cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 14/03/2015 23:01:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\fares\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,79% Memory free
7,93 Gb Paging File | 5,47 Gb Available in Paging File | 68,91% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238,24 Gb Total Space | 98,22 Gb Free Space | 41,23% Space Free | Partition Type: NTFS
Drive G: | 52,00 Gb Total Space | 10,97 Gb Free Space | 21,09% Space Free | Partition Type: NTFS

Computer Name: FARES-VAIO | User Name: fares | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\fares\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\World_of_Tanks\WOTLauncher.exe (Wargaming.net)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (iolo technologies, LLC)
PRC - C:\Program Files\Sony\VAIO Care\listener.exe ()
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll ()
MOD - C:\Program Files (x86)\World_of_Tanks\librsync.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll ()
MOD - C:\Program Files\Sony\VAIO Care\listener.exe ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV:[b]64bit:[/b] - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:[b]64bit:[/b] - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (VUAgent) -- C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (USER_ESRV_SVC) -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (ESRV_SVC) -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Intel Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (trntv) -- C:\Users\fares\AppData\Roaming\TornTV.com\TornTVSvc.exe (Cool Mirage)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()
SRV - (HPSLPSVC) -- C:\Users\fares\AppData\Local\Temp\7zS5C46\hpslpsvc64.dll (Hewlett-Packard Co.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (HsfXAudioService) -- C:\Windows\SysWOW64\XAudio64.dll (Conexant Systems, Inc.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - (semav6thermal64ro) -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys ()
DRV:[b]64bit:[/b] - (EsgScanner) -- C:\Windows\SysNative\drivers\EsgScanner.sys ()
DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:[b]64bit:[/b] - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:[b]64bit:[/b] - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (Ser2pl64) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:[b]64bit:[/b] - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:[b]64bit:[/b] - (cmusbser) -- C:\Windows\SysNative\drivers\cmusbser.sys (Mobile Connector)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:[b]64bit:[/b] - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:[b]64bit:[/b] - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:[b]64bit:[/b] - (XAudio) -- C:\Windows\SysNative\drivers\XAudio64.sys (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (mdmxsdk) -- C:\Windows\SysNative\drivers\mdmxsdk.sys (Conexant)
DRV:[b]64bit:[/b] - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:[b]64bit:[/b] - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:[b]64bit:[/b] - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:[b]64bit:[/b] - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\$IESearchEngineGuid: "URL" = http://www.linkat-online.com/search/?q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 A2 71 E2 D6 35 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\$IESearchEngineGuid: "URL" = http://www.linkat-online.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{557C21FE-7274-410D-853E-9ED4471BF193}: "URL" = http://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_fr___DZ357
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKCU\..\SearchScopes\F66075A9BE63414F90C873318AFEFCF2: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119370&tt=3112_4&babsrc=SP_ss&mntrId=e2de067e00000000000000265efe42e4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "omiga-plus"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "omiga-plus"
FF - prefs.js..browser.startup.homepage: "http://www.google.fr"
FF - prefs.js..extensions.enabledAddons: %7B8DD56B34-2BCD-45D9-9395-93CDA1D02CDE%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..keyword.URL: "http://search.rpidity.com/resultats.html?q="
FF - prefs.js..network.proxy.no_proxies_on: "http://127.0.0.1:895"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/08/11 02:33:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/30 19:25:56 | 000,000,000 | ---D | M]

[2012/05/06 07:09:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fares\AppData\Roaming\mozilla\Extensions
[2014/12/19 18:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\fares\AppData\Roaming\mozilla\Firefox\Profiles\xumqzhbz.default\extensions
[2012/09/14 16:44:27 | 000,000,000 | ---D | M] (rpidity) -- C:\Users\fares\AppData\Roaming\mozilla\Firefox\Profiles\xumqzhbz.default\extensions\{8DD56B34-2BCD-45D9-9395-93CDA1D02CDE}
[2013/08/13 17:18:40 | 000,002,402 | ---- | M] () -- C:\Users\fares\AppData\Roaming\mozilla\firefox\profiles\xumqzhbz.default\searchplugins\bingp.xml
[2014/06/04 15:48:42 | 000,002,823 | ---- | M] () -- C:\Users\fares\AppData\Roaming\mozilla\firefox\profiles\xumqzhbz.default\searchplugins\Google.xml
[2014/08/09 23:57:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/15 23:02:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/02 18:49:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

O1 HOSTS File: ([2012/09/29 22:24:08 | 000,000,998 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 66.207.162.66 freedur.com
O1 - Hosts: 66.207.162.66 www.freedur.com
O1 - Hosts: 66.207.162.66 freedur.net
O1 - Hosts: 66.207.162.66 www.freedur.net
O1 - Hosts: 66.207.162.66 freedur.org
O1 - Hosts: 66.207.162.66 www.freedur.org
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACF46FB5-1290-428C-AD49-6D862E19A559}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~2.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SupTab\SEARCH~1.DLL) - File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/12/22 02:21:52 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0b66f4e3-8f4b-11df-b6e0-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{0b66f4e3-8f4b-11df-b6e0-0024be796f4f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0f47e8a0-8ed1-11df-9592-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{0f47e8a0-8ed1-11df-9592-0024be796f4f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{17b0ab57-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0ab57-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{17b0ab7b-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0ab7b-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{17b0abbd-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0abbd-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{17b0abef-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0abef-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{17b0ac7d-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0ac7d-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{17b0acf8-e369-11e3-a0d1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{17b0acf8-e369-11e3-a0d1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{4b4c743c-e396-11e3-ac87-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b4c743c-e396-11e3-ac87-806e6f6e6963}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{4b5be7fe-0243-11e4-b5a1-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{4b5be7fe-0243-11e4-b5a1-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{4b696f23-a6ca-11e3-8aae-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{4b696f23-a6ca-11e3-8aae-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{584253fa-bd91-11e3-be6e-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{584253fa-bd91-11e3-be6e-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{6cffee17-e399-11e3-a6da-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{6cffee17-e399-11e3-a6da-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{95474afd-b520-11e3-acff-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{95474afd-b520-11e3-acff-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{c55c90a4-c2f0-11e3-a10c-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{c55c90a4-c2f0-11e3-a10c-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\{cf65baa0-8f37-11df-b1d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cf65baa0-8f37-11df-b1d0-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cf65bac0-8f37-11df-b1d0-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{cf65bac0-8f37-11df-b1d0-0024be796f4f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cfd14406-7a54-11e4-8a2e-0024be796f4f}\Shell - "" = AutoRun
O33 - MountPoints2\{cfd14406-7a54-11e4-8a2e-0024be796f4f}\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^fares^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^fares^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hpqtra08.exe - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^fares^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d écran et lancement.lnk - - File not found
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]Apoint[/b] - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]BingDesktop[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]Facebook Update[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]Free Download Manager[/b] - hkey= - key= - C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
MsConfig:64bit - StartUpReg: [b]GameTracker[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: [b]HSPALauncher[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]IAStorIcon[/b] - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: [b]ISBMgr.exe[/b] - hkey= - key= - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
MsConfig:64bit - StartUpReg: [b]iTunesHelper[/b] - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]LaunchUserRequestedPrograms[/b] - hkey= - key= - C:\Program Files\Sony\First Experience\Miniprogram.exe ()
MsConfig:64bit - StartUpReg: [b]Microsoft Default Manager[/b] - hkey= - key= - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]MobileDocuments[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]msnmsgr[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]OfficeSyncProcess[/b] - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]PMBVolumeWatcher[/b] - hkey= - key= - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]RegistrationReminder[/b] - hkey= - key= - C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.)
