cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Aurélie BLOUIN (administrator) on PORTABLE on 04-02-2014 12:13:02
Running from C:\Users\Aurélie BLOUIN\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: French Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Canal+ Active) C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(SFR) C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
(Google Inc.) C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-27] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-04] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [Google Update] - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-07] (Google Inc.)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [Facebook Update] - C:\Users\Aurélie BLOUIN\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-27] (Facebook Inc.)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [EPSON SX100 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [221696 2008-02-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [EE339EE6D0C8787943B6C7587B4B9CFC6120AAEC._service_run] - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-23] (Google Inc.)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\Run: [EPSON SX100 Series (Copie 1)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [221696 2008-02-05] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: {0bc2787d-1b19-11e1-8a49-1c7508d99074} - E:\SFR.exe
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: {0bc27884-1b19-11e1-8a49-1c7508d99074} - E:\SFR.exe
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: {7731fed4-6adc-11e1-a6c1-00a0c6000000} - E:\SFR.exe
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: {a0b164c2-f24b-11e0-ae2f-1c7508d99074} - E:\SamsungKiesInstaller.exe
HKU\S-1-5-21-1117411301-2684473298-107850174-1001\...\MountPoints2: {c12b36b6-0576-11e1-85ec-1c7508d99074} - E:\LaunchU3.exe -a

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKLM - {216304DD-98C2-0610-9872-317F6E4BFD77} URL = http://search.imesh.com//web?src=ieb&appid=20&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Aurélie BLOUIN\AppData\Roaming\Mozilla\Firefox\Profiles\is23mo0n.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canalplus.fr/Assistants VOD,version=1.0.0.0 - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\npcpvod.dll (Canal+ Active)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Aurélie BLOUIN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-12-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-04]

Chrome:
=======
CHR Extension: (Documents Google) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-14]
CHR Extension: (Google Drive) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-07]
CHR Extension: (YouTube) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-24]
CHR Extension: (Recherche Google) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-24]
CHR Extension: (Google Wallet) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-24]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\AURLIE~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-10-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-04]
CHR StartMenuInternet: Google Chrome - C:\Users\Aurélie BLOUIN\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-04] (AVAST Software)
R2 CanalPlus.VOD; C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [188416 2010-07-06] (Canal+ Active)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 SFR.DashBoard.Service; C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe [14488 2010-03-16] (SFR)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-04] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-04] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-04] ()
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203320 2012-05-21] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys 0ACC3F49015E628590CA4372322EB46B
C:\Windows\system32\drivers\aswRdr2.sys 679712B7A353EE665B9301592164A172
C:\Windows\System32\Drivers\aswRvrt.sys C04F7B373881009D7994D9BF55D24AB4
C:\Windows\system32\drivers\aswSnx.sys 43599E630DFC30AD4E6A2B4B269EB1C0
C:\Windows\system32\drivers\aswSP.sys F22DE5F5BA8ADA0A861441B624B51EB5
C:\Windows\system32\drivers\aswStm.sys FD3EA14ADF6216BDF4030DB2EFD43D96
C:\Windows\System32\Drivers\aswVmm.sys 90399625F341AB76BA4B85A5E860EB1F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E642491F64E58CD5BC8FB8B347DCF65F
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 1384872112E8E7FD5786ECEB8BDDF4C9
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 2D18C9E1F23970DE32D78D3B1CDDA0A7
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys CAA8BC6737DFA3BF1A50175CFB226788
C:\Windows\System32\drivers\RTKVHD64.sys F5872A11EB4F6DB170D636CD4E53CA9F
C:\Windows\System32\drivers\IntcHdmi.sys 88A20FA54C73DED4E8DAC764E9130AE9
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\k57nd60a.sys 37E053A2CF8F0082B689ED74106E0CEC
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 23488767CB18FC3FF39E3AF1DB3FB02C
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys C6B88D62F20AC646C6BD5C032EC2FAF9
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mwlPSDFilter.sys 6FFECC25B39DC7652A0CEC0ADA9DB589
C:\Windows\System32\DRIVERS\mwlPSDNServ.sys 0BEFE32CA56D6EE89D58175725596A85
C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys D43BC633B8660463E446E28E14A51262
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys ACE8C64C57E4A711473C8BC10ADF692B
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\system32\drivers\NTIDrvr.sys EE3BA1024594D5D09E314F206B94069E
C:\Windows\System32\DRIVERS\NuidFltr.sys 317020D31F1696334679B9D0416EB62E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\point64.sys 4F0878FD62D5F7444C5F1C4C66D9D293
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RtsUStor.sys 44ED82612403021E36998E1ECB1198F1
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssadbus.sys 8F8324ED1DE63FFC7B1A02CD2D963C72
C:\Windows\System32\DRIVERS\ssadmdfl.sys 58221EFCB74167B73667F0024C661CE0
C:\Windows\System32\DRIVERS\ssadmdm.sys 4DA7C71BFAC5AD71255B7E4CAB980163
C:\Windows\System32\DRIVERS\sscdbus.sys ED161B91FDF7EAA39469D72D463D5F4E
C:\Windows\System32\DRIVERS\sscdmdfl.sys 4CB09E77593DBD8D7AF33B37375CA715
C:\Windows\System32\DRIVERS\sscdmdm.sys C7B4CF53497A6E5363F3439427663882
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\System32\DRIVERS\ssudserd.sys 5347940CDD29B66C0FC1747274BA5FF0
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 064A2530A4A7C7CEC1BE6A1945645BE4
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\system32\drivers\UBHelper.sys A17D5E1A6DF4EAB0A480F2C490DE4C9D
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys F98415E5B83742C901D0A336972509A0
C:\Windows\System32\DRIVERS\ZTEusbnet.sys A11DC648D2164FCDEB36ACBF52808E30
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys F98415E5B83742C901D0A336972509A0
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys F98415E5B83742C901D0A336972509A0
C:\Windows\System32\DRIVERS\ZTEusbvoice.sys F98415E5B83742C901D0A336972509A0

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 12:13 - 2014-02-04 12:13 - 00035562 _____ () C:\Users\Aurélie BLOUIN\Desktop\FRST.txt
2014-02-04 12:12 - 2014-02-04 12:13 - 00000000 ____D () C:\FRST
2014-02-04 12:12 - 2014-02-04 12:12 - 02080256 _____ (Farbar) C:\Users\Aurélie BLOUIN\Desktop\FRST64.exe
2014-02-04 12:06 - 2014-02-04 12:06 - 00000000 ____D () C:\Users\Aurélie BLOUIN\AppData\Roaming\AVAST Software
2014-02-04 12:05 - 2014-02-04 12:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-04 12:05 - 2014-02-04 12:05 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-04 12:05 - 2014-02-04 12:05 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-04 12:05 - 2014-02-04 12:05 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-04 12:04 - 2014-02-04 12:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-04 12:03 - 2014-02-04 12:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 12:00 - 2014-02-04 12:03 - 90582312 _____ (AVAST Software) C:\Users\Aurélie BLOUIN\Downloads\avast_free_antivirus_setup_rcn.exe
2014-02-02 20:58 - 2014-02-02 20:58 - 00063564 _____ () C:\Users\Aurélie BLOUIN\Desktop\JRT.txt
2014-02-02 19:08 - 2014-02-02 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-02-02 19:04 - 2014-02-02 19:04 - 00016350 _____ () C:\Users\Aurélie BLOUIN\Desktop\AdwCleaner[S0].txt
2014-02-02 19:00 - 2014-02-02 19:11 - 00000000 ____D () C:\AdwCleaner
2014-02-02 18:59 - 2014-02-02 19:00 - 01166132 _____ () C:\Users\Aurélie BLOUIN\Downloads\adwcleaner.exe
2014-02-01 09:10 - 2014-02-01 09:11 - 00084543 _____ () C:\Users\Aurélie BLOUIN\Downloads\Dépense mensuelle (1).xlsx
2014-02-01 09:06 - 2014-02-01 09:07 - 00084551 _____ () C:\Users\Aurélie BLOUIN\Downloads\Dépense mensuelle.xlsx
2014-01-27 07:01 - 2014-01-27 07:01 - 00000000 ____D () C:\ProgramData\2F39E
2014-01-23 18:58 - 2014-01-23 18:59 - 12013792 _____ () C:\Users\Aurélie BLOUIN\Downloads\gu4setup.exe
2014-01-19 08:45 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-19 08:45 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-19 08:45 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-19 08:45 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-08 20:12 - 2014-01-23 19:04 - 00002990 _____ () C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-08 20:10 - 2014-01-08 20:11 - 11965000 _____ () C:\Users\Aurélie BLOUIN\Downloads\Glary_Utilities_v4.4.0.86.exe

==================== One Month Modified Files and Folders =======

2014-02-04 12:13 - 2014-02-04 12:13 - 00035562 _____ () C:\Users\Aurélie BLOUIN\Desktop\FRST.txt
2014-02-04 12:13 - 2014-02-04 12:12 - 00000000 ____D () C:\FRST
2014-02-04 12:12 - 2014-02-04 12:12 - 02080256 _____ (Farbar) C:\Users\Aurélie BLOUIN\Desktop\FRST64.exe
2014-02-04 12:09 - 2012-04-01 15:47 - 00001084 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-04 12:06 - 2014-02-04 12:06 - 00000000 ____D () C:\Users\Aurélie BLOUIN\AppData\Roaming\AVAST Software
2014-02-04 12:06 - 2014-02-04 12:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-04 12:05 - 2014-02-04 12:05 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-04 12:05 - 2014-02-04 12:05 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-04 12:05 - 2014-02-04 12:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-04 12:05 - 2014-02-04 12:05 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-04 12:04 - 2014-02-04 12:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-04 12:03 - 2014-02-04 12:03 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-04 12:03 - 2014-02-04 12:00 - 90582312 _____ (AVAST Software) C:\Users\Aurélie BLOUIN\Downloads\avast_free_antivirus_setup_rcn.exe
2014-02-04 12:02 - 2011-03-19 00:37 - 01418424 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 11:56 - 2012-02-08 09:14 - 00000000 ____D () C:\Users\Aurélie BLOUIN\Desktop\DIVERS
2014-02-04 11:53 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 11:53 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 11:52 - 2011-10-07 16:47 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1117411301-2684473298-107850174-1001UA.job
2014-02-04 11:49 - 2013-10-04 20:28 - 00000000 ___RD () C:\Users\Aurélie BLOUIN\Google Drive
2014-02-04 11:48 - 2014-01-03 23:26 - 00000350 _____ () C:\Windows\Tasks\GlaryInitialize 4.job
2014-02-04 11:47 - 2014-01-03 23:26 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2014-02-04 11:46 - 2014-01-03 23:42 - 00002572 _____ () C:\Windows\setupact.log
2014-02-04 11:46 - 2012-04-01 15:47 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 11:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 21:26 - 2011-10-24 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-02-02 20:58 - 2014-02-02 20:58 - 00063564 _____ () C:\Users\Aurélie BLOUIN\Desktop\JRT.txt
2014-02-02 19:11 - 2014-02-02 19:00 - 00000000 ____D () C:\AdwCleaner
2014-02-02 19:08 - 2014-02-02 19:08 - 00000000 ____D () C:\Windows\ERUNT
2014-02-02 19:04 - 2014-02-02 19:04 - 00016350 _____ () C:\Users\Aurélie BLOUIN\Desktop\AdwCleaner[S0].txt
2014-02-02 19:00 - 2014-02-02 18:59 - 01166132 _____ () C:\Users\Aurélie BLOUIN\Downloads\adwcleaner.exe
2014-02-02 19:00 - 2012-05-15 18:23 - 00000964 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1117411301-2684473298-107850174-1001UA.job
2014-02-01 13:58 - 2011-10-07 16:49 - 00002411 _____ () C:\Users\Aurélie BLOUIN\Desktop\Google Chrome.lnk
2014-02-01 09:11 - 2014-02-01 09:10 - 00084543 _____ () C:\Users\Aurélie BLOUIN\Downloads\Dépense mensuelle (1).xlsx
2014-02-01 09:07 - 2014-02-01 09:06 - 00084551 _____ () C:\Users\Aurélie BLOUIN\Downloads\Dépense mensuelle.xlsx
2014-01-27 20:28 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-01-27 07:01 - 2014-01-27 07:01 - 00000000 ____D () C:\ProgramData\2F39E
2014-01-27 06:40 - 2012-04-15 18:57 - 00001002 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 06:34 - 2011-03-19 09:28 - 00704714 _____ () C:\Windows\system32\perfh00C.dat
2014-01-27 06:34 - 2011-03-19 09:28 - 00130988 _____ () C:\Windows\system32\perfc00C.dat
2014-01-27 06:34 - 2009-07-14 06:13 - 01549936 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-26 10:00 - 2012-05-15 18:23 - 00000942 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1117411301-2684473298-107850174-1001Core.job
2014-01-23 19:04 - 2014-01-08 20:12 - 00002990 _____ () C:\Windows\System32\Tasks\GU4SkipUAC
2014-01-23 19:04 - 2014-01-03 23:27 - 00001084 _____ () C:\Users\Public\Desktop\Glary Utilities 4.lnk
2014-01-23 19:04 - 2014-01-03 23:26 - 00002664 _____ () C:\Windows\System32\Tasks\GlaryInitialize 4
2014-01-23 19:03 - 2011-10-09 11:09 - 00000000 ____D () C:\Users\Aurélie BLOUIN\AppData\Local\Samsung
2014-01-23 19:03 - 2011-10-09 10:51 - 00000000 ____D () C:\Users\Aurélie BLOUIN\AppData\Roaming\Samsung
2014-01-23 19:03 - 2011-10-09 10:51 - 00000000 ____D () C:\ProgramData\Samsung
2014-01-23 19:03 - 2010-11-22 13:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-23 18:59 - 2014-01-23 18:58 - 12013792 _____ () C:\Users\Aurélie BLOUIN\Downloads\gu4setup.exe
2014-01-22 18:52 - 2011-10-07 16:47 - 00001062 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1117411301-2684473298-107850174-1001Core.job
2014-01-22 18:41 - 2009-07-14 05:45 - 00421840 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 21:15 - 2011-10-01 10:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-20 21:13 - 2013-08-18 19:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-20 21:10 - 2011-10-06 17:29 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-19 08:33 - 2011-10-27 10:22 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-11 19:06 - 2009-07-14 06:08 - 00032482 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-08 20:11 - 2014-01-08 20:10 - 11965000 _____ () C:\Users\Aurélie BLOUIN\Downloads\Glary_Utilities_v4.4.0.86.exe
2014-01-06 09:38 - 2014-01-03 23:26 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-01-05 16:50 - 2013-06-20 14:13 - 00000000 ____D () C:\Users\Aurélie BLOUIN\Desktop\lili

Some content of TEMP:
====================
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\64996uninstall.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\89686uninstall.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\APNStub.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\AskSLib.dll
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\BackupSetup.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\Comptabilité Personnelle_installation.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\contentDATs.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\FxLight_Setup_Gestionnaire_Connexion_SFR.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\Installhelper.dll
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\install_flashplayer11x64_mssd_aih.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\install_reader10_fr_mssa_aih.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\Kies_Real_Setup.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\ose00000.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\setup.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\Sqlite3.dll
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\wusetup.exE
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\Xvid.dll
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\_is6528.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\_is87F4.exe
C:\Users\Aurélie BLOUIN\AppData\Local\Temp\_is8B1F.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {6c4ba28b-5201-11e0-ba8e-9b0c081aaa05}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {6c4ba28d-5201-11e0-ba8e-9b0c081aaa05}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {6c4ba28b-5201-11e0-ba8e-9b0c081aaa05}
nx OptIn

Chargeur de d‚marrage Windows
-----------------------------
identificateur {6c4ba28d-5201-11e0-ba8e-9b0c081aaa05}
device ramdisk=[C:]\Recovery\6c4ba28d-5201-11e0-ba8e-9b0c081aaa05\Winre.wim,{6c4ba28e-5201-11e0-ba8e-9b0c081aaa05}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\6c4ba28d-5201-11e0-ba8e-9b0c081aaa05\Winre.wim,{6c4ba28e-5201-11e0-ba8e-9b0c081aaa05}
systemroot \windows
nx OptIn
winpe Yes

Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {6c4ba28b-5201-11e0-ba8e-9b0c081aaa05}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes

ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}

ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de p‚riph‚rique
-----------------------
identificateur {6c4ba28e-5201-11e0-ba8e-9b0c081aaa05}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\6c4ba28d-5201-11e0-ba8e-9b0c081aaa05\boot.sdi



LastRegBack: 2014-02-02 21:19

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité