cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06.05.2018 01
Ran by YOUCEF (administrator) on YOUCEF-PC (07-05-2018 20:52:16)
Running from C:\Users\YOUCEF\Desktop
Loaded Profiles: YOUCEF (Available Profiles: YOUCEF)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(mst software GmbH, Germany) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\DfSdkS.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe
(SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(InfoVista) C:\Program Files\TEMS\TEMS Mediator\Application\Mediator.Service.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
() C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskkill.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\YOUCEF\Desktop\CKScanner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner2.exe [4164944 2016-07-01] (Ashampoo Development GmbH & Co. KG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3997752 2016-12-09] (Tonec Inc.)
HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 83.149.99.201 8.8.8.8
Tcpip\..\Interfaces\{96C5ABB8-20C9-4F7F-87DD-906FDCBE908D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C3A62E0B-2648-4232-95F3-58DC92A0BE68}: [DhcpNameServer] 83.149.99.201 8.8.8.8
Tcpip\..\Interfaces\{CC73DD8C-CD3B-491D-8093-A6C7E72E86C6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{F610EC8F-72E8-4D0A-9767-6573EA3B9085}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1376225461-1210758792-745474167-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-04-14] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-04-14] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1376225461-1210758792-745474167-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1376225461-1210758792-745474167-1000 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///G:/components/hidinputmonitorx.ocx
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///G:/components/A9.ocx
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///G:/components/wmvhdrating.ocx
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\YOUCEF\AppData\Roaming\Mozilla\Firefox\Profiles\imxrni5e.default [2018-05-05]
FF user.js: detected! => C:\Users\YOUCEF\AppData\Roaming\Mozilla\Firefox\Profiles\imxrni5e.default\user.js [2018-04-17]
FF NetworkProxy: Mozilla\Firefox\Profiles\imxrni5e.default -> backup.ftp", ""
FF HKLM\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => not found
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-05]
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\Firefox\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => not found
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2018-02-28]
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\SeaMonkey\Extensions: [eagleget_ffext@eagleget.com] - C:\Program Files\EagleGet\addon\eagleget_ffext@eagleget.com.xpi => not found
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\YOUCEF\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\YOUCEF\AppData\Roaming\IDM\idmmzcc5 [2018-05-05] [Legacy] [not signed]
FF HKU\S-1-5-21-1376225461-1210758792-745474167-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-04-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-04-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.fr/
CHR Profile: C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default [2018-05-07]
CHR Extension: (Slides) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-14]
CHR Extension: (YouTube) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-14]
CHR Extension: (Adblock pour Youtube™) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-08-14]
CHR Extension: (Adobe Acrobat) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-14]
CHR Extension: (Screengrab!) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccdiabakoglkihagkjmaomipdeegbpk [2018-04-25]
CHR Extension: (Sheets) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
CHR Extension: (AdBlock) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-05]
CHR Extension: (Google Maps) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-04-14]
CHR Extension: (IDM Integration Module) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-04-14]
CHR Extension: (Service proxy et VPN Hotspot Shield gratuit - Déblocage de sites) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2018-04-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-14]
CHR Extension: (Chrome Media Router) - C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
CHR Profile: C:\Users\YOUCEF\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2018-03-01]
CHR HKU\S-1-5-21-1376225461-1210758792-745474167-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files\EagleGet\addon\eagleget_newtab.crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AtollCalcSvr; C:\Program Files\Forsk\Atoll\AtollSvr.exe [646144 2011-03-01] (Forsk) [File not signed]
R2 AVP18.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S4 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2016-03-02] (Intel Corporation)
R2 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\DfsdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1115904 2017-08-18] (Flexera Software LLC)
R2 hasplms; C:\Windows\system32\hasplms.exe [4647248 2016-09-14] (SafeNet, Inc.)
S4 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [155848 2017-07-26] () [File not signed]
R2 KSDE2.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S4 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [747088 2017-09-06] (Lenovo.)
S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1413696 2016-12-21] (O&O Software GmbH)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220248 2017-08-15] (Synaptics Incorporated)
S2 TDDRDataProcessor; C:\Program Files\TEMS\TEMS Discovery Device\TdDpService.exe [41984 2017-11-09] (InfoVista) [File not signed]
S3 TDDRDBManager; C:\Program Files\TEMS\TEMS Discovery Device\TdDbService.exe [38912 2017-11-09] (InfoVista) [File not signed]
S3 TEMS Network Monitor Service; C:\Program Files\Ascom\TEMS Products\TEMS Investigation 16\Application\TEMS.Netmon.Service.exe [50688 2016-05-26] (Ascom) [File not signed]
R2 TEMSMediatorService; C:\Program Files\TEMS\TEMS Mediator\Application\Mediator.Service.exe [38808 2017-10-03] (InfoVista)
S4 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTunerService.exe [257872 2016-07-01] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [450920 2016-09-14] (SafeNet, Inc.)
S3 ampa; C:\Windows\system32\ampa.sys [35760 2016-12-26] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [176864 2016-12-26] (AO Kaspersky Lab)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2012-06-15] (Cypress Semiconductor, Inc.)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [371664 2017-08-15] (Intel Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [627048 2016-09-14] (SafeNet, Inc.)
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [199680 2017-07-26] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-08-15] (REALiX(tm))
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [503048 2015-05-29] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27376 2015-05-29] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [165296 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [62184 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [98504 2018-05-05] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [69000 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [164032 2018-05-05] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [659136 2018-05-05] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [835272 2018-05-05] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49344 2018-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [50400 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [51424 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45552 2017-12-24] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48056 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75760 2017-12-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [121544 2018-05-05] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [165088 2017-12-24] (AO Kaspersky Lab)
R2 LiveTuner2PM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner32.sys [14088 2014-03-20] ()
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [157752 2016-03-28] (Intel Corporation)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [51584 2018-05-06] (Chingachguk & Denger2k (Elite & SP edition))
R1 nm3; C:\Windows\System32\DRIVERS\nm3.sys [39736 2010-06-09] (Microsoft Corporation)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [112752 2011-03-02] (QUALCOMM Incorporated)
R2 risdxc; C:\Windows\System32\DRIVERS\risdxc86.sys [76288 2011-05-25] (REDC)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3175128 2015-01-06] (Realtek Semiconductor Corporation )
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [123952 2016-02-10] (Power Software Ltd)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [151552 2017-08-15] (Prolific Technology Inc.)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2015-07-23] (Synaptics Incorporated)
R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [38376 2009-09-17] (SafeNet, Inc.)
S3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [44776 2016-07-22] (Microsoft Corporation)
S3 catchme; \??\C:\Users\YOUCEF\AppData\Local\Temp\catchme.sys [X]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2017-07-26] (Huawei Technologies Co., Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys F582FC7976F1248AC5FBD6875C626B41
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aksfridge.sys A01FE4C0AD0282EE31815158D64785CE
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\ampa.sys 12F9554C965A20215596F42DA0BE8B1F
C:\Windows\system32\drivers\appid.sys CFDE39A2FBD7809D9A0F329351DD78F4
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 28AF7D4427868B7CE4C00CAB1864C7F6
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys E4967C6AAFE48EC62B8B9AD82D8ABCCE
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cm_km.sys 97F5C73D0DFF4220A4FAEA0EE568F4B5
C:\Windows\System32\Drivers\cng.sys 7F7D4B16389CEF932950F6B2604D2601
C:\Windows\System32\drivers\CHDRT32.sys 0D0C7AD3EDF22922D4310C88A6BDD9D9
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cykbfltr.sys 2D5E4EEA4A10ECD2390ECD21ABD06E70
C:\Windows\System32\DRIVERS\dc3d.sys 249633AED9078C3ECD04CA726D327635
C:\Windows\System32\Drivers\dfsc.sys 2962AB36BF231188BBECF58A5E93798D
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys B7B470F163002A0D0E381EE45834BF6B
C:\Windows\system32\drivers\drmkaud.sys A3F684B866A7D89AE396276CE7AFD416
C:\Windows\System32\drivers\dxgkrnl.sys 897AE9430D037B056CF76A49CF588542
C:\Windows\System32\DRIVERS\e1c6232.sys 4D177FEA8770A65D3ED20B9C61A3C8E5
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys 53E8732CC70CC0991839DF9FC8996E4A
C:\Windows\system32\Drivers\fastfat.sys 24F422E5D7517FEBDA2324116F1A7BE6
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys F07B0E42088848BDC9F2C91780231E9D
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys 08DC699788A99693372BBE1ED5F224F5
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys AE003D56CF949FDF25CE9D4858512586
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys E6D40D774076BCD7119CB7FAAA1A6004
C:\Windows\System32\DRIVERS\hw_quusbmdm.sys 8EC2841972A5E9C1D66B35BEAA64446B
C:\Windows\system32\drivers\HWiNFO32.SYS 4004657E385E6C714825EB9031ED2062
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStorA.sys D777C292F5F69D9729C35AC8F0CE79E2
C:\Windows\System32\DRIVERS\iaStorF.sys D2F7030092366D8A860EED9A1D619698
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\System32\DRIVERS\ibmpmdrv.sys 2995DD99B5B2BF05E91F17F5CC0D97B3
C:\Windows\System32\DRIVERS\idmwfp.sys 68A754FEA927C37C04EED95CBB43C34A
C:\Windows\System32\DRIVERS\igdkmd32.sys 3FAADC1600DA8865B04FA34C3F678C7C
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys D01C750421277EDAD729CDE1FA3BF36C
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kl1.sys 8A9A6AC80637DEB4963F6E392BA58A1F
C:\Windows\System32\DRIVERS\klbackupdisk.sys 18B963C6E0203B45CEDCCE82B5E4332D
C:\Windows\System32\DRIVERS\klbackupflt.sys D1AC3C79964FB24BA13268BE2C6367D7
C:\Windows\System32\DRIVERS\kldisk.sys 6B2A3C8059FE7D14255D81701BC7C380
C:\Windows\System32\DRIVERS\klflt.sys 0E43546948B032DE8617B2BFE4C8C18C
C:\Windows\System32\DRIVERS\klhk.sys 91ACB3A4F361247A602EA2F1CE93FBA7
C:\Windows\System32\DRIVERS\klif.sys 1E613F868D1F7EB48658A61ACC1A9B06
C:\Windows\System32\DRIVERS\klim6.sys CEA1D8480E272AD3A4995C821125B71E
C:\Windows\System32\DRIVERS\klkbdflt.sys F9E6FED49AE59E52A60DCA8B5EA5F934
C:\Windows\System32\DRIVERS\klmouflt.sys 33378886837435DC9BFC1E8B24A181F7
C:\Windows\System32\DRIVERS\klpd.sys 7ADA7AF3394B697474315A5E3E002D78
C:\Windows\System32\DRIVERS\kltap.sys F6D34D7C08D4A17A7F1293093BA857CC
C:\Windows\System32\DRIVERS\kltdi.sys 95C49FC14D3D3F541549D20BE15094F0
C:\Windows\System32\DRIVERS\klwtp.sys 536C9958431D58453178DADC4EC7BA3F
C:\Windows\System32\DRIVERS\kneps.sys 9B03367CB7BC8FDD67DBABB6D63670BB
C:\Windows\System32\Drivers\ksecdd.sys B8A18D5517B8200BAA35707AFA3C5074
C:\Windows\System32\Drivers\ksecpkg.sys 8C43914C09B464B010516AD3E409D5DD
C:\Program Files\Ashampoo\Ashampoo WinOptimizer 14\LiveTuner32.sys 9EDE8DE921C8025EBEB417E37DF4537A
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys 4BA509FEF4DB0B683C46821ACDF20B9E
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriver.sys 2FF3EEAD11EC26033C7BCF815E89B4D6
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 9664F55623B43FD85D5642A202976AEE
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys 20BE6173FD814436000DED25973D3FDC
C:\Windows\system32\drivers\mrxdav.sys 06AC0310138E4B2C35AF7344D18BC686
C:\Windows\System32\DRIVERS\mrxsmb.sys ED96A1960349C16147A8CC3F3BC95E6D
C:\Windows\System32\DRIVERS\mrxsmb10.sys 05A1BEBBF7E687DF0A8A8938B02C5BB3
C:\Windows\System32\DRIVERS\mrxsmb20.sys 84C1593A4D3787B90AAE120C621452C7
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\multikey.sys E90BD0D2B4188F96B6B5FD975648CAC8
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys 5F2B9CD280C48A8015AD70FCF4DFB758
C:\Windows\System32\drivers\ndis.sys F241CF64EC874861775B81F122532B94
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys EB806AED1697ABD9A0D21BB00888233C
C:\Windows\System32\DRIVERS\netbt.sys 2E226E666C6E11DC8C850071A90BE2DC
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nm3.sys D8F75DC28A480E1BA288F217CC7144D2
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys C68AA651F93450ECA51A60D45A8E266C
C:\Windows\system32\Drivers\Ntfs.sys F0CCA0FFC94FE93C03E00A6646D6A3D1
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys 0C941A3F148B4228867908F98F394461
C:\Windows\System32\DRIVERS\point32.sys 7AE05E80DFCB24455EE17CA7D93E96BE