MsConfig:64bit - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: [b]SkyDrive[/b] - hkey= - key= - C:\Users\fares\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]Skytel[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig:64bit - StartUpReg: [b]SmartWiHelper[/b] - hkey= - key= - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
MsConfig:64bit - StartUpReg: [b]StartCCC[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]swg[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]VAIOSurvey[/b] - hkey= - key= - C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
MsConfig:64bit - StartUpReg: [b]Viber[/b] - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

ActiveX:[b]64bit:[/b] {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]

[2015/03/14 22:45:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\fares\Desktop\OTL.exe
[2015/03/11 12:24:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/03/11 12:24:18 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/03/11 12:24:18 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/03/11 12:24:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/03/11 12:24:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/03/11 12:24:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/03/11 12:24:17 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/03/11 12:24:17 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/03/11 12:24:16 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/03/11 12:24:16 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/03/11 12:24:14 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/03/11 12:24:14 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/03/11 12:24:13 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/03/11 12:24:13 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/03/11 12:24:13 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/03/11 12:24:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/03/11 12:24:12 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/03/11 12:24:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/03/11 12:24:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/03/11 12:24:12 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/03/11 12:24:11 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/03/11 12:24:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/03/11 12:24:10 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/03/11 12:24:09 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/03/11 12:24:07 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/03/11 12:24:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/03/11 12:24:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/03/11 12:24:04 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/03/11 12:24:03 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/03/11 12:24:03 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/03/11 12:24:02 | 006,035,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/03/11 12:24:02 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/03/11 12:24:02 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/03/11 12:24:01 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/03/11 12:24:01 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/03/11 05:26:39 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015/03/11 05:26:38 | 011,411,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2015/03/11 05:26:38 | 005,554,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/03/11 05:26:36 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/03/11 05:26:35 | 003,973,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/03/11 05:26:34 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/03/11 05:26:33 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015/03/11 05:26:32 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015/03/11 05:26:30 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2015/03/11 05:26:29 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015/03/11 05:26:29 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2015/03/11 05:26:28 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015/03/11 05:26:28 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2015/03/11 05:26:28 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015/03/11 05:26:28 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2015/03/11 05:26:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2015/03/11 05:26:27 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2015/03/11 05:26:27 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2015/03/11 05:26:27 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2015/03/11 05:26:27 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015/03/11 05:26:26 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2015/03/11 05:26:26 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2015/03/11 05:26:26 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/03/11 05:26:26 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/03/11 05:26:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/03/11 05:26:25 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/03/11 05:26:24 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2015/03/11 05:26:24 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2015/03/11 05:26:24 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2015/03/11 05:26:24 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015/03/11 05:26:24 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015/03/11 05:26:23 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015/03/11 05:26:23 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2015/03/11 05:26:23 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015/03/11 05:26:23 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2015/03/11 05:26:22 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015/03/11 05:26:22 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2015/03/11 05:26:22 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2015/03/11 05:26:22 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2015/03/11 05:26:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2015/03/11 05:26:20 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2015/03/11 05:26:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015/03/11 05:26:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2015/03/11 05:26:19 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2015/03/11 05:26:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/03/11 05:26:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015/03/11 05:26:18 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015/03/11 05:26:18 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015/03/11 05:26:18 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015/03/11 05:26:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015/03/11 05:26:18 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015/03/11 05:26:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcawrk.exe
[2015/03/11 05:26:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/03/11 05:26:17 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2015/03/11 05:26:17 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2015/03/11 05:26:17 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015/03/11 05:26:17 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/03/11 05:26:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/03/11 05:26:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015/03/11 05:26:17 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015/03/11 05:26:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2015/03/11 05:26:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015/03/11 05:26:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2015/03/11 05:26:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2015/03/11 05:26:10 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2015/03/11 05:26:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2015/03/11 05:26:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2015/03/11 05:26:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2015/03/11 05:26:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2015/03/11 05:26:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/03/11 05:26:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/03/11 05:26:08 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2015/03/11 05:26:07 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2015/03/11 05:25:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015/03/11 05:25:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015/03/11 04:38:02 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/03/11 04:37:59 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/03/11 04:37:59 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/03/11 04:37:58 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/03/11 04:37:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/03/11 04:37:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/03/11 04:37:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/03/11 04:37:52 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/03/11 04:37:52 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/03/11 04:37:51 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/03/11 04:37:51 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/03/11 04:37:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/03/11 04:37:48 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/03/11 04:26:56 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/03/11 04:26:56 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/03/11 04:26:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/03/11 04:26:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/03/11 04:26:56 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/03/11 04:26:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/03/11 04:26:56 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/03/11 04:26:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/03/11 04:22:40 | 003,179,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015/03/11 04:22:40 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015/03/11 04:22:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2015/03/11 04:21:08 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2015/03/11 04:21:08 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2015/03/11 03:38:50 | 001,067,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/03/11 03:38:43 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015/03/11 03:32:27 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2015/03/11 03:32:27 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2015/02/18 14:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SP_FT_Logs
