cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 13/11/2015 20:34:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\chedli\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,97 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,71% Memory free
3,93 Gb Paging File | 2,81 Gb Available in Paging File | 71,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 263,34 Gb Free Space | 88,34% Space Free | Partition Type: NTFS

Computer Name: CHEDLI-PC | User Name: chedli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/11/13 20:30:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chedli\Desktop\OTL.exe
PRC - [2015/11/12 07:20:29 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\chedli\AppData\Local\Microsoft\BingSvc\BingSvc.exe
PRC - [2015/11/11 21:18:29 | 003,426,504 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
PRC - [2015/11/10 07:05:49 | 000,191,968 | ---- | M] (AVAST Software) -- C:\Users\chedli\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
PRC - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/10/19 21:58:42 | 006,564,776 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/09/30 02:30:49 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/09/23 19:17:00 | 003,891,185 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2015/09/21 02:37:08 | 000,396,944 | ---- | M] (tsvr.com) -- C:\Users\chedli\AppData\Roaming\TSv\TSvr.exe
PRC - [2015/07/08 13:17:23 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2015/02/04 11:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2014/04/29 11:50:35 | 000,346,680 | ---- | M] () -- C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe
PRC - [2014/04/29 11:50:31 | 000,928,312 | ---- | M] () -- C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe
PRC - [2014/04/29 11:50:28 | 003,095,096 | ---- | M] () -- C:\Program Files\InternetEverywhere\InternetEverywhere.exe
PRC - [2012/01/29 23:34:20 | 000,750,320 | ---- | M] (AutoIt Team) -- C:\Google\AutoIt3.exe
PRC - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/11 21:18:29 | 017,604,296 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_19_0_0_245.dll
MOD - [2015/10/19 21:00:14 | 000,065,536 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1036.dll
MOD - [2014/04/29 11:50:31 | 000,928,312 | ---- | M] () -- C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe
MOD - [2014/04/29 11:50:28 | 003,095,096 | ---- | M] () -- C:\Program Files\InternetEverywhere\InternetEverywhere.exe
MOD - [2014/04/29 11:48:51 | 000,258,560 | ---- | M] () -- C:\Program Files\InternetEverywhere\WtgMobileBroadband7.dll
MOD - [2013/10/17 11:07:14 | 001,146,880 | ---- | M] () -- C:\Program Files\InternetEverywhere\NDISAPI.dll
MOD - [2007/12/12 16:46:12 | 000,759,296 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Cyti Web\updateCytiWeb.exe -- (Update Cyti Web)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dim@net\UpdateDog\ouc.exe -- (Dim@net. RunOuc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe /service -- (c2cpnrsvc)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe /service -- (c2cautoupdatesvc)
SRV - [2015/11/11 21:18:32 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/09/30 02:31:01 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/09/21 02:37:08 | 000,396,944 | ---- | M] (tsvr.com) [Auto | Running] -- C:\Users\chedli\AppData\Roaming\TSv\TSvr.exe -- (IhPul)
SRV - [2015/07/08 13:18:36 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/04/29 11:50:35 | 000,346,680 | ---- | M] () [Auto | Running] -- C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe -- (InternetEverywhere_Service)
SRV - [2011/03/14 16:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcombus.sys -- (IvtComBusSrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\chedli\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btcomport.sys -- (BTCOM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - [2015/06/12 03:00:58 | 000,123,968 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2014/09/09 17:32:52 | 000,117,272 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013/11/01 10:24:08 | 000,316,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_wwanecm.sys -- (hwusb_wwanecm)
DRV - [2013/10/23 11:42:00 | 000,108,032 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_cdcacm.sys -- (hwusb_cdcacm)
DRV - [2013/10/08 18:23:14 | 000,020,576 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2013/09/02 15:48:58 | 000,381,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2013/03/04 16:31:10 | 000,077,824 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/03/04 16:20:26 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/01/25 09:16:32 | 000,095,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012/12/24 16:45:36 | 000,023,288 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtAudioBusSrv)
DRV - [2012/12/24 16:42:16 | 000,027,256 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (IvtPanBusSrv)