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys DC0453903820086F9043C513FFC4E4AA
C:\Windows\System32\DRIVERS\qcusbser.sys F73A5BA4B0FC8BB6A753E22DC976EF8B
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 856D4FDA0F2FACEDD68ED8B6C52BCA14
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\system32\Drivers\RDPWD.sys CD9214A6AE17D188D17C3CF8CB9CC693
C:\Windows\System32\drivers\rdyboost.sys 2AA7FB156B876CAC20FC1FDEB2D1E95C
C:\Windows\System32\DRIVERS\risdxc86.sys D6481828C5E6296942C6B441C481D60E
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rtwlane.sys 2852DAB329848E033F710E0FE0EDA5CF
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\system32\Drivers\SCDEmu.sys 327B6A9ACC0B90B35311CEF8C509461A
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SENTINEL.SYS A2CC81C30BEF6AC9F27055490EEF6DE3
C:\Windows\System32\DRIVERS\ser2pl.sys 032CA97D5E263C7B8BB475126667ACCF
C:\Windows\System32\DRIVERS\ser2pl.sys 032CA97D5E263C7B8BB475126667ACCF
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys 69410EEA87E3C61DE0CAEC3F635F9418
C:\Windows\System32\DRIVERS\SNTNLUSB.SYS CE724FC3EF8468BBAB146CA1793C66DC
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 0D702F909C178474660AEA2DD385F2EB
C:\Windows\System32\DRIVERS\srv2.sys E820CCE246A33A933FD7268ECA431528
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys 5D423D81728D54566A4806C819BC2652
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 187BA15C39A06D60BE17002E92E56C83
C:\Windows\System32\drivers\tcpip.sys 6A9E1018611E1EACB61D7B51B228D24F
C:\Windows\System32\DRIVERS\tcpip.sys 6A9E1018611E1EACB61D7B51B228D24F
C:\Windows\System32\drivers\tcpipreg.sys A4BF8BE9D1F7D563C7868AC7B2561545
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys 8F143F86FDD8CF4F7BD25973C5983F9D
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys F0E99E1982E78251A564159EB1D22CBE
C:\Windows\System32\DRIVERS\tssecsrv.sys 6841C85446F906E4584D43A70484E318
C:\Windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys A176718F0DF45F60F545CF3E14F4D108
C:\Windows\System32\DRIVERS\usbccgp.sys 87632869F4350B7CE711B356B1936B2B
C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041
C:\Windows\system32\drivers\usbehci.sys EF8127E7E612694F4E8FFDA37D9D00E4
C:\Windows\system32\drivers\usbhub.sys 711E9F7CA6F9A2351F4F97F31004E589
C:\Windows\system32\drivers\usbohci.sys 831F708F06CD5BF3933FBDFB388C606D
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys FC6B21DB4B5B398AB93DBE59CBF11036
C:\Windows\System32\DRIVERS\USBSTOR.SYS 144DA53294922A84FFAA3D90B1453745
C:\Windows\system32\drivers\usbuhci.sys 89BDF895EB76E3EC1C02EEF5AA18928D
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys 21D83DD717E8D681364A5E44A5459717
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys 969D011AE37FBAB4F38B20FB20125BFC
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-07 20:52 - 2018-05-07 20:52 - 000041049 _____ C:\Users\YOUCEF\Desktop\FRST.txt
2018-05-07 20:51 - 2018-05-07 20:51 - 001767936 _____ (Farbar) C:\Users\YOUCEF\Desktop\FRST.exe
2018-05-07 20:51 - 2018-05-07 20:51 - 000000000 ____D C:\Users\YOUCEF\Desktop\FRST-OlderVersion
2018-05-07 20:45 - 2018-05-07 20:45 - 000000307 _____ C:\Users\YOUCEF\Desktop\ckfiles.txt
2018-05-07 20:22 - 2018-05-07 20:22 - 003090816 _____ C:\Users\YOUCEF\ZHPDiag3.exe
2018-05-06 16:10 - 2018-05-06 16:10 - 000005698 _____ C:\Users\YOUCEF\Downloads\Releve-CCP.xls
2018-05-06 11:50 - 2018-05-07 20:47 - 000002229 _____ C:\WinChk.txt
2018-05-06 11:48 - 2018-05-06 11:48 - 000468480 _____ () C:\Users\YOUCEF\Desktop\CKScanner.exe
2018-05-06 11:48 - 2018-05-06 11:48 - 000315000 _____ C:\Users\YOUCEF\Desktop\winchk_2.0.exe
2018-05-06 11:38 - 2018-05-07 20:22 - 000000626 _____ C:\Users\YOUCEF\Desktop\ZHPDiag.lnk
2018-05-06 11:37 - 2018-05-06 11:37 - 003086720 _____ C:\Users\YOUCEF\Desktop\ZHPDiag3.exe
2018-05-06 01:20 - 2018-05-06 01:20 - 001523712 _____ C:\Users\YOUCEF\Documents\Document1.ATL
2018-05-06 01:20 - 2018-05-06 01:20 - 000000000 ____D C:\Users\YOUCEF\Documents\Document1.losses
2018-05-06 01:09 - 2018-05-06 01:09 - 000001430 _____ C:\Users\YOUCEF\Desktop\Atoll.exe - Shortcut.lnk
2018-05-06 01:05 - 2018-05-06 01:05 - 000000000 ____D C:\Windows\LastGood
2018-05-05 14:48 - 2018-05-05 14:48 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-05-05 14:46 - 2018-05-05 14:46 - 000004141 _____ C:\Users\YOUCEF\Downloads\Fixlog.txt
2018-05-05 14:40 - 2018-05-05 14:40 - 000000819 _____ C:\Users\YOUCEF\Desktop\fixlist.txt
2018-05-05 14:39 - 2018-05-05 14:40 - 000044524 _____ C:\Users\YOUCEF\Downloads\FRST.txt
2018-05-05 14:39 - 2018-05-05 14:40 - 000039608 _____ C:\Users\YOUCEF\Downloads\Addition.txt
2018-05-05 14:38 - 2018-05-07 20:52 - 000000000 ____D C:\FRST
2018-05-05 14:36 - 2018-05-05 14:37 - 002066432 _____ (Farbar) C:\Users\YOUCEF\Downloads\FRST.exe
2018-05-05 13:09 - 2018-05-05 13:09 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-05 13:09 - 2018-05-05 13:09 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-05 13:00 - 2018-05-05 13:00 - 000190976 _____ C:\Users\YOUCEF\AppData\Local\GDIPFONTCACHEV1.DAT
2018-05-02 12:22 - 2018-05-02 12:23 - 000005598 _____ C:\Users\YOUCEF\Documents\blida sites april 2018
2018-05-02 10:50 - 2018-05-02 10:51 - 000640576 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-02 09:36 - 2018-05-02 09:36 - 000000000 _____ C:\Users\YOUCEF\AppData\Local\{160FDCA3-4650-4DE0-8F2F-937EEBBAA168}
2018-04-28 23:54 - 2018-03-14 19:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-28 23:54 - 2018-03-14 19:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-28 23:54 - 2018-03-14 15:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-28 23:54 - 2018-03-14 15:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-26 20:03 - 2018-04-26 20:04 - 004314303 _____ C:\Users\YOUCEF\Downloads\SR-8800HD_HYPER_V2.31(19388)_24042018.zip