[2015/02/17 21:14:59 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015/02/17 21:14:59 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015/02/14 15:08:21 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/02/14 15:08:21 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/02/14 15:08:21 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/02/14 15:08:21 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/02/14 15:08:21 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/02/14 15:08:20 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015/02/14 15:08:19 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/02/14 15:08:18 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/02/14 14:45:22 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015/02/14 14:35:20 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015/02/14 14:35:20 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015/02/07 20:38:26 | 000,000,000 | ---D | C] -- C:\Users\fares\Desktop\adb
[2015/01/20 12:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 737NG for FSX
[2015/01/14 13:15:39 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2015/01/14 13:15:37 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2015/01/06 23:50:01 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2015/01/06 21:40:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
[2015/01/06 16:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IFly Jets - The 737NG for FS2004
[2015/01/06 14:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2014/12/24 13:30:38 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wilco Publishing
[2014/12/24 13:04:23 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2014/12/24 12:00:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014/12/24 11:50:54 | 000,000,000 | ---D | C] -- C:\AMD
[2014/12/23 20:01:06 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
[2014/12/23 20:01:05 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\TornTV.com
[2014/12/23 13:19:32 | 000,000,000 | R--D | C] -- C:\volid
[2014/12/22 02:37:49 | 000,852,352 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Windows\defman.dll
[2014/12/22 02:35:56 | 002,119,040 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Windows\shscanner.dll
[2014/12/22 02:31:42 | 001,016,704 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Windows\executionguard.dll
[2014/12/22 02:31:21 | 001,016,704 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Windows\SysNative\executionguard.dll
[2014/12/22 02:19:12 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Enigma Software Group
[2014/12/22 02:05:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014/12/21 18:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/12/21 02:52:24 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/12/21 02:52:22 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/12/21 02:29:43 | 000,000,000 | ---D | C] -- C:\adb
[2014/12/21 01:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2014/12/21 01:38:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2014/12/20 23:29:16 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2014/12/20 23:29:16 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2014/12/20 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\fares\.android
[2014/12/20 15:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/12/20 15:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/12/19 18:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Download Manager
[2014/12/19 18:06:52 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Free Download Manager
[2014/12/19 18:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
[2014/12/19 18:06:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2014/12/19 02:14:32 | 000,000,000 | ---D | C] -- C:\Users\fares\Start Menu
[2014/12/18 18:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014/12/16 14:34:17 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\AVAST Software
[2014/12/16 14:25:01 | 000,116,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/12/16 14:25:00 | 001,050,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/12/16 14:24:59 | 000,436,624 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/12/16 14:24:57 | 000,093,568 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/12/16 14:24:57 | 000,083,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/12/16 14:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/12/12 19:08:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart PC Solutions
[2014/12/11 11:51:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2014/12/11 08:49:18 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014/12/11 08:49:18 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014/12/11 08:49:17 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014/12/11 08:49:17 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/12/11 08:49:17 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014/12/11 08:49:16 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014/12/11 08:49:16 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/12/11 08:49:16 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014/12/11 08:49:16 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014/12/11 08:49:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014/12/04 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\Smellyriver
[2014/12/02 16:22:05 | 000,000,000 | -HSD | C] -- C:\Users\fares\AppData\Local\EmieBrowserModeList
[2014/11/13 12:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/11/13 12:10:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/11/13 00:52:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/13 00:52:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/13 00:50:26 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/13 00:50:26 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/13 00:36:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/13 00:36:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/13 00:34:37 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/05 00:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2014/10/21 23:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/10/21 23:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/10/21 23:01:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/10/21 23:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/10/21 23:01:17 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2014/10/15 11:34:08 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/10/15 11:34:08 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/10/15 11:34:08 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/10/15 11:34:07 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/10/15 11:34:07 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/10/15 11:34:07 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/10/15 11:33:47 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014/10/15 11:33:45 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/10/15 11:23:36 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/15 11:23:36 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/15 11:23:27 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/10/15 11:23:26 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/10/15 11:23:26 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/10/15 11:22:35 | 006,584,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/15 11:22:34 | 005,703,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/02 23:58:26 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Mumble
[2014/10/02 23:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2014/10/02 23:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[2014/09/12 12:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/09/11 02:01:28 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/11 02:01:27 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/10 04:47:40 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/10 04:47:40 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/10 04:45:45 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/08/27 23:15:59 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/27 23:00:44 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/27 23:00:44 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/27 23:00:44 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/27 22:59:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/27 22:59:10 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/27 22:59:09 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/27 22:59:07 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/27 22:59:06 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/27 22:59:06 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/27 22:58:35 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/27 22:58:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/27 22:58:32 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/27 22:58:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/19 23:34:59 | 000,100,464 | ---- | C] (devSoft Inc. - www.dev-soft.com) -- C:\Windows\SysWow64\ICKHTTPS2.OCX
[2014/08/17 17:43:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Hotspot Shield
[2014/08/14 15:46:51 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/14 15:46:51 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/14 15:46:50 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/14 15:46:50 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/14 15:46:47 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/14 15:46:47 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/14 15:45:43 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/14 15:45:43 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/14 12:59:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/08/14 12:59:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/08/14 12:59:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/08/14 12:59:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/08/14 12:59:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/08/14 12:59:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/08/14 12:59:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/08/14 12:59:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/08/14 12:59:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/08/14 12:59:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/08/14 12:56:44 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/14 12:56:44 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/14 12:56:43 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/14 12:56:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/14 12:56:43 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/14 12:54:38 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/07/28 14:52:00 | 006,112,072 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2014/07/28 14:52:00 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2014/07/25 02:35:46 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2014/07/24 23:47:06 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2014/07/17 03:27:19 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\{CAD301A8-4AB3-4D4B-8656-77A1B46723AB}
[2014/07/11 23:57:35 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/11 23:57:34 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/11 23:56:38 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/11 23:56:38 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/04 16:03:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2014/07/03 01:49:29 | 000,000,000 | -HSD | C] -- C:\Users\fares\AppData\Local\EmieUserList
[2014/07/03 01:49:29 | 000,000,000 | -HSD | C] -- C:\Users\fares\AppData\Local\EmieSiteList
[2014/06/25 16:38:07 | 000,000,000 | ---D | C] -- C:\Users\fares\Documents\Optimizer Pro
[2014/06/25 16:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\003
[2014/06/25 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\globalUpdate
[2014/06/25 16:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/06/12 21:50:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/12 21:50:10 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/12 21:49:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/12 21:49:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/06/07 16:55:21 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\{778FDA58-3872-4D05-8D8A-2C45F426932F}
[2014/06/07 16:50:47 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\{C8A61AB4-E5F5-437D-BB57-55841936DAA8}
[2014/06/07 16:49:20 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\{4BF5D865-481E-4FFC-836D-ED63A8EA1531}
[2014/05/19 23:32:07 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\raidcall
[2014/05/19 23:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RaidCall
[2014/05/18 21:23:04 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/18 21:23:02 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/18 21:23:02 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/18 21:23:00 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/18 21:23:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/18 21:23:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/18 21:23:00 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/18 21:23:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/18 21:23:00 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/18 21:23:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/18 21:23:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/18 21:22:59 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/18 21:22:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/18 21:22:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/18 21:22:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/17 01:42:38 | 000,042,184 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2014/05/12 05:17:19 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Local\Sony Corporation
[2014/04/30 20:48:10 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/04/11 23:08:08 | 000,536,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp120_clr0400.dll
[2014/04/11 23:08:08 | 000,028,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr110_clr0400.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp110_clr0400.dll
[2014/04/11 22:39:56 | 000,678,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp120_clr0400.dll
[2014/04/11 22:39:56 | 000,029,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110_clr0400.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110_clr0400.dll
[2014/04/10 07:42:38 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/10 07:42:38 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/10 07:42:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/10 07:42:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/10 07:42:34 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/10 07:42:34 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/10 07:42:34 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/10 07:42:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/10 07:42:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/10 07:42:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/10 07:42:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/10 07:42:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/10 07:42:32 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/10 07:42:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/03/21 12:22:30 | 000,000,000 | R--D | C] -- C:\Users\fares\Dropbox
[2014/03/21 12:07:29 | 000,000,000 | ---D | C] -- C:\Users\fares\AppData\Roaming\Dropbox
[2014/03/21 11:51:57 | 001,039,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1400436235154
[2014/03/21 11:51:57 | 000,423,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1400436235154
[2014/03/21 11:51:01 | 000,044,640 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\aswTap.sys
[2014/03/20 23:12:34 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]

[2015/03/14 23:05:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/03/14 23:05:05 | 001,007,403 | ---- | M] () -- C:\Users\fares\Desktop\Non confirmé 507158.crdownload
[2015/03/14 22:51:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\fares\Desktop\OTL.exe
[2015/03/14 22:48:36 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/14 22:20:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/03/14 21:50:31 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/14 21:50:31 | 000,022,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/14 19:48:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/03/14 14:48:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/14 14:48:37 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/12 02:43:30 | 000,449,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015/03/12 02:23:04 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015/03/12 02:23:04 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015/03/12 02:23:04 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015/03/12 02:23:04 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015/03/12 02:23:04 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015/03/12 02:23:04 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015/03/12 02:23:04 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015/03/12 02:23:04 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015/03/12 02:22:07 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015/03/12 02:22:06 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015/03/12 02:22:05 | 001,574,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015/03/12 02:22:05 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2015/03/12 02:22:05 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2015/03/12 02:22:05 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2015/03/12 02:22:05 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2015/03/12 02:22:05 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015/03/12 02:22:05 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015/03/12 02:22:05 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015/03/12 02:22:04 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2015/03/12 02:22:04 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2015/03/12 02:22:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2015/03/12 02:22:03 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015/03/12 02:22:03 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2015/03/12 02:22:03 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015/03/12 02:22:03 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015/03/12 02:22:03 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015/03/12 02:22:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcawrk.exe
[2015/03/12 02:22:03 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2015/03/12 02:22:03 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2015/03/12 02:22:02 | 014,632,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2015/03/12 02:22:02 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2015/03/12 02:22:02 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015/03/12 02:22:02 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2015/03/12 02:22:02 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015/03/12 02:22:01 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2015/03/12 02:22:01 | 011,411,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2015/03/12 02:22:01 | 001,202,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2015/03/12 02:22:01 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2015/03/12 02:22:01 | 000,782,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2015/03/12 02:22:01 | 000,641,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2015/03/12 02:22:01 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015/03/12 02:22:01 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015/03/12 02:22:01 | 000,497,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2015/03/12 02:22:01 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015/03/12 02:22:01 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2015/03/12 02:22:01 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015/03/12 02:22:01 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015/03/12 02:22:01 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2015/03/12 02:22:01 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2015/03/12 02:22:01 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2015/03/12 02:22:00 | 004,121,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015/03/12 02:22:00 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2015/03/12 02:22:00 | 000,744,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2015/03/12 02:22:00 | 000,617,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2015/03/12 02:22:00 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2015/03/12 02:22:00 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015/03/12 02:22:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015/03/12 02:22:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015/03/12 02:22:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2015/03/12 02:22:00 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2015/03/12 02:22:00 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2015/03/12 02:22:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015/03/12 02:21:59 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015/03/12 02:21:59 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2015/03/12 02:21:59 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2015/03/12 02:21:59 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015/03/12 02:21:59 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015/03/12 02:21:59 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2015/03/12 02:21:59 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015/03/12 02:21:59 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015/03/12 02:21:59 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015/03/12 02:21:58 | 005,554,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015/03/12 02:21:58 | 003,973,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015/03/12 02:21:58 | 003,917,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015/03/12 02:21:58 | 000,693,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015/03/12 02:21:58 | 000,619,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2015/03/12 02:21:58 | 000,616,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015/03/12 02:21:58 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015/03/12 02:21:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015/03/12 02:21:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015/03/12 02:21:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015/03/12 02:21:58 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015/03/12 02:21:57 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015/03/12 02:19:58 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015/03/12 02:19:58 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015/03/12 02:19:58 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2015/03/12 02:18:00 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2015/03/12 02:18:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2015/03/12 02:15:11 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015/03/12 02:15:10 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015/03/12 02:15:10 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015/03/12 02:15:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015/03/12 02:15:10 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015/03/12 02:15:10 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015/03/12 02:15:10 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015/03/12 02:15:10 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015/03/12 02:15:10 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015/03/12 02:15:09 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015/03/12 02:15:09 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015/03/12 02:15:09 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015/03/12 02:15:09 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015/03/12 02:04:33 | 001,067,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015/03/12 02:04:14 | 001,424,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015/03/12 02:03:24 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015/03/12 02:03:23 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015/03/12 02:03:23 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015/03/12 02:03:23 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015/03/12 02:03:23 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015/03/12 02:03:23 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015/03/12 02:03:23 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015/03/12 02:03:23 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015/03/12 02:03:22 | 006,035,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015/03/12 02:03:22 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015/03/12 02:03:22 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015/03/12 02:03:22 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015/03/12 02:03:22 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015/03/12 02:03:22 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015/03/12 02:03:22 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015/03/12 02:03:21 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015/03/12 02:03:21 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015/03/12 02:03:21 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015/03/12 02:03:21 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015/03/12 02:03:21 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015/03/12 02:03:21 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015/03/12 02:03:21 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015/03/12 02:03:21 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015/03/12 02:03:21 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015/03/12 02:03:21 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015/03/12 02:03:21 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015/03/12 02:03:21 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015/03/12 02:03:21 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015/03/12 02:03:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015/03/12 02:03:21 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015/03/12 02:03:21 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015/03/12 02:03:20 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015/03/12 02:03:20 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015/03/12 02:03:20 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015/03/12 02:03:20 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015/03/12 02:01:44 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2015/03/12 02:01:44 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2015/03/02 14:43:51 | 000,747,910 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2015/03/02 14:43:51 | 000,150,402 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2015/03/02 14:43:50 | 001,669,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/03/02 14:43:50 | 000,654,480 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/03/02 14:43:50 | 000,122,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/27 17:08:42 | 000,000,683 | ---- | M] () -- C:\Users\fares\Documents\fares - Raccourci.lnk
[2015/02/18 02:01:07 | 000,950,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015/02/18 02:01:07 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015/02/15 02:22:09 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015/02/15 02:22:09 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015/02/15 02:22:09 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015/02/15 02:22:08 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015/02/15 02:22:08 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015/02/15 02:22:08 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015/02/15 02:22:08 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015/02/15 02:22:08 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015/02/15 02:16:42 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015/02/15 02:14:07 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015/02/15 02:14:07 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015/02/07 20:36:32 | 000,480,909 | ---- | M] () -- C:\Users\fares\Desktop\adb.zip
[2015/02/07 12:42:46 | 000,020,652 | ---- | M] () -- C:\Windows\SysNative\s000006.dat
[2015/02/07 12:42:39 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\sstate_prev.sdt
[2015/02/07 12:42:36 | 000,000,611 | ---- | M] () -- C:\Windows\SysNative\sstates.sdt
[2015/02/05 17:26:44 | 000,000,074 | ---- | M] () -- C:\Windows\CDU.1
[2015/02/05 17:26:43 | 000,000,111 | ---- | M] () -- C:\Windows\Roll Target
[2015/02/05 17:26:43 | 000,000,111 | ---- | M] () -- C:\Windows\Roll Error
[2015/02/05 17:26:43 | 000,000,111 | ---- | M] () -- C:\Windows\Pitch Target
[2015/02/05 17:26:43 | 000,000,111 | ---- | M] () -- C:\Windows\Pitch Error
[2015/02/05 17:26:43 | 000,000,109 | ---- | M] () -- C:\Windows\Gyro Speed
[2015/02/05 17:26:43 | 000,000,098 | ---- | M] () -- C:\Windows\Mode2BTimer
[2015/02/05 17:26:43 | 000,000,097 | ---- | M] () -- C:\Windows\Mode2_AltGain_timer
[2015/02/05 17:26:43 | 000,000,095 | ---- | M] () -- C:\Windows\Mode2ATimer
[2015/02/05 17:26:43 | 000,000,074 | ---- | M] () -- C:\Windows\CDU.0
[2015/01/28 14:43:42 | 000,001,692 | ---- | M] () -- C:\Users\Public\Desktop\iFly 737NG FSX Manual.lnk
[2015/01/28 14:43:42 | 000,001,641 | ---- | M] () -- C:\Users\Public\Desktop\iFly FSX Configuration Manager.lnk
[2015/01/15 01:46:28 | 001,644,724 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015/01/14 17:18:28 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2015/01/14 17:18:24 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2015/01/06 19:09:32 | 000,002,650 | ---- | M] () -- C:\Users\fares\Desktop\767-300 Operating Manual.lnk
[2015/01/06 19:09:32 | 000,002,564 | ---- | M] () -- C:\Users\fares\Desktop\767-300 Repaint Manager.lnk
[2015/01/06 19:09:31 | 000,002,606 | ---- | M] () -- C:\Users\fares\Desktop\767-300 Configuration Manager.lnk
[2015/01/06 19:07:51 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2015/01/06 16:33:52 | 000,001,622 | ---- | M] () -- C:\Users\Public\Desktop\iFly 737NG Manual.lnk
[2015/01/06 16:33:52 | 000,001,571 | ---- | M] () -- C:\Users\Public\Desktop\iFly Configuration Manager.lnk
[2015/01/06 15:05:19 | 000,000,978 | ---- | M] () -- C:\Users\fares\Desktop\Teamspeak 2 RC2.lnk
[2015/01/06 14:05:46 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2015/01/06 13:14:27 | 000,018,918 | ---- | M] () -- C:\Users\fares\Desktop\[katproxy.com]fs9.leveld.boeing.767.with.service.pack.3.rar.torrent
[2015/01/06 13:11:55 | 000,018,873 | ---- | M] () -- C:\Users\fares\Desktop\[katproxy.com]fs2004.pmdg.737.ng.full.torrent
[2015/01/04 13:18:48 | 002,517,731 | ---- | M] () -- C:\Users\fares\Desktop\BlackmartAlpha0.99.2.49B.apk
[2015/01/01 17:35:50 | 002,007,461 | ---- | M] () -- C:\Users\fares\Desktop\com.blackmartalpha.apk
[2014/12/24 13:01:11 | 000,013,792 | ---- | M] () -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys
[2014/12/23 21:53:46 | 000,056,306 | ---- | M] () -- C:\Users\fares\Desktop\[kickass.so]pmdg.737.ngx.complete.with.crack.and.update.torrent
[2014/12/23 21:51:58 | 000,019,598 | ---- | M] () -- C:\Users\fares\Desktop\[kickass.so]fsx.wilco.airbus.series.vol.2.v.1h.torrent
[2014/12/23 20:04:17 | 000,252,401 | ---- | M] () -- C:\Users\fares\Desktop\enbseries_thatworks.zip
[2014/12/23 17:37:29 | 000,013,950 | ---- | M] () -- C:\Users\fares\Desktop\[kickass.so]fsx.aerosoft.paris.charles.de.gaulle.x.torrent
[2014/12/23 17:33:41 | 000,011,992 | ---- | M] () -- C:\Users\fares\Desktop\[kickass.so]fs9.fsx.aerosoft.mega.airport.paris.orly.v1.01.torrent
[2014/12/23 16:09:21 | 000,014,444 | ---- | M] () -- C:\Users\fares\Desktop\%5BFS9%2FFSX%2FP3D%5D+Navigraph+AIRAC+Cycle+1409.torrent
[2014/12/23 14:08:46 | 000,001,828 | ---- | M] () -- C:\Users\fares\Desktop\767-300 FSX Configuration Manager.lnk
[2014/12/22 02:37:20 | 000,852,352 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Windows\defman.dll
[2014/12/22 02:33:51 | 002,119,040 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Windows\shscanner.dll
[2014/12/22 02:21:52 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/12/22 01:49:50 | 000,022,704 | ---- | M] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014/12/21 02:52:57 | 000,001,924 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/12/21 02:52:50 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/12/21 02:52:23 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/12/21 02:52:23 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/12/21 02:52:23 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/12/21 02:52:23 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/12/21 02:52:23 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/12/21 02:52:23 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/12/21 02:52:23 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/12/21 02:52:23 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/12/21 02:52:22 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/12/21 01:57:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2014/12/20 23:29:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2014/12/20 19:52:35 | 000,000,908 | ---- | M] () -- C:\Users\fares\Desktop\Microsoft Flight Simulator X - Raccourci.lnk
[2014/12/20 14:58:16 | 000,001,459 | ---- | M] () -- C:\Users\fares\Desktop\Internet Explorer.lnk
[2014/12/20 14:58:16 | 000,001,453 | ---- | M] () -- C:\Users\fares\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/20 13:41:09 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/12/20 13:41:09 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk
[2014/12/20 13:41:09 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2014/12/20 13:41:09 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014/12/20 13:41:09 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2014/12/20 13:41:09 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/12/20 13:38:45 | 000,001,131 | ---- | M] () -- C:\Users\fares\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2014/12/19 18:06:49 | 000,001,067 | ---- | M] () -- C:\Users\fares\Desktop\Free Download Manager.lnk
[2014/12/19 13:21:00 | 000,000,000 | ---- | M] () -- C:\Windows\Greatest Airliners
[2014/12/12 21:48:09 | 000,004,999 | ---- | M] () -- C:\ProgramData\wwznqdpf.eax
[2014/12/11 10:53:35 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014/12/11 10:53:35 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014/12/11 10:53:12 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014/12/11 10:53:12 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/12/11 10:53:12 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014/12/11 10:53:12 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014/12/11 10:53:12 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/12/11 10:53:12 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014/12/11 10:53:12 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014/12/11 10:53:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014/12/02 18:52:38 | 000,007,671 | ---- | M] () -- C:\Users\fares\AppData\Local\Resmon.ResmonCfg
[2014/11/19 04:51:39 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/19 04:51:38 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/13 12:10:21 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/11/13 02:06:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/13 02:06:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/13 02:06:23 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/13 02:06:23 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/13 02:03:36 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/13 02:03:36 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/13 02:03:00 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/21 23:02:28 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/10/15 13:59:24 | 001,943,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/10/15 13:59:24 | 001,131,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/10/15 13:59:24 | 000,156,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/10/15 13:59:24 | 000,156,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/10/15 13:59:24 | 000,081,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/10/15 13:59:24 | 000,073,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/10/15 13:58:16 | 000,532,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/10/15 13:58:16 | 000,457,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2014/10/15 13:55:53 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/15 13:55:53 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/15 13:55:45 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/10/15 13:55:45 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/10/15 13:55:45 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/10/15 13:55:17 | 006,584,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/15 13:55:17 | 005,703,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/09/11 02:28:59 | 001,031,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/11 02:28:59 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/11 02:23:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/11 02:02:02 | 002,777,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/11 02:02:02 | 002,285,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/08/28 01:30:16 | 000,700,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/28 01:30:16 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/28 01:30:16 | 000,038,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/28 01:30:15 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/28 01:30:15 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/28 01:30:15 | 000,036,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/28 01:30:02 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/27 23:01:42 | 000,198,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/27 23:01:42 | 000,179,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/27 23:01:42 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/27 23:01:42 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/27 23:01:23 | 002,620,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/27 23:01:23 | 000,058,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/27 23:01:23 | 000,044,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/19 23:34:59 | 000,100,464 | ---- | M] (devSoft Inc. - www.dev-soft.com) -- C:\Windows\SysWow64\ICKHTTPS2.OCX
[2014/08/14 19:45:12 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/14 19:45:12 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/14 19:45:12 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/14 19:45:12 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/14 19:45:12 | 000,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/08/14 16:22:28 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/08/14 16:22:28 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/08/14 16:22:28 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/08/14 16:22:28 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/08/14 16:22:28 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/08/14 15:53:00 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/14 15:52:28 | 001,389,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/14 15:52:28 | 000,619,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/14 15:52:28 | 000,171,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/14 15:52:28 | 000,099,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/14 15:52:28 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/14 15:52:28 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/14 15:52:28 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/14 15:52:28 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/07/28 14:52:00 | 006,112,072 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2014/07/28 14:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2014/07/25 02:35:46 | 000,875,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2014/07/24 23:47:06 | 000,869,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2014/07/12 01:30:39 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/12 01:30:39 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/12 01:29:01 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/12 01:29:01 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/06/13 02:06:23 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/06/13 02:05:54 | 000,288,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/06/13 02:05:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/06/13 02:05:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/05/19 02:13:32 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/19 02:13:32 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/19 02:13:32 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/19 02:13:32 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/19 02:13:32 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/19 02:13:32 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/19 02:13:32 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/19 02:13:32 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/19 02:13:32 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/19 02:13:32 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/19 02:13:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/19 02:13:32 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/19 02:13:32 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/19 02:13:32 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/19 02:13:32 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/17 01:42:38 | 000,042,184 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys
[2014/04/23 03:15:46 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.1400436235154
[2014/04/23 03:15:46 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.1400436235154
[2014/04/11 23:08:08 | 000,536,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp120_clr0400.dll
[2014/04/11 23:08:08 | 000,028,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aspnet_counters.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr110_clr0400.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll
[2014/04/11 23:08:08 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp110_clr0400.dll
[2014/04/11 22:39:56 | 000,678,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp120_clr0400.dll
[2014/04/11 22:39:56 | 000,029,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110_clr0400.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll
[2014/04/11 22:39:56 | 000,018,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110_clr0400.dll
[2014/04/11 19:37:01 | 000,190,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/11 19:37:01 | 000,027,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/11 19:37:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/11 19:37:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/11 19:26:22 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/11 19:26:22 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/11 19:26:22 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/11 19:26:22 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/11 19:26:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/11 19:26:22 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/11 19:26:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/11 19:26:22 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/11 19:26:22 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/11 19:26:22 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/03/21 11:51:01 | 000,044,640 | ---- | M] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\aswTap.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/03/14 23:05:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/03/14 22:46:28 | 001,007,403 | ---- | C] () -- C:\Users\fares\Desktop\Non confirmé 507158.crdownload
[2015/02/27 17:08:42 | 000,000,683 | ---- | C] () -- C:\Users\fares\Documents\fares - Raccourci.lnk
[2015/02/07 20:38:24 | 000,480,909 | ---- | C] () -- C:\Users\fares\Desktop\adb.zip
[2015/02/07 12:42:46 | 000,020,652 | ---- | C] () -- C:\Windows\SysNative\s000006.dat
[2015/02/01 20:08:01 | 000,000,111 | ---- | C] () -- C:\Windows\Roll Target
[2015/02/01 20:08:01 | 000,000,111 | ---- | C] () -- C:\Windows\Roll Error
[2015/02/01 20:08:01 | 000,000,111 | ---- | C] () -- C:\Windows\Pitch Target
[2015/02/01 20:08:01 | 000,000,111 | ---- | C] () -- C:\Windows\Pitch Error
[2015/02/01 20:08:01 | 000,000,109 | ---- | C] () -- C:\Windows\Gyro Speed
[2015/02/01 20:08:01 | 000,000,098 | ---- | C] () -- C:\Windows\Mode2BTimer
[2015/02/01 20:08:01 | 000,000,097 | ---- | C] () -- C:\Windows\Mode2_AltGain_timer
[2015/02/01 20:08:01 | 000,000,095 | ---- | C] () -- C:\Windows\Mode2ATimer
[2015/02/01 20:08:01 | 000,000,074 | ---- | C] () -- C:\Windows\CDU.1
[2015/02/01 20:08:01 | 000,000,074 | ---- | C] () -- C:\Windows\CDU.0
[2015/02/01 18:45:26 | 000,000,360 | ---- | C] () -- C:\Users\fares\Desktop\avsim.diz
[2015/01/20 12:08:55 | 000,001,692 | ---- | C] () -- C:\Users\Public\Desktop\iFly 737NG FSX Manual.lnk
[2015/01/20 12:08:55 | 000,001,641 | ---- | C] () -- C:\Users\Public\Desktop\iFly FSX Configuration Manager.lnk
[2015/01/06 19:09:32 | 000,002,650 | ---- | C] () -- C:\Users\fares\Desktop\767-300 Operating Manual.lnk
[2015/01/06 19:09:32 | 000,002,564 | ---- | C] () -- C:\Users\fares\Desktop\767-300 Repaint Manager.lnk
[2015/01/06 19:09:31 | 000,002,606 | ---- | C] () -- C:\Users\fares\Desktop\767-300 Configuration Manager.lnk
[2015/01/06 16:33:52 | 000,001,622 | ---- | C] () -- C:\Users\Public\Desktop\iFly 737NG Manual.lnk
[2015/01/06 16:33:52 | 000,001,571 | ---- | C] () -- C:\Users\Public\Desktop\iFly Configuration Manager.lnk
[2015/01/06 14:05:45 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk
[2015/01/06 13:14:27 | 000,018,918 | ---- | C] () -- C:\Users\fares\Desktop\[katproxy.com]fs9.leveld.boeing.767.with.service.pack.3.rar.torrent
[2015/01/06 13:11:54 | 000,018,873 | ---- | C] () -- C:\Users\fares\Desktop\[katproxy.com]fs2004.pmdg.737.ng.full.torrent
[2015/01/04 13:03:34 | 002,517,731 | ---- | C] () -- C:\Users\fares\Desktop\BlackmartAlpha0.99.2.49B.apk
[2015/01/01 17:31:46 | 002,007,461 | ---- | C] () -- C:\Users\fares\Desktop\com.blackmartalpha.apk
[2014/12/24 13:04:23 | 000,001,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2014/12/23 21:53:23 | 000,056,306 | ---- | C] () -- C:\Users\fares\Desktop\[kickass.so]pmdg.737.ngx.complete.with.crack.and.update.torrent
[2014/12/23 21:51:58 | 000,019,598 | ---- | C] () -- C:\Users\fares\Desktop\[kickass.so]fsx.wilco.airbus.series.vol.2.v.1h.torrent
[2014/12/23 20:03:04 | 000,252,401 | ---- | C] () -- C:\Users\fares\Desktop\enbseries_thatworks.zip
[2014/12/23 17:37:28 | 000,013,950 | ---- | C] () -- C:\Users\fares\Desktop\[kickass.so]fsx.aerosoft.paris.charles.de.gaulle.x.torrent
[2014/12/23 17:33:33 | 000,011,992 | ---- | C] () -- C:\Users\fares\Desktop\[kickass.so]fs9.fsx.aerosoft.mega.airport.paris.orly.v1.01.torrent
[2014/12/23 16:09:12 | 000,014,444 | ---- | C] () -- C:\Users\fares\Desktop\%5BFS9%2FFSX%2FP3D%5D+Navigraph+AIRAC+Cycle+1409.torrent
[2014/12/23 14:07:09 | 000,001,828 | ---- | C] () -- C:\Users\fares\Desktop\767-300 FSX Configuration Manager.lnk
[2014/12/22 02:21:52 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/12/22 01:49:50 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2014/12/21 02:52:26 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/12/21 01:57:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2014/12/20 23:29:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2014/12/20 19:52:35 | 000,000,908 | ---- | C] () -- C:\Users\fares\Desktop\Microsoft Flight Simulator X - Raccourci.lnk
[2014/12/19 18:06:49 | 000,001,067 | ---- | C] () -- C:\Users\fares\Desktop\Free Download Manager.lnk
[2014/12/18 19:23:46 | 000,001,924 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/12/16 14:25:00 | 000,267,632 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/12/16 14:24:59 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/12/12 21:48:09 | 000,004,999 | ---- | C] () -- C:\ProgramData\wwznqdpf.eax
[2014/10/21 23:02:28 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/06/05 04:14:35 | 000,001,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2014/05/12 05:04:29 | 000,013,792 | ---- | C] () -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys
[2013/04/30 03:37:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/04/30 03:37:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/09/09 19:06:07 | 000,000,097 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/09/28 13:19:42 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/17 04:02:29 | 000,007,671 | ---- | C] () -- C:\Users\fares\AppData\Local\Resmon.ResmonCfg
[2011/01/18 20:24:37 | 000,031,744 | ---- | C] () -- C:\Users\fares\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/15 00:11:53 | 000,000,011 | ---- | C] () -- C:\Users\fares\logie
[2010/04/28 20:50:51 | 000,012,841 | ---- | C] () -- C:\Users\fares\AppData\Roaming\UserTile.png
[2009/12/16 01:56:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/16 00:02:05 | 000,000,318 | ---- | C] () -- C:\Users\fares\AppData\Roaming\wklnhst.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/03/12 02:16:51 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/03/12 02:16:51 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2015/03/12 02:03:23 | 000,418,304 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2015/03/12 02:03:23 | 000,285,696 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll
[2015/03/12 02:03:23 | 012,827,648 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
Invalid Environment Variable: alluserprofile
Invalid Environment Variable: alluserprofile

[color=#A23BEC]< %appdata%\*. >[/color]
[2012/09/29 22:22:05 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\.spotflux
[2013/02/18 21:30:55 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Adobe
[2014/12/02 15:52:01 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Apple Computer
[2009/12/19 18:10:35 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\ArcSoft
[2009/12/11 15:21:24 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\ATI
[2009/12/20 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Auslogics
[2014/12/16 14:34:17 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\AVAST Software
[2012/08/01 16:23:36 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Babylon
[2014/03/12 13:00:46 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\baidu
[2014/02/08 20:47:14 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\DAEMON Tools Lite
[2014/08/28 13:26:26 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Dropbox
[2013/07/18 22:27:58 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\dvdcss
[2014/12/22 02:25:11 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Enigma Software Group
[2012/09/10 18:18:09 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\eType
[2015/03/14 14:57:12 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Free Download Manager
[2010/04/04 20:25:27 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Google
[2012/06/10 23:15:32 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Hitivi
[2012/03/23 18:31:44 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\HP
[2009/12/11 15:20:47 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Identities
[2012/08/07 20:39:00 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\ImTOO Software Studio
[2013/01/05 14:49:26 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\InstallShield
[2011/04/07 15:56:46 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Intel Corporation
[2012/11/24 21:02:11 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\iolo
[2009/12/23 17:24:46 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\IVAO
[2009/12/13 21:47:21 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Macromedia
[2009/08/19 19:30:23 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Media Center Programs
[2013/03/24 19:20:15 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Media Player Classic
[2014/12/02 18:41:14 | 000,000,000 | --SD | M] -- C:\Users\fares\AppData\Roaming\Microsoft
[2012/05/06 07:09:41 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Mozilla
[2015/03/14 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Mumble
[2014/05/19 23:32:07 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\raidcall
[2014/12/02 18:23:59 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Real
[2012/11/26 16:40:10 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\redsn0w
[2009/12/27 04:11:40 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Roxio
[2012/08/10 17:34:29 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\SecondLife
[2015/02/24 15:25:02 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Skype
[2011/07/20 00:00:00 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\skypePM
[2009/12/21 02:09:03 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Sony
[2011/06/05 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Sony Corporation
[2009/12/21 01:51:27 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Sony Setup
[2012/09/29 22:03:14 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Spotflux
[2013/08/31 02:02:37 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\teamspeak2
[2009/12/30 01:32:56 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Template
[2015/02/23 16:54:32 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\TornTV.com
[2015/03/14 22:37:24 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\uTorrent
[2013/07/25 19:13:34 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\wargaming.net
[2012/09/09 19:06:13 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\WebPlayerBdd
[2011/04/27 18:26:59 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Windows Live Writer
[2010/02/05 15:21:09 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\WinRAR
[2013/02/26 02:17:56 | 000,000,000 | ---D | M] -- C:\Users\fares\AppData\Roaming\Yahoo!