DRV - [2012/12/22 09:46:02 | 000,011,904 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2011/05/13 04:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 23:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\..\SearchScopes\{C3A07D58-FB30-48D7-B348-DE50DABF11BF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AVND_frTN626
IE - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "TN"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "TN"
FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
FF - prefs.js..browser.search.searchengine.ptid: "wpm07163"
FF - prefs.js..browser.search.searchengine.uid: "SAMSUNGXHD321HJ_S1HLJ9BZ215087"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com/"
FF - prefs.js..extensions.enabledAddons: mozilla_cc2%40internetdownloadmanager.com:6.23.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/09/23 10:20:36 | 000,029,743 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: enable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Market: fr-fr
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\Package: DefaultPack
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\OSVersion: 6.1.7601.1
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\LVersion: 1.7.51.0
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\MFVersion: MF41.0.1 (x86 fr)
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\chedli\AppData\Roaming\IDM\idmmzcc5 [2015/11/13 19:42:23 | 000,000,000 | ---D | M]

[2014/08/21 19:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chedli\AppData\Roaming\mozilla\Extensions
[2015/10/23 13:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chedli\AppData\Roaming\mozilla\Firefox\Profiles\iya3bnk3.default\extensions
[2015/10/23 13:53:45 | 000,000,000 | ---D | M] ("Bing Search") -- C:\Users\chedli\AppData\Roaming\mozilla\Firefox\Profiles\iya3bnk3.default\extensions\bingsearch.full@microsoft.com
[2015/11/04 20:36:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2015/10/13 21:42:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/10/13 21:42:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015/09/23 10:20:36 | 000,029,743 | ---- | M] () (No name found) -- C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\IDMMZCC2.XPI

[color=#E56717]========== Chrome ==========[/color]

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\chedli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.23.15_1\
CHR - Extension: No name found = C:\Users\chedli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\

O1 HOSTS File: ([2015/09/17 14:14:31 | 000,000,828 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe ()
O4 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000..\Run: [AntiUsbWorm] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000..\Run: [AntiWormUpdate] C:\Google\AutoIt3.exe (AutoIt Team)
O4 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000..\Run: [BingSvc] C:\Users\chedli\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2953196045-2419217088-2337920579-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab (Java Plug-in 11.60.2)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab (Java Plug-in 11.60.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02E980B3-0D24-4500-B8D5-337E9FE5138C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48BF1BF1-9E69-4430-BE9A-A976820958AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4ED669E6-691F-45FA-858D-CB0A46CBA913}: NameServer = 10.47.9.34 10.47.9.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83162164-1087-4905-9C06-E7F01DBF5733}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{836CA65D-3C0D-463B-9397-7073F1E12B76}: NameServer = 10.47.9.34 10.47.9.36
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF889F0C-7609-4D38-96EF-DA7F5575F427}: NameServer = 10.47.9.34 10.47.9.36
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0677627e-5c59-11e5-a6bf-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{0677627e-5c59-11e5-a6bf-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0677628b-5c59-11e5-a6bf-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{0677628b-5c59-11e5-a6bf-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5589520b-3c15-11e4-bb30-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{5589520b-3c15-11e4-bb30-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{69cdc328-40dd-11e4-bbea-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{69cdc328-40dd-11e4-bbea-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a017adf9-aed9-11e4-a5f1-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{a017adf9-aed9-11e4-a5f1-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ad62fa49-5c67-11e5-a4f2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ad62fa49-5c67-11e5-a4f2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{b99ef310-59d7-11e4-9a4a-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{b99ef310-59d7-11e4-9a4a-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ef30edff-d84d-11e4-be3c-f4ce46038153}\Shell - "" = AutoRun