2018-04-26 00:21 - 2018-04-26 00:21 - 000002186 _____ C:\Users\Public\Desktop\1-Click-Optimizer (WO14).lnk
2018-04-26 00:21 - 2018-04-26 00:21 - 000001184 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 14.lnk
2018-04-26 00:21 - 2018-04-26 00:21 - 000000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2018-04-26 00:21 - 2018-04-26 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-04-26 00:21 - 2018-04-26 00:21 - 000000000 ____D C:\ProgramData\Ashampoo
2018-04-26 00:21 - 2018-04-26 00:21 - 000000000 ____D C:\Program Files\Ashampoo
2018-04-26 00:21 - 2009-08-24 22:08 - 000028160 _____ (mst software GmbH, Germany) C:\Windows\system32\DfSdkBt.exe
2018-04-22 16:28 - 2018-04-22 16:28 - 000001985 _____ C:\Users\Public\Desktop\Lotus Notes 6.5.lnk
2018-04-22 16:28 - 2018-04-22 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applications Lotus
2018-04-22 16:28 - 2018-04-22 16:28 - 000000000 ____D C:\Program Files\lotus
2018-04-21 19:10 - 2018-04-22 16:06 - 000000000 ____D C:\Users\YOUCEF\Desktop\backups
2018-04-21 18:59 - 2018-05-07 20:25 - 000154446 _____ C:\Users\YOUCEF\Desktop\ZHPDiag.txt
2018-04-21 18:56 - 2018-03-31 03:12 - 001310480 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-04-21 18:56 - 2018-03-31 03:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-04-21 18:56 - 2018-03-31 02:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-04-21 18:56 - 2018-03-31 02:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-04-21 18:56 - 2018-03-31 02:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-04-21 18:56 - 2018-03-31 02:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-04-21 18:56 - 2018-03-22 22:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-04-21 18:56 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-04-21 18:56 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-04-21 18:56 - 2018-03-09 20:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-04-21 18:56 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-04-17 20:21 - 2018-04-17 20:21 - 000000000 ____D C:\Windows\system32\(app)
2018-04-17 20:21 - 2018-04-17 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atoll
2018-04-17 20:20 - 2018-05-06 01:06 - 000051584 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2018-04-17 01:01 - 2018-04-17 01:01 - 000025630 _____ C:\ComboFix.txt
2018-04-17 00:45 - 2018-04-17 01:01 - 000000000 ____D C:\Qoobox
2018-04-17 00:45 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2018-04-17 00:45 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2018-04-17 00:45 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-04-17 00:45 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-04-17 00:45 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-04-17 00:45 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2018-04-17 00:45 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2018-04-17 00:45 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2018-04-17 00:44 - 2018-04-17 00:59 - 000000000 ____D C:\Windows\erdnt
2018-04-15 15:43 - 2018-04-17 01:05 - 000000000 ____D C:\Program Files\Common Files\IObit
2018-04-15 15:43 - 2018-04-15 15:44 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\ProductData
2018-04-15 15:43 - 2018-04-15 15:43 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2018-04-15 15:41 - 2018-04-15 15:41 - 000001111 _____ C:\Users\YOUCEF\Desktop\Foxit PDF Editor.lnk
2018-04-15 15:41 - 2018-04-15 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor
2018-04-15 15:41 - 2018-04-15 15:41 - 000000000 ____D C:\Program Files\Foxit Software
2018-04-14 17:08 - 2018-05-05 16:46 - 000002379 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2018-04-14 17:08 - 2018-04-14 17:08 - 000002159 _____ C:\Users\Public\Desktop\Protection bancaire.lnk
2018-04-14 17:08 - 2018-04-14 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2018-04-14 17:07 - 2018-05-05 14:15 - 000835272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2018-04-14 17:07 - 2018-05-05 14:15 - 000164032 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2018-04-14 16:41 - 2018-04-14 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-04-14 16:41 - 2018-04-14 16:40 - 000001240 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-04-14 00:39 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet(105).dll
2018-04-14 00:39 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(102).dll
2018-04-14 00:38 - 2018-03-31 03:12 - 001310480 _____ (Microsoft Corporation) C:\Windows\system32\ntdll(93).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv(89).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4(94).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32(77).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos(87).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore(98).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0(91).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel(95).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt(92).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest(103).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli(99).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt(80).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg(101).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv(83).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32(96).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp(81).dll
2018-04-14 00:38 - 2018-03-31 03:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema(78).dll