[color=#A23BEC]< %appdata%\*.exe /s >[/color]
[2014/07/30 01:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Users\fares\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012/07/25 15:14:26 | 000,300,440 | ---- | M] (DMI) -- C:\Users\fares\AppData\Roaming\eType\eTypeUninstall.exe
[2009/12/20 04:52:37 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Users\fares\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2009/12/20 04:52:37 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Users\fares\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2011/08/23 16:33:28 | 000,070,656 | ---- | M] () -- C:\Users\fares\AppData\Roaming\Mozilla\Firefox\Profiles\xumqzhbz.default\extensions\{8DD56B34-2BCD-45D9-9395-93CDA1D02CDE}\chrome\content\id_rpidity\update.exe
[2010/05/22 10:54:22 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011/01/05 12:12:36 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012/10/02 13:41:47 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2013/09/17 13:34:36 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg10\rnupgagent.exe
[2013/12/13 22:11:17 | 000,469,072 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg13\rnupgagent.exe
[2014/09/29 19:39:40 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg14\rnupgagent.exe
[2012/12/15 19:26:21 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2012/12/26 19:26:43 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg3\rnupgagent.exe
[2013/01/14 19:27:40 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg5\rnupgagent.exe
[2013/03/27 02:01:42 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg7\rnupgagent.exe
[2013/04/05 13:45:12 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg8\rnupgagent.exe
[2013/06/17 18:30:57 | 000,468,560 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\temp\~Upg9\rnupgagent.exe
[2014/09/29 19:39:40 | 000,504,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
[2014/09/29 22:42:23 | 001,067,216 | ---- | M] (RealNetworks, Inc.) -- C:\Users\fares\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\stub_exe\RealPlayerCloud.exe
[2009/12/21 02:06:47 | 032,494,896 | ---- | M] (Apple Inc.) -- C:\Users\fares\AppData\Roaming\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe
[2014/11/18 15:15:20 | 000,019,456 | ---- | M] (Cool Mirage) -- C:\Users\fares\AppData\Roaming\TornTV.com\TornTVSvc.exe

[color=#A23BEC]< %systemdrive%\*. >[/color]
[2012/01/03 12:32:36 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014/12/21 02:29:43 | 000,000,000 | ---D | M] -- C:\adb
[2012/09/29 22:22:05 | 000,000,000 | -HSD | M] -- C:\AI_RecycleBin
[2014/12/24 11:50:54 | 000,000,000 | ---D | M] -- C:\AMD
[2010/04/04 04:47:57 | 000,000,000 | ---D | M] -- C:\Click to Disc
[2015/03/12 02:16:36 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2015/02/16 13:40:23 | 000,000,000 | ---D | M] -- C:\Downloads
[2011/06/28 01:08:23 | 000,000,000 | ---D | M] -- C:\dreambox
[2015/01/19 14:34:52 | 000,000,000 | ---D | M] -- C:\Flight one Software
[2014/12/18 19:11:20 | 000,000,000 | ---D | M] -- C:\Games
[2009/08/19 00:17:05 | 000,000,000 | ---D | M] -- C:\Intel
[2013/02/28 22:34:17 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011/05/31 17:43:14 | 000,000,000 | ---D | M] -- C:\MyS2GApp
[2009/12/09 22:08:24 | 000,000,000 | ---D | M] -- C:\Nobu_Icon
[2009/07/14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2014/12/25 18:51:41 | 000,000,000 | ---D | M] -- C:\Program Files
[2015/02/04 19:43:09 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2015/02/18 14:21:45 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013/11/04 20:06:33 | 000,000,000 | ---D | M] -- C:\Ptp
[2014/12/22 02:11:39 | 000,000,000 | ---D | M] -- C:\sh4ldr
[2012/11/27 05:07:30 | 000,000,000 | ---D | M] -- C:\sn0wbreeze
[2009/12/25 12:48:41 | 000,000,000 | ---D | M] -- C:\SonySupport
[2013/02/21 00:35:10 | 000,000,000 | -H-D | M] -- C:\SPLASH.000
[2009/12/09 22:25:48 | 000,000,000 | -H-D | M] -- C:\SPLASH.SYS
[2012/10/02 03:59:30 | 000,000,000 | ---D | M] -- C:\SWSetup
[2015/03/14 23:06:33 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2015/03/06 18:19:46 | 000,000,000 | ---D | M] -- C:\Update
[2012/06/23 03:11:22 | 000,000,000 | R--D | M] -- C:\Users
[2012/06/14 14:14:10 | 000,000,000 | ---D | M] -- C:\VAIO Entertainment
[2015/01/19 14:29:41 | 000,000,000 | R--D | M] -- C:\volid
[2015/02/01 20:08:01 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %systemdrive%\*.exe >[/color]
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#A23BEC]< %programfiles%\*. >[/color]
[2012/11/24 13:53:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\1ClickDownload
[2013/02/16 16:16:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/09/18 16:03:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2009/12/09 22:40:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2014/12/02 17:01:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atheros
[2014/12/02 17:01:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2014/12/25 18:51:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/09/28 20:33:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2009/12/09 22:25:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Downloaded Installations
[2014/12/19 18:06:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Download Manager
[2014/07/05 16:02:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\globalUpdate
[2013/07/12 13:47:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/02/25 22:22:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2013/02/26 12:03:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/01/25 18:31:40 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallJammer Registry
[2015/01/06 23:46:34 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/05/10 19:59:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2015/03/12 02:39:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/10/21 23:02:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2013/05/16 12:05:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IVAO
[2014/02/19 15:55:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/03/26 18:54:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kuma Games BETA
[2013/02/01 12:50:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Linkat
[2013/07/11 16:51:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2013/02/28 22:35:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015/01/06 13:50:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
[2013/02/28 22:39:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2014/07/24 10:09:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/10/05 16:18:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013/02/28 22:39:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/02/28 22:39:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/02/28 22:39:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/02/28 22:36:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/11/15 18:34:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2013/02/28 22:39:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010/07/24 19:48:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mobiConnect
[2014/12/17 20:38:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2013/02/28 22:40:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/03/11 22:07:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2011/06/05 18:47:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2014/10/02 23:40:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mumble
[2011/03/18 13:13:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NETGEAR
[2014/11/07 12:45:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Overwolf
[2009/12/25 19:34:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PcCloneEX
[2014/10/02 22:09:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RaidCall
[2014/12/02 18:24:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2009/08/19 00:19:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2009/12/09 22:29:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2012/09/10 02:35:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\rpidity
[2009/12/09 22:14:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Seagate
[2014/11/13 12:10:21 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2014/12/12 21:12:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Smart PC Solutions
[2014/12/12 21:37:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony
[2009/12/21 01:50:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony Setup
[2015/01/06 15:05:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Teamspeak2_RC2
[2009/08/19 01:24:12 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2010/08/13 21:52:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\UltraVPN
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/04/10 22:17:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2014/12/02 18:28:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\vasfmc
[2010/01/20 00:13:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2011/05/10 15:31:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VS Revo Group
[2012/05/10 00:36:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Win7codecs
[2013/07/10 21:38:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2013/06/12 15:22:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/09/13 11:54:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2011/03/17 20:21:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2015/03/12 02:39:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/03/17 20:21:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/03/17 20:21:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/03/17 20:21:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2010/02/05 15:19:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2015/03/14 22:39:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\World_of_Tanks
[2013/05/15 19:44:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/05/19 02:13:32 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/10/15 13:55:45 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/10/15 13:55:45 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 1984780 bytes -> C:\Windows\Greatest Airliners: 727 Uninstall Log.txt
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:58D8F144
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:AE94CE96

< End of report >

Publicité


Signaler le contenu de ce document

Publicité