O33 - MountPoints2\{ef30edff-d84d-11e4-be3c-f4ce46038153}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\system32\Rundll32.exe" "C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {DB213A15-3138-46C6-9D52-3D4B23C147EB} - EIEDPLauncher
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{53124C25-17B2-4835-B924-AF914D063766} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/11/13 20:30:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\chedli\Desktop\OTL.exe
[2015/11/08 20:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2015/11/07 15:21:16 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Local\Essentware
[2015/11/07 15:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Essentware
[2015/11/06 15:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/11/06 15:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015/11/04 20:41:03 | 000,000,000 | ---D | C] -- C:\Users\chedli\Desktop\UTILITAIRES
[2015/11/04 20:36:06 | 000,274,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2015/11/04 20:36:06 | 000,191,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2015/11/04 20:36:06 | 000,191,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2015/11/04 20:27:14 | 000,000,000 | ---D | C] -- C:\Navilog1
[2015/11/01 15:18:41 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Local\CEF
[2015/11/01 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2015/10/30 15:04:08 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Local\ONSPEED
[2015/10/30 12:58:58 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Roaming\AVAST Software
[2015/10/28 06:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/10/24 20:18:09 | 000,000,000 | ---D | C] -- C:\$APDF
[2015/10/24 07:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2015/10/24 07:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\A-PDF
[2015/10/24 07:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF DjVu to PDF
[2015/10/24 07:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\A-PDF DjVu to PDF
[2015/10/23 20:37:56 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Roaming\XnView
[2015/10/20 07:04:54 | 000,000,000 | ---D | C] -- C:\Users\chedli\Documents\Ashampoo Burning Studio 14
[2015/10/20 07:03:22 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Roaming\Ashampoo
[2015/10/20 07:02:58 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Local\ashampoo
[2015/10/20 07:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2015/10/20 07:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2015/10/19 22:40:10 | 000,000,000 | RHSD | C] -- C:\Skypee
[2015/10/19 22:39:12 | 000,000,000 | RHSD | C] -- C:\Google
[2015/10/19 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\chedli\Desktop\Extra
[2015/10/19 11:05:56 | 000,000,000 | ---D | C] -- C:\Users\chedli\Desktop\DRIVERS LENOVO
[2015/10/17 15:16:01 | 000,000,000 | ---D | C] -- C:\Smoothboard Tech
[2015/10/17 15:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2015/10/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\chedli\AppData\Roaming\Sun
[2015/10/17 15:06:53 | 000,000,000 | ---D | C] -- C:\Users\chedli\.oracle_jre_usage
[2015/10/17 15:06:35 | 000,097,888 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/10/17 15:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015/10/17 15:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015/10/17 15:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015/10/17 14:51:44 | 000,471,040 | ---- | C] (Lukas Reinhart) -- C:\Users\chedli\Desktop\WiimoteConnect.exe
[2015/10/16 22:31:26 | 000,000,000 | ---D | C] -- C:\Users\chedli\Desktop\logiciel pour TBI
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/11/13 20:37:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/11/13 20:30:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chedli\Desktop\OTL.exe
[2015/11/13 20:18:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/13 20:09:41 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/13 19:49:23 | 000,031,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/13 19:49:23 | 000,031,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/13 19:46:45 | 000,744,568 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/11/13 19:46:45 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/11/13 19:46:45 | 000,148,086 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/11/13 19:46:45 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/11/13 19:42:22 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/13 19:42:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/13 19:42:06 | 1583,222,784 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/12 22:12:58 | 000,002,087 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/11/12 22:02:08 | 000,088,280 | ---- | M] () -- C:\Users\chedli\Desktop\12246976_1008174942559436_1826265279108400860_n.jpg
[2015/11/11 21:18:29 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/11/11 21:18:29 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/11/07 20:26:52 | 000,986,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/11/06 15:12:38 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/11/06 15:04:40 | 000,000,028 | ---- | M] () -- C:\Windows\wazpnmp.sys
[2015/11/03 15:08:44 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2015/11/01 15:16:03 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/10/25 20:54:35 | 006,462,815 | ---- | M] () -- C:\Users\chedli\Desktop\Physique (46).pdf
[2015/10/24 07:46:06 | 000,023,616 | ---- | M] () -- C:\Users\chedli\Desktop\12039525_1015827801811698_1214382209982358162_n.jpg
[2015/10/23 20:05:03 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2015/10/23 13:37:52 | 000,026,071 | ---- | M] () -- C:\Users\chedli\Desktop\9782100726592-T.jpg
[2015/10/19 22:40:11 | 000,000,902 | ---- | M] () -- C:\ProgramData\ProgramData.lnk
[2015/10/17 15:06:15 | 000,097,888 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2015/10/17 15:06:14 | 000,274,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2015/10/17 15:06:14 | 000,191,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2015/10/17 15:06:14 | 000,191,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/11/13 20:37:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/11/12 22:02:08 | 000,088,280 | ---- | C] () -- C:\Users\chedli\Desktop\12246976_1008174942559436_1826265279108400860_n.jpg
[2015/11/07 20:25:37 | 000,986,984 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/11/06 15:12:38 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015/11/06 15:04:35 | 000,000,028 | ---- | C] () -- C:\Windows\wazpnmp.sys
[2015/11/01 15:16:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015/11/01 15:16:03 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader DC.lnk
[2015/10/26 20:17:21 | 000,026,071 | ---- | C] () -- C:\Users\chedli\Desktop\9782100726592-T.jpg
[2015/10/25 20:53:34 | 006,462,815 | ---- | C] () -- C:\Users\chedli\Desktop\Physique (46).pdf
[2015/10/24 07:57:45 | 000,488,448 | ---- | C] () -- C:\Windows\System32\apdfprintmon.dll
[2015/10/24 07:46:05 | 000,023,616 | ---- | C] () -- C:\Users\chedli\Desktop\12039525_1015827801811698_1214382209982358162_n.jpg
[2015/10/19 22:40:11 | 000,000,902 | ---- | C] () -- C:\ProgramData\ProgramData.lnk
[2015/10/12 11:17:24 | 000,000,102 | ---- | C] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[2015/09/03 20:30:57 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2015/02/02 20:44:39 | 000,000,794 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/11/24 12:58:48 | 000,000,137 | ---- | C] () -- C:\Windows\TDW.INI
[2014/11/24 12:58:48 | 000,000,129 | ---- | C] () -- C:\Windows\TPW.INI
[2014/11/24 12:58:48 | 000,000,041 | ---- | C] () -- C:\Windows\WORKSHOP.INI
[2014/11/24 12:58:31 | 000,325,792 | ---- | C] () -- C:\Windows\INSTALTP.EXE
[2014/08/31 16:16:46 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2014/08/31 16:02:51 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 22:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2015/10/20 07:03:22 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\Ashampoo
[2015/10/30 12:58:58 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\AVAST Software
[2015/11/13 20:31:03 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\DMCache
[2014/11/24 12:56:29 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\geany
[2015/11/13 20:30:43 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\IDM
[2015/09/16 12:48:32 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\InternetEverywhere
[2015/09/21 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\Opera Software
[2014/11/30 09:29:38 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\PDManager
[2015/09/21 15:49:33 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\Shortcut
[2015/09/17 12:39:57 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\Thinstall
[2015/10/12 11:18:22 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\TSv
[2014/08/31 15:55:25 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\WinBatch
[2015/11/06 15:19:44 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\XnView
[2015/10/28 06:23:42 | 000,000,000 | ---D | M] -- C:\Users\chedli\AppData\Roaming\ZHP

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2015/09/17 12:53:25 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[2013/06/01 07:50:16 | 000,000,212 | -H-- | M] () -- C:\Boot.BAK
[2014/08/18 12:11:55 | 000,000,356 | RHS- | M] () -- C:\Boot.ini.saved
[2008/04/14 11:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010/11/20 22:29:06 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2014/08/19 10:29:52 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/06/01 08:00:35 | 000,027,195 | ---- | M] () -- C:\caavsetupLog.txt
[2013/06/02 17:05:51 | 000,303,771 | ---- | M] () -- C:\caisslog.txt
[2015/10/01 15:53:59 | 000,012,056 | ---- | M] () -- C:\chedlimhamdi.docx
[2015/11/08 20:48:54 | 000,000,994 | ---- | M] () -- C:\cleannavi.txt
[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2015/08/05 11:10:36 | 000,000,383 | ---- | M] () -- C:\ftconfig.ini
[2015/11/13 19:42:06 | 1583,222,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/01 07:53:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/06/01 07:53:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 11:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 11:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2015/11/13 19:42:08 | 2110,967,808 | -HS- | M] () -- C:\pagefile.sys
[2015/11/13 20:37:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/08/31 16:10:13 | 000,449,221 | RHS- | M] () -- C:\QFLHX
[2015/06/26 12:03:22 | 000,584,848 | ---- | M] (McAfee, Inc.) -- C:\SecurityScanner.dll

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/07/14 05:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[4 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2015/10/24 07:57:43 | 000,000,000 | ---D | M] -- C:\Program Files\A-PDF DjVu to PDF
[2015/11/01 15:15:56 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2015/10/23 20:03:42 | 000,000,000 | ---D | M] -- C:\Program Files\Ashampoo
[2015/09/03 20:33:52 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2015/09/03 20:34:45 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2015/09/03 20:07:58 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2015/11/06 15:12:38 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2015/10/17 15:07:02 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2015/10/10 12:40:16 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/04/12 02:45:15 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2015/02/21 15:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\ESTsoft
[2014/08/19 09:38:21 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2015/10/24 06:58:53 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2015/10/24 07:59:22 | 000,000,000 | ---D | M] -- C:\Program Files\gs
[2014/11/12 20:25:34 | 000,000,000 | ---D | M] -- C:\Program Files\GUMBE40.tmp
[2014/10/02 19:29:08 | 000,000,000 | ---D | M] -- C:\Program Files\GUMD059.tmp
[2015/10/10 13:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2015/10/12 11:30:30 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/09/30 15:59:03 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager
[2015/07/08 13:35:12 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2015/09/16 12:41:40 | 000,000,000 | ---D | M] -- C:\Program Files\InternetEverywhere
[2015/11/04 20:36:00 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2014/11/30 09:21:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Corporation
[2014/09/07 16:38:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2014/09/07 16:38:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2015/09/24 21:46:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2015/11/04 20:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2015/10/13 21:43:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2009/07/14 05:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2014/11/30 09:30:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2015/11/08 20:48:27 | 000,000,000 | ---D | M] -- C:\Program Files\Navilog1
[2015/09/03 20:40:03 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/07/14 05:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2015/09/13 07:10:24 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2015/09/03 20:41:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp
[2015/10/03 20:20:31 | 000,000,000 | ---D | M] -- C:\Program Files\TrackZapper.com
[2009/07/14 05:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2014/08/31 16:25:27 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2014/08/24 16:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2011/04/12 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011/04/12 02:45:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/04/12 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/04/12 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2014/08/19 09:38:21 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/04/12 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2010/11/20 22:33:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/04/12 02:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2009/07/14 02:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\System32\appmgmts.dll
[2009/07/14 02:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_81a53e87bd5d36aa\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 22:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009/07/14 00:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010/11/20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\System32\hidserv.dll