2018-04-14 00:38 - 2018-03-31 02:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss(97).exe
2018-04-14 00:38 - 2018-03-31 02:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase(82).dll
2018-04-14 00:38 - 2018-03-31 02:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass(90).exe
2018-04-14 00:38 - 2018-03-31 02:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv(100).dll
2018-04-14 00:38 - 2018-03-22 22:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(86).dll
2018-04-14 00:38 - 2018-03-09 20:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk(88).dll
2018-04-14 00:38 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui(79).dll
2018-04-14 00:36 - 2018-03-27 07:04 - 005914560 _____ C:\Users\YOUCEF\Desktop\RBS 6301.pdf
2018-04-12 21:41 - 2018-04-14 00:06 - 000000000 ____D C:\Users\YOUCEF\AppData\LocalLow\uTorrent
2018-04-12 21:41 - 2018-04-12 21:41 - 000029480 _____ C:\Users\YOUCEF\Downloads\the-watcher-french-dvdrip-2018.torrent
2018-04-10 22:50 - 2018-03-31 03:12 - 001310480 _____ (Microsoft Corporation) C:\Windows\system32\ntdll(98).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv(94).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4(99).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32(81).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos(92).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore(103).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0(96).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel(100).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt(97).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest(108).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli(104).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt(84).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg(106).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv(88).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32(101).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp(86).dll
2018-04-10 22:50 - 2018-03-31 03:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema(82).dll
2018-04-10 22:50 - 2018-03-31 02:47 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss(102).exe
2018-04-10 22:50 - 2018-03-31 02:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase(87).dll
2018-04-10 22:50 - 2018-03-31 02:47 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass(95).exe
2018-04-10 22:50 - 2018-03-31 02:47 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv(105).dll
2018-04-10 22:50 - 2018-03-22 22:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(91).dll
2018-04-10 22:50 - 2018-03-22 21:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet(110).dll
2018-04-10 22:50 - 2018-03-22 21:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(107).dll
2018-04-10 22:50 - 2018-03-09 20:12 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk(93).dll
2018-04-10 22:50 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui(83).dll
2018-04-05 20:03 - 2018-04-05 20:03 - 000012673 _____ C:\Users\YOUCEF\Desktop\UsbFix_Report.txt
2018-04-02 14:54 - 2018-04-02 14:51 - 000000000 ____D C:\Users\YOUCEF\Documents\docs
2018-04-02 09:29 - 2018-04-02 09:29 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-03-31 23:35 - 2018-03-31 23:35 - 000059157 _____ C:\Users\YOUCEF\Downloads\NexTorrent.pro-Jigsaw.2017.FRENCH.WEB-DL.torrent
2018-03-29 13:03 - 2018-03-29 13:14 - 002194581 _____ C:\Users\YOUCEF\Downloads\Numériser 6.jpeg
2018-03-29 13:03 - 2018-03-29 13:04 - 001984968 _____ C:\Users\YOUCEF\Downloads\Numériser 8.jpeg
2018-03-28 11:13 - 2018-03-28 11:39 - 000000000 ____D C:\Users\YOUCEF\Downloads\soualmi
2018-03-20 16:13 - 2018-03-20 20:25 - 000000000 ____D C:\ProgramData\McAfee
2018-03-20 16:13 - 2018-03-20 16:13 - 002599473 _____ (AIMP DevTeam) C:\Users\YOUCEF\Downloads\Optiwave_OptiSystem_7_0_Free.exe
2018-03-20 15:16 - 2018-03-20 15:34 - 000000000 ____D C:\Users\YOUCEF\Downloads\New folder
2018-03-18 16:57 - 2018-03-18 16:57 - 000153449 _____ C:\Users\YOUCEF\Downloads\ACHOUBI_ MUS.pdf
2018-03-18 10:51 - 2018-03-18 10:51 - 002367464 _____ C:\Users\YOUCEF\Downloads\facture réelle.PDF.pdf
2018-03-18 10:50 - 2018-03-18 10:51 - 002398934 _____ C:\Users\YOUCEF\Downloads\facture réelle.PDF
2018-03-18 10:49 - 2018-03-18 10:49 - 001104964 _____ C:\Users\YOUCEF\Downloads\ACFrOgA6_FXz7SN11gnNLb6KRY6DPQl5H9ABuD_rt7gvWF-tXB36-4hMYgY9DsPSY1s-Gp07vjAZhZtaN3OSFR5OYiU2v31Qp9GgUeMsAj_q87wtoKYSzyk6S6GtyfQ=.pdf
2018-03-18 10:48 - 2018-03-18 10:48 - 001989670 _____ C:\Users\YOUCEF\Downloads\ACFrOgA9B5whY6_zMu_i8AwOYkwnCH6AiwC0RuwIo2DDj_QdNWM_s2m5-SFzvjKMH5YGk05NKUzxR9Xf4dz9iQIZ6054Hy2WJjsCqEF9DfxBkMoLmJxue5pbvtBFoBg=.pdf
2018-03-17 04:11 - 2018-03-17 04:11 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2018-03-17 04:11 - 2018-03-17 04:11 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2018-03-16 13:28 - 2018-03-16 13:28 - 008834912 _____ C:\Users\YOUCEF\Downloads\heIN-2.0.apk
2018-03-15 22:24 - 2018-02-14 20:57 - 000347288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-15 22:24 - 2018-02-14 02:26 - 020274176 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-15 22:24 - 2018-02-14 02:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-03-15 22:24 - 2018-02-14 02:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-03-15 22:24 - 2018-02-14 02:06 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-15 22:24 - 2018-02-14 02:05 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-03-15 22:24 - 2018-02-14 02:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-03-15 22:24 - 2018-02-14 02:05 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-03-15 22:24 - 2018-02-14 02:04 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-15 22:24 - 2018-02-14 02:02 - 002294272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil(87).dll
2018-03-15 22:24 - 2018-02-14 02:00 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-03-15 22:24 - 2018-02-14 02:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-03-15 22:24 - 2018-02-14 01:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-03-15 22:24 - 2018-02-14 01:57 - 000662528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-15 22:24 - 2018-02-14 01:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-15 22:24 - 2018-02-14 01:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-03-15 22:24 - 2018-02-14 01:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-03-15 22:24 - 2018-02-14 01:53 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-15 22:24 - 2018-02-14 01:50 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-03-15 22:24 - 2018-02-14 01:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-15 22:24 - 2018-02-14 01:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-03-15 22:24 - 2018-02-14 01:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-03-15 22:24 - 2018-02-14 01:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-03-15 22:24 - 2018-02-14 01:43 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-15 22:24 - 2018-02-14 01:43 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-15 22:24 - 2018-02-14 01:42 - 004498944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-15 22:24 - 2018-02-14 01:42 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-03-15 22:24 - 2018-02-14 01:39 - 013680640 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-15 22:24 - 2018-02-14 01:37 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-15 22:24 - 2018-02-14 01:35 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-15 22:24 - 2018-02-14 01:35 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-15 22:24 - 2018-02-14 01:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-03-15 22:24 - 2018-02-14 01:34 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-03-15 22:24 - 2018-02-14 01:22 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet(106).dll
2018-03-15 22:24 - 2018-02-14 01:18 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\urlmon(103).dll
2018-03-15 22:24 - 2018-02-14 01:16 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-15 22:24 - 2018-01-15 21:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-03-15 22:24 - 2018-01-12 18:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-15 16:22 - 2018-03-15 16:22 - 000156534 _____ C:\Users\YOUCEF\Downloads\ACHOUBI_ Confirmation.pdf
2018-03-15 16:21 - 2018-03-15 16:21 - 000144963 _____ C:\Users\YOUCEF\Downloads\RACHI SAID_ Confirmation.pdf
2018-03-13 16:54 - 2018-03-14 21:37 - 000000000 __SHD C:\Users\YOUCEF\AppData\Roaming\Pr
2018-03-13 16:54 - 2018-03-14 21:37 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\Appԁata
2018-03-13 16:50 - 2018-05-06 11:39 - 000000000 __SHD C:\Users\YOUCEF\AppData\Roaming\Latas
2018-03-13 16:49 - 2018-03-13 16:49 - 000001354 _____ C:\Users\YOUCEF\Desktop\Hein Recovery 1.8.lnk
2018-03-13 16:49 - 2018-03-13 16:49 - 000001279 _____ C:\Users\YOUCEF\Desktop\Hein 4.5.2.lnk
2018-03-13 16:47 - 2018-03-13 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-03-13 16:47 - 2018-03-13 16:47 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-03-13 16:02 - 2018-03-13 20:35 - 000172965 _____ C:\Users\YOUCEF\Downloads\FACTURE.pdf
2018-03-13 15:27 - 2018-03-13 15:27 - 000090635 _____ C:\Users\YOUCEF\Downloads\DOC060318-06032018183507(1).pdf
2018-03-13 15:27 - 2018-03-13 15:27 - 000075657 _____ C:\Users\YOUCEF\Downloads\DOC060318-06032018183302(1).pdf
2018-03-13 15:26 - 2018-03-13 15:26 - 000741721 _____ C:\Users\YOUCEF\Downloads\IMG_20180312_0015.pdf
2018-03-13 15:26 - 2018-03-13 15:26 - 000716620 _____ C:\Users\YOUCEF\Downloads\IMG_20180312_0016.pdf
2018-03-13 15:26 - 2018-03-13 15:26 - 000688665 _____ C:\Users\YOUCEF\Downloads\IMG_20180312_0014.pdf
2018-03-12 13:08 - 2018-03-12 13:08 - 000000979 _____ C:\Users\YOUCEF\Desktop\Internet Download Manager.lnk
2018-03-12 13:08 - 2018-03-12 13:08 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-03-12 13:08 - 2018-03-12 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-03-11 07:38 - 2018-03-11 07:38 - 000000000 ____D C:\Windows\system32\Adobe
2018-03-09 17:50 - 2018-03-09 17:50 - 000090635 _____ C:\Users\YOUCEF\Downloads\DOC060318-06032018183507.pdf
2018-03-09 17:47 - 2018-03-09 17:48 - 000075657 _____ C:\Users\YOUCEF\Downloads\DOC060318-06032018183302.pdf
2018-03-04 20:55 - 2018-03-04 21:00 - 000018286 _____ C:\Users\YOUCEF\Downloads\ATTX57HW518233403.xlsx
2018-03-04 20:16 - 2018-03-04 20:16 - 000000000 ____D C:\Users\YOUCEF\Desktop\New folder
2018-03-04 19:53 - 2018-03-04 19:53 - 000011418 _____ C:\Users\YOUCEF\Downloads\World_Iptv_2011.m3u
2018-03-04 19:52 - 2018-03-04 19:52 - 000007185 _____ C:\Users\YOUCEF\Downloads\4003-it-m3u.m3u
2018-03-02 18:42 - 2018-04-16 02:03 - 000000000 ____D C:\Users\YOUCEF\Documents\EGDownloads
2018-03-01 17:38 - 2018-03-01 17:36 - 000149688 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2018-02-28 15:53 - 2018-03-12 13:09 - 000000000 ____D C:\Program Files\Common Files\EagleGet
2018-02-28 15:50 - 2018-02-28 15:49 - 001055666 _____ C:\Users\YOUCEF\Downloads\طريقة حذف الباسورد نهائيا في حالة نسيانه (1).pdf
2018-02-28 15:42 - 2018-02-28 15:42 - 001055666 _____ C:\Users\YOUCEF\Downloads\طريقة حذف الباسورد نهائيا في حالة نسيانه.pdf
2018-02-28 10:41 - 2009-05-01 22:56 - 000116224 _____ (Ldc) C:\Users\YOUCEF\Desktop\USB Show.exe
