OTL logfile created on: 24/04/2015 19:15:14 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\didier\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 0000040c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,98 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,51% Memory free
7,96 Gb Paging File | 6,22 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,18 Gb Total Space | 396,49 Gb Free Space | 86,92% Space Free | Partition Type: NTFS
Drive E: | 634,76 Gb Total Space | 617,47 Gb Free Space | 97,28% Space Free | Partition Type: NTFS
Drive F: | 634,76 Gb Total Space | 580,80 Gb Free Space | 91,50% Space Free | Partition Type: NTFS
Drive H: | 593,48 Gb Total Space | 593,20 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 9,58 Gb Total Space | 1,59 Gb Free Space | 16,64% Space Free | Partition Type: NTFS
 
Computer Name: DIDIER-PC | User Name: didier | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\didier\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe (Hewlett-Packard Development Co. L.P.)
PRC - C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
PRC - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
PRC - C:\WINDOWS\SysWOW64\PSIService.exe ()
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (LiveUpdateSvc) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (ProtexisLicensing) -- C:\WINDOWS\SysWOW64\PSIService.exe ()
SRV - (WcesComm) -- C:\WINDOWS\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\WINDOWS\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (MBAMSwissArmy) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (MBAMWebAccessControl) -- C:\WINDOWS\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\WINDOWS\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (NisDrv) -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (L1C) -- C:\WINDOWS\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (VIAHdAudAddService) -- C:\WINDOWS\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (LVUSBS64) -- C:\WINDOWS\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (PID_PEPI) -- C:\WINDOWS\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:[b]64bit:[/b] - (lvpepf64) -- C:\WINDOWS\SysNative\drivers\lv302a64.sys (Logitech Inc.)
DRV - (HWiNFO32) -- C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS (REALiX(tm))
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2015/04/24 16:21:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\didier\Desktop\OTL.exe
[2015/04/24 16:19:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2015/04/23 21:15:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/04/23 19:35:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2015/04/23 19:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag
[2015/04/23 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\didier\AppData\Roaming\ZHP
[2015/04/23 19:32:25 | 006,878,142 | ---- | C] (Nicolas Coolman                                             ) -- C:\Users\didier\Desktop\ZHPDiag2.exe
[2015/04/22 09:19:48 | 000,000,000 | ---D | C] -- C:\Users\didier\Documents\luminus
[2015/04/15 11:13:40 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015/04/15 11:13:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015/04/15 11:13:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015/04/15 11:13:26 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/04/15 11:13:24 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015/04/15 11:13:24 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015/04/15 11:13:23 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015/04/15 11:13:22 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/04/15 11:13:21 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/04/15 11:13:20 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/04/15 11:13:20 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015/04/15 11:13:19 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015/04/15 11:13:18 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/04/15 11:13:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015/04/15 11:13:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/04/15 11:13:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015/04/15 11:13:15 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/04/15 11:13:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/04/15 11:13:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/04/15 11:13:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015/04/15 11:13:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/04/15 11:13:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/04/15 11:13:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/04/15 11:13:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/04/15 11:13:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015/04/15 11:13:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/04/15 11:13:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015/04/15 11:13:09 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/04/15 11:13:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015/04/15 11:13:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 11:13:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015/04/15 11:13:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015/04/15 11:13:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 11:13:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 11:13:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015/04/15 11:13:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 11:13:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015/04/15 11:13:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 11:13:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 11:13:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 11:13:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015/04/15 11:13:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 11:13:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015/04/15 11:13:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 11:13:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015/04/15 11:13:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 11:13:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015/04/15 