[2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_d6829e90e8c23da8\hidserv.dll

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\swsetup\SP44286\Deployment\f6flpy64\IaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\swsetup\SP44286\Deployment\f6flpy32\IaStor.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2010/11/20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010/11/20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2010/11/20 22:29:20 | 000,118,272 | ---- | M] (Microsoft Corporation) MD5=4A8E2F20809CC161107FAA94F6CF2685 -- C:\Windows\System32\imm32.dll
[2010/11/20 22:29:20 | 000,118,272 | ---- | M] (Microsoft Corporation) MD5=4A8E2F20809CC161107FAA94F6CF2685 -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_5e5d8801d8ad160d\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2015/07/08 13:16:26 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=02D5E2D9D9497F314C97E082A1CB9808 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_95c851f0b48aeae5\kernel32.dll
[2010/11/20 22:29:19 | 000,857,600 | ---- | M] (Microsoft Corporation) MD5=5553784D774CA845380650E010BBDA2C -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_95c54f2cb48da1b9\kernel32.dll
[2015/07/08 13:16:26 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=5717FC9D2A1DAA0596DC7D940F2D613C -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_96481f19cdafbff7\kernel32.dll
[2015/07/08 13:16:55 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=6F93A0F455963DC8A9A16BB682C8D589 -- C:\Windows\System32\kernel32.dll
[2015/07/08 13:16:55 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=6F93A0F455963DC8A9A16BB682C8D589 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_95adb658b49f9b89\kernel32.dll
[2015/07/08 13:16:55 | 000,868,352 | ---- | M] (Microsoft Corporation) MD5=9139B25AA9CA8749A11F2BE863EF391B -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_95f5498dcdeeffbd\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2015/07/08 13:17:34 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[2010/11/20 22:29:12 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2015/07/08 13:17:34 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\System32\mswsock.dll
[2015/07/08 13:17:34 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010/11/20 22:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010/11/20 22:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2010/11/20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2010/11/20 22:29:12 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\System32\drivers\ntfs.sys
[2010/11/20 22:29:12 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2010/11/20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010/11/20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2010/11/20 22:29:21 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\System32\proquota.exe
[2010/11/20 22:29:21 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_29ce61c2f0a740f4\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2010/11/20 22:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
[2010/11/20 22:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/11/20 22:29:06 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010/11/20 22:29:06 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2010/11/20 22:29:19 | 000,521,216 | ---- | M] (Microsoft Corporation) MD5=382C804C92811BE57829D8E550A900E2 -- C:\Windows\System32\termsrv.dll
[2010/11/20 22:29:19 | 000,521,216 | ---- | M] (Microsoft Corporation) MD5=382C804C92811BE57829D8E550A900E2 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_90a6abb3b286306d\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 22:29:03 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2010/11/20 22:29:12 | 000,980,992 | ---- | M] (Microsoft Corporation) MD5=44214C94911C7CFB1D52CB64D5E8368D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[2015/07/08 13:18:41 | 001,950,720 | ---- | M] (Microsoft Corporation) MD5=E4EB138060BAE0DBAB1A3B71A3141FE7 -- C:\Windows\System32\wininet.dll
[2015/07/08 13:18:41 | 001,950,720 | ---- | M] (Microsoft Corporation) MD5=E4EB138060BAE0DBAB1A3B71A3141FE7 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17843_none_87f89fb9fea1f1ca\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2010/11/20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2010/11/20 22:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010/11/20 22:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color]
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2014/08/19 09:38:41 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2953196045-2419217088-2337920579-1000\desktop.ini
