OTL.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 15/03/2017 23:13:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ucf\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18426)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,97 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 25,39% Memory free
7,93 Gb Paging File | 4,36 Gb Available in Paging File | 54,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 83,35 Gb Free Space | 56,94% Space Free | Partition Type: NTFS
Drive D: | 151,60 Gb Total Space | 142,20 Gb Free Space | 93,80% Space Free | Partition Type: NTFS

Computer Name: UCF-PC | User Name: Ucf | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2017/03/15 22:52:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ucf\Downloads\OTL.exe
PRC - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2016/12/19 11:28:49 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
PRC - [2016/09/06 18:05:37 | 000,097,080 | ---- | M] (Baidu Inc.) -- C:\Program Files (x86)\baidu\Spark\sparkservice.exe
PRC - [2016/01/08 08:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2015/12/22 20:04:00 | 000,186,760 | ---- | M] () -- C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
PRC - [2015/07/07 13:57:42 | 000,785,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2016/08/02 06:19:01 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2015/07/23 00:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:[b]64bit:[/b] - [2014/10/01 14:40:28 | 001,349,576 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:[b]64bit:[/b] - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/11/16 20:44:58 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2016/09/06 18:05:37 | 000,097,080 | ---- | M] (Baidu Inc.) [Auto | Running] -- C:\Program Files (x86)\baidu\Spark\sparkservice.exe -- (SparkSvc)
SRV - [2016/01/08 08:51:54 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2015/12/22 20:04:00 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe -- (ScsiAccess)
SRV - [2015/11/05 20:36:48 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2015/07/07 13:57:42 | 000,785,904 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2015/02/02 02:37:42 | 001,359,040 | ---- | M] (Baidu.com, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe -- (SparkUpdater)
SRV - [2014/03/20 22:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2016/01/08 08:51:54 | 000,213,088 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2016/01/08 08:51:54 | 000,120,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2015/01/04 21:38:50 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2014/09/18 12:38:22 | 000,063,160 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:[b]64bit:[/b] - [2014/08/19 03:07:06 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:[b]64bit:[/b] - [2014/08/18 10:28:34 | 000,222,280 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:[b]64bit:[/b] - [2014/08/18 10:28:32 | 000,243,440 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:[b]64bit:[/b] - [2014/08/18 10:28:32 | 000,169,280 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:[b]64bit:[/b] - [2014/08/18 10:28:32 | 000,044,632 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:[b]64bit:[/b] - [2013/10/02 02:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2013/08/07 14:49:26 | 008,623,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2013/03/05 19:49:44 | 000,653,296 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:[b]64bit:[/b] - [2013/03/05 19:49:36 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:[b]64bit:[/b] - [2013/02/22 01:40:14 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2013/01/21 16:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2012/11/16 21:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2012/11/16 21:08:32 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2012/11/16 19:39:12 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2012/08/23 14:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 14:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2012/03/06 07:59:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/15 22:01:16 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/21 03:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010/11/21 03:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/15 11:08:34 | 000,084,008 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:[b]64bit:[/b] - [2010/04/29 10:00:54 | 000,722,488 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:[b]64bit:[/b] - [2009/09/24 13:31:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:[b]64bit:[/b] - [2009/09/03 06:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:[b]64bit:[/b] - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hppp&ts=1420454840&from=cor&uid=FUJITSUXMJA2320BHXG1_K92VT9A28C5NT9A28C5NX
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420454840&from=cor&uid=FUJITSUXMJA2320BHXG1_K92VT9A28C5NT9A28C5NX&q={searchTerms}
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=dspp&ts=1420454840&from=cor&uid=FUJITSUXMJA2320BHXG1_K92VT9A28C5NT9A28C5NX&q={searchTerms}
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ar-xl/?ocid=iehp
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B DA 57 EA 6C 27 D0 01 [binary data]
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\SearchScopes,DefaultScope = {810BF1AE-B59F-4856-B4F6-B4A7CC91A240}
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\SearchScopes\{810BF1AE-B59F-4856-B4F6-B4A7CC91A240}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found

FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

[2015/03/18 19:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb\1.5_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjlgjphgjlijjbilomfnohfnljllmo\1.0.2_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpahoknghmacibohhgleeacndkglgmo\1.17.0_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb\0.2.6_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd\1.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdefjeebompalklbfldgmcolgbaalmbo\12.202.10.30319_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\koekplodmdaalggcclajcecoomipnpca\1.3_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncecfaonfegfhpgknfcepbfjlnojigde\3.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld\3.1.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojnkpicomiheedikmnkibgcheblinkki\0.0.6_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.5.8_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\9.0_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Ucf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_0\

O1 HOSTS File: ([2017/01/25 18:35:19 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll File not found
O2:[b]64bit:[/b] - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll File not found
O2 - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:[b]64bit:[/b] - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000..\Run: [GoogleChromeAutoLaunch_F49125F97570A3CAA3656B676664E8AF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-1161051961-2643679340-2637497066-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O9:[b]64bit:[/b] - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81E0AECB-266F-4BDE-9370-E6A4D986E1D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E20320E8-5177-4591-91B3-1ABE40BD891F}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0ee173c9-933a-11e4-a619-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0ee173c9-933a-11e4-a619-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DriverPackSolution.exe
O33 - MountPoints2\{336ceb32-0c00-11e6-93dd-00264370358c}\Shell - "" = AutoRun
O33 - MountPoints2\{336ceb32-0c00-11e6-93dd-00264370358c}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{b192ee68-2e14-11e5-8d4c-00264370358c}\Shell - "" = AutoRun
O33 - MountPoints2\{b192ee68-2e14-11e5-8d4c-00264370358c}\Shell\AutoRun\command - "" = F:\ICM_Manager.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Ucf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Des Hommes d Influence Wag the Dog DVDRip Xvid French.By kiwiloup-www.Zone-Telechargement.com.avi.lnk - - File not found
MsConfig:64bit - StartUpReg: [b]APSDaemon[/b] - hkey= - key= - c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]BlueStacks Agent[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: [b]KiesPreload[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
MsConfig:64bit - StartUpReg: [b]KiesTrayAgent[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - c:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: [b]Sidebar[/b] - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: [b]Ulead AutoDetector[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
MsConfig:64bit - StartUpReg: [b]Ulead Calendar Checker[/b] - hkey= - key= - File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] TBS - Service
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TBS - Service
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3
ActiveX:[b]64bit:[/b] {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2017/03/11 16:41:30 | 000,000,000 | ---D | C] -- C:\Windroy
[2017/03/09 11:51:36 | 000,000,000 | ---D | C] -- C:\Users\Ucf\Desktop\Catalogue Des Serrures
[2017/03/09 09:46:12 | 000,000,000 | ---D | C] -- C:\Users\Ucf\AppData\Roaming\Solvusoft
[2017/03/09 09:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2017/03/09 09:43:52 | 000,000,000 | ---D | C] -- C:\Users\Ucf\AppData\Roaming\IsolatedStorage
[2017/03/09 09:43:49 | 000,000,000 | ---D | C] -- C:\Users\Ucf\AppData\Local\FileViewPro
[2017/03/09 09:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Solvusoft
[2017/03/09 09:42:40 | 000,000,000 | ---D | C] -- C:\ProgramData\{4B36989F-BE86-4A21-94B1-AC154A69EA65}
[2017/03/09 09:42:36 | 000,000,000 | ---D | C] -- C:\Users\Ucf\AppData\Local\IIIQF
[2017/03/09 09:42:08 | 000,000,000 | ---D | C] -- C:\Spacekace
[2017/02/27 21:52:56 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2017/02/25 23:08:18 | 000,000,000 | ---D | C] -- C:\Users\Ucf\Desktop\Nouveau dossier
[2017/02/25 09:22:20 | 000,000,000 | ---D | C] -- C:\Users\Ucf\Desktop\Divers
[2017/02/22 11:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2017/02/20 10:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ucf\Documents\Citations des grands
[2017/02/03 17:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2017/01/25 18:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2017/01/25 18:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2017/03/15 22:55:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d12f93517037aa.job
[2017/03/15 22:34:48 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0bf56da59cd3.job
[2017/03/15 22:34:44 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0908b844e91b4.job
[2017/03/15 22:34:43 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d15b86c1a633d4.job
[2017/03/15 22:28:37 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2017/03/15 22:10:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e42363dd6e57.job
[2017/03/15 21:36:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/03/15 19:34:01 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bf56cfefc80.job
[2017/03/15 19:13:26 | 000,014,930 | ---- | M] () -- C:\Users\Ucf\Documents\paiement_facture_15032017_EBK_1067239.pdf
[2017/03/15 19:09:12 | 000,014,929 | ---- | M] () -- C:\Users\Ucf\Documents\paiement_facture_15032017_EBK_1067238.pdf
[2017/03/15 18:46:04 | 000,027,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017/03/15 18:46:04 | 000,027,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017/03/15 18:37:30 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0908b82fa957a.job
[2017/03/15 18:37:30 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2017/03/15 18:37:30 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d12f935085b061.job
[2017/03/15 18:37:02 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2017/03/15 18:36:45 | 3195,289,600 | -HS- | M] () -- C:\hiberfil.sys
[2017/03/13 00:30:45 | 000,801,166 | ---- | M] () -- C:\Users\Ucf\Desktop\IMG-20151222-WA0015.jpg
[2017/03/12 22:14:20 | 000,000,017 | ---- | M] () -- C:\Users\Ucf\AppData\Local\resmon.resmoncfg
[2017/03/10 15:23:25 | 001,668,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/03/10 15:23:25 | 000,747,570 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2017/03/10 15:23:25 | 000,654,140 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/03/10 15:23:25 | 000,150,062 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2017/03/10 15:23:25 | 000,122,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/03/05 21:20:18 | 000,002,281 | ---- | M] () -- C:\Users\Ucf\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/03/05 21:20:18 | 000,002,257 | ---- | M] () -- C:\Users\Ucf\Desktop\Google Chrome.lnk
[2017/03/05 16:27:16 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017/03/03 10:50:10 | 000,014,968 | ---- | M] () -- C:\Users\Ucf\Desktop\16996199_1834062220167328_398405430822401538_n.jpg
[2017/02/27 23:29:30 | 000,089,682 | ---- | M] () -- C:\Users\Ucf\Desktop\12670163_1285366021490121_7525471002962703513_n.jpg
[2017/02/25 23:30:48 | 000,152,740 | ---- | M] () -- C:\Users\Ucf\Desktop\5452.jpg
[2017/02/25 22:43:48 | 000,053,041 | ---- | M] () -- C:\Users\Ucf\Desktop\545.jpg
[2017/01/25 18:35:19 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017/01/25 18:34:29 | 000,000,030 | ---- | M] () -- C:\AVScanner.ini
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2017/03/15 19:13:24 | 000,014,930 | ---- | C] () -- C:\Users\Ucf\Documents\paiement_facture_15032017_EBK_1067239.pdf
[2017/03/15 19:09:10 | 000,014,929 | ---- | C] () -- C:\Users\Ucf\Documents\paiement_facture_15032017_EBK_1067238.pdf
[2017/03/13 00:18:35 | 000,801,166 | ---- | C] () -- C:\Users\Ucf\Desktop\IMG-20151222-WA0015.jpg
[2017/03/12 22:14:20 | 000,000,017 | ---- | C] () -- C:\Users\Ucf\AppData\Local\resmon.resmoncfg
[2017/03/03 20:05:04 | 000,175,497 | ---- | C] () -- C:\Users\Ucf\Desktop\091.jpg
[2017/03/03 10:50:02 | 000,014,968 | ---- | C] () -- C:\Users\Ucf\Desktop\16996199_1834062220167328_398405430822401538_n.jpg
[2017/02/27 23:29:29 | 000,089,682 | ---- | C] () -- C:\Users\Ucf\Desktop\12670163_1285366021490121_7525471002962703513_n.jpg
[2017/02/25 23:30:42 | 000,152,740 | ---- | C] () -- C:\Users\Ucf\Desktop\5452.jpg
[2017/02/25 22:43:48 | 000,053,041 | ---- | C] () -- C:\Users\Ucf\Desktop\545.jpg
[2017/02/11 21:37:06 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx
[2017/01/25 18:35:24 | 000,000,030 | ---- | C] () -- C:\AVScanner.ini
[2017/01/08 17:24:29 | 000,004,096 | -H-- | C] () -- C:\Users\Ucf\AppData\Local\keyfile3.drm
[2015/08/06 20:20:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2015/08/06 20:20:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2015/08/06 20:20:22 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2015/08/06 20:19:37 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016/04/09 06:58:02 | 014,186,496 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/04/09 06:54:53 | 012,881,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 03:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2017/03/13 00:28:23 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Adobe
[2016/06/27 00:02:47 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Apowersoft
[2015/12/31 20:06:00 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Apple Computer
[2015/03/02 19:15:44 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Baidu
[2015/01/05 11:10:58 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\DAEMON Tools Lite
[2015/10/25 15:07:16 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\DMCache
[2016/07/18 02:29:31 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\dvdcss
[2015/06/09 22:07:52 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\DVDVideoSoft
[2015/01/19 22:52:39 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Easeware
[2015/02/06 14:14:01 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\ESET
[2015/01/04 21:43:54 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Identities
[2015/10/14 20:07:58 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\IDM
[2015/10/11 20:44:25 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\imo.im
[2017/03/09 09:43:52 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\IsolatedStorage
[2015/01/09 10:39:02 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\MaskMyIP
[2010/11/21 07:16:58 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Media Center Programs
[2015/02/14 16:40:06 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Mediatronic
[2017/02/28 12:00:00 | 000,000,000 | --SD | M] -- C:\Users\Ucf\AppData\Roaming\Microsoft
[2015/12/19 12:40:06 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Mozilla
[2015/12/30 20:33:54 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Nero
[2015/12/19 12:40:06 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Netscape
[2015/01/05 10:56:04 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Opera Software
[2015/12/19 12:38:34 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Photodex
[2015/01/04 21:46:22 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\PhotoFiltre Studio X
[2015/06/09 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\RPEng
[2015/09/30 17:57:15 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Samsung
[2016/05/13 22:28:13 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Skype
[2017/03/09 09:46:12 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Solvusoft
[2016/08/29 23:39:23 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\uTorrent
[2017/03/11 17:18:59 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\vlc
[2015/09/25 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\Vso
[2015/01/09 10:36:44 | 000,000,000 | ---D | M] -- C:\Users\Ucf\AppData\Roaming\WinRAR

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2015/03/02 19:14:45 | 000,528,576 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Baidu\Spark\SysData\ExtApp\SnapImg\screensnapshot.exe
[2015/01/19 23:20:13 | 001,135,920 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Easeware\DriverEasy\drivers\kmw1bl1g.pfy\RIDMSC-00203464-764.EXE
[2015/01/19 23:23:32 | 004,288,120 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Easeware\DriverEasy\drivers\unmt2ox5.wqm\ALDOTH-00249344-1042.EXE
[2015/01/19 23:18:23 | 003,121,040 | ---- | M] (Easeware ) -- C:\Users\Ucf\AppData\Roaming\Easeware\DriverEasy\updates\4.9.0.12289\DriverEasy_Setup.exe
[2015/10/14 20:07:57 | 006,691,976 | ---- | M] (Tonec Inc.) -- C:\Users\Ucf\AppData\Roaming\IDM\idmupdt.exe
[2015/06/09 22:07:52 | 009,529,592 | ---- | M] (Lenovo Group Limited ) -- C:\Users\Ucf\AppData\Roaming\RPEng\531036FEE04B4480A8F0D712B2417C7A\LenovoSHAREit2.2.2-42715.exe
[2015/07/27 09:06:16 | 001,566,016 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2015/07/27 09:06:18 | 000,559,936 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesAgent.exe
[2015/07/27 09:06:22 | 000,277,824 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2015/07/27 09:06:20 | 000,311,616 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2015/07/27 08:57:48 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2015/07/27 08:59:56 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2015/07/27 08:58:42 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2015/07/27 09:06:24 | 000,067,904 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2015/07/27 09:06:34 | 000,065,856 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\RegisterCOM.exe
[2015/07/27 09:06:26 | 001,015,104 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2015/07/27 09:06:30 | 003,835,040 | ---- | M] (Freeware) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2015/07/27 09:06:32 | 000,624,448 | ---- | M] (ml) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2015/07/14 08:44:54 | 016,060,920 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2016/01/08 12:08:32 | 001,572,648 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2016/01/08 12:08:32 | 000,566,568 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013/12/30 01:55:30 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2016/01/08 12:08:36 | 000,284,456 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2016/01/08 12:08:34 | 000,318,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2016/01/08 11:36:14 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2016/01/08 11:39:34 | 000,353,792 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2016/01/08 11:37:46 | 000,700,416 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2016/01/08 12:08:38 | 000,074,536 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2016/01/08 12:08:46 | 000,072,488 | ---- | M] () -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2016/01/08 12:08:40 | 001,021,736 | ---- | M] (Samsung) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2016/01/08 12:08:44 | 003,841,672 | ---- | M] (Freeware) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2016/01/08 12:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2016/01/08 09:20:02 | 016,200,032 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2015/07/27 09:06:32 | 000,624,448 | ---- | M] (ml) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2016/01/08 12:08:44 | 000,631,080 | ---- | M] (ml) -- C:\Users\Ucf\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2017/03/09 09:46:23 | 000,441,896 | ---- | M] (SPAMfighter ApS) -- C:\Users\Ucf\AppData\Roaming\Solvusoft\Tray\AutoInstall\DM.exe
[2016/08/15 19:52:47 | 001,972,224 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\uTorrent.exe
[2015/01/04 21:26:03 | 001,385,808 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.2_35702.exe
[2015/01/22 20:38:33 | 001,377,872 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
[2015/08/23 13:04:46 | 001,693,024 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe
[2015/08/30 13:56:37 | 001,696,096 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.4_40911.exe
[2016/01/11 22:33:47 | 002,026,520 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe
[2016/05/29 15:33:17 | 002,133,504 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.7_42330.exe
[2016/08/15 19:52:47 | 001,972,224 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.8_42449.exe
[2016/01/11 22:49:39 | 000,336,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
[2016/05/29 16:01:08 | 000,387,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
[2016/08/16 20:44:14 | 000,387,072 | ---- | M] (BitTorrent Inc.) -- C:\Users\Ucf\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 01:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 01:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 01:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2009/07/14 01:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\SysNative\alg.exe
[2009/07/14 01:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=3290D6946B5E30E70414990574883DDB -- C:\Windows\winsxs\amd64_microsoft-windows-alg_31bf3856ad364e35_6.1.7600.16385_none_04de43c774cf8fe3\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 01:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010/11/21 03:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 03:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 03:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 01:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 01:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2009/07/14 01:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/14 01:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe

[color=#A23BEC]< MD5 for: CTFMON.EXE >[/color]
[2009/07/14 01:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 01:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 01:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 01:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2016/01/21 00:51:03 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=491B1D5EB547088AF022BA93D97D0FEA -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7601.23336_none_58625198a3f853c2\disk.sys
[2016/01/21 00:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\SysNative\drivers\disk.sys
[2016/01/21 00:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_4d9acdeddbcdfd89\disk.sys
[2016/01/21 00:51:45 | 000,073,664 | ---- | M] (Microsoft Corporation) MD5=616387BBD83372220B09DE95F4E67BBC -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7601.19133_none_57d5b2098add6acc\disk.sys
[2009/07/14 01:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 01:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2016/04/09 05:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\SysWOW64\explorer.exe
[2016/04/09 05:44:07 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=3DA48EA028AD771C5B71727F0C3984E9 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_babcc36addd6f915\explorer.exe
[2010/11/21 03:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016/04/09 05:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\explorer.exe
[2016/04/09 05:53:40 | 003,231,232 | ---- | M] (Microsoft Corporation) MD5=9DA3B83F80E205B6C601EEE1312FD0A0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23418_none_b0681918a976371a\explorer.exe
[2010/11/21 03:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\drivers\i8042prt.sys
[2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys
[2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys
[2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys
[2009/07/13 23:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3 -- C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2010/11/21 03:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 03:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 06:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 06:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 06:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

[color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color]
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\drivers\intelide.sys
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\intelide.sys
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\intelide.sys
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\intelide.sys
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\intelide.sys
[2009/07/14 01:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) MD5=F00F20E70C6EC3AA366910083A0518AA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\intelide.sys

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2010/11/21 03:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) MD5=32E7A3D591D671A6DF2DB515A5CBE0FA -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.17514_none_50be2a351da54dd5\mountmgr.sys
[2015/07/15 18:15:11 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=67050452C0118BAF2883928E6FCCFE47 -- C:\Windows\SysNative\drivers\mountmgr.sys
[2015/07/15 18:15:11 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=67050452C0118BAF2883928E6FCCFE47 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.18933_none_50a77ae31db67a9d\mountmgr.sys
[2015/02/03 03:55:38 | 000,095,160 | ---- | M] (Microsoft Corporation) MD5=8317536D445B05D0F8E7C6E26FF12E56 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.22948_none_512b474e36d7b7e4\mountmgr.sys
[2015/02/03 03:34:36 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=87BCD1034CBF33537D4D4C251D39BA26 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.18741_none_509aa6971dc06992\mountmgr.sys
[2015/07/15 18:13:21 | 000,094,656 | ---- | M] (Microsoft Corporation) MD5=D698D48D3B0AD99008E04108599E4136 -- C:\Windows\winsxs\amd64_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.1.7601.23136_none_5133f0ae36d199ae\mountmgr.sys

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2016/04/09 05:44:39 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=035C0A9A63DF3F3A52B90D8F6BF0F166 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23418_none_de44df3b80d7377e\mrxsmb.sys
[2016/05/12 14:58:45 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=10112D850C844606419C79EE24EE6016 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23452_none_de139dcf80fd0f38\mrxsmb.sys
[2015/07/22 20:35:22 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=1CCBC57FE25BE27D177FF1BC4F960B6A -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23142_none_de1e680980f4fbd2\mrxsmb.sys
[2016/01/22 05:03:38 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=22053A5093764F1DA22A81BD3E4943FF -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23338_none_de2f3d7d80e77239\mrxsmb.sys
[2016/01/22 04:59:53 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=355DF71D1DD1999E8AEDF986534B233C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.19135_none_dda29dee67cc8943\mrxsmb.sys
[2016/03/15 23:03:01 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=355E6E6B432892A5B20750EA5B317F3C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23390_none_dde65ba5811f4f27\mrxsmb.sys
[2015/07/22 16:45:48 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=43E1F4B0EFDC244D2A83995CCD7846F7 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18939_none_dda6c50e67c8be36\mrxsmb.sys
[2015/07/15 16:55:35 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=54FF5D75FFA8107A51A277C8791C1C4C -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23136_none_de2d391d80e9453d\mrxsmb.sys
[2015/07/15 01:52:06 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=92D8ABE55ADE489EFC9EBEADFA3FE0AF -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18923_none_ddab933e67c60a3b\mrxsmb.sys
[2016/03/17 21:38:06 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=ACEC16415275E1AD6F7983EF472810E3 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23392_none_dde85c39811d81d5\mrxsmb.sys
[2015/07/15 16:46:59 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=B2081803D510DCE174992BA880EDCA70 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18933_none_dda0c35267ce262c\mrxsmb.sys
[2016/03/16 17:34:10 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=B7264C444D6F3E5B2D10FC23D3B1035E -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23391_none_dde75bef811e687e\mrxsmb.sys
[2016/07/08 14:57:09 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=B7FADA5E1E55BB63F90EB9F8F016113B -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2016/07/08 14:57:09 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=B7FADA5E1E55BB63F90EB9F8F016113B -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23497_none_dded5f918118fdaf\mrxsmb.sys
[2011/02/23 04:56:31 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=C2B4651001A867FF3F8865863B592991 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_dd82635267e49e70\mrxsmb.sys
[2011/02/23 03:32:17 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=CD291E3C21C61E17972DFAF8E2E2E5DA -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_de0d006781015791\mrxsmb.sys
[2015/08/05 16:38:01 | 000,159,232 | ---- | M] (Microsoft Corporation) MD5=DB8E6BA1D110A4E40D48612E9009E366 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.18951_none_dd8922e667e02b60\mrxsmb.sys
[2015/08/05 16:45:54 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=ED055F04E406EB08743B40B0182F0C40 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23154_none_de1598b180fb4a71\mrxsmb.sys
[2015/07/15 02:00:18 | 000,159,744 | ---- | M] (Microsoft Corporation) MD5=F07DBC8FF60E6F38958AFEF3A6D50CD7 -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.23126_none_de38090980e1294c\mrxsmb.sys
[2010/11/21 03:24:03 | 000,158,208 | ---- | M] (Microsoft Corporation) MD5=FAF015B07E3A2874A790A39B7D2C579F -- C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys

[color=#A23BEC]< MD5 for: MRXSMB10.SYS >[/color]
[2016/03/15 23:02:22 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=0631CC5098CC713568BCE103D8CB9575 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23390_none_e6f979f97b708d89\mrxsmb10.sys
[2010/11/21 03:24:03 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=08E2345DF129082BCDFFDC1440F9C00D -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e6ca90f8620e37c6\mrxsmb10.sys
[2016/03/17 21:37:14 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=0F276F2F2018296FABC7BD2BCCAAB40B -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23392_none_e6fb7a8d7b6ec037\mrxsmb10.sys
[2015/07/15 01:51:26 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=1BE5CBBCA154F1852D434E4CD814124C -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18923_none_e6beb1926217489d\mrxsmb10.sys
[2015/08/05 16:37:17 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=24432705B02BC1EFC42A83F93BA202A3 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18951_none_e69c413a623169c2\mrxsmb10.sys
[2016/07/08 14:56:37 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=34AFF1849B3EC042C40C5EEC9D78562A -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2016/07/08 14:56:37 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=34AFF1849B3EC042C40C5EEC9D78562A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23497_none_e7007de57b6a3c11\mrxsmb10.sys
[2015/07/15 16:46:17 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=552FA62B0EFECD22D8D52499324BCA4F -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18933_none_e6b3e1a6621f648e\mrxsmb10.sys
[2015/08/05 16:45:03 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=591150E3B7B2BE0259F1795DBB68F325 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23154_none_e728b7057b4c88d3\mrxsmb10.sys
[2015/07/22 16:44:51 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=62CEA59FF56B66154E08BD51D87392C2 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.18939_none_e6b9e3626219fc98\mrxsmb10.sys
[2015/07/15 16:54:46 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=6DD6020C040A77FA85E1BAC2760EA1FE -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23136_none_e74057717b3a839f\mrxsmb10.sys
[2016/01/22 05:02:40 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=720B99235643BF6B1A3B4FB729DA8B47 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23338_none_e7425bd17b38b09b\mrxsmb10.sys
[2011/02/23 04:55:12 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=7E79946AFC5F799AB62982282BE5AC13 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.17565_none_e69581a66235dcd2\mrxsmb10.sys
[2016/04/09 05:44:06 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=8308FC2E9147D7632221E3279BB14660 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23418_none_e757fd8f7b2875e0\mrxsmb10.sys
[2016/01/22 04:58:52 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=A16FC9323A85CAEA5804D04646A91CF9 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.19135_none_e6b5bc42621dc7a5\mrxsmb10.sys
[2015/07/22 20:34:31 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=AB69FB03D4263EC7CCC069B3DEA58D5A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23142_none_e731865d7b463a34\mrxsmb10.sys
[2011/02/23 03:31:15 | 000,287,744 | ---- | M] (Microsoft Corporation) MD5=BF3F910D4B8BE206DDCC3771CD484817 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.21666_none_e7201ebb7b5295f3\mrxsmb10.sys
[2016/03/16 17:33:22 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=DBFF2DE9612D2CE3A91B6C5A8D5147ED -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23391_none_e6fa7a437b6fa6e0\mrxsmb10.sys
[2016/05/12 14:58:12 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=DCC4343B422A13B42C7678998449CE8A -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23452_none_e726bc237b4e4d9a\mrxsmb10.sys
[2015/07/15 01:59:25 | 000,291,328 | ---- | M] (Microsoft Corporation) MD5=F4D587FB3E7935A4D748B1247A2296D4 -- C:\Windows\winsxs\amd64_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.1.7601.23126_none_e74b275d7b3267ae\mrxsmb10.sys

[color=#A23BEC]< MD5 for: MRXSMB20.SYS >[/color]
[2016/07/08 14:56:34 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=058CE7A55E140EB0C72FBA6FD2FA72DE -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2016/07/08 14:56:34 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=058CE7A55E140EB0C72FBA6FD2FA72DE -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23497_none_e936e7f7b9c16f82\mrxsmb20.sys
[2011/02/23 03:31:12 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=101D2F8E1C218699214EFB0D93BE88B0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.21666_none_e95688cdb9a9c964\mrxsmb20.sys
[2010/11/21 03:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=108D87409C5812EF47D81E22843E8C9D -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17514_none_e900fb0aa0656b37\mrxsmb20.sys
[2016/03/17 21:37:11 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=1D4B7972375052F5B7877A6FD9BE33A0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23392_none_e931e49fb9c5f3a8\mrxsmb20.sys
[2016/04/09 05:44:03 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=1F8DA4ECAEA7E2BCD97E738795817431 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23418_none_e98e67a1b97fa951\mrxsmb20.sys
[2016/01/22 04:58:46 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=2539BE615440BA1EA4CF84A66B6C0AF9 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.19135_none_e8ec2654a074fb16\mrxsmb20.sys
[2016/03/15 23:02:19 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=448E1B0809DEECC5A37E64E80FFA7597 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23390_none_e92fe40bb9c7c0fa\mrxsmb20.sys
[2015/07/15 01:59:21 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=451C0626955CC209B9FB7349E87D3597 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23126_none_e981916fb9899b1f\mrxsmb20.sys
[2016/05/12 14:58:10 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=46C4F5BEE8D98BB1688752EAD0ABB7C0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23452_none_e95d2635b9a5810b\mrxsmb20.sys
[2016/03/16 17:33:17 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=5E36F5DB9D77773DEDBEF61A20BD9F4E -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23391_none_e930e455b9c6da51\mrxsmb20.sys
[2015/08/05 16:37:11 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=5E7E31C6426F000AF29E7C452826AF5E -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18951_none_e8d2ab4ca0889d33\mrxsmb20.sys
[2011/02/23 04:55:12 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=5FB954100CEA2BFEC6446FBBECAA3F79 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.17565_none_e8cbebb8a08d1043\mrxsmb20.sys
[2015/07/22 16:44:45 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=7D65B5E9573A26C204AA547457DBF544 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18939_none_e8f04d74a0713009\mrxsmb20.sys
[2015/08/05 16:44:59 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=8604EA05AAAB2799B5D0536620B6DAE0 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23154_none_e95f2117b9a3bc44\mrxsmb20.sys
[2015/07/15 16:54:37 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=91A46A07FFADABC32C222E361ABDA048 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23136_none_e976c183b991b710\mrxsmb20.sys
[2015/07/15 16:46:13 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=97687971F9CB30E2633DE0F1296B9F61 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18933_none_e8ea4bb8a07697ff\mrxsmb20.sys
[2015/07/15 01:51:23 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=B69491F744BE240D75F7AC1B9080CD75 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.18923_none_e8f51ba4a06e7c0e\mrxsmb20.sys
[2015/07/22 20:34:23 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=CDE84D3A8E8749B6EFC9CD2B08FD3BD3 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23142_none_e967f06fb99d6da5\mrxsmb20.sys
[2016/01/22 05:02:35 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=E1699BFB660C2F1D9B48D6D7D537F7A8 -- C:\Windows\winsxs\amd64_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.1.7601.23338_none_e978c5e3b98fe40c\mrxsmb20.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/08/22 18:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 18:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 03:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2015/10/12 23:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys
[2015/10/13 04:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys
[2015/10/13 04:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2010/11/21 03:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 03:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 03:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 03:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2011/03/11 06:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 06:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 06:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 03:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 03:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2009/07/14 00:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys
[2009/07/14 00:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

[color=#A23BEC]< MD5 for: RDPCDD.SYS >[/color]
[2009/07/14 00:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\SysNative\drivers\RDPCDD.sys
[2009/07/14 00:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=CEA6CC257FC9B7715F1C2B4849286D24 -- C:\Windows\winsxs\amd64_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.1.7600.16385_none_30d015c257effe8b\RDPCDD.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2010/11/21 03:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 03:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 03:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 03:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009/07/14 01:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015/04/11 04:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015/04/13 03:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015/04/13 03:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2015/05/25 18:21:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=18196A0F4C3904C81ACE6E91529227D9 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23072_none_0aa7312749218315\smss.exe
[2009/07/14 01:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2016/04/09 05:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\SysNative\smss.exe
[2016/04/09 05:43:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1CBDCAC093542013BEE9E4700C74C784 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23418_none_0aee1a0348eb6815\smss.exe
[2014/04/12 02:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2014/04/12 02:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22923_none_0ade68eb48f7dd75\smss.exe
[2015/07/23 00:02:14 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=50EEE09D03B94A13DFEFEFC1D774FC31 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18939_none_0a4fffd62fdceecd\smss.exe
[2015/07/15 18:10:25 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=55C48343919A72B0C8F5C42E4C798FCA -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18933_none_0a49fe1a2fe256c3\smss.exe
[2015/07/15 18:08:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=5E200958CFBDB2B82C78B6F883236640 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23136_none_0ad673e548fd75d4\smss.exe
[2015/02/03 03:30:42 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=63D3C30B497347495B8EA78A38188969 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18741_none_0a3d29ce2fec45b8\smss.exe
[2016/03/17 21:35:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=682586CACD78EF53EF7301B4180EB595 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23392_none_0a9197014931b26c\smss.exe
[2016/01/22 04:57:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=789035A84618AC25CEDC91606029A4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.19135_none_0a4bd8b62fe0b9da\smss.exe
[2016/03/16 17:31:37 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=7FCFD859F3B53C6A2F334D41BC54B3FE -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23391_none_0a9096b749329915\smss.exe
[2015/02/03 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=8CD5A97B8D155718D357B2D9BC6B113D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22948_none_0acdca854903940a\smss.exe
[2015/05/25 18:18:39 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=9BBEA639884C0338DD78654277BD188A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18869_none_0a2f8e2c2ff54579\smss.exe
[2015/07/15 03:19:24 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B094FD54A16671683B4A27A8C43BCDD0 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18923_none_0a54ce062fda3ad2\smss.exe
[2015/07/15 03:19:40 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=C95509F69D3584BB216C5B2365E74956 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23126_none_0ae143d148f559e3\smss.exe
[2015/04/27 19:17:12 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CF8DC00FA29243A347AD4B605AFFF1E5 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23040_none_0ac5a057490afc94\smss.exe
[2015/04/27 19:22:53 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=DA5EF2CC0764BE7097BAFA9CAF903FE8 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18839_none_0a4ffdf02fdcf1a6\smss.exe
[2015/07/22 22:03:29 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E31F311AEACDAB79CFA4E5B5ACB2B954 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23142_none_0ac7a2d149092c69\smss.exe
[2013/08/02 00:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2016/01/22 06:27:45 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F7EF6821E330D14E3A84649A35C86217 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.23338_none_0ad8784548fba2d0\smss.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2012/02/11 06:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012/02/11 06:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2010/11/21 03:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012/02/11 06:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe

[color=#A23BEC]< MD5 for: STORPORT.SYS >[/color]
[2011/03/11 06:41:37 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=19CB37AC38B802BE9C441D094521A29A -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17577_none_8564756e46fc63bf\storport.sys
[2011/03/11 06:19:25 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=337707BA01B8C246F5CECB518CC0C3E6 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.21680_none_85dc404760286e19\storport.sys
[2014/02/04 02:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) MD5=A3F0BC5897F9D3786A3CB695B163633A -- C:\Windows\SysNative\drivers\storport.sys
[2014/02/04 02:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) MD5=A3F0BC5897F9D3786A3CB695B163633A -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.18386_none_85588aa4470585ac\storport.sys
[2010/11/21 03:24:00 | 000,189,824 | ---- | M] (Microsoft Corporation) MD5=CCE3074CEE5F2FAF1E7468F224C409CC -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.17514_none_85a2541846ce7014\storport.sys
[2014/02/04 02:37:55 | 000,191,424 | ---- | M] (Microsoft Corporation) MD5=FFC20D2055686D6F1BD8060FD93F4322 -- C:\Windows\winsxs\amd64_microsoft-windows-storport_31bf3856ad364e35_6.1.7601.22589_none_85e52a3360206ea2\storport.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 01:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 01:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2014/04/05 02:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 02:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 17:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2014/04/05 02:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/21 03:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012/10/03 17:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2010/11/21 03:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysNative\drivers\termdd.sys
[2010/11/21 03:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\termdd.sys
[2010/11/21 03:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) MD5=561E7E1F06895D78DE991E01DD0FB6E5 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\termdd.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 03:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 03:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2016/03/29 17:53:59 | 003,216,896 | ---- | M] (Microsoft Corporation) MD5=1D0A5FF3C7C7EA7480429D16D38B60EA -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23407_none_17b0bb62ca395cd3\win32k.sys
[2014/07/09 00:59:28 | 003,166,720 | ---- | M] (Microsoft Corporation) MD5=3E7BE3C11F521A8019EC3B5D410236E5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22739_none_179268acca4fc128\win32k.sys
[2015/11/10 17:47:27 | 003,211,264 | ---- | M] (Microsoft Corporation) MD5=4287A4345CFFDD4D7710B2FCFF6C21BC -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.19061_none_16e037a1b151d530\win32k.sys
[2016/04/09 05:49:33 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=7DA8DE6CCB885424ABFC7514BD153BED -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23418_none_17a6ebc0ca40921b\win32k.sys
[2012/03/31 02:56:14 | 003,148,800 | ---- | M] (Microsoft Corporation) MD5=88592AB8F8AE4F7264A936AEE682BBE5 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.21955_none_1778e240ca63745b\win32k.sys
[2015/11/10 17:52:20 | 003,215,360 | ---- | M] (Microsoft Corporation) MD5=9C9D06EC47A0FB6C5B3B7B9DFD085571 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23265_none_176dd77aca6bd77d\win32k.sys
[2010/11/21 03:24:16 | 003,126,272 | ---- | M] (Microsoft Corporation) MD5=A89392A32BA98468710FD7E38318934B -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17514_none_17197f29b1265401\win32k.sys
[2014/07/09 01:00:27 | 003,163,648 | ---- | M] (Microsoft Corporation) MD5=B7E1AE22FD172A6E71F5D1C47FD6CC88 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18528_none_1712999db12aeeef\win32k.sys
[2016/06/14 15:03:37 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=B813B68D0681D5F74E122760E3F6DA71 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23471_none_175f0a32ca778860\win32k.sys
[2014/06/18 01:07:45 | 003,161,088 | ---- | M] (Microsoft Corporation) MD5=CD3EAE91B5D2782725B64C141BA7E4D3 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22722_none_17963692ca4df3d6\win32k.sys
[2015/07/30 17:03:42 | 003,210,752 | ---- | M] (Microsoft Corporation) MD5=E2A3C165679A3DCB69643BB2178B690D -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23149_none_17877694ca5807d0\win32k.sys
[2014/06/18 01:10:36 | 003,157,504 | ---- | M] (Microsoft Corporation) MD5=F1726E14C8F7B40CD828345890AAF764 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18512_none_171767cdb1283af4\win32k.sys
[2012/03/31 03:10:03 | 003,146,240 | ---- | M] (Microsoft Corporation) MD5=F4C456F9235ED440B81107E951555411 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.17803_none_1723547db11f162e\win32k.sys
[2016/07/08 15:01:47 | 003,218,944 | ---- | M] (Microsoft Corporation) MD5=F599F9438186D88E6A9D0F38806C1217 -- C:\Windows\SysNative\win32k.sys
[2016/07/08 15:01:47 | 003,218,944 | ---- | M] (Microsoft Corporation) MD5=F599F9438186D88E6A9D0F38806C1217 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23497_none_174f6c16ca82584c\win32k.sys
[2015/07/30 16:56:07 | 003,208,192 | ---- | M] (Microsoft Corporation) MD5=F97A0CFC495C92FF2F6A03933157D115 -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18946_none_16fb00c9b13ce8bf\win32k.sys
[2016/05/12 15:03:30 | 003,217,408 | ---- | M] (Microsoft Corporation) MD5=FEF363423D73B3C7A895A5BC04F53A8E -- C:\Windows\winsxs\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.23452_none_1775aa54ca6669d5\win32k.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 01:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 01:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 01:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 01:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 03:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 11:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 09:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014/07/17 02:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014/07/17 02:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014/07/16 03:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2017/02/28 12:15:40 | 000,091,136 | ---- | M] ()(C:\Users\Ucf\Documents\???? ?????? ?????.doc) -- C:\Users\Ucf\Documents\#-E/ DGH'HJ .H'71.doc
[2017/02/28 12:15:40 | 000,091,136 | ---- | C] ()(C:\Users\Ucf\Documents\???? ?????? ?????.doc) -- C:\Users\Ucf\Documents\#-E/ DGH'HJ .H'71.doc

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 482 bytes -> C:\ProgramData\TEMP:9A870F8B

< End of report >

Signaler le contenu de ce document