11:13:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015/04/15 11:13:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 11:13:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 11:13:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015/04/15 11:13:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015/04/15 11:13:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 11:13:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 11:13:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015/04/15 11:13:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 11:13:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 11:13:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015/04/15 11:13:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015/04/15 11:13:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 11:13:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015/04/15 11:13:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 11:13:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 11:13:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015/04/15 11:13:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 11:13:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 11:13:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015/04/15 11:12:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015/04/15 11:12:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015/04/15 11:12:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015/04/15 11:12:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/04/15 11:12:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015/04/15 11:12:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 11:12:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015/04/15 11:12:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 11:12:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015/04/15 11:12:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015/04/15 11:12:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/04/15 11:12:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/04/15 11:12:55 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/04/15 11:12:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015/04/15 11:12:54 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/04/15 11:12:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/04/15 11:12:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/04/15 11:12:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/04/15 11:12:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/04/15 11:11:41 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/04/15 11:11:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/04/15 11:11:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/04/15 11:11:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/04/15 11:11:37 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/04/15 11:11:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/04/15 11:11:35 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/04/15 11:11:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/04/15 11:11:35 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/04/15 11:11:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/04/15 11:11:33 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/04/15 11:11:33 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/04/15 11:11:32 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/04/15 11:11:32 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/04/15 11:11:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/04/15 11:11:31 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/04/15 11:11:30 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/04/15 11:11:30 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/04/15 11:11:30 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/04/15 11:11:29 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/04/15 11:11:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/04/15 11:11:28 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/04/15 11:11:27 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/04/15 11:11:26 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/04/15 11:11:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/04/15 11:11:24 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015/04/15 11:11:23 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/04/15 11:11:21 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/04/15 11:11:20 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/04/15 11:11:19 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/04/15 11:11:19 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/04/15 11:11:19 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/04/15 11:11:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/04/15 11:11:18 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/04/15 11:11:17 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015/04/15 11:11:16 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/04/15 11:11:16 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/04/15 11:10:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015/04/15 11:10:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015/04/12 13:54:43 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015/04/12 13:54:43 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015/04/12 13:54:43 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015/04/12 13:54:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015/04/12 13:54:43 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015/04/12 13:54:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015/04/12 13:54:43 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015/04/12 13:54:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015/04/12 13:54:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015/04/12 13:54:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015/04/12 13:54:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015/04/12 13:54:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015/04/12 13:54:43 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015/04/12 13:54:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015/04/12 13:54:42 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015/04/12 13:54:39 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/04/12 13:54:39 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/04/12 13:54:39 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/04/12 13:54:39 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/04/12 13:54:39 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/04/12 13:54:39 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/04/12 13:54:39 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015/04/12 13:54:37 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/04/09 21:06:12 | 000,029,184 | ---- | C] (Datastic.com) -- C:\Users\didier\Desktop\ColorCop.exe
[2015/04/08 13:36:33 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\0B0F11F5.sys
[2015/04/08 13:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2015/03/30 15:45:11 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015/03/30 15:45:11 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015/03/30 15:09:12 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015/03/26 15:10:52 | 000,000,000 | ---D | C] -- C:\Users\didier\Documents\doctor
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2015/04/24 18:32:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/04/24 18:19:00 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2015/04/24 18:12:53 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/04/24 16:42:59 | 000,002,828 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2015/04/24 16:32:05 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/04/24 16:21:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\didier\Desktop\OTL.exe
[2015/04/24 14:46:14 | 000,034,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/04/24 14:46:14 | 000,034,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/04/24 14:39:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/04/24 14:39:24 | 3207,581,696 | -HS- | M] () -- C:\hiberfil.sys
[2015/04/24 14:22:01 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/04/23 21:14:23 | 002,224,640 | ---- | M] () -- C:\Users\didier\Desktop\adwcleaner_4.202.exe
[2015/04/23 21:06:23 | 000,000,832 | ---- | M] () -- C:\Users\didier\Desktop\ZHPCleaner.lnk
[2015/04/23 21:04:38 | 001,809,920 | ---- | M] () -- C:\Users\didier\Desktop\ZHPCleaner.exe
[2015/04/23 19:35:38 | 000,001,987 | ---- | M] () -- C:\Users\didier\Desktop\ZHPFix.lnk
[2015/04/23 19:35:38 | 000,001,860 | ---- | M] () -- C:\Users\didier\Desktop\ZHPDiag.lnk
[2015/04/23 19:32:56 | 006,878,142 | ---- | M] (Nicolas Coolman                                             ) -- C:\Users\didier\Desktop\ZHPDiag2.exe
[2015/04/22 16:16:00 | 001,669,584 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/04/22 16:16:00 | 000,747,644 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/04/22 16:16:00 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/04/22 16:16:00 | 000,150,168 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/04/22 16:16:00 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/04/22 09:21:47 | 000,017,611 | ---- | M] () -- C:\Users\didier\Documents\Nouvelle facture Luminus.eml
[2015/04/18 09:40:04 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/17 13:28:20 | 000,002,102 | ---- | M] () -- C:\Users\didier\Desktop\HP Photo Creations.lnk
[2015/04/16 03:20:26 | 001,643,716 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/04/08 13:36:33 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\0B0F11F5.sys
[2015/04/08 13:32:50 | 000,001,638 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2015/03/28 13:01:17 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2015/04/23 21:14:20 | 002,224,640 | ---- | C] () -- C:\Users\didier\Desktop\adwcleaner_4.202.exe
[2015/04/23 21:06:23 | 000,000,832 | ---- | C] () -- C:\Users\didier\Desktop\ZHPCleaner.lnk
[2015/04/23 21:04:35 | 001,809,920 | ---- | C] () -- C:\Users\didier\Desktop\ZHPCleaner.exe
[2015/04/23 19:40:45 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2015/04/23 19:35:38 | 000,001,987 | ---- | C] () -- C:\Users\didier\Desktop\ZHPFix.lnk
[2015/04/23 19:35:38 | 000,001,860 | ---- | C] () -- C:\Users\didier\Desktop\ZHPDiag.lnk
[2015/04/22 09:21:46 | 000,017,611 | ---- | C] () -- C:\Users\didier\Documents\Nouvelle facture Luminus.eml
[2015/04/15 11:11:40 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015/04/15 11:11:35 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015/04/08 13:32:50 | 000,001,638 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2015/03/28 11:15:57 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2015/02/06 16:20:03 | 000,899,694 | ---- | C] () -- C:\Users\didier\AppData\Local\[j0013]-[p01].bmp
[2015/01/30 14:36:23 | 000,221,379 | ---- | C] () -- C:\Windows\hpoins30.dat
[2015/01/30 14:36:23 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2015/01/28 10:50:52 | 000,221,342 | ---- | C] () -- C:\Windows\hpoins30.dat.temp
[2015/01/28 10:50:52 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat.temp
[2014/12/31 21:05:43 | 000,007,605 | ---- | C] () -- C:\Users\didier\AppData\Local\resmon.resmoncfg
[2014/12/23 21:33:09 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/12/21 20:12:32 | 000,000,590 | ---- | C] () -- C:\Users\didier\ProduKey.cfg
[2014/12/21 20:11:31 | 000,017,388 | ---- | C] () -- C:\Users\didier\ProduKey.chm
[2014/12/20 16:13:41 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\MSVCRT10.DLL
[2014/12/20 16:13:41 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\icmfilter.dll
[2014/12/20 13:48:31 | 000,080,384 | ---- | C] () -- C:\Users\didier\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/12/19 15:27:58 | 000,000,088 | RHS- | C] () -- C:\Windows\SysWow64\87EDE28B89.sys
[2014/12/19 15:20:45 | 000,002,828 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2014/12/18 21:44:06 | 001,643,716 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2015/02/13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]< MD5 for: 0B0F11F5.SYS  >[/color]
[2015/04/08 13:36:33 | 000,136,408 | ---- | M] (Malwarebytes Corporation) MD5=E9CD058C79EA15B4AA93E259FA713B07 -- C:\Windows\SysNative\drivers\0B0F11F5.sys
 
[color=#A23BEC]< MD5 for: 87EDE28B89.SYS  >[/color]
[2014/12/19 18:16:22 | 000,000,088 | RHS- | M] () MD5=753A489886B1FFFFA1A49E0ACA9B31E0 -- C:\WINDOWS\SysWOW64\87EDE28B89.sys
 
[color=#A23BEC]< MD5 for: AMDSATA.SYS  >[/color]
[2011/03/11 08:18:49 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=4714BDA609FA014A0655B435047BE600 -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.21680_none_aaccc8deb1e48f1e\amdsata.sys
[2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=6EC6D772EAE38DC17C14AED9B178D24B -- C:\Windows\SysNative\DriverStore\FileRepository\amdsata.inf_amd64_neutral_67db50590108ebd9\amdsata.sys
[2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=6EC6D772EAE38DC17C14AED9B178D24B -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17514_none_aa92dcaf988a9119\amdsata.sys
[2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=D4121AE6D0C0E7E13AA221AA57EF2D49 -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=D4121AE6D0C0E7E13AA221AA57EF2D49 -- C:\Windows\SysNative\DriverStore\FileRepository\amdsata.inf_amd64_neutral_5c3d0d1e97e99e10\amdsata.sys
[2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) MD5=D4121AE6D0C0E7E13AA221AA57EF2D49 -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17577_none_aa54fe0598b884c4\amdsata.sys
 
[color=#A23BEC]< MD5 for: AMDSBS.SYS  >[/color]
[2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) MD5=F67F933E79241ED32FF46A4F29B5120B -- C:\Windows\SysNative\drivers\amdsbs.sys
[2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) MD5=F67F933E79241ED32FF46A4F29B5120B -- C:\Windows\SysNative\DriverStore\FileRepository\amdsbs.inf_amd64_neutral_5cae6933bef20aa8\amdsbs.sys
[2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) MD5=F67F933E79241ED32FF46A4F29B5120B -- C:\WINDOWS\winsxs\amd64_amdsbs.inf_31bf3856ad364e35_6.1.7600.16385_none_c192282a2ed13c70\amdsbs.sys
 
[color=#A23BEC]< MD5 for: AMDXATA.SYS  >[/color]
[2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=1142A21DB581A84EA5597B03A26EBAA0 -- C:\Windows\SysNative\DriverStore\FileRepository\amdsata.inf_amd64_neutral_67db50590108ebd9\amdxata.sys
[2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=1142A21DB581A84EA5597B03A26EBAA0 -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17514_none_aa92dcaf988a9119\amdxata.sys
[2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=540DAF1CEA6094886D72126FD7C33048 -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=540DAF1CEA6094886D72126FD7C33048 -- C:\Windows\SysNative\DriverStore\FileRepository\amdsata.inf_amd64_neutral_5c3d0d1e97e99e10\amdxata.sys
[2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=540DAF1CEA6094886D72126FD7C33048 -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17577_none_aa54fe0598b884c4\amdxata.sys
[2011/03/11 08:18:49 | 000,027,008 | ---- | M] (Advanced Micro Devices) MD5=91F0F51F579BE0C3E8A85B57A8637D2D -- C:\WINDOWS\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.21680_none_aaccc8deb1e48f1e\amdxata.sys
 
[color=#A23BEC]< MD5 for: B57ND60A.SYS  >[/color]
[2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) MD5=B5ACE6968304A3900EEB1EBFD9622DF2 -- C:\Windows\SysNative\drivers\b57nd60a.sys
[2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) MD5=B5ACE6968304A3900EEB1EBFD9622DF2 -- C:\Windows\SysNative\DriverStore\FileRepository\netb57va.inf_amd64_neutral_6264e97d4fc12211\b57nd60a.sys
[2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) MD5=B5ACE6968304A3900EEB1EBFD9622DF2 -- C:\WINDOWS\winsxs\amd64_netb57va.inf_31bf3856ad364e35_6.1.7600.16385_none_581eb8ede4375d14\b57nd60a.sys
 
[color=#A23BEC]< MD5 for: BXVBDA.SYS  >[/color]
[2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) MD5=3E5B191307609F7514148C6832BB0842 -- C:\Windows\SysNative\drivers\bxvbda.sys
[2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) MD5=3E5B191307609F7514148C6832BB0842 -- C:\Windows\SysNative\DriverStore\FileRepository\netbvbda.inf_amd64_neutral_2bfa4ea57bd5d74a\bxvbda.sys
[2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) MD5=3E5B191307609F7514148C6832BB0842 -- C:\WINDOWS\winsxs\amd64_netbvbda.inf_31bf3856ad364e35_6.1.7600.16385_none_fa388bc43a1db8d8\bxvbda.sys
 
[color=#A23BEC]< MD5 for: EVBDA.SYS  >[/color]
[2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) MD5=DC5D737F51BE844D8C82C695EB17372F -- C:\Windows\SysNative\drivers\evbda.sys
[2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) MD5=DC5D737F51BE844D8C82C695EB17372F -- C:\Windows\SysNative\DriverStore\FileRepository\netevbda.inf_amd64_neutral_bab421df9c31cc81\evbda.sys
[2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) MD5=DC5D737F51BE844D8C82C695EB17372F -- C:\WINDOWS\winsxs\amd64_netevbda.inf_31bf3856ad364e35_6.1.7600.16385_none_960cfc4d7aab525d\evbda.sys
 
[color=#A23BEC]< MD5 for: FS_REC.SYS  >[/color]
[2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) MD5=6BD9295CC032DD3077C671FCCF579A7B -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) MD5=6BD9295CC032DD3077C671FCCF579A7B -- C:\WINDOWS\winsxs\amd64_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.18288_none_833080f055261c97\fs_rec.sys
[2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) MD5=E95EF8547DE20CF0603557C0CF7A9462 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.17514_none_83784bb654f0d178\fs_rec.sys
[2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) MD5=E95EF8547DE20CF0603557C0CF7A9462 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-coreos_31bf3856ad364e35_6.1.7601.22484_none_83b61e796e47542c\fs_rec.sys
 
[color=#A23BEC]< MD5 for: HCW85CIR.SYS  >[/color]
[2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=F2523EF6460FC42405B12248338AB2F0 -- C:\Windows\SysNative\drivers\hcw85cir.sys
[2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=F2523EF6460FC42405B12248338AB2F0 -- C:\Windows\SysNative\DriverStore\FileRepository\hcw85c64.inf_amd64_neutral_96b71557b416d04a\hcw85cir.sys
[2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) MD5=F2523EF6460FC42405B12248338AB2F0 -- C:\WINDOWS\winsxs\amd64_hcw85c64.inf_31bf3856ad364e35_6.1.7600.16385_none_0446c109eabcdb24\hcw85cir.sys
 
[color=#A23BEC]< MD5 for: HECIX64.SYS  >[/color]
[2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) MD5=A6518DCC42F7A6E999BB3BEA8FD87567 -- C:\WINDOWS\i386\drv\OTH\HECIx64.sys
[2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) MD5=A6518DCC42F7A6E999BB3BEA8FD87567 -- C:\Windows\SysNative\drivers\HECIx64.sys
[2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) MD5=A6518DCC42F7A6E999BB3BEA8FD87567 -- C:\Windows\SysNative\DriverStore\FileRepository\heci.inf_amd64_neutral_8ac1feb3337b1441\HECIx64.sys
 
[color=#A23BEC]< MD5 for: HPSAMD.SYS  >[/color]
[2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) MD5=39D2ABCD392F3D8A6DCE7B60AE7B8EFC -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) MD5=39D2ABCD392F3D8A6DCE7B60AE7B8EFC -- C:\Windows\SysNative\DriverStore\FileRepository\hpsamd.inf_amd64_neutral_84ae149ecc9f8033\HpSAMD.sys
[2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) MD5=39D2ABCD392F3D8A6DCE7B60AE7B8EFC -- C:\WINDOWS\winsxs\amd64_hpsamd.inf_31bf3856ad364e35_6.1.7601.17514_none_5b5cf553a3ff2443\HpSAMD.sys
 
[color=#A23BEC]< MD5 for: HWINFO64A.SYS  >[/color]
[2015/01/16 22:31:21 | 000,026,528 | ---- | M] (REALiX(tm)) MD5=E5805896A55D4166C20F216249F40FA3 -- C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
 
[color=#A23BEC]< MD5 for: KGYGAAVL.SYS  >[/color]
[2015/04/24 16:42:59 | 000,002,828 | -HS- | M] () MD5=97D3E5D8BD3BBA37680E0473A6E45F2A -- C:\WINDOWS\SysWOW64\KGyGaAvL.sys
 
[color=#A23BEC]< MD5 for: L1C62X64.SYS  >[/color]
[2009/06/10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) MD5=033B4AED2C5519072C0D81E00804D003 -- C:\Windows\SysNative\DriverStore\FileRepository\netl1c64.inf_amd64_neutral_30b0b06f47cab8cf\L1C62x64.sys
[2009/06/10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) MD5=033B4AED2C5519072C0D81E00804D003 -- C:\WINDOWS\winsxs\amd64_netl1c64.inf_31bf3856ad364e35_6.1.7600.16385_none_51ac6e08f7ca7715\L1C62x64.sys
[2010/09/27 09:24:43 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) MD5=0E154DA6CA9105354A07D0C576804037 -- C:\WINDOWS\i386\drv\NET\L1c62x64.sys
[2010/09/27 09:24:43 | 000,076,912 | R--- | M] (Atheros Communications, Inc.) MD5=0E154DA6CA9105354A07D0C576804037 -- C:\WINDOWS\i386\drv\NET\MUL\NET000072\L1c62x64.sys
[2010/09/27 09:24:43 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) MD5=0E154DA6CA9105354A07D0C576804037 -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2010/09/27 09:24:43 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) MD5=0E154DA6CA9105354A07D0C576804037 -- C:\Windows\SysNative\DriverStore\FileRepository\l1c62x64.inf_amd64_neutral_0e6d44ebb920f14a\L1C62x64.sys
 
[color=#A23BEC]< MD5 for: LSI_SAS2.SYS  >[/color]
[2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) MD5=30F5C0DE1EE8B5BC9306C1F0E4A75F93 -- C:\Windows\SysNative\drivers\lsi_sas2.sys
[2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) MD5=30F5C0DE1EE8B5BC9306C1F0E4A75F93 -- C:\Windows\SysNative\DriverStore\FileRepository\lsi_sas2.inf_amd64_neutral_e12a5c4cfbe49204\lsi_sas2.sys
[2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) MD5=30F5C0DE1EE8B5BC9306C1F0E4A75F93 -- C:\WINDOWS\winsxs\amd64_lsi_sas2.inf_31bf3856ad364e35_6.1.7600.16385_none_94aaac30f0f50f7c\lsi_sas2.sys
 
[color=#A23BEC]< MD5 for: LV302A64.SYS  >[/color]
[2007/05/09 22:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) MD5=4CB64D7458ABD8396BCD389A69C8FC80 -- C:\Windows\SysNative\drivers\lv302a64.sys
[2007/05/09 22:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) MD5=4CB64D7458ABD8396BCD389A69C8FC80 -- C:\Windows\SysNative\DriverStore\FileRepository\lpepi64s.inf_amd64_neutral_bc44bc558699d6a7\lv302a64.sys
 
[color=#A23BEC]< MD5 for: LV302V64.SYS  >[/color]
[2007/05/09 22:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) MD5=37EA62238E17AE88E4713D9246CA1C1C -- C:\Windows\SysNative\drivers\LV302V64.SYS
[2007/05/09 22:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) MD5=37EA62238E17AE88E4713D9246CA1C1C -- C:\Windows\SysNative\DriverStore\FileRepository\lpepi64v.inf_amd64_neutral_f339c42a4d192519\LV302V64.SYS
 
[color=#A23BEC]< MD5 for: LVUSBS64.SYS  >[/color]
[2007/05/09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) MD5=0034F69D0007D3F77F6B96FA51228E85 -- C:\Windows\SysNative\drivers\LVUSBS64.sys
[2007/05/09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) MD5=0034F69D0007D3F77F6B96FA51228E85 -- C:\Windows\SysNative\DriverStore\FileRepository\lpepi64s.inf_amd64_neutral_bc44bc558699d6a7\LVUSBS64.sys
[2007/05/09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) MD5=0034F69D0007D3F77F6B96FA51228E85 -- C:\Windows\SysNative\DriverStore\FileRepository\lpepi64v.inf_amd64_neutral_f339c42a4d192519\LVUSBS64.sys
 
[color=#A23BEC]< MD5 for: NISDRVWFP.SYS  >[/color]
[2013/09/27 10:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) MD5=ACE8C64C57E4A711473C8BC10ADF692B -- C:\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys
[2014/11/15 15:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) MD5=E10B84385C3FEEF4BDE8E6A980535522 -- C:\Program Files\Microsoft Security Client\Drivers\NisDrv\NisDrvWFP.sys
[2014/11/15 15:46:08 | 000,124,560 | ---- | M] (Microsoft Corporation) MD5=E10B84385C3FEEF4BDE8E6A980535522 -- C:\Windows\SysNative\drivers\NisDrvWFP.sys
 
[color=#A23BEC]< MD5 for: RDPVIDEOMINIPORT.SYS  >[/color]
[2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=313F68E1A3E6345A4F47A36B07062F34 -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=313F68E1A3E6345A4F47A36B07062F34 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_7.1.7601.16398_none_7ed2411ca9929096\rdpvideominiport.sys
[2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=313F68E1A3E6345A4F47A36B07062F34 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_7.1.7601.18740_none_7f002870a9716207\rdpvideominiport.sys
[2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=313F68E1A3E6345A4F47A36B07062F34 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_7.1.7601.22947_none_7f90c927c288b059\rdpvideominiport.sys
[2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=70CBA1A0C98600A2AA1863479B35CB90 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17514_none_8db430131e6eb6d2\rdpvideominiport.sys
[2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=70CBA1A0C98600A2AA1863479B35CB90 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17779_none_8d7855c91e9ad779\rdpvideominiport.sys
[2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=70CBA1A0C98600A2AA1863479B35CB90 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.18540_none_8d8fa85f1e8abeea\rdpvideominiport.sys
[2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=70CBA1A0C98600A2AA1863479B35CB90 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.21924_none_8e3302a437946a02\rdpvideominiport.sys
[2010/11/21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=70CBA1A0C98600A2AA1863479B35CB90 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.22750_none_8e0e772437b077cc\rdpvideominiport.sys
 
[color=#A23BEC]< MD5 for: STEXSTOR.SYS  >[/color]
[2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) MD5=F3817967ED533D08327DC73BC4D5542A -- C:\Windows\SysNative\drivers\stexstor.sys
[2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) MD5=F3817967ED533D08327DC73BC4D5542A -- C:\Windows\SysNative\DriverStore\FileRepository\stexstor.inf_amd64_neutral_80ee226e29362f51\stexstor.sys
[2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) MD5=F3817967ED533D08327DC73BC4D5542A -- C:\WINDOWS\winsxs\amd64_stexstor.inf_31bf3856ad364e35_6.1.7600.16385_none_17b140941985d044\stexstor.sys
 
[color=#A23BEC]< MD5 for: TSUSBFLT.SYS  >[/color]
[2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=17C6B51CBCCDED95B3CC14E22791F85E -- C:\WINDOWS\winsxs\amd64_microsoft-windows-t..usbredirectorclient_31bf3856ad364e35_7.1.7601.16398_none_f642bcff6c8b2640\TsUsbFlt.sys
[2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=D11C783E3EF9A3C52C0EBE83CC5000E9 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-t..usbredirectorclient_31bf3856ad364e35_6.1.7601.17514_none_0524abf5e1674c7c\TsUsbFlt.sys
[2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=E9981ECE8D894CEF7038FD1D040EB426 -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/10/02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) MD5=E9981ECE8D894CEF7038FD1D040EB426 -- C:\WINDOWS\winsxs\amd64_microsoft-windows-t..usbredirectorclient_31bf3856ad364e35_7.2.7601.16415_none_bec50aac0b1850fb\TsUsbFlt.sys
 
[color=#A23BEC]< MD5 for: TSUSBGD.SYS  >[/color]
[2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9CC2CCAE8A84820EAECB886D477CBCB8 -- C:\Windows\SysNative\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_neutral_24c807694f614911\TsUsbGD.sys
[2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9CC2CCAE8A84820EAECB886D477CBCB8 -- C:\WINDOWS\winsxs\amd64_tsgenericusbdriver.inf_31bf3856ad364e35_6.1.7601.17514_none_9872c8452ac8f816\TsUsbGD.sys
[2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=AD64450A4ABE076F5CB34CC08EEACB07 -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=AD64450A4ABE076F5CB34CC08EEACB07 -- C:\Windows\SysNative\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_neutral_27271babb2387b49\TsUsbGD.sys
[2012/08/23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=AD64450A4ABE076F5CB34CC08EEACB07 -- C:\WINDOWS\winsxs\amd64_tsgenericusbdriver.inf_31bf3856ad364e35_7.1.7601.16398_none_8990d94eb5ecd1da\TsUsbGD.sys
[2013/10/02 04:22:44 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=D34789988234DCC8FA55FA9A485AF0EC -- C:\Windows\SysNative\DriverStore\FileRepository\tsgenericusbdriver.inf_amd64_neutral_a4e9275f0cd70f7c\TsUsbGD.sys
[2013/10/02 04:22:44 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=D34789988234DCC8FA55FA9A485AF0EC -- C:\WINDOWS\winsxs\amd64_tsgenericusbdriver.inf_31bf3856ad364e35_7.2.7601.16415_none_521326fb5479fc95\TsUsbGD.sys
 
[color=#A23BEC]< MD5 for: VIAHDUAA.SYS  >[/color]
[2009/07/10 11:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) MD5=627270F2103D41086BAB9675A3315DAB -- C:\Windows\SysNative\drivers\viahduaa.sys
[2009/07/10 11:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) MD5=627270F2103D41086BAB9675A3315DAB -- C:\Windows\SysNative\DriverStore\FileRepository\viahdb.inf_amd64_neutral_f3e451ee95e970af\viahduaa.sys
 
[color=#A23BEC]< MD5 for: WIMMOUNT.SYS  >[/color]
[2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) MD5=05ECAEC3E4529A7153B3136CEB49F0EC -- C:\Windows\SysNative\drivers\wimmount.sys
[2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) MD5=05ECAEC3E4529A7153B3136CEB49F0EC -- C:\WINDOWS\winsxs\amd64_microsoft-windows-wimgapi_31bf3856ad364e35_6.1.7600.16385_none_e4f094112e8f905d\wimmount.sys
[2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=5CF95B35E59E2A38023836FFF31BE64C -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys
[2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) MD5=5CF95B35E59E2A38023836FFF31BE64C -- C:\WINDOWS\winsxs\x86_microsoft-windows-wimgapi_31bf3856ad364e35_6.1.7601.17514_none_8b030c557320a2c1\wimmount.sys
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 801 bytes -> C:\Users\didier\Documents\Nouvelle facture Luminus.eml:OECustomProperty

< End of report >