2018-02-25 21:37 - 2018-02-25 21:37 - 000129531 _____ C:\Users\YOUCEF\Downloads\Recu de paiement EDAHABIA (1).pdf
2018-02-25 10:00 - 2018-02-25 10:00 - 000870554 _____ C:\Users\YOUCEF\Downloads\NOTEG 228.29.01.2018.pdf
2018-02-25 09:59 - 2018-02-25 09:59 - 000870490 _____ C:\Users\YOUCEF\Downloads\NOTE 228.29.01.2018.pdf
2018-02-20 11:45 - 2018-02-20 11:45 - 000000000 ____D C:\Users\YOUCEF\Desktop\BMW CHERAGA
2018-02-13 21:37 - 2018-01-12 18:29 - 004014312 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-02-13 21:37 - 2018-01-12 18:29 - 003959016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-02-13 21:37 - 2018-01-12 18:29 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-02-13 21:37 - 2018-01-12 18:29 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-02-13 21:37 - 2018-01-12 18:29 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-02-13 21:37 - 2018-01-12 18:29 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-02-13 21:37 - 2018-01-12 18:29 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-02-13 21:37 - 2018-01-12 18:29 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-02-13 21:37 - 2018-01-12 18:27 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll(94).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv(90).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4(95).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32(78).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos(88).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore(99).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0(92).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel(96).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt(93).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest(104).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli(100).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt(81).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg(102).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv(84).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32(97).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp(82).dll
2018-02-13 21:37 - 2018-01-12 18:26 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema(79).dll
2018-02-13 21:37 - 2018-01-12 18:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-02-13 21:37 - 2018-01-12 18:05 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-02-13 21:37 - 2018-01-12 18:05 - 000025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-02-13 21:37 - 2018-01-12 18:05 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-02-13 21:37 - 2018-01-12 18:02 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-02-13 21:37 - 2018-01-12 18:02 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-02-13 21:37 - 2018-01-12 18:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-02-13 21:37 - 2018-01-12 18:02 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-02-13 21:37 - 2018-01-12 18:02 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-02-13 21:37 - 2018-01-12 17:59 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-02-13 21:37 - 2018-01-12 17:57 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-02-13 21:37 - 2018-01-12 17:57 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-02-13 21:37 - 2018-01-12 17:57 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-02-13 21:37 - 2018-01-12 17:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase(83).dll
2018-02-13 21:37 - 2018-01-12 17:56 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss(98).exe
2018-02-13 21:37 - 2018-01-12 17:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass(91).exe
2018-02-13 21:37 - 2018-01-12 17:56 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv(101).dll
2018-02-13 21:37 - 2018-01-11 18:22 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-02-13 21:37 - 2018-01-11 18:01 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-02-13 21:37 - 2018-01-05 18:14 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-02-13 21:37 - 2018-01-05 18:11 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-02-13 21:37 - 2018-01-05 18:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-02-13 21:37 - 2018-01-05 18:11 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk(89).dll
2018-02-13 21:37 - 2018-01-05 18:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-02-13 21:37 - 2018-01-05 17:50 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-02-13 21:37 - 2017-12-05 19:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2018-02-13 21:37 - 2017-12-05 17:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2018-02-12 14:40 - 2018-02-12 14:40 - 000000000 ____D C:\Users\YOUCEF\Documents\Downloaded Installations
2018-02-12 14:39 - 2018-02-12 14:39 - 000000543 _____ C:\Windows\NGO.cer
2018-02-12 14:32 - 2018-02-12 14:32 - 000000000 ____D C:\Program Files\Forsk
2018-02-12 14:26 - 2018-02-12 14:26 - 000001183 _____ C:\Users\YOUCEF\Downloads\captured (2).html
2018-02-12 11:13 - 2018-02-12 20:48 - 000000000 ____D C:\Program Files\ISO to USB
2018-02-12 11:11 - 2018-02-12 11:14 - 721780736 _____ C:\Users\YOUCEF\Downloads\HirensBootCD.iso
2018-02-12 10:58 - 2018-02-12 11:05 - 721780736 _____ C:\Users\YOUCEF\Documents\HirensBootCD.iso
2018-02-11 19:53 - 2018-02-11 19:54 - 000000687 _____ C:\Users\YOUCEF\Downloads\Signets MAPS.ME partagés
2018-02-08 18:51 - 2018-02-08 18:51 - 000017612 _____ C:\Users\YOUCEF\Downloads\POINT DME GE A VERIFIER (GPS - ADRSS - CONTACT)_2018.xlsx

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-07 20:51 - 2009-07-14 06:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-07 20:51 - 2009-07-14 06:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-07 20:49 - 2017-08-16 12:57 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\ZHP
2018-05-07 20:22 - 2017-08-14 16:02 - 000000000 ____D C:\Users\YOUCEF
2018-05-07 18:54 - 2017-08-14 16:49 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-05-07 16:40 - 2017-08-14 19:00 - 000748666 _____ C:\Windows\system32\perfh00C.dat
2018-05-07 16:40 - 2017-08-14 19:00 - 000473794 _____ C:\Windows\system32\perfh001.dat
2018-05-07 16:40 - 2017-08-14 19:00 - 000151474 _____ C:\Windows\system32\perfc00C.dat
2018-05-07 16:40 - 2017-08-14 19:00 - 000096532 _____ C:\Windows\system32\perfc001.dat
2018-05-07 16:40 - 2017-08-14 16:07 - 002247140 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-07 16:40 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2018-05-06 11:38 - 2017-08-16 12:57 - 000000000 ____D C:\Users\YOUCEF\AppData\Local\ZHP
2018-05-06 10:51 - 2017-08-16 13:12 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-05-05 18:51 - 2017-08-14 23:58 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\DMCache
2018-05-05 16:44 - 2018-01-14 19:41 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-05-05 16:44 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-05 16:01 - 2017-08-14 20:27 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-05-05 16:01 - 2017-08-14 20:27 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-05-05 16:01 - 2017-08-14 20:27 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-05 14:48 - 2017-08-15 19:23 - 000000008 __RSH C:\Users\YOUCEF\ntuser.pol
2018-05-05 14:46 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-05-05 14:15 - 2016-10-11 14:14 - 000049344 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2018-05-05 14:14 - 2017-12-24 21:18 - 000659136 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2018-05-05 14:14 - 2017-12-24 21:18 - 000121544 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2018-05-05 14:14 - 2017-12-24 21:18 - 000098504 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2018-05-05 13:08 - 2017-08-14 16:23 - 000000000 ____D C:\Program Files\Google
2018-05-05 12:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\servicing
2018-05-05 12:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\registration
2018-05-05 12:54 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-05-05 12:54 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-02 22:04 - 2017-08-14 18:37 - 000000000 ____D C:\Windows\system32\MRT
2018-04-30 23:22 - 2017-08-15 00:02 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\vlc
2018-04-30 23:09 - 2017-08-15 17:52 - 000000000 ____D C:\Users\YOUCEF\Documents\HiSuite
2018-04-29 23:56 - 2017-08-17 00:52 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-25 23:13 - 2017-08-14 20:42 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-04-25 23:12 - 2017-08-14 20:42 - 000000000 ____D C:\ProgramData\Adobe
2018-04-25 23:03 - 2017-08-14 20:45 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2018-04-25 23:03 - 2017-08-14 20:45 - 000002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2018-04-25 23:03 - 2017-08-14 20:45 - 000002110 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2018-04-25 23:03 - 2017-08-14 20:45 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2018-04-25 23:03 - 2017-08-14 20:45 - 000001996 _____ C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2018-04-17 01:05 - 2017-08-18 00:10 - 000000000 ____D C:\AdwCleaner
2018-04-17 01:05 - 2017-08-15 11:48 - 000000000 ____D C:\ProgramData\IObit
2018-04-17 01:04 - 2017-12-11 12:13 - 000000000 ____D C:\Users\YOUCEF\AppData\LocalLow\Mozilla
2018-04-17 00:57 - 2009-07-14 04:04 - 000000215 _____ C:\Windows\system.ini
2018-04-17 00:56 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\tracing
2018-04-17 00:49 - 2017-08-15 15:11 - 000000000 ____D C:\ProgramData\TEMP
2018-04-16 01:46 - 2017-08-15 11:48 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\IObit
2018-04-16 00:39 - 2017-08-14 23:58 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\IDM
2018-04-15 15:48 - 2017-08-15 15:29 - 000000000 ____D C:\ProgramData\ProductData
2018-04-15 15:48 - 2017-08-15 01:53 - 000000000 ____D C:\Windows\Panther
2018-04-15 15:43 - 2017-08-15 11:49 - 000000000 ____D C:\Program Files\IObit
2018-04-14 17:12 - 2017-08-14 20:26 - 000000000 ____D C:\Users\YOUCEF\AppData\Local\Adobe
2018-04-14 17:09 - 2017-08-15 21:03 - 000000000 ____D C:\Program Files\Common Files\AV
2018-04-14 17:09 - 2017-08-14 21:17 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-04-14 17:08 - 2017-08-14 16:49 - 000262144 _____ C:\Windows\system32\config\ELAM
2018-04-14 17:07 - 2017-08-14 21:30 - 000000000 ____D C:\Program Files\Kaspersky Lab
2018-04-14 15:56 - 2017-08-15 00:11 - 000000000 ____D C:\Users\YOUCEF\AppData\Roaming\uTorrent
2018-04-14 15:54 - 2017-08-14 23:59 - 000000000 ____D C:\Program Files\Microsoft Office
2018-04-11 23:43 - 2017-08-17 00:52 - 000000000 ___SD C:\Windows\system32\CompatTel
2018-04-10 23:45 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\LiveKernelReports
2018-04-08 11:31 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\ModemLogs

==================== Files in the root of some directories =======

2018-05-07 20:22 - 2018-05-07 20:22 - 003090816 _____ () C:\Users\YOUCEF\ZHPDiag3.exe
2014-03-20 13:53 - 2014-03-20 13:53 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2018-05-02 09:36 - 2018-05-02 09:36 - 000000000 _____ () C:\Users\YOUCEF\AppData\Local\{160FDCA3-4650-4DE0-8F2F-937EEBBAA168}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2018-05-02 11:11

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité