Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Alexandre (administrator) on ALEXANDRE-ACCA on 14-07-2015 17:44:23
Running from C:\Users\Alexandre\Downloads
Loaded Profiles: Alexandre (Available Profiles: Alexandre)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(http://www.emule-project.net) C:\Program Files (x86)\eMule\emule.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-06-02] (Banco do Brasil)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (http://www.emule-project.net)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\MountPoints2: {09d83862-bd90-11e3-92b8-60eb6983a684} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\MountPoints2: {e616ebdd-432a-11e3-b4ba-60eb6983a684} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-05] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-14] (AVAST Software)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll [2010-03-02] (TOSHIBA)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {1788C53C-1A8E-0884-9773-3E56463A7B7B} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {26B155C5-1FC1-9FB4-3B05-685774B3CF03} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4215181699-3049314833-3173697437-1000 -> {1788C53C-1A8E-0884-9773-3E56463A7B7B} URL =
SearchScopes: HKU\S-1-5-21-4215181699-3049314833-3173697437-1000 -> {65D5FF77-D094-4326-879F-051F510BCA04} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-03] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-06-02] (Banco do Brasil)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1889664 2015-06-02] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{104BE113-4244-4D32-B3FB-DBECECF5DDE9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{61E8B3EF-FC98-42DF-8BA6-BE42592CE161}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{61E8B3EF-FC98-42DF-8BA6-BE42592CE161}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{79B01330-5F72-4BC7-B951-4970DB6005E6}: [DhcpNameServer] 192.168.1.1 0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\Alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\kirdt7kt.default-1435820959526
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4215181699-3049314833-3173697437-1000: gastecnologia.com.br/sf/bb -> C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4215181699-3049314833-3173697437-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-03-06] (GAS Tecnologia)
FF Extension: English (GB) Language Pack - C:\Users\Alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\kirdt7kt.default-1435820959526\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2015-07-09]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-01]
FF HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-07-14]
Chrome:
=======
CHR Profile: C:\Users\Alexandre\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-14] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-14] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [579896 2015-04-29] (GAS Tecnologia)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2011-06-15] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2011-06-15] (Alcatel-Lucent) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AlcatelOTnet; C:\Windows\System32\DRIVERS\AlcatelOTUsbnet.sys [138752 2009-12-10] (TCT International Mobile Ltd)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-14] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2012-03-06] (Huawei Technologies Co., Ltd.)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-03-04] (TCT International Mobile Ltd)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-18] (O2Micro )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation )
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-14] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
S3 ZTEMBBMSD; C:\Windows\System32\Drivers\ZTEMBBMSD.sys [19968 2014-09-27] (ZTE Corporation) [File not signed]
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [237056 2014-09-27] (ZTE Incorporated) [File not signed]
S3 catchme; \??\C:\Users\ALEXAN~1\AppData\Local\Temp\catchme.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AlcatelOTUsbnet.sys 808820DEF092FA0A6D93BAE3E5D069CD
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys 9BE9F2B83DE80E2752B1405CC427E2EC
C:\Windows\system32\drivers\aswMonFlt.sys 2DA1C1AEDF454F8E32A863A1AEACDD8C
C:\Windows\system32\drivers\aswRdr2.sys 4750016EF9CC1DEC6DA3FE5AF9A7F095
C:\Windows\System32\Drivers\aswRvrt.sys 1323269A92645705DEFA053F3596829D
C:\Windows\system32\drivers\aswSnx.sys E74FD717476B30E23F45354B8F3ACB30
C:\Windows\system32\drivers\aswSP.sys B1881A01E301990B671694CA1623F1B6
C:\Windows\system32\drivers\aswStm.sys 7509F07BA6F84C1E3B2C0D78A1F6F782
C:\Windows\System32\Drivers\aswVmm.sys 1A5BDDE65B648DC3AD48B6ECAA3AE9C8
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ATSwpWDF.sys 599FDE158B87EB33538FB0CEA1A5813F
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys A7D943BCFB70F1F053C274B348267B55
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\GbpKm.sys 8F866DF9A974BFFDCB2001D303BC0695
C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys E7B993BE3E3C204CEACD1611FA3313E1
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\DRIVERS\ew_jubusenum.sys 1642C62F1FD5E1FF44608283994A7BB8
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 5E60DD5F090AB4A563C7204C289C4650
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\jrdusbser.sys 5678EC677028221EC5C815BCD07AB697
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BF69D973523D539A35807946C6DA7E16
C:\Windows\System32\Drivers\ksecpkg.sys 272C27711C8AA6E7815EE33F8ACA9C66
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys FF60E112FC03F6D0EB74B3BFD7D6B7C9
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 035C83CD72E06C47000793D32B1A642D
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Motive\MREMP50.sys 9BD4DCB5412921864A7AACDEDFBD1923
C:\Program Files\Common Files\Motive\MREMP50a64.SYS C2758DF79C83A0D12A5599A040CA1818
C:\Program Files (x86)\Common Files\Motive\MRESP50.sys 07C02C892E8E1A72D6BF35004F0E9C5E
C:\Program Files\Common Files\Motive\MRESP50a64.SYS 38BD5B32E0722752BE8465D2A6DA43D9
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys A842341EF3C702EF8208E610BE0FD1D9
C:\Windows\System32\DRIVERS\nvlddmkm.sys 6850D89C7ABDD8B4FB0B3659DA961379
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\o2mdgx64.sys E66FE47F60C2E5B9BBF43552771AD569
C:\Windows\System32\DRIVERS\o2sdgx64.sys FA1EED3A10992EBA9A39172B50346434
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\QIOMem.sys C8FCB4899F8B70CC34E0D9876A80963C
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\system32\drivers\regi.sys 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8187Se.sys 3EC7911ED886DC5D8A9F70129254679C
C:\Windows\System32\DRIVERS\rtl8192se.sys A8ED9726734D403217A4861A6788B144
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\System32\DRIVERS\ssudserd.sys 76F7D7217FBDAB77798A2A244ACD641F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 12A35E44D8647985FCDB8D298A590134
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D
C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38
C:\Windows\System32\DRIVERS\tosporte.sys 8021F63311797085949FA387F7C83583
C:\Windows\System32\DRIVERS\tosrfbd.sys 3FA1857F4A99AF19D1F4106697793E0E
C:\Windows\System32\Drivers\tosrfbnp.sys 62512B5277D88600F8BD4B7AEC43569D
C:\Windows\System32\Drivers\tosrfcom.sys C523A9186C39D65CC9ADEBB2E1B93CCD
C:\Windows\System32\DRIVERS\tosrfec.sys F5E3AC4CBCD154EE80849B21887FD0B0
C:\Windows\System32\DRIVERS\Tosrfhid.sys 451B8C1815C6CC39650AF916C2A382CD
C:\Windows\System32\DRIVERS\tosrfnds.sys B6FDC3C76FFE9C5171EEA9C37EA367C2
C:\Windows\System32\drivers\tosrfsnd.sys 7052B10E54B48AF12BD5606596A8E039
C:\Windows\System32\DRIVERS\tosrfusb.sys 8197B0EAE0D804AC3466045DDC5DA98B
C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys 1352B215BDC5807A5641E7C143796DD7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Program Files (x86)\GbPlugin\wsftprp64.sys 9B06D67FEDAABE253A2A68B68F5CBD2A
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys D0335A55E5C3F812548E18300C2ACB62
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files\Diebold\Warsaw\WinDivert64.sys E583E1EA40CADB778820BCB1281CB1E9
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\ZTEMBBMSD.sys 0E98E955929F997AAFA02B4EC67022B6
C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbwwan.sys A5A7F7A58DBE4A0134AA76B0E1F787DC
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 17:44 - 2015-07-14 17:44 - 00041303 _____ C:\Users\Alexandre\Downloads\FRST.txt
2015-07-14 17:43 - 2015-07-14 17:44 - 00000000 ____D C:\FRST
2015-07-14 17:43 - 2015-07-14 17:43 - 02133504 _____ (Farbar) C:\Users\Alexandre\Downloads\FRST64.exe
2015-07-14 12:00 - 2015-07-14 14:02 - 731248640 ____R C:\Users\Alexandre\Downloads\Une Femme Sans Retenue (Marc Dorcel) XXX FRENCH (DVDRip).avi
2015-07-14 12:00 - 2015-07-14 12:23 - 00000000 ____D C:\Users\Alexandre\Downloads\Die.Ballerina.German.XXX.BDRiP.x264-PONE
2015-07-14 11:59 - 2015-07-14 13:44 - 757094802 ____R C:\Users\Alexandre\Downloads\L'Entremetteuse - The Procuress (NEW 2015 Marc Dorcel) WEB-DL.mp4
2015-07-14 11:57 - 2015-07-14 11:57 - 00000000 ____D C:\Users\Alexandre\Downloads\Marc Dorcel - Sienna Day And Anissa Kate - The Billionaire's Daughter - 720p
2015-07-14 11:22 - 2015-07-14 11:22 - 00001600 _____ C:\Users\Alexandre\Desktop\ZHPFixReport.txt
2015-07-14 11:18 - 2015-07-14 11:19 - 00001860 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-07-14 11:18 - 2015-07-14 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-07-14 11:18 - 2015-07-14 11:18 - 00003156 _____ C:\Windows\System32\Tasks\{739F321E-DE91-4514-B4B9-4DCE1131BBEE}
2015-07-14 11:11 - 2015-07-14 11:11 - 00813729 _____ C:\Users\Alexandre\AppData\Roaming\unins000.exe
2015-07-14 11:11 - 2015-07-14 11:11 - 00018295 _____ C:\Users\Alexandre\AppData\Roaming\unins000.dat
2015-07-14 11:11 - 2015-07-14 11:11 - 00000000 ____D C:\Users\Alexandre\AppData\Local\GAS Tecnologia
2015-07-14 11:10 - 2015-05-21 02:06 - 00522040 _____ (GAS Tecnologia) C:\Windows\system32\gbpdist.exe
2015-07-14 11:09 - 2015-07-14 11:10 - 02482048 _____ (Banco do Brasil SA) C:\Users\Alexandre\Downloads\DiagnosticoBB(2).exe
2015-07-14 11:05 - 2015-07-14 11:05 - 03522334 _____ (Nicolas Coolman ) C:\Users\Alexandre\Downloads\ZHPFix.exe
2015-07-13 13:01 - 2015-07-13 13:01 - 00090291 _____ C:\Users\Alexandre\Desktop\ZHPDiag.txt
2015-07-13 12:58 - 2015-07-14 11:22 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\ZHP
2015-07-13 12:58 - 2015-07-13 12:58 - 00000838 _____ C:\Users\Alexandre\Desktop\ZHPDiag.lnk
2015-07-13 12:57 - 2015-07-13 12:58 - 01838592 _____ C:\Users\Alexandre\Downloads\ZHPDiag3.exe
2015-07-10 23:09 - 2015-07-10 23:15 - 00000000 ____D C:\Users\Alexandre\AppData\OICE_15_974FA576_32C1D314_36B3
2015-07-03 22:21 - 2015-07-03 22:20 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-03 22:20 - 2015-07-03 22:20 - 00000000 ____D C:\Program Files\Java
2015-07-03 22:13 - 2015-07-03 22:15 - 43189344 _____ (Oracle Corporation) C:\Users\Alexandre\Downloads\jre-8u45-windows-x64.exe
2015-07-03 22:11 - 2015-07-06 11:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 21:28 - 2015-07-01 22:36 - 734306368 ____R C:\Users\Alexandre\Downloads\OSS.117.Rio.Ne.Repond.Plus.FRENCH.PROPER.READNFO.DVDRiP.avi
2015-07-01 21:27 - 2015-07-01 22:11 - 730652672 ____R C:\Users\Alexandre\Downloads\OSS_117_Le_Caire_nid_d_espions_FRENCH_DVDRip.avi
2015-06-29 15:18 - 2015-06-29 15:19 - 00000000 ____D C:\Users\Alexandre\Downloads\Fury 2014 FANSUB VOSTFR BRRiP XviD AC3-NIKOo
2015-06-29 15:11 - 2015-06-29 16:24 - 1471903407 ____R C:\Users\Alexandre\Downloads\[ www.OMGTORRENT.com ] Jupiter.Ascending.2015.FANSUB.VOSTFR.WEB-DL.XviD-TeamSuW.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 17:43 - 2013-11-02 13:14 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\uTorrent
2015-07-14 17:41 - 2014-12-14 08:37 - 00000000 ____D C:\Program Files (x86)\eMule
2015-07-14 17:41 - 2013-11-20 15:50 - 00000000 ____D C:\Users\Alexandre\AppData\Local\eMule
2015-07-14 17:41 - 2013-11-20 15:50 - 00000000 ____D C:\ProgramData\eMule
2015-07-14 17:18 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 17:18 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 17:15 - 2013-11-03 13:33 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 17:13 - 2015-01-05 08:07 - 00654848 ___SH C:\Users\Alexandre\Downloads\Thumbs.db
2015-07-14 17:13 - 2013-11-01 20:38 - 01720625 _____ C:\Windows\WindowsUpdate.log
2015-07-14 17:10 - 2014-01-29 18:37 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-07-14 17:08 - 2015-05-20 20:01 - 00004668 _____ C:\Windows\setupact.log
2015-07-14 17:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-14 11:27 - 2013-11-01 22:28 - 00125976 _____ C:\Users\Alexandre\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-14 11:26 - 2009-07-14 06:45 - 00465680 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-14 11:25 - 2015-05-20 20:01 - 00012866 _____ C:\Windows\PFRO.log
2015-07-14 11:25 - 2014-01-29 18:37 - 00000000 ____D C:\ProgramData\GbPlugin
2015-07-14 11:19 - 2015-01-14 15:24 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-07-14 11:16 - 2014-01-29 18:37 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-07-14 11:15 - 2015-04-15 19:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-14 11:11 - 2014-08-18 19:21 - 00015791 _____ C:\Users\Alexandre\Downloads\Diagnóstico BB.log
2015-07-14 11:11 - 2014-01-29 18:35 - 00000000 ____D C:\ProgramData\Temp
2015-07-13 22:17 - 2013-11-02 12:33 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\Skype
2015-07-10 10:57 - 2014-07-20 11:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-09 23:23 - 2013-11-01 23:54 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\vlc
2015-07-09 15:16 - 2013-11-03 13:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 15:16 - 2013-11-03 13:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 15:16 - 2013-11-03 13:33 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-06 23:56 - 2015-01-25 08:06 - 00000000 ____D C:\Users\Alexandre\Desktop\Elisa 250115
2015-07-06 11:19 - 2015-01-12 08:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 22:21 - 2013-11-10 02:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-03 22:16 - 2013-11-11 11:35 - 00000000 ____D C:\Users\Alexandre\AppData\Local\Adobe
2015-07-02 09:09 - 2015-01-12 15:10 - 00000000 ____D C:\Users\Alexandre\Desktop\Anciennes données de Firefox
2015-06-26 13:39 - 2013-12-02 03:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-26 13:37 - 2015-01-24 10:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-23 13:30 - 2013-11-01 23:31 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-21 12:29 - 2009-07-14 17:24 - 00747668 _____ C:\Windows\system32\perfh00C.dat
2015-06-21 12:29 - 2009-07-14 17:24 - 00150160 _____ C:\Windows\system32\perfc00C.dat
2015-06-21 12:29 - 2009-07-14 07:13 - 01668672 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-20 14:46 - 2015-06-11 08:08 - 00000000 ____D C:\Users\Alexandre\Downloads\Life.Partners.2014.WEB-DL.x264-RARBG
2015-06-19 21:12 - 2014-11-28 10:16 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieBrowserModeList
2015-06-19 21:12 - 2014-04-25 02:54 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieUserList
2015-06-19 21:12 - 2014-04-25 02:54 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieSiteList
2015-06-17 14:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-07-14 11:11 - 2015-07-14 11:11 - 0018295 _____ () C:\Users\Alexandre\AppData\Roaming\unins000.dat
2015-07-14 11:11 - 2015-07-14 11:11 - 0813729 _____ () C:\Users\Alexandre\AppData\Roaming\unins000.exe
2014-02-04 23:31 - 2014-02-04 23:31 - 0007605 _____ () C:\Users\Alexandre\AppData\Local\Resmon.ResmonCfg
2015-01-05 09:40 - 2015-01-05 09:40 - 0000020 _____ () C:\ProgramData\bc.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {5e1506b0-b587-11df-9e90-00269e76adea}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {5e1506b2-b587-11df-9e90-00269e76adea}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5e1506b0-b587-11df-9e90-00269e76adea}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {5e1506b2-b587-11df-9e90-00269e76adea}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5e1506b3-b587-11df-9e90-00269e76adea}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5e1506b3-b587-11df-9e90-00269e76adea}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {5e1506b0-b587-11df-9e90-00269e76adea}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {5e1506b3-b587-11df-9e90-00269e76adea}
description Ramdisk Options
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2015-07-13 11:17
==================== End of log ============================
Ran by Alexandre (administrator) on ALEXANDRE-ACCA on 14-07-2015 17:44:23
Running from C:\Users\Alexandre\Downloads
Loaded Profiles: Alexandre (Available Profiles: Alexandre)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(http://www.emule-project.net) C:\Program Files (x86)\eMule\emule.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-06-02] (Banco do Brasil)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (http://www.emule-project.net)
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\MountPoints2: {09d83862-bd90-11e3-92b8-60eb6983a684} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\MountPoints2: {e616ebdd-432a-11e3-b4ba-60eb6983a684} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-05] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-08-31]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-14] (AVAST Software)
ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\TFPU\TFPUOverlayIcon.dll [2010-03-02] (TOSHIBA)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {1788C53C-1A8E-0884-9773-3E56463A7B7B} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {26B155C5-1FC1-9FB4-3B05-685774B3CF03} URL = http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4215181699-3049314833-3173697437-1000 -> {1788C53C-1A8E-0884-9773-3E56463A7B7B} URL =
SearchScopes: HKU\S-1-5-21-4215181699-3049314833-3173697437-1000 -> {65D5FF77-D094-4326-879F-051F510BCA04} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-03] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-03] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-06-02] (Banco do Brasil)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1889664 2015-06-02] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{104BE113-4244-4D32-B3FB-DBECECF5DDE9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{61E8B3EF-FC98-42DF-8BA6-BE42592CE161}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{61E8B3EF-FC98-42DF-8BA6-BE42592CE161}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{79B01330-5F72-4BC7-B951-4970DB6005E6}: [DhcpNameServer] 192.168.1.1 0.0.0.0
FireFox:
========
FF ProfilePath: C:\Users\Alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\kirdt7kt.default-1435820959526
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4215181699-3049314833-3173697437-1000: gastecnologia.com.br/sf/bb -> C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4215181699-3049314833-3173697437-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-03-06] (GAS Tecnologia)
FF Extension: English (GB) Language Pack - C:\Users\Alexandre\AppData\Roaming\Mozilla\Firefox\Profiles\kirdt7kt.default-1435820959526\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2015-07-09]
FF HKLM\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [{C1CA7765-44E4-452e-9D00-A04F3D434281}] -
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-01]
FF HKU\S-1-5-21-4215181699-3049314833-3173697437-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\Alexandre\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-07-14]
Chrome:
=======
CHR Profile: C:\Users\Alexandre\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-14] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-14] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [579896 2015-04-29] (GAS Tecnologia)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2011-06-15] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2011-06-15] (Alcatel-Lucent) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2014-09-06] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AlcatelOTnet; C:\Windows\System32\DRIVERS\AlcatelOTUsbnet.sys [138752 2009-12-10] (TCT International Mobile Ltd)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-14] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2012-03-06] (Huawei Technologies Co., Ltd.)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [21720 2015-04-29] (GAS Tecnologia)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-03-04] (TCT International Mobile Ltd)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2011-06-15] (Printing Communications Assoc., Inc. (PCAUSA))
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [49568 2009-08-18] (O2Micro )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation )
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-14] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
S3 ZTEMBBMSD; C:\Windows\System32\Drivers\ZTEMBBMSD.sys [19968 2014-09-27] (ZTE Corporation) [File not signed]
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmeaext; C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [123136 2014-09-27] (ZTE Incorporated) [File not signed]
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [237056 2014-09-27] (ZTE Incorporated) [File not signed]
S3 catchme; \??\C:\Users\ALEXAN~1\AppData\Local\Temp\catchme.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 MREMPR5; \??\C:\PROGRA~2\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~2\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AlcatelOTUsbnet.sys 808820DEF092FA0A6D93BAE3E5D069CD
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswHwid.sys 9BE9F2B83DE80E2752B1405CC427E2EC
C:\Windows\system32\drivers\aswMonFlt.sys 2DA1C1AEDF454F8E32A863A1AEACDD8C
C:\Windows\system32\drivers\aswRdr2.sys 4750016EF9CC1DEC6DA3FE5AF9A7F095
C:\Windows\System32\Drivers\aswRvrt.sys 1323269A92645705DEFA053F3596829D
C:\Windows\system32\drivers\aswSnx.sys E74FD717476B30E23F45354B8F3ACB30
C:\Windows\system32\drivers\aswSP.sys B1881A01E301990B671694CA1623F1B6
C:\Windows\system32\drivers\aswStm.sys 7509F07BA6F84C1E3B2C0D78A1F6F782
C:\Windows\System32\Drivers\aswVmm.sys 1A5BDDE65B648DC3AD48B6ECAA3AE9C8
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ATSwpWDF.sys 599FDE158B87EB33538FB0CEA1A5813F
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys A7D943BCFB70F1F053C274B348267B55
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\GbpKm.sys 8F866DF9A974BFFDCB2001D303BC0695
C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys E7B993BE3E3C204CEACD1611FA3313E1
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\DRIVERS\ew_jubusenum.sys 1642C62F1FD5E1FF44608283994A7BB8
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 5E60DD5F090AB4A563C7204C289C4650
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\jrdusbser.sys 5678EC677028221EC5C815BCD07AB697
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BF69D973523D539A35807946C6DA7E16
C:\Windows\System32\Drivers\ksecpkg.sys 272C27711C8AA6E7815EE33F8ACA9C66
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys FF60E112FC03F6D0EB74B3BFD7D6B7C9
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 035C83CD72E06C47000793D32B1A642D
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Motive\MREMP50.sys 9BD4DCB5412921864A7AACDEDFBD1923
C:\Program Files\Common Files\Motive\MREMP50a64.SYS C2758DF79C83A0D12A5599A040CA1818
C:\Program Files (x86)\Common Files\Motive\MRESP50.sys 07C02C892E8E1A72D6BF35004F0E9C5E
C:\Program Files\Common Files\Motive\MRESP50a64.SYS 38BD5B32E0722752BE8465D2A6DA43D9
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys A842341EF3C702EF8208E610BE0FD1D9
C:\Windows\System32\DRIVERS\nvlddmkm.sys 6850D89C7ABDD8B4FB0B3659DA961379
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\o2mdgx64.sys E66FE47F60C2E5B9BBF43552771AD569
C:\Windows\System32\DRIVERS\o2sdgx64.sys FA1EED3A10992EBA9A39172B50346434
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\QIOMem.sys C8FCB4899F8B70CC34E0D9876A80963C
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\system32\drivers\regi.sys 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 7B04C9843921AB1F695FB395422C5360
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RTL8187Se.sys 3EC7911ED886DC5D8A9F70129254679C
C:\Windows\System32\DRIVERS\rtl8192se.sys A8ED9726734D403217A4861A6788B144
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455
C:\Windows\System32\DRIVERS\ssudserd.sys 76F7D7217FBDAB77798A2A244ACD641F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 12A35E44D8647985FCDB8D298A590134
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D
C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38
C:\Windows\System32\DRIVERS\tosporte.sys 8021F63311797085949FA387F7C83583
C:\Windows\System32\DRIVERS\tosrfbd.sys 3FA1857F4A99AF19D1F4106697793E0E
C:\Windows\System32\Drivers\tosrfbnp.sys 62512B5277D88600F8BD4B7AEC43569D
C:\Windows\System32\Drivers\tosrfcom.sys C523A9186C39D65CC9ADEBB2E1B93CCD
C:\Windows\System32\DRIVERS\tosrfec.sys F5E3AC4CBCD154EE80849B21887FD0B0
C:\Windows\System32\DRIVERS\Tosrfhid.sys 451B8C1815C6CC39650AF916C2A382CD
C:\Windows\System32\DRIVERS\tosrfnds.sys B6FDC3C76FFE9C5171EEA9C37EA367C2
C:\Windows\System32\drivers\tosrfsnd.sys 7052B10E54B48AF12BD5606596A8E039
C:\Windows\System32\DRIVERS\tosrfusb.sys 8197B0EAE0D804AC3466045DDC5DA98B
C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 5C3BE22E485B9BF11FCEFDC676C728D0
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys 1352B215BDC5807A5641E7C143796DD7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Program Files (x86)\GbPlugin\wsftprp64.sys 9B06D67FEDAABE253A2A68B68F5CBD2A
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys D0335A55E5C3F812548E18300C2ACB62
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Program Files\Diebold\Warsaw\WinDivert64.sys E583E1EA40CADB778820BCB1281CB1E9
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\ZTEMBBMSD.sys 0E98E955929F997AAFA02B4EC67022B6
C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbnmeaext.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys E61434B1860727835246F5160D4673E2
C:\Windows\System32\DRIVERS\ZTEusbwwan.sys A5A7F7A58DBE4A0134AA76B0E1F787DC
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 17:44 - 2015-07-14 17:44 - 00041303 _____ C:\Users\Alexandre\Downloads\FRST.txt
2015-07-14 17:43 - 2015-07-14 17:44 - 00000000 ____D C:\FRST
2015-07-14 17:43 - 2015-07-14 17:43 - 02133504 _____ (Farbar) C:\Users\Alexandre\Downloads\FRST64.exe
2015-07-14 12:00 - 2015-07-14 14:02 - 731248640 ____R C:\Users\Alexandre\Downloads\Une Femme Sans Retenue (Marc Dorcel) XXX FRENCH (DVDRip).avi
2015-07-14 12:00 - 2015-07-14 12:23 - 00000000 ____D C:\Users\Alexandre\Downloads\Die.Ballerina.German.XXX.BDRiP.x264-PONE
2015-07-14 11:59 - 2015-07-14 13:44 - 757094802 ____R C:\Users\Alexandre\Downloads\L'Entremetteuse - The Procuress (NEW 2015 Marc Dorcel) WEB-DL.mp4
2015-07-14 11:57 - 2015-07-14 11:57 - 00000000 ____D C:\Users\Alexandre\Downloads\Marc Dorcel - Sienna Day And Anissa Kate - The Billionaire's Daughter - 720p
2015-07-14 11:22 - 2015-07-14 11:22 - 00001600 _____ C:\Users\Alexandre\Desktop\ZHPFixReport.txt
2015-07-14 11:18 - 2015-07-14 11:19 - 00001860 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2015-07-14 11:18 - 2015-07-14 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-07-14 11:18 - 2015-07-14 11:18 - 00003156 _____ C:\Windows\System32\Tasks\{739F321E-DE91-4514-B4B9-4DCE1131BBEE}
2015-07-14 11:11 - 2015-07-14 11:11 - 00813729 _____ C:\Users\Alexandre\AppData\Roaming\unins000.exe
2015-07-14 11:11 - 2015-07-14 11:11 - 00018295 _____ C:\Users\Alexandre\AppData\Roaming\unins000.dat
2015-07-14 11:11 - 2015-07-14 11:11 - 00000000 ____D C:\Users\Alexandre\AppData\Local\GAS Tecnologia
2015-07-14 11:10 - 2015-05-21 02:06 - 00522040 _____ (GAS Tecnologia) C:\Windows\system32\gbpdist.exe
2015-07-14 11:09 - 2015-07-14 11:10 - 02482048 _____ (Banco do Brasil SA) C:\Users\Alexandre\Downloads\DiagnosticoBB(2).exe
2015-07-14 11:05 - 2015-07-14 11:05 - 03522334 _____ (Nicolas Coolman ) C:\Users\Alexandre\Downloads\ZHPFix.exe
2015-07-13 13:01 - 2015-07-13 13:01 - 00090291 _____ C:\Users\Alexandre\Desktop\ZHPDiag.txt
2015-07-13 12:58 - 2015-07-14 11:22 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\ZHP
2015-07-13 12:58 - 2015-07-13 12:58 - 00000838 _____ C:\Users\Alexandre\Desktop\ZHPDiag.lnk
2015-07-13 12:57 - 2015-07-13 12:58 - 01838592 _____ C:\Users\Alexandre\Downloads\ZHPDiag3.exe
2015-07-10 23:09 - 2015-07-10 23:15 - 00000000 ____D C:\Users\Alexandre\AppData\OICE_15_974FA576_32C1D314_36B3
2015-07-03 22:21 - 2015-07-03 22:20 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-03 22:20 - 2015-07-03 22:20 - 00000000 ____D C:\Program Files\Java
2015-07-03 22:13 - 2015-07-03 22:15 - 43189344 _____ (Oracle Corporation) C:\Users\Alexandre\Downloads\jre-8u45-windows-x64.exe
2015-07-03 22:11 - 2015-07-06 11:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 21:28 - 2015-07-01 22:36 - 734306368 ____R C:\Users\Alexandre\Downloads\OSS.117.Rio.Ne.Repond.Plus.FRENCH.PROPER.READNFO.DVDRiP.avi
2015-07-01 21:27 - 2015-07-01 22:11 - 730652672 ____R C:\Users\Alexandre\Downloads\OSS_117_Le_Caire_nid_d_espions_FRENCH_DVDRip.avi
2015-06-29 15:18 - 2015-06-29 15:19 - 00000000 ____D C:\Users\Alexandre\Downloads\Fury 2014 FANSUB VOSTFR BRRiP XviD AC3-NIKOo
2015-06-29 15:11 - 2015-06-29 16:24 - 1471903407 ____R C:\Users\Alexandre\Downloads\[ www.OMGTORRENT.com ] Jupiter.Ascending.2015.FANSUB.VOSTFR.WEB-DL.XviD-TeamSuW.avi
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-14 17:43 - 2013-11-02 13:14 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\uTorrent
2015-07-14 17:41 - 2014-12-14 08:37 - 00000000 ____D C:\Program Files (x86)\eMule
2015-07-14 17:41 - 2013-11-20 15:50 - 00000000 ____D C:\Users\Alexandre\AppData\Local\eMule
2015-07-14 17:41 - 2013-11-20 15:50 - 00000000 ____D C:\ProgramData\eMule
2015-07-14 17:18 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 17:18 - 2009-07-14 06:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 17:15 - 2013-11-03 13:33 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 17:13 - 2015-01-05 08:07 - 00654848 ___SH C:\Users\Alexandre\Downloads\Thumbs.db
2015-07-14 17:13 - 2013-11-01 20:38 - 01720625 _____ C:\Windows\WindowsUpdate.log
2015-07-14 17:10 - 2014-01-29 18:37 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-07-14 17:08 - 2015-05-20 20:01 - 00004668 _____ C:\Windows\setupact.log
2015-07-14 17:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-14 11:27 - 2013-11-01 22:28 - 00125976 _____ C:\Users\Alexandre\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-14 11:26 - 2009-07-14 06:45 - 00465680 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-14 11:25 - 2015-05-20 20:01 - 00012866 _____ C:\Windows\PFRO.log
2015-07-14 11:25 - 2014-01-29 18:37 - 00000000 ____D C:\ProgramData\GbPlugin
2015-07-14 11:19 - 2015-01-14 15:24 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2015-07-14 11:16 - 2014-01-29 18:37 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2015-07-14 11:15 - 2015-04-15 19:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-14 11:11 - 2014-08-18 19:21 - 00015791 _____ C:\Users\Alexandre\Downloads\Diagnóstico BB.log
2015-07-14 11:11 - 2014-01-29 18:35 - 00000000 ____D C:\ProgramData\Temp
2015-07-13 22:17 - 2013-11-02 12:33 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\Skype
2015-07-10 10:57 - 2014-07-20 11:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-09 23:23 - 2013-11-01 23:54 - 00000000 ____D C:\Users\Alexandre\AppData\Roaming\vlc
2015-07-09 15:16 - 2013-11-03 13:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 15:16 - 2013-11-03 13:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 15:16 - 2013-11-03 13:33 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-06 23:56 - 2015-01-25 08:06 - 00000000 ____D C:\Users\Alexandre\Desktop\Elisa 250115
2015-07-06 11:19 - 2015-01-12 08:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 22:21 - 2013-11-10 02:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-03 22:16 - 2013-11-11 11:35 - 00000000 ____D C:\Users\Alexandre\AppData\Local\Adobe
2015-07-02 09:09 - 2015-01-12 15:10 - 00000000 ____D C:\Users\Alexandre\Desktop\Anciennes données de Firefox
2015-06-26 13:39 - 2013-12-02 03:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-26 13:37 - 2015-01-24 10:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-23 13:30 - 2013-11-01 23:31 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-21 12:29 - 2009-07-14 17:24 - 00747668 _____ C:\Windows\system32\perfh00C.dat
2015-06-21 12:29 - 2009-07-14 17:24 - 00150160 _____ C:\Windows\system32\perfc00C.dat
2015-06-21 12:29 - 2009-07-14 07:13 - 01668672 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-20 14:46 - 2015-06-11 08:08 - 00000000 ____D C:\Users\Alexandre\Downloads\Life.Partners.2014.WEB-DL.x264-RARBG
2015-06-19 21:12 - 2014-11-28 10:16 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieBrowserModeList
2015-06-19 21:12 - 2014-04-25 02:54 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieUserList
2015-06-19 21:12 - 2014-04-25 02:54 - 00000000 __SHD C:\Users\Alexandre\AppData\Local\EmieSiteList
2015-06-17 14:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2015-07-14 11:11 - 2015-07-14 11:11 - 0018295 _____ () C:\Users\Alexandre\AppData\Roaming\unins000.dat
2015-07-14 11:11 - 2015-07-14 11:11 - 0813729 _____ () C:\Users\Alexandre\AppData\Roaming\unins000.exe
2014-02-04 23:31 - 2014-02-04 23:31 - 0007605 _____ () C:\Users\Alexandre\AppData\Local\Resmon.ResmonCfg
2015-01-05 09:40 - 2015-01-05 09:40 - 0000020 _____ () C:\ProgramData\bc.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {5e1506b0-b587-11df-9e90-00269e76adea}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale fr-FR
inherit {bootloadersettings}
recoverysequence {5e1506b2-b587-11df-9e90-00269e76adea}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5e1506b0-b587-11df-9e90-00269e76adea}
nx OptIn
Chargeur de d‚marrage Windows
-----------------------------
identificateur {5e1506b2-b587-11df-9e90-00269e76adea}
device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5e1506b3-b587-11df-9e90-00269e76adea}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{5e1506b3-b587-11df-9e90-00269e76adea}
systemroot \windows
nx OptIn
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {5e1506b0-b587-11df-9e90-00269e76adea}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems Yes
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {5e1506b3-b587-11df-9e90-00269e76adea}
description Ramdisk Options
ramdisksdidevice partition=\Device\HarddiskVolume1
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2015-07-13 11:17
==================== End of log ============================