cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by romain (administrator) on ROMAIN-PC on 17-07-2015 11:54:39
Running from C:\Users\romain\Desktop
Loaded Profiles: romain (Available Profiles: romain)
Platform: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Raxco Software, Inc.) D:\Program Files\Raxco Perfectdisk10\PDAgent.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(SFR) C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Raxco Software, Inc.) D:\Program Files\Raxco Perfectdisk10\PDAgentS1.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SFB\SmartRestarter.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Efficient Software) C:\Program Files\EfficientPIM Free\EfficientPIMFree.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Corel) C:\Program Files\Common Files\Corel\Standby\Standby.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [EfficientPIMFree] => [X]
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2474900282-185326158-1464080906-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2474900282-185326158-1464080906-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5529880 2015-03-13] (Piriform Ltd)
Startup: C:\Users\romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EfficientPIM Free.lnk [2014-03-07]
ShortcutTarget: EfficientPIM Free.lnk -> C:\Program Files\EfficientPIM Free\EfficientPIMFree.exe (Efficient Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\romain\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\romain\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\romain\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\romain\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
BootExecute: PDBoot.exeautocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.fr
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN10398&gct=hp&dc=EU&locale=fr_FR
HKU\S-1-5-21-2474900282-185326158-1464080906-1000\Software\Microsoft\Internet Explorer\Main,Default_search_url = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope value is missing
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-11] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll [2008-09-10] (Adobe Systems Incorporated.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68041A16-AD1E-4071-8389-B663A860AC1C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C8F845AD-D270-433E-953B-21B39F4B8D74}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E32DD419-A14D-4652-9997-685E61387173}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E51211FB-6A48-48DF-8069-26F7DC0D45AF}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Ask.com
FF Homepage: https://www.google.fr/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2014-09-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2014-09-11] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\abs@avira.com [2015-07-03]
FF Extension: No Name - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\nostmp [2011-06-20]
FF Extension: FoxLingo - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-09-17]
FF Extension: S3.Google Translator - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\s3google@translator.xpi [2013-12-27]
FF Extension: Flagfox - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Download YouTube Videos as MP4 - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-17]
FF Extension: Video DownloadHelper - C:\Users\romain\AppData\Roaming\Mozilla\Firefox\Profiles\hct6yq2l.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-10-22]

Chrome:
=======
CHR Profile: C:\Users\romain\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\romain\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2012-07-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pfcgjlglddicjopgimohdcbmabacamll] - No Path Or update_url value

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
S3 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1187336 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
R2 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [217088 2011-01-20] (Teruten) [File not signed]
R2 PDAgent; D:\Program Files\Raxco Perfectdisk10\PDAgent.exe [918792 2009-01-13] (Raxco Software, Inc.)
S3 PDEngine; D:\Program Files\Raxco Perfectdisk10\PDEngine.exe [1021192 2009-01-13] (Raxco Software, Inc.)
R2 SFR.DashBoard.Service; C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe [21424 2011-03-04] (SFR)
S4 Uvnc_service; C:\Program Files\UltraVNC Addons\uvnc_service.exe [63296 2007-06-04] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [108448 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136728 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [286248 2010-03-06] (Broadcom Corporation.)
U3 Crcassipt; No ImagePath
R2 DefragFS; C:\windows\system32\Drivers\DefragFS.sys [71184 2009-01-09] (Raxco Software, Inc.)
R3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [36640 2011-01-20] () [File not signed]
S3 grmnusb; C:\windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R2 npf; C:\windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-06-25] (Windows (R) 2003 DDK 3790 provider)
R1 SLEE_17_DRIVER; C:\windows\system32\drivers\Sleen17.sys [93920 2009-11-18] (Softwareentwicklung Remus - ArchiCrypt )
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-09-17] () [File not signed]
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [31848 2015-06-18] (Avira Operations GmbH & Co. KG)
S3 ssudnflt; C:\windows\System32\DRIVERS\ssudnflt.sys [15936 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 vncdrv; C:\windows\System32\DRIVERS\vncdrv.sys [12104 2007-05-22] (RDV Soft)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 ZTEusbnet; C:\windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-08-21] (ZTE Corporation)
S3 ZTEusbvoice; C:\windows\System32\DRIVERS\ZTEusbvoice.sys [105088 2009-09-19] (ZTE Incorporated)
U3 a4sjslqt; C:\windows\system32\Drivers\a4sjslqt.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

========================== Drivers MD5 =======================

C:\windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\windows\system32\Drivers\adfs.sys 6D7F09CD92A9FEF3A8EFCE66231FDD79
C:\windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\windows\system32\drivers\afd.sys D0B388DA1D111A34366E04EB4A5DD156
C:\windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\windows\System32\Drivers\ssadadb.sys DD8D9C597AF7CD2F6B70A3D6A4A1ACEA
C:\windows\system32\drivers\appid.sys 81F97D8F8B3FB94A451CC6F7CF8B2965
C:\windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\avgntflt.sys 18FB1022DAFC9036ADA9ECF432FAFD06
C:\windows\System32\DRIVERS\avipbb.sys 062494C204553210FFC0FC33EA58EB36
C:\windows\System32\DRIVERS\avkmgr.sys F80F5DCA8A5D9D93CC5BE933D20CAF05
C:\windows\System32\DRIVERS\avnetflt.sys 3303FB85532093FC6723632B5947E8C4
C:\windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\bcmwl6.sys 9E209171C51B1D750F53777253B80E81
C:\windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\windows\System32\drivers\btwampfl.sys 7061FE1715E5ADED120FE4C608609357
C:\windows\System32\drivers\btwaudio.sys A95B2FB3CA7B555B5CB306153F48CED8
C:\windows\System32\DRIVERS\btwavdt.sys 1F9CD885F1C548BE93962CCABDB632E4
C:\windows\System32\DRIVERS\btwl2cap.sys DE53089F0678CB5F0AFEB867ACB0FB05
C:\windows\System32\DRIVERS\btwrchid.sys A2D6C7B7B62A6C42DCB01204A6BD6FC2
C:\windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\windows\System32\CLFS.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\windows\System32\Drivers\cng.sys 3051724F223EA48968B19567DE2A81F4
C:\windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\windows\system32\Drivers\DefragFS.sys 422F9CA18C994D190BE6983F5D941E76
C:\windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\ssudbus.sys 560B0DCE52DFED6623B27C9BAFA6F236
C:\windows\System32\drivers\discache.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\windows\System32\drivers\dxgkrnl.sys 3583A5A8CC2E682BFFBD4630D0FEC08B
C:\windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\fssfltr.sys B0082808A6856A252F7CDD939892CE50
C:\windows\system32\FsUsbExDisk.SYS B07663A810E861EEBFD0EAC7E82CA62D
C:\windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\windows\System32\drivers\grmnusb.sys CEC45180029F1012054A41CEEEA9CEAB
C:\windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\iaStor.sys D483687EACE0C065EE772481A96E05F5
C:\windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\windows\System32\DRIVERS\igdkmd32.sys BA41E1BBA410212CE6D30E0DAC47972B
C:\windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\windows\System32\drivers\RTKVHDA.sys F4427E5DF32CDE359B2E2E5512D18001
C:\windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\windows\System32\Drivers\ksecdd.sys A1F4064171DB9F314BDABA0B43014CA4
C:\windows\System32\Drivers\ksecpkg.sys 8A8BA57DF21630B36B2FAA229AC5B1D1
C:\windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\windows\System32\drivers\massfilter.sys 59A2783ABA6019BED0C843C706E10A6A
C:\windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\windows\System32\drivers\modem.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\windows\System32\drivers\mountmgr.sys 644905A19D0F37F2233DFCE53BC4BC19
C:\windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\windows\system32\drivers\mrxdav.sys 03F899F521D2AAED1C55008F734DF252
C:\windows\System32\DRIVERS\mrxsmb.sys 01C5B803F6E1FDF8F16F0763DA9B997D
C:\windows\System32\DRIVERS\mrxsmb10.sys C48A8284F018BEAAFC7A027A570D9C84