[2009/07/14 05:53:46 | 000,032,482 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/08/24 16:47:18 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/10/09 18:13:25 | 000,001,054 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/10/09 18:13:27 | 000,001,058 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2015/11/11 20:49:18 | 000,000,000 | ---D | M](C:\Users\chedli\Desktop\????? ??????? ??????? ???????) -- C:\Users\chedli\Desktop\'DB55 'DB5J1G 'D'9E'D 'DC'ED)
[2015/11/11 20:49:18 | 000,000,000 | ---D | C](C:\Users\chedli\Desktop\????? ??????? ??????? ???????) -- C:\Users\chedli\Desktop\'DB55 'DB5J1G 'D'9E'D 'DC'ED)
[2015/11/11 20:49:03 | 033,854,424 | ---- | M] ()(C:\Users\chedli\Desktop\???? ????? ???.rar) -- C:\Users\chedli\Desktop\JH3A '/1J3 B55.rar
[2015/11/11 20:46:25 | 033,854,424 | ---- | C] ()(C:\Users\chedli\Desktop\???? ????? ???.rar) -- C:\Users\chedli\Desktop\JH3A '/1J3 B55.rar
[2015/11/11 06:24:47 | 111,650,859 | ---- | M] ()(C:\Users\chedli\Desktop\---????? - ???????? ?????? - ???? ????? ???? ????? The Best of Fairuz - YouTube.mp4) -- C:\Users\chedli\Desktop\---AJ1H2 - AJ1H2J'* 'D5('- - '1H9 ':'FJ '12) D(F'F The Best of Fairuz - YouTube.mp4
[2015/11/11 06:24:46 | 111,650,859 | ---- | C] ()(C:\Users\chedli\Desktop\---????? - ???????? ?????? - ???? ????? ???? ????? The Best of Fairuz - YouTube.mp4) -- C:\Users\chedli\Desktop\---AJ1H2 - AJ1H2J'* 'D5('- - '1H9 ':'FJ '12) D(F'F The Best of Fairuz - YouTube.mp4
[2015/11/11 06:13:30 | 003,931,788 | ---- | M] ()(C:\Users\chedli\Desktop\Chedli Mhamdi - Chedli Mhamdi a partagé la vidéo de ????? ??????..mp4) -- C:\Users\chedli\Desktop\Chedli Mhamdi - Chedli Mhamdi a partagé la vidéo de 'D2EF 'D,EJD..mp4
[2015/11/11 06:13:24 | 003,931,788 | ---- | C] ()(C:\Users\chedli\Desktop\Chedli Mhamdi - Chedli Mhamdi a partagé la vidéo de ????? ??????..mp4) -- C:\Users\chedli\Desktop\Chedli Mhamdi - Chedli Mhamdi a partagé la vidéo de 'D2EF 'D,EJD..mp4
[2015/09/30 21:53:37 | 000,012,852 | ---- | M] ()(C:\Users\chedli\Documents\??? ????? ??????? ?????? ???????.docx) -- C:\Users\chedli\Documents\%DI 'D3J/ 'DEF/H( 'D,GHJ DD*1(J).docx
[2015/09/30 21:53:36 | 000,012,852 | ---- | C] ()(C:\Users\chedli\Documents\??? ????? ??????? ?????? ???????.docx) -- C:\Users\chedli\Documents\%DI 'D3J/ 'DEF/H( 'D,GHJ DD*1(J).docx
[2015/09/30 07:07:37 | 000,000,000 | ---D | M](C:\Users\chedli\Desktop\????? ???) -- C:\Users\chedli\Desktop\BH'9/ D:)
[2015/09/30 07:06:38 | 000,000,000 | ---D | C](C:\Users\chedli\Desktop\????? ???) -- C:\Users\chedli\Desktop\BH'9/ D:)
[2015/05/22 20:51:00 | 000,015,840 | ---- | M] ()(C:\Users\chedli\Documents\??????? ????????.docx) -- C:\Users\chedli\Documents\'D/1',) 'DGH'&J).docx
[2015/05/22 20:50:59 | 000,015,840 | ---- | C] ()(C:\Users\chedli\Documents\??????? ????????.docx) -- C:\Users\chedli\Documents\'D/1',) 'DGH'&J).docx
[2015/04/18 15:04:54 | 000,015,275 | ---- | M] ()(C:\Users\chedli\Documents\????????.docx) -- C:\Users\chedli\Documents\'DEH3JBI.docx
[2015/04/18 15:04:45 | 000,016,931 | ---- | M] ()(C:\Users\chedli\Documents\??? ???? ?? ???? ?????.docx) -- C:\Users\chedli\Documents\/H1 'DAF AJ -J') 'DA1/.docx
[2015/04/18 14:39:56 | 000,016,931 | ---- | C] ()(C:\Users\chedli\Documents\??? ???? ?? ???? ?????.docx) -- C:\Users\chedli\Documents\/H1 'DAF AJ -J') 'DA1/.docx
[2015/04/18 14:39:51 | 000,015,275 | ---- | C] ()(C:\Users\chedli\Documents\????????.docx) -- C:\Users\chedli\Documents\'DEH3JBI.docx
[2015/03/05 12:39:55 | 000,013,047 | ---- | M] ()(C:\Users\chedli\Documents\??????? ?????????? ??? ????? ?????? ?? 5.docx) -- C:\Users\chedli\Documents\'DE/13) 'D'(*/'&J) '(F EF8H1 'D1B'( AJ 5.docx
[2015/03/05 12:39:55 | 000,013,047 | ---- | C] ()(C:\Users\chedli\Documents\??????? ?????????? ??? ????? ?????? ?? 5.docx) -- C:\Users\chedli\Documents\'DE/13) 'D'(*/'&J) '(F EF8H1 'D1B'( AJ 5.docx
[2015/02/07 16:50:54 | 000,051,686 | ---- | M] ()(C:\Users\chedli\Documents\???????? ?? ?????? ???????? ?? ????? ?????? ???????.docx) -- C:\Users\chedli\Documents\'D%E*5'5 GH %F*B'D 'D,2J&'* EF *,HJA 'DBF') 'DG6EJ).docx
[2015/02/07 16:50:52 | 000,051,686 | ---- | C] ()(C:\Users\chedli\Documents\???????? ?? ?????? ???????? ?? ????? ?????? ???????.docx) -- C:\Users\chedli\Documents\'D%E*5'5 GH %F*B'D 'D,2J&'* EF *,HJA 'DBF') 'DG6EJ).docx
[2014/10/21 20:01:42 | 000,015,195 | ---- | M] ()(C:\Users\chedli\Documents\???? ?????.docx) -- C:\Users\chedli\Documents\BJE) 'D9ED.docx
[2014/10/21 20:01:41 | 000,015,195 | ---- | C] ()(C:\Users\chedli\Documents\???? ?????.docx) -- C:\Users\chedli\Documents\BJE) 'D9ED.docx
[2011/03/16 16:11:28 | 000,024,064 | ---- | M] ()(C:\Users\chedli\Desktop\?? ????? ??? ????? ?? ???? ????? ???? ???????.doc) -- C:\Users\chedli\Desktop\*E '6'A) G0' 'DEDA EF .D'D E/HF) 9'DE 'DE91A).doc
[2011/03/16 16:11:28 | 000,024,064 | ---- | C] ()(C:\Users\chedli\Desktop\?? ????? ??? ????? ?? ???? ????? ???? ???????.doc) -- C:\Users\chedli\Desktop\*E '6'A) G0' 'DEDA EF .D'D E/HF) 9'DE 'DE91A).doc

< End of report >

Publicité


Signaler le contenu de ce document

Publicité