OTL logfile created on: 07/07/2015 06:44:32 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mannour\Desktop Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.17357) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 37,23% Memory free 3,94 Gb Paging File | 2,22 Gb Available in Paging File | 56,39% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,79 Gb Total Space | 25,32 Gb Free Space | 10,88% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 48,36 Gb Free Space | 49,52% Space Free | Partition Type: NTFS Drive E: | 100,00 Mb Total Space | 57,13 Mb Free Space | 57,14% Space Free | Partition Type: NTFS Drive F: | 135,22 Gb Total Space | 115,77 Gb Free Space | 85,61% Space Free | Partition Type: NTFS Computer Name: MAHMOUD | User Name: mannour | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015/07/07 06:19:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mannour\Desktop\OTL.exe PRC - [2015/07/07 04:56:04 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2015/06/01 07:04:40 | 013,693,928 | ---- | M] (MediaGet LLC) -- C:\Users\mannour\AppData\Local\MediaGet2\mediaget.exe PRC - [2015/05/20 15:55:58 | 003,903,056 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2015/03/19 20:17:51 | 001,510,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\de7f992cc59d74a9ac40cfa64896f4a0\windowsstoresetupbox.exe PRC - [2015/03/13 13:10:26 | 005,529,880 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe PRC - [2015/03/05 22:58:58 | 000,229,696 | ---- | M] (Microsoft Corporation) -- C:\$Windows.~BT\Sources\SetupHost.exe PRC - [2015/03/04 07:23:39 | 000,449,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AutoUpdate.exe PRC - [2015/02/04 12:05:36 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2015/01/31 11:57:26 | 000,014,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe PRC - [2014/08/19 22:15:38 | 001,795,872 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe PRC - [2014/07/02 21:42:26 | 000,940,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2014/07/02 21:42:25 | 001,818,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2014/01/09 07:17:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe PRC - [2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2013/03/02 10:24:03 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe PRC - [2012/07/26 05:21:01 | 000,445,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe PRC - [2012/07/26 05:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe PRC - [2010/11/17 10:09:32 | 003,960,648 | ---- | M] (Comfort Software Group) -- C:\Program Files\HotVirtualKeyboard\hvk.exe PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015/06/01 07:05:16 | 000,031,251 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\plugins\audio_output\libwaveout_plugin.dll MOD - [2015/06/01 07:05:15 | 002,396,691 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\libvlccore.dll MOD - [2015/06/01 07:05:14 | 000,113,171 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\libvlc.dll MOD - [2015/06/01 07:04:52 | 000,268,307 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\plugins\access\libdshow_plugin.dll MOD - [2015/06/01 07:04:52 | 000,066,579 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\plugins\video_output\libdirectdraw_plugin.dll MOD - [2015/06/01 07:04:52 | 000,027,667 | ---- | M] () -- C:\Users\mannour\AppData\Local\MediaGet2\plugins\audio_output\libdirectsound_plugin.dll MOD - [2015/04/28 21:09:06 | 000,083,456 | ---- | M] () -- C:\Program Files\NCH Software\ExpressZip\ezcm.dll MOD - [2015/04/08 19:00:00 | 000,100,864 | ---- | M] () -- C:\Program Files\IDM Computer Solutions\UltraEdit\ue32ctmn.dll MOD - [2015/03/25 12:10:00 | 000,104,960 | ---- | M] () -- C:\Program Files\IDM Computer Solutions\UltraCompare\UC_ShellExt.dll MOD - [2014/10/24 14:16:24 | 000,214,528 | ---- | M] () -- C:\Windows\System32\AiCM32.dll MOD - [2010/09/08 15:20:16 | 000,034,632 | ---- | M] () -- C:\Program Files\HotVirtualKeyboard\hvkH.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2015/07/07 05:18:05 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015/07/07 04:56:01 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2015/01/31 11:57:26 | 000,014,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2014/11/06 07:35:35 | 002,207,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify) SRV - [2014/10/03 00:30:39 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV - [2014/07/07 06:01:26 | 000,226,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc) SRV - [2014/07/02 19:39:15 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2014/04/12 09:23:01 | 000,350,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM) SRV - [2014/01/09 07:17:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service) SRV - [2013/08/16 01:59:31 | 002,156,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService) SRV - [2013/06/01 11:23:42 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc) SRV - [2013/05/04 06:57:04 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm) SRV - [2013/05/04 06:56:05 | 000,143,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure) SRV - [2013/03/02 10:23:17 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker) SRV - [2013/03/02 10:23:15 | 000,117,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV - [2013/01/10 01:26:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc) SRV - [2012/09/20 07:53:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc) SRV - [2012/07/26 05:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc) SRV - [2012/07/26 05:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc) SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2012/07/26 05:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc) SRV - [2012/07/26 05:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2012/07/26 05:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2012/07/26 05:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc) SRV - [2012/07/26 05:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup) SRV - [2012/07/26 05:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso) SRV - [2012/07/26 05:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS) SRV - [2012/07/26 05:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService) SRV - [2012/07/26 05:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange) SRV - [2012/07/26 02:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat) SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2006/12/14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB812F2D-B1E6-45A7-8857-D8F0E42E655E}\MpKslc41ffc4a.sys -- (MpKslc41ffc4a) DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB812F2D-B1E6-45A7-8857-D8F0E42E655E}\MpKsl7f34ebd5.sys -- (MpKsl7f34ebd5) DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB812F2D-B1E6-45A7-8857-D8F0E42E655E}\MpKsl76bd7ecf.sys -- (MpKsl76bd7ecf) DRV - [2015/05/20 14:55:54 | 000,123,968 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\idmwfp.sys -- (IDMWFP) DRV - [2015/03/04 07:22:59 | 000,256,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS) DRV - [2015/01/31 11:57:23 | 000,038,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot) DRV - [2015/01/31 05:15:51 | 000,238,304 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter) DRV - [2014/12/18 09:02:05 | 000,038,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS) DRV - [2014/08/19 22:16:26 | 010,681,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2014/07/24 13:50:57 | 000,363,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3) DRV - [2014/01/07 03:48:02 | 000,015,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - [2013/10/05 06:33:14 | 000,238,936 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport) DRV - [2013/08/16 01:21:21 | 000,051,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam) DRV - [2013/08/10 07:24:21 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM) DRV - [2013/07/09 06:16:17 | 000,097,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV - [2013/07/02 00:50:31 | 000,268,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI) DRV - [2013/07/02 00:50:28 | 000,180,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000) DRV - [2013/06/01 04:29:09 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV - [2013/03/02 11:06:16 | 000,057,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc) DRV - [2013/03/02 10:52:47 | 000,066,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci) DRV - [2013/01/10 03:07:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV - [2012/11/27 05:53:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid) DRV - [2012/11/20 06:56:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c) DRV - [2012/11/06 05:52:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM) DRV - [2012/10/12 09:12:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012/10/11 07:28:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor) DRV - [2012/09/20 09:09:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist) DRV - [2012/07/26 06:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv) DRV - [2012/07/26 05:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex) DRV - [2012/07/26 05:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS) DRV - [2012/07/26 05:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV - [2012/07/26 05:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass) DRV - [2012/07/26 05:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware) DRV - [2012/07/26 05:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV - [2012/07/26 05:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt) DRV - [2012/07/26 05:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor) DRV - [2012/07/26 05:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis) DRV - [2012/07/26 05:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt) DRV - [2012/07/26 05:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus) DRV - [2012/07/26 05:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt) DRV - [2012/07/26 05:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc) DRV - [2012/07/26 04:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV - [2012/07/26 04:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf) DRV - [2012/07/26 04:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo) DRV - [2012/07/26 04:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender) DRV - [2012/07/26 04:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap) DRV - [2012/07/26 04:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig) DRV - [2012/07/26 04:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic) DRV - [2012/07/26 04:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime) DRV - [2012/07/26 04:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter) DRV - [2012/07/26 04:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr) DRV - [2012/07/26 04:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV - [2012/07/26 04:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID) DRV - [2012/07/26 04:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd) DRV - [2012/07/26 04:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx) DRV - [2012/07/26 04:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx) DRV - [2012/07/26 04:33:37 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb) DRV - [2012/07/26 04:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2012/07/26 04:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum) DRV - [2012/07/26 04:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012/07/26 04:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc) DRV - [2012/07/26 04:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr) DRV - [2012/07/26 04:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV - [2012/07/26 04:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp) DRV - [2012/07/26 04:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu) DRV - [2012/06/22 11:01:32 | 000,019,984 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\System32\Drivers\EsgScanner.sys -- (EsgScanner) DRV - [2011/05/31 21:18:34 | 001,311,232 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Ph3xIB32.sys -- (Ph3xIB32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ar-eg/?ocid=iehp IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 83 B1 B6 0B 96 D0 01 [binary data] IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1937375374-3075439887-923394577-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "TN" FF - prefs.js..browser.search.region: "TN" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll () FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\AMVCU@Aimersoft.com: C:\ProgramData\Aimersoft\Video Converter Ultimate\AMVCU@Aimersoft.com\ [2015/06/14 10:44:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\mannour\AppData\Roaming\IDM\idmmzcc5 [2015/07/07 03:51:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\mannour\AppData\Roaming\IDM\idmmzcc5 [2015/07/07 03:51:18 | 000,000,000 | ---D | M] [2015/04/20 20:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mannour\AppData\Roaming\mozilla\Extensions [2015/05/01 00:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mannour\AppData\Roaming\mozilla\Firefox\Profiles\bpxz6qki.default-1430434038348\extensions [2015/06/09 13:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mannour\AppData\Roaming\mozilla\Firefox\Profiles\yaypvnoh.default-1430824888622\extensions [2015/06/14 10:41:58 | 000,000,000 | ---D | M] (ذ،ذ؟رƒر‚ذ½ذ¸ذ؛ @Mail.Ru) -- C:\Users\mannour\AppData\Roaming\mozilla\Firefox\Profiles\yaypvnoh.default-1430824888622\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2015/05/25 16:38:32 | 000,713,315 | ---- | M] () (No name found) -- C:\Users\mannour\AppData\Roaming\mozilla\firefox\profiles\yaypvnoh.default-1430824888622\extensions\{7a88e876-d715-4503-a7bf-a8eba13ca3f9}.xpi [2015/07/07 04:55:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions [2015/07/07 04:56:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2012/07/26 06:17:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - No CLSID value found. O2 - BHO: (Aimersoft Video Converter Ultimate 6.1.0) - {D879895E-2124-4ED0-BDDF-F8F8BBC98A6F} - C:\ProgramData\Aimersoft\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare) O4 - HKLM..\Run: [DelaypluginInstall] C:\ProgramData\Aimersoft\Video Converter Ultimate\DelayPluginI.exe () O4 - HKLM..\Run: [hvk] D:\Program Files\HotVirtualKeyboard\hvk.exe File not found O4 - HKLM..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe (Magix) O4 - HKU\S-1-5-21-1937375374-3075439887-923394577-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) O4 - HKU\S-1-5-21-1937375374-3075439887-923394577-1001..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-1937375374-3075439887-923394577-1001..\Run: [MediaGet2] C:\Users\mannour\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC) O4 - HKU\S-1-5-21-1937375374-3075439887-923394577-1001..\Run: [SOCIAL_FACEBOOK] C:\Program Files\GrandSoft\Social for Facebook\Social.exe (GrandSoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Télécharger tous les liens avec Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68FEA1B8-1A56-407B-87EA-AAC2700D04E5}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\WSAMVCUchrome - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/07/26 08:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012/07/26 08:52:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: wlidsvc - C:\Windows\System32\wlidsvc.dll (Microsoft Corporation) NetSvcs: SystemEventsBroker - C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation) NetSvcs: DsmSvc - C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation) NetSvcs: NcaSvc - C:\Windows\System32\NcaSvc.dll (Microsoft Corporation) SafeBootMin: Base - Driver Group SafeBootMin: BasicDisplay.sys - C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootMin: BasicRender.sys - C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation) SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: BrokerInfrastructure - C:\Windows\System32\bisrv.dll (Microsoft Corporation) SafeBootMin: EFS - C:\Windows\System32\efssvc.dll (Microsoft Corporation) SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: KeyIso - C:\Windows\System32\keyiso.dll (Microsoft Corporation) SafeBootMin: LSM - C:\Windows\System32\lsm.dll (Microsoft Corporation) SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: TBS - Service SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: BasicDisplay.sys - C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation) SafeBootNet: BasicRender.sys - C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation) SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: BrokerInfrastructure - C:\Windows\System32\bisrv.dll (Microsoft Corporation) SafeBootNet: EFS - C:\Windows\System32\efssvc.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: KeyIso - C:\Windows\System32\keyiso.dll (Microsoft Corporation) SafeBootNet: LSM - C:\Windows\System32\lsm.dll (Microsoft Corporation) SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: netprofm - C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation) SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdpencdd.sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: SmartcardSimulator - Driver SafeBootNet: StartMenuService - Reg Error: Value error. SafeBootNet: str - service SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TBS - Service SafeBootNet: TDI - Driver Group SafeBootNet: VaultSvc - C:\Windows\System32\vaultsvc.dll (Microsoft Corporation) SafeBootNet: VirtualSmartcardReader - Driver SafeBootNet: vmms - Service SafeBootNet: Wcmsvc - C:\Windows\System32\wcmsvc.dll (Microsoft Corporation) SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.dvsd - C:\Windows\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/07/07 06:19:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mannour\Desktop\OTL.exe [2015/07/07 04:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2015/07/07 04:14:05 | 000,000,000 | ---D | C] -- C:\Users\mannour\Documents\Social Media Design For Dummies 2014 - Learn To Use Custome Templates To Create Profiles For Facebook, Twitter, Youtube and More [2015/07/07 04:12:10 | 000,000,000 | ---D | C] -- C:\Users\mannour\Documents\UserPro v2.3 - User Profiles with Social Login [2015/06/20 02:31:28 | 000,000,000 | ---D | C] -- C:\WindowsImageBackup [2015/06/20 02:30:19 | 000,000,000 | R--D | C] -- C:\AJEL-PC [2015/06/19 18:27:36 | 000,000,000 | ---D | C] -- C:\Users\mannour\Documents\codecanyon-5958681-userpro-user-profiles-with-social-login-235 [2015/06/19 18:27:36 | 000,000,000 | ---D | C] -- C:\Users\mannour\Desktop\codecanyon-5958681-userpro-user-