C:\windows\System32\DRIVERS\mrxsmb20.sys C1CC047CE391BB88350379153BC1C8FA
C:\windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\windows\System32\drivers\npf.sys B48DC6ABCD3AEFF8618350CCBDC6B09A
C:\windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\windows\system32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC
C:\windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\windows\System32\drivers\pci.sys ==> MD5 is legit
C:\windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\windows\System32\drivers\peauth.sys AEBC369F7DC72AB3F5B9BDF34FA0D43F
C:\windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\windows\System32\Drivers\PxHelp20.sys D970470F8F39470BDAE94D313A1CCDCE
C:\windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\windows\system32\Drivers\RDPWD.sys CD9214A6AE17D188D17C3CF8CB9CC693
C:\windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\Rt86win7.sys 7DFD48E24479B68B258D8770121155A0
C:\windows\system32\drivers\rtport.sys 41CE6B172542A9A227E34A45881E1D2A
C:\windows\system32\Drivers\SABI.sys 6E5FBB7CBAEC47038B945D5E9B144A64
C:\windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\windows\system32\drivers\Sleen17.sys 6352FA01BD438E88250D534A1A6D22FF
C:\windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\windows\System32\DRIVERS\ssadbus.sys 48F44A1BE434830B7C90FB730745F65A
C:\windows\System32\DRIVERS\ssadmdfl.sys 9630B486B62CC0ADB0A89152ED0218D7
C:\windows\System32\DRIVERS\ssadmdm.sys 9AFAA23421622C392B55508FA9613949
C:\windows\System32\DRIVERS\sscdbus.sys 069351A1D7D291013177A90AE6EDCCBC
C:\windows\System32\DRIVERS\sscdmdfl.sys 1C925BE223A5C0F9F469252292A48DF6
C:\windows\System32\DRIVERS\sscdmdm.sys AE3E77AE0FBDB07EB1AC3FED74A0695E
C:\windows\System32\DRIVERS\ssmdrv.sys 424566865D82AA4BD8D6546C1F2065FA
C:\windows\System32\DRIVERS\ssudmdm.sys 585FDB94DB04AC1C56298D1FD1F1389E
C:\windows\System32\DRIVERS\ssudnflt.sys 0E550D3DDAC4CFC48602C262889590D9
C:\windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\SynTP.sys 069E5728E565BD401347CB94732C4733
C:\windows\System32\drivers\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\windows\System32\DRIVERS\tcpip.sys 5579DD18546999F5D0EC39D018726C6B
C:\windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\windows\System32\DRIVERS\tdx.sys 7FE680A3DFA421C4A8E4879AE4C5AAB0
C:\windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\tssecsrv.sys 6C5139E4283249518F7743D7043775B3
C:\windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463
C:\windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\windows\system32\drivers\usbaudio.sys A1977C315BF5691DA99235AA4A6907AF
C:\windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46
C:\windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\windows\system32\drivers\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6
C:\windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A
C:\windows\system32\drivers\usbohci.sys 9828C8D14CC2676421778F0DE638CF97
C:\windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\usbscan.sys FC6B21DB4B5B398AB93DBE59CBF11036
C:\windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\windows\system32\drivers\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB
C:\windows\System32\Drivers\usbvideo.sys DE014425522610BEDCA3821BB8C0F1D5
C:\windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\windows\System32\drivers\vga.sys ==> MD5 is legit
C:\windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\vncdrv.sys 6A3835B5925A3EBB3C357446FE867824
C:\windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\windows\system32\drivers\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\windows\System32\DRIVERS\yk62x86.sys 30B73EB97218A16CBC6DE535782A1B35
C:\windows\System32\DRIVERS\ZTEusbmdm6k.sys F9D62935E48DED9A2421BE9FAA93D6E8
C:\windows\System32\DRIVERS\ZTEusbnet.sys E9C90EDE4EE66E64222D2C23F45473F7
C:\windows\System32\DRIVERS\ZTEusbnmea.sys F9D62935E48DED9A2421BE9FAA93D6E8
C:\windows\System32\DRIVERS\ZTEusbser6k.sys F9D62935E48DED9A2421BE9FAA93D6E8
C:\windows\System32\DRIVERS\ZTEusbvoice.sys F9D62935E48DED9A2421BE9FAA93D6E8
C:\windows\system32\Drivers\a4sjslqt.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-17 11:54 - 2015-07-17 11:59 - 00036488 _____ C:\Users\romain\Desktop\FRST.txt
2015-07-17 11:53 - 2015-07-17 11:55 - 00000000 ____D C:\FRST
2015-07-17 11:50 - 2015-07-17 11:50 - 01636864 _____ (Farbar) C:\Users\romain\Desktop\FRST.exe
2015-07-17 11:35 - 2015-07-17 11:35 - 00122581 _____ C:\Users\romain\Desktop\ZHPDiag.txt
2015-07-17 10:49 - 2015-07-17 10:53 - 00000000 ____D C:\Users\romain\AppData\Roaming\ZHP
2015-07-17 10:49 - 2015-07-17 10:50 - 00000822 _____ C:\Users\romain\Desktop\ZHPDiag.lnk
2015-07-17 10:32 - 2015-07-17 10:32 - 01840128 _____ C:\Users\romain\Desktop\ZHPDiag3.exe
2015-07-17 10:24 - 2015-07-17 10:28 - 49026264 _____ (Microsoft Corporation) C:\Users\romain\Downloads\Windows-KB890830-V5.26.exe
2015-07-15 18:45 - 2015-07-15 18:46 - 00000140 _____ C:\Users\romain\Desktop\Cde en cours.txt
2015-07-15 10:02 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 10:02 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 10:02 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 10:02 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 10:02 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:02 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:02 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 10:01 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 10:01 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 10:01 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 10:01 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 10:01 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 10:01 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 10:01 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 10:01 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 10:01 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 10:01 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 10:01 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 10:01 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 10:01 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 10:01 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 10:01 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 10:01 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 10:01 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 09:57 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 09:57 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 09:57 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 09:57 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 09:57 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 09:57 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 09:53 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 09:53 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 09:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 09:53 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 09:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 09:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 09:46 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 09:46 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 09:46 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 09:46 - 2015-06-11 17:20 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-15 09:38 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 09:37 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:37 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 09:37 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 09:37 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 09:37 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 09:37 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 09:37 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 09:37 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 09:37 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 09:37 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:37 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:37 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:37 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 09:37 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 09:37 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 09:37 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 09:37 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 09:37 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 09:37 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 09:36 - 2015-07-09 19:44 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-15 09:36 - 2015-07-09 19:43 - 00587264 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-15 09:36 - 2015-07-09 19:42 - 00924160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-15 09:36 - 2015-07-09 19:42 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-15 09:36 - 2015-07-09 19:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-15 09:36 - 2015-07-09 19:42 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-15 09:36 - 2015-07-09 19:42 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-15 09:36 - 2015-07-09 19:34 - 00932864 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-15 09:36 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 09:34 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 09:34 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 09:34 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 09:34 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 09:34 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 09:31 - 2015-07-03 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-15 09:31 - 2015-07-03 19:56 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-15 09:31 - 2015-07-03 19:56 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-15 09:31 - 2015-07-03 19:56 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-15 09:31 - 2015-07-03 18:42 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-15 09:31 - 2015-06-09 21:35 - 02745856 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 09:31 - 2015-06-09 21:35 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:31 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-09 12:58 - 2015-07-09 13:12 - 00000170 _____ C:\Users\romain\Desktop\TRAJETS MAISON_ESCLI_IRFA.txt
2015-07-08 07:37 - 2015-07-17 07:38 - 00000840 _____ C:\windows\setupact.log
2015-07-08 07:37 - 2015-07-08 07:37 - 00000928 _____ C:\windows\PFRO.log
2015-07-08 07:37 - 2015-07-08 07:37 - 00000000 _____ C:\windows\setuperr.log
2015-07-04 10:11 - 2015-07-04 10:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-28 15:12 - 2015-06-28 16:19 - 00000000 ____D C:\Users\romain\AppData\Local\CutePDF Writer
2015-06-28 15:10 - 2015-06-28 15:10 - 00000000 ____D C:\Program Files\GPLGS
2015-06-28 14:59 - 2015-06-28 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
2015-06-28 14:59 - 2015-06-28 14:59 - 00000000 ____D C:\Program Files\Acro Software
2015-06-28 14:59 - 2013-10-23 15:23 - 00089136 _____ C:\windows\system32\cpwmon2k.dll
2015-06-27 12:07 - 2015-06-27 12:08 - 00000174 _____ C:\Users\romain\Desktop\Divers.txt
2015-06-26 09:29 - 2015-06-26 09:30 - 00000177 _____ C:\Users\romain\Desktop\Adresses mails.txt
2015-06-17 01:01 - 2015-06-17 01:01 - 01202856 _____ (Microsoft Corporation) C:\windows\system32\FM20.DLL
2015-06-16 22:20 - 2015-06-16 22:21 - 00000000 ____D C:\Users\romain\Downloads\VLC
2015-06-15 18:28 - 2015-06-15 18:28 - 00000000 ____D C:\Users\romain\AppData\Local\GWX
2015-06-10 14:15 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-10 14:14 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2015-06-10 14:09 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-06-10 14:09 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-06-10 14:09 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-06-10 14:09 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-06-10 14:09 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-06-10 14:09 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-06-10 14:09 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-06-10 14:09 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-06-10 14:08 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-06-10 14:08 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-06-10 14:08 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-06-10 14:08 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-06-10 14:08 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:08 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:08 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-06-10 14:08 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-06-10 14:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-06-10 14:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-06-10 14:08 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-06-10 14:08 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-05 18:46 - 2015-06-05 18:50 - 42203469 _____ C:\Users\romain\Downloads\Marina Kaye - Homeless - Clip officiel.mp4
2015-06-03 18:18 - 2015-06-03 18:18 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-05-13 00:42 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:58 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-12 21:55 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-12 21:55 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-12 21:55 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-12 21:54 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-12 21:54 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-12 21:54 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-12 21:54 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-12 21:54 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-12 21:54 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-12 21:54 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-12 21:52 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-09 11:11 - 2015-05-09 11:24 - 00000211 _____ C:\Users\romain\Downloads\CAPTVTY-Emissions.txt
2015-04-30 22:17 - 2015-04-30 22:17 - 00000000 ___RD C:\Program Files\Skype
2015-04-30 22:17 - 2015-04-30 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-30 22:17 - 2015-04-30 22:17 - 00000000 ____D C:\Program Files\Common Files\Skype

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2080-10-25 09:39 - 2011-01-17 07:25 - 00000380 _____ C:\windows\Faces.prf
2015-07-17 11:54 - 2009-07-14 06:34 - 00023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-17 11:54 - 2009-07-14 06:34 - 00023552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-17 11:16 - 2012-10-19 13:01 - 00001002 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-17 11:12 - 2010-11-12 15:57 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-17 10:57 - 2010-05-20 21:52 - 01853951 _____ C:\windows\WindowsUpdate.log
2015-07-17 09:12 - 2010-11-12 15:57 - 00001054 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-17 08:43 - 2013-11-23 21:24 - 00000000 ____D C:\Users\romain\AppData\Roaming\vlc
2015-07-17 07:38 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-16 22:45 - 2014-01-04 10:18 - 02367488 _____ C:\Users\romain\Desktop\EMPTS_Renaud_20140104.effx
2015-07-16 21:13 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache
2015-07-16 19:04 - 2009-07-26 22:06 - 01677370 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-15 17:57 - 2012-11-26 21:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 17:20 - 2009-07-14 06:33 - 02366456 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-15 17:17 - 2015-04-05 12:05 - 00000000 ___SD C:\windows\system32\GWX
2015-07-15 17:17 - 2014-12-13 09:24 - 00000000 ____D C:\windows\system32\appraiser
2015-07-15 17:17 - 2014-05-06 20:20 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-15 17:17 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\fr-FR
2015-07-15 13:48 - 2013-10-17 19:47 - 00000000 ____D C:\windows\system32\MRT
2015-07-15 13:30 - 2010-09-13 20:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:17 - 2012-09-26 18:44 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-07-15 12:17 - 2012-01-25 00:04 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-13 09:30 - 2011-06-20 22:49 - 00000000 ____D C:\Users\romain\Downloads\Divers
2015-07-11 14:18 - 2013-10-30 11:25 - 00000000 ____D C:\Users\romain\Documents\Efficient Organizer AutoBackup
2015-07-09 21:41 - 2014-03-12 22:57 - 00000000 ____D C:\Users\romain\Desktop\A SORTIR
2015-07-08 08:02 - 2014-08-20 20:35 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-08 08:01 - 2013-11-22 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-08 08:01 - 2013-11-22 21:58 - 00000000 ____D C:\Program Files\Avira
2015-07-08 07:37 - 2012-05-12 12:15 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-05 07:16 - 2012-09-23 14:37 - 00000000 ____D C:\Users\romain\AppData\Roaming\FreeVideoConverter
2015-07-05 07:16 - 2009-07-14 04:04 - 00001416 _____ C:\windows\win.ini
2015-07-03 08:49 - 2010-09-04 18:34 - 127070192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-07-02 11:32 - 2010-10-21 14:06 - 00000000 ____D C:\Users\romain\dwhelper
2015-06-18 23:40 - 2013-11-22 21:58 - 00136728 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-06-18 23:40 - 2013-11-22 21:58 - 00108448 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-06-18 23:40 - 2013-11-22 21:58 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\ssmdrv.sys
2015-06-18 21:44 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories =======

2012-09-28 20:13 - 2012-09-28 20:13 - 0000288 _____ () C:\Users\romain\AppData\Roaming\.backup.dm
2014-01-14 14:08 - 2014-02-08 15:14 - 0000029 _____ () C:\Users\romain\AppData\Roaming\default.rss
2010-12-29 20:27 - 2015-06-04 21:15 - 0069632 _____ () C:\Users\romain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-24 13:35 - 2014-12-05 09:40 - 0004096 ____H () C:\Users\romain\AppData\Local\keyfile3.drm
2013-12-20 15:30 - 2013-12-20 15:30 - 0000025 ____H () C:\ProgramData\.119889580931711767808769176
2013-12-20 15:27 - 2013-12-20 15:27 - 0000021 ____H () C:\ProgramData\.24554863501262644635642126105
2014-09-11 08:25 - 2014-09-11 08:33 - 0000088 __RSH () C:\ProgramData\212F068A3D.sys
2010-08-31 13:58 - 2010-01-16 07:16 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2014-09-11 08:25 - 2015-03-11 22:05 - 0005642 ___SH () C:\ProgramData\KGyGaAvL.sys

Some files in TEMP:
====================
C:\Users\romain\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 13:16

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité