.) -- C:\windows\microsoft.net\
framework\v2.0.50727\vbc.exe
O87 - FAEL: "UDP Query User{721CC960-24B1-4159-9E00-A9EB9F98A6E7}C:\windows\micr
osoft.net\framework\v2.0.50727\vbc.exe" | In - Public - P17 - TRUE | .(.Microsof
t Corporation - Visual Basic Command Line Compiler.) -- C:\windows\microsoft.net
\framework\v2.0.50727\vbc.exe
O87 - FAEL: "{97B96CF6-132B-4846-A35D-2FBB711C2586}" | In - None - P17 - TRUE |
.(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype
.exe =>.Skype Technologies S.A.
O87 - FAEL: "{BEA12A7E-0D53-4A70-B50F-D64595FBF123}" | In - Private - P6 - TRUE

ce\Office15\lync.exe
O87 - FAEL: "{BDC9810B-8779-4249-B862-A9E3AC8AC7EC}" | In - Private - P17 - TRUE
| .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Off
ice\Office15\lync.exe
O87 - FAEL: "{D2DB9F26-8A43-42CD-9A82-62BCE0CAC1A3}" | In - Private - P6 - TRUE
ce\Office15\UcMapi.exe
O87 - FAEL: "{A8208ABD-FA59-42DB-9254-66771CA9D54A}" | In - Private - P17 - TRUE
| .(.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Off
ice\Office15\UcMapi.exe
O87 - FAEL: "TCP Query User{19133A2E-6BA2-4DBF-91E5-9F6398E3F630}C:\program file
s (x86)\voipwise.com\voipwise\voipwise.exe" | In - Public - P6 - TRUE | .(.Voipw
ise - Client to make VoIP calls..) -- C:\program files (x86)\voipwise.com\voipwi
se\voipwise.exe
O87 - FAEL: "UDP Query User{8CF67ECA-4388-4863-9743-7E22EFAD31FD}C:\program file
s (x86)\voipwise.com\voipwise\voipwise.exe" | In - Public - P17 - TRUE | .(.Voip
wise - Client to make VoIP calls..) -- C:\program files (x86)\voipwise.com\voipw
ise\voipwise.exe
O87 - FAEL: "TCP Query User{EB30C1A2-A77E-4FD2-A4B6-5BDEDFB44134}C:\program file
s (x86)\voipwise.com\voipwise\voipwise.exe" | In - Private - P6 - TRUE | .(.Voip
wise - Client to make VoIP calls..) -- C:\program files (x86)\voipwise.com\voipw
ise\voipwise.exe
O87 - FAEL: "UDP Query User{27A1936C-089E-4A83-AFBD-1FB77546F789}C:\program file
s (x86)\voipwise.com\voipwise\voipwise.exe" | In - Private - P17 - TRUE | .(.Voi
pwise - Client to make VoIP calls..) -- C:\program files (x86)\voipwise.com\voip
wise\voipwise.exe
O87 - FAEL: "TCP Query User{22B7BE62-D1B8-4DC3-9C52-AEE1B9D2DAC5}C:\program file
s (x86)\java\jre7\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Oracle Corporati
on - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\javaw
.exe
O87 - FAEL: "UDP Query User{629D5477-E980-4B29-B763-270D021FEEDD}C:\program file
s (x86)\java\jre7\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Oracle Corporat
ion - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre7\bin\java
w.exe
O87 - FAEL: "{DE59FC93-CCE2-446D-96B6-AE9EA499E0FA}" | In - Domain - P6 - TRUE |
.(.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\St
eam\Steam.exe
O87 - FAEL: "{EE93C219-6E5E-41F2-846B-D5EAC3D12FC5}" | In - Domain - P17 - TRUE
| .(.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\S
team\Steam.exe
O87 - FAEL: "{2450772C-1F13-4E72-B882-3FE46D1B0ECC}" | In - Domain - P6 - TRUE |
.(...) -- C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
O87 - FAEL: "{20AEBCC5-CCB9-4AB3-A1C6-8008953DD29C}" | In - Domain - P17 - TRUE
| .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
O87 - FAEL: "{47FE5BFC-D7C4-4C2E-85B3-4ECED891EA80}" | In - Domain - P6 - TRUE |
O87 - FAEL: "{30540B7E-5DCD-458B-A3DD-943EBD6DD21C}" | In - Domain - P17 - TRUE
O87 - FAEL: "{2FFDD7BD-CFF1-48CC-BCC1-557CA20CB52A}" | In - Domain - P6 - TRUE |
.(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\h
l2.exe
O87 - FAEL: "{63177E19-8D33-46FD-9A43-2E9D211F59FE}" | In - Domain - P17 - TRUE
| .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\
hl2.exe
O87 - FAEL: "TCP Query User{BD707347-5AAD-4530-A316-FFAB296E5C0E}C:\program file
s (x86)\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (
x86)\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{2DC492B6-1A7B-43EB-A16B-3D2FA372BE5A}C:\program file
s (x86)\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files
(x86)\emule\emule.exe (.not file.)

O87 - FAEL: "{4529CEB2-1C01-4106-BE65-396884469FC4}" | In - Domain - P6 - TRUE |
O87 - FAEL: "{C2FAB3BA-0CC6-4CF9-BC9A-61B2D9232E59}" | In - Domain - P17 - TRUE
O87 - FAEL: "{254C7089-1994-4FBB-9DAC-ED89583D06BC}" | In - Public - P6 - TRUE |
.(...) -- C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontsta
rve_steam.exe
O87 - FAEL: "{4FE31AFC-D34F-402B-9774-3EE336735814}" | In - Public - P17 - TRUE
| .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontst
arve_steam.exe
O87 - FAEL: "{5F5F147B-23C0-40E7-9EFA-F00CBD7D144F}" |In - Public - P6 - TRUE |
.(...) -- C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe (.
not file.)
O87 - FAEL: "{98ABD541-9B4E-4EDA-99FE-39F6FC4E29D7}" |In - Public - P17 - TRUE |
.(...) -- C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe (
.not file.)
O87 - FAEL: "{36516EBB-0F21-4929-9C9F-78694E212592}" |In - Public - P6 - TRUE |
.(...) -- C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe (.
not file.)
O87 - FAEL: "{15931E8F-3DC8-435E-AE7B-483C08712677}" |In - Public - P17 - TRUE |
.(...) -- C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe (
.not file.)
O87 - FAEL: "{9E27DF51-7EDE-4AE6-B43C-8780106C6EE1}" | In - Domain - P6 - TRUE |
.(.Pas de propritaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Ne
tworks\Media Booster\PMB.exe
O87 - FAEL: "{13467156-14E9-4EA4-978F-58DB9C36B894}" | In - Domain - P17 - TRUE
| .(.Pas de propritaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando N
etworks\Media Booster\PMB.exe
O87 - FAEL: "{EC88E9CD-11B0-4F12-B1AE-1425254BCAED}" | In - Private - P6 - TRUE
| .(.Pas de propritaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando N
etworks\Media Booster\PMB.exe
O87 - FAEL: "{41AD1689-640C-490D-85E4-B8C8DF7CE0CA}" | In - Private - P17 - TRUE
| .(.Pas de propritaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando
Networks\Media Booster\PMB.exe
O87 - FAEL: "{F8414A3C-12B2-469C-9F10-A0E15FDD3D87}" | In - None - P17 - TRUE |
.(.Pas de propritaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Net
works\Media Booster\PMB.exe
O87 - FAEL: "TCP Query User{BB9723B4-333A-48F7-AD9A-874E2183F51D}C:\users\armin
metovic\appdata\roaming\dropbox\bin\dropbox.exe" | In - Private - P6 - TRUE | .(
.Dropbox, Inc. - Dropbox.) -- C:\users\armin metovic\appdata\roaming\dropbox\bin
\dropbox.exe =>.Dropbox
O87 - FAEL: "UDP Query User{1FDBF09C-4F54-4DEE-A5B6-0A2A839168AD}C:\users\armin
metovic\appdata\roaming\dropbox\bin\dropbox.exe" | In - Private - P17 - TRUE | .
(.Dropbox, Inc. - Dropbox.) -- C:\users\armin metovic\appdata\roaming\dropbox\bi
n\dropbox.exe =>.Dropbox
O87 - FAEL: "{1B61D098-1097-45FD-9D50-A4E7A692F644}" | In - None - P6 - TRUE | .
(.BitTorrent Inc. - Torrent.) -- C:\Users\Armin Metovic\AppData\Roaming\uTorrent\
uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{D293E33F-5131-4FB6-BCF3-79A5959B4C47}" | In - None - P17 - TRUE |
.(.BitTorrent Inc. - Torrent.) -- C:\Users\Armin Metovic\AppData\Roaming\uTorrent
\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{806F0ABD-9E03-4865-92CA-16A565438F64}" | In - None - P17 - TRUE |
.(.Skype Limited - Facebook Video Calling.) -- C:\Users\Armin Metovic\AppData\Lo
cal\Facebook\Video\Skype\FacebookVideoCalling.exe
O87 - FAEL: "{7193E493-A0DC-4881-8AFB-B7CFC9C3284B}" | In - Private - P6 - TRUE
| .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontst
arve_steam.exe
O87 - FAEL: "{EB967110-7C34-4422-9E3C-FDBE1CE3F226}" | In - Private - P17 - TRUE
| .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\donts
tarve_steam.exe
O87 - FAEL: "TCP Query User{FD1105CA-CA82-4C8C-B6E7-34568A75E018}C:\program file
s (x86)\saints row 2\sr2_pc.exe" | In - Private - P6 - TRUE | .(...) -- C:\progr
am files (x86)\saints row 2\sr2_pc.exe
O87 - FAEL: "UDP Query User{C4D234ED-79F0-4DAC-98BA-59CBBE1B0B05}C:\program file
s (x86)\saints row 2\sr2_pc.exe" | In - Private - P17 - TRUE | .(...) -- C:\prog
ram files (x86)\saints row 2\sr2_pc.exe
O87 - FAEL: "{2ACFAC5C-AE71-4249-B747-26585B58BCF8}" | In - Private - P6 - TRUE
| .(.Expansive Worlds - theHunter.) -- C:\Program Files (x86)\theHunter\game\the
Hunter.exe
O87 - FAEL: "{960111D4-FA25-42C6-B630-CEB4850C11AA}" | In - Private - P17 - TRUE
| .(.Expansive Worlds - theHunter.) -- C:\Program Files (x86)\theHunter\game\th
eHunter.exe
O87 - FAEL: "{8A445FEF-15AD-42A9-9136-899DCF4362FC}" | In - Private - P6 - TRUE
| .(.Expansive Worlds - theHunter Launcher.) -- C:\Program Files (x86)\theHunter
\launcher\launcher.exe
O87 - FAEL: "{E7425BEA-A4C7-4197-8768-0343EF5376BB}" | In - Private - P17 - TRUE
| .(.Expansive Worlds - theHunter Launcher.) -- C:\Program Files (x86)\theHunte
r\launcher\launcher.exe
O87 - FAEL: "{9796B954-67F6-42A6-AAD6-A3D6377C18B0}" | In - None - P6 - TRUE | .
(.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe
O87 - FAEL: "{AF196DA6-8D0B-410E-8368-6E0B5B7BE15D}" | In - None - P6 - TRUE | .
(.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA
Corporation\NetService\NvNetworkService.exe
O87 - FAEL: "{48669BD0-4939-4F23-B419-CCC4F0865C4F}" | In - None - P6 - TRUE | .
(.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corp
oration\NvStreamSrv\nvstreamsvc.exe
O87 - FAEL: "{8AD10A6B-3595-4979-A88A-1FE62D51AF17}" | In - None - P17 - TRUE |
.(.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Cor
poration\NvStreamSrv\nvstreamsvc.exe
O87 - FAEL: "{15EA29CA-AE00-49F2-804F-2D4DF2B0BD24}" | In - None - P6 - TRUE | .
(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\NV
IDIA Corporation\NvStreamSrv\nvstreamer.exe
O87 - FAEL: "{917C5F95-A6F4-4618-A515-A978429B544F}" | In - None - P17 - TRUE |
.(.NVIDIA Corporation - NVIDIA Streamer Server Component.) -- C:\Program Files\N
VIDIA Corporation\NvStreamSrv\nvstreamer.exe
~ Firewall: 235 Scanned in 00mn 02s
---\\ Enumre les codes produits des logiciels (PUC) (O90)

O90 - PUC: "00005109F10010400100000000F01FEC" . (.Microsoft Office Proofing Tool
s 2013 .) -- C:\Windows\Installer\{90150000-001F-0401-1000-0000000FF1CE}\misc.
s 2013 - Nederlands.) -- C:\Windows\Installer\{90150000-001F-0413-1000-0000000FF
1CE}\misc.exe,6
O90 - PUC: "00005109F10070400100000000F01FEC" . (.Microsoft Office Korrekturhilf
en 2013 - Deutsch.) -- C:\Windows\Installer\{90150000-001F-0407-1000-0000000FF1C
E}\misc.exe,6
s 2013 - English.) -- C:\Windows\Installer\{90150000-001F-0409-1000-0000000FF1CE
}\misc.exe,6
O90 - PUC: "00005109F100A0C00100000000F01FEC" . (.Microsoft Office Proofing Tool
s 2013 - Espaol.) -- C:\Windows\Installer\{90150000-001F-0C0A-1000-0000000FF1CE}\
misc.exe,6
O90 - PUC: "00005109F100C0400100000000F01FEC" . (.Outils de vrification linguisti
que 2013 de Microsoft Office- Franais.) -- C:\Windows\Installer\{90150000-001F-040
C-1000-0000000FF1CE}\misc.exe,6
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Wi
ndows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\I
nstaller\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe
O90 - PUC: "11F45BA4C8F23E110BF98BCAF6798BE8" . (.Google Earth Plug-in.) -- C:\W
indows\Installer\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}\ARPPRODUCTICON.exe =>.G
oogle Inc
O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:
\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
O90 - PUC: "16525446F96163A42AFF5B1E81CE565F" . (.ASUS SmartLogon.) -- C:\Window
s\Installer\{64452561-169F-4A36-A2FF-B5E118EC65F5}\_294823.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Comp
act Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B
8}\ProductIcon
O90 - PUC: "21F1DBD139DE0C947ACC65BCED841885" . (.ASUS LifeFrame3.) -- C:\Window
s\Installer\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}\_853F67D554F05449430E7E.exe
O90 - PUC: "22CF704AFB6328C45A61959DB45C509A" . (.System Requirements Lab Detect
ion.) -- C:\Windows\Installer\{A407FC22-36BF-4C82-A516-59D94BC505A9}\icon.ico
O90 - PUC: "38E1FB04BE028D11795C00905C206085" . (.Power2Go.) -- C:\Windows\Insta
ller\{40BF1E83-20EB-11D8-97C5-0009C5020658}\ARPPRODUCTICON.exe
O90 - PUC: "3F7A4F31CBAE1624FAB6317177F77055" . (.Fast Boot.) -- C:\Windows\Inst
aller\{13F4A7F3-EABC-4261-AF6B-1317777F0755}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "46289B33988A31940AAC3C467A05233B" . (.ASUS Power4Gear Hybrid.) -- C:
\Windows\Installer\{33B98264-A889-4913-A0CA-C364A75032B3}\_6FEFF9B68218417F98F54
9.exe
O90 - PUC: "50E7C3A773EE6D74991EE20BA5D33A7F" . (.Skype 6.14.) -- C:\Windows\Inst
aller\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
O90 - PUC: "6760F93DE36159549A712EF899BB4D2D" . (.ASUS AI Recovery.) -- C:\Windo
ws\Installer\{D39F0676-163E-4595-A917-E28F99BBD4D2}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.06) - Fr
anais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.
ico
O90 - PUC: "68DF23614AB14CF4B8528A6C556DF386" . (.Sid Meier's Pirates!.) -- C:\W
indows\Installer\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}\ARPPRODUCTICON.exe
O90 - PUC: "7AB7040836775934BA8925331F3BE456" . (.NVIDIA PhysX.) -- C:\Windows\I
nstaller\{80407BA7-7763-4395-AB98-5233F1B34E65}\icon.ico
O90 - PUC: "7FDAC8786DB592A46A4FCA150CEC0886" . (.Alcor Micro USB Card Reader.)
-- C:\Windows\Installer\{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}\ARPPRODUCTICON.ex
e
O90 - PUC: "884FD4BEFEAAF6043A14BCA2AA13B509" . (.Windows Live Messenger.) -- C:
\Windows\Installer\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}\MsblIco.Exe
O90 - PUC: "8D7961433299E5444BA225E9A599BCA7" . (.syncables desktop SE.) -- C:\W
indows\Installer\{341697D8-9923-445E-B42A-529E5A99CB7A}\ARPPRODUCTICON.exe
O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:
\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
O90 - PUC: "9EBF5A643BDA39441ACC4BFCDF422DA6" . (.Windows Live Family Safety.) - C:\Windows\Installer\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}\fssicon.ico
O90 - PUC: "B0AFE77B3DB92214F9A9519A365BAE42" . (.Intel(R) Turbo Boost Technolog
y Monitor 2.0.) -- C:\Windows\Installer\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}\A
RPPRODUCTICON.exe
O90 - PUC: "C1220518E7F87994DAE4FAED7E4F4B01" . (.Wireless Console 3.) -- C:\Win
dows\Installer\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}\_853F67D554F05449430E7E.ex
e
O90 - PUC: "C971C95CD8669A946BAE1012CCCF2134" . (.LabelPrint.) -- C:\Windows\Ins
taller\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe
O90 - PUC: "D25657E31B99E7141B36EB3FC3DAF361" . (.League of Legends.) -- C:\Wind
ows\Installer\{3E75652D-99B1-417E-B163-BEF33CAD3F16}\lol.launcher_1.exe
O90 - PUC: "D409084BF37F37640B43A8F594C21948" . (.Nuance PDF Reader.) -- C:\Wind
ows\Installer\{B480904D-F73F-4673-B034-8A5F492C9184}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\
Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "E19212F84440D1B49B9F34077AE343D6" . (.WinFlash.) -- C:\Windows\Insta

ller\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon
O90 - PUC: "E339C5BAD7C503D43B41C9384AB949EB" . (.ATK Package.) -- C:\Windows\In
staller\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_294823.exe
O90 - PUC: "EC9BCB90B469ADB4EA645B0ABAFED1F3" . (.Sonic Focus.) -- C:\Windows\In
staller\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}\ARPPRODUCTICON.exe
~ Update Products: 270 Scanned in 00mn 00s
---\\ Enumre les donnes de la cl NameSpace (MNS) (O92)

O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf}
~ MNS: 1 Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)

[MD5.EDDA9D60E7469FCA89A5C8227287DF0E] [WIS][5/11/2013] (.Synopsys - Sonic Focus
.) -- C:\Windows\Installer\1199f.msi [3169280]
[MD5.F4E523DB5B0E4D56CE80322897F7DD97] [WIS][11/08/2010] (.Alcor Micro Corp. - A
mIcoSinglun.) -- C:\Windows\Installer\119a4.msi [1442816]
[MD5.78B1C27701A7872C2150F90458E966EA] [WIS][5/11/2013] (.Intel - Intel(R) Turbo
Boost Technology Monitor 2.0.) -- C:\Windows\Installer\119cd.msi [11380224]
[MD5.4E777DA5E38DCAE3A23ED3E3F8EE9902] [WIS][12/11/2004] (.Firaxis Games - Sid M
eier's Pirates!.) -- C:\Windows\Installer\19a1c3b.msi [2360452]
[MD5.E4AF16B0574B2598AADD353A35A3722B] [WIS][29/01/2014] (.Adobe - Blank Project
Template.) -- C:\Windows\Installer\460a83.msi [2211328]
[MD5.78B41A323699DAF1C25265890733BE26] [WIS][29/01/2014] (.Adobe - Blank Project
Template.) -- C:\Windows\Installer\460a8b.msi [1997312]
[MD5.40D5CB3E26B59A8BAEDC6C1A8C8FF838] [WIS][18/02/2014] (.MetaGeek, LLC - inSSI
Der Office.) -- C:\Windows\Installer\58ffd5.msi [6082560]
[MD5.A11C009B32F99CF496D1FE4E321CC673] [WIS][14/03/2014] (.Husdawg, LLC - System
Requirements Lab Detection.) -- C:\Windows\Installer\67e1e2.msi [626688]
[MD5.A038848D4DAF4F450803587593719FF3] [WIS][14/03/2014] (.Skype Technologies S.
A. - Skype.) -- C:\Windows\Installer\97a3e1.msi [25624576]
[MD5.7C7D02806046FE56308ADB8B0E228495] [WIS][12/04/2011] (.syncables - syncables
desktop.) -- C:\Windows\Installer\b8738.msi [114234368]
[MD5.C35C74E76727FA35E106C0EB601C97FA] [WIS][17/09/2010] (.Trend Micro Inc. - Pr
otection Against Viruses.) -- C:\Windows\Installer\b874b.msi [1285120]
[MD5.DB412E021C8721F3F5EBC82C8796E31D] [WIS][5/02/2014] (.Riot Games - League of
Legends.) -- C:\Windows\Installer\cdaa1a.msi [3681280]
~ WIS: 274 Scanned in 00mn 39s
---\\ Recherche de cls de registre Tracing (O100)

HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE10
1_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE10
1_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>To
olbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.Torrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.Torrent
~ BTK: 104 Scanned in 00mn 00s
---\\ Etat gnral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 31/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems
Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.ex
e
SS - | Demand 17/09/2010 267480 | (Amsp) . (.Trend Micro Inc..) - C:\Program Fi
les\Trend Micro\AMSP\coreServiceShell.exe
SS - | Auto 7/11/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (
x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 7/11/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program File
s (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 3/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\P
rogram Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 7/03/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.)
- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Pro
gram Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.
) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.
) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.d
ll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 20/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated
.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 3/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Wind
ows\system32\FBAgent.exe
SR - | Auto 15/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x8
6)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86
)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 25/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Pro
gram Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 5/10/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files
(x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 5/02/2014 1593632 | (NvNetworkService) . (.NVIDIA Corporation.) - C
:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 5/02/2014 16941856 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Pr
ogram Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 4/03/2014 922968 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\sy
stem32\nvvsvc.exe
SR - | Auto 4/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\P
rogram Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Demand 17/09/2010 241488 | (TiMiniService) . (.Trend Micro Inc..) - C:\P
rogram Files\Trend Micro\Titanium\TiMiniService.exe
SR - | Demand 29/11/2010 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\
Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 5/10/2010 2655768 | (UNS) . (.Intel Corporation.) - C:\Program File
s (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\W
indows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Mi
crosoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 10s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)

Run by Armin Metovic at 16/04/2014 10:21:24
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog
Run by Armin Metovic at 16/04/2014 10:21:26
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Liste des mulateurs de CD/DVD (MBR Hook)

O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON T
ools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)

Database Version : 13044 - (16/04/2014)
Cls trouves (Keys found) : 10
Valeurs trouves (Values found) : 4
Dossiers trouvs (Folders found) : 8
Fichiers trouvs (Files found) : 3
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitT
orrent^
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolb
ar.Agent
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP
.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8E
EE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Bab
ylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}]
=>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent
^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.M
obogenie^
C:\Program Files (x86)\Mobogenie =>PUP.Mobogenie^
C:\ProgramData\PMB Files =>P2P.Pando^
C:\Users\Armin Metovic\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\Armin Metovic\AppData\Roaming\uTorrent =>P2P.Torrent^
C:\Users\Armin Metovic\AppData\Local\genienext =>PUP.NextLive^
C:\Users\Armin Metovic\AppData\Local\Mobogenie =>PUP.Mobogenie^
C:\Users\Armin Metovic\AppData\Local\PMB Files =>P2P.Pando^
C:\ProgramData\Partner =>Spyware.Partner
C:\Windows\AutoKMS\AutoKMS.exe =>Trojan.Keygen^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 314984 Items scanned in 00mn 37s
---\\ Rcapitulatif des dtections trouves sur votre station

http://nicolascoolman.webs.com/apps/blog/show/41034005-pup-mobogenie =>PUP.Mobo
genie
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolba
r.Conduit
http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adw
are.InstallCore
http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextL
ive
http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.Whi
tesmoke
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Ba
bylon
http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spywar
e.Partner
~ MSI: 7 link(s) detected in 00mn 00s
End of the scan (2286 lines in 07mn 37s)(4)

ZHPDiag Rapport

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

ZHPDiag Rapport

Hochgeladen von

Copyright:

Verfügbare Formate

~ Rapport de ZHPDiag v2014.4.16.

27 - Nicolas Coolman (16/04/2014)

---\\ Informations sur les produits Windows

~ %StartMenu% : C:\Users\Armin Metovic\AppData\Roaming\Microsoft\Windows\Start M

Key (Free 12 Go of 15 Go)

---\\ Etat du Centre de Scurit Windows

---\\ Recherche particulire de fichiers gnriques

---\\ Etat des fichiers cachs (Cach/Total)

---\\ Processus lancs

86)\ASUS\Splendid\ACMON.exe [82944] [PID.2788]

---\\ Google Chrome, Dmarrage,Recherche,Extensions (G0,G1,G2)

t! Online Security v.9.0.2018.93, (Dsactiv)

---\\ Liste des dossiers d'extension Google Chrome

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

---\\ Internet Explorer, Dmarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

---\\ Internet Explorer, Proxy Management (R5)

---\\ Hosts file redirection (O1)

---\\ Browser Helper Objects de navigateur (O2)

---\\ Internet Explorer Toolbars (O3)

---\\ Autres liens utilisateurs (O4)

.The Audacity Team

O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - M

O4 - GS\SystemTools [Armin Metovic]: Internet Explorer (No Add-ons).lnk . (.Micr

Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe

---\\ Applications lances au dmarrage du systme (O4)

tchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBo

---\\ Invisibilit de l'icne d'options IE dans le panneau de Configuration (O5)

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseu

---\\ Modification Domaine/Adresses DNS (O17)

---\\ Protocole additionnel (O18)

---\\ Valeur de Registre AppInit_DLLs et sous-cls Winlogon Notify (autorun) (O20)

---\\ Valeur de Registre AppInit_DLLs et sous-cls Winlogon Notify (autorun) (O20)

---\\ Cl de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

---\\ Liste des services NT non Microsoft et non dsactivs (O23)

---\\ Enumration Active Desktop & MHTML Editor (O24)

---\\ Enumre les donnes de BootExecute (BEX) (O34)

---\\ Tches planifies en automatique (O39)

---\\ Composants installs (ActiveSetup Installed Components) (O40)

l\WinMail.exe =>.Microsoft Corporation

---\\ Pilotes lancs au dmarrage du systme (O41)

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft

---\\ Logiciels installs (O42)

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [H

---\\ HKCU & HKLM Software Keys

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

Tools Lite =>.DT Soft Ltd

O43 - CFD: 13/07/2009 - 22:32:38 - [37,357] ----D C:\Program Files (x86)\Referen

O43 - CFD: 7/11/2013 - 11:13:08 - [151,550] ----D C:\Program Files (x86)\Common

O43 - CFD: 5/11/2013 - 17:31:12 - [3,877] ----D C:\ProgramData\Ralink Driver

oaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Secur

---\\ Derniers fichiers modifis ou cres sous Windows et System32 (O44)

O44 - LFC:[MD5.14257E59C8452DCC38B8D55DEDC6EE0D] - 8/04/2014 - 13:47:12 ---A- .

---\\ Derniers fichiers crs dans Windows Prefetcher (O45)

---\\ Dni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Security Packages . (.Microsoft

Corporation Corporation Corporation Corp. - LiveS

---\\ Contrle du Safe Boot (CSB) (O49)

---\\ Cl de registre Shell MountPoints2 (MPKS) (O51)

---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPE

---\\ Enumration des cls de registre StartupReg (SMSR) (O53)

---\\ Enumration des cls de registre SecurityProviders (MCSP) (O54)

---\\ Enumration des cls de registre PoliciesSystem (MWPS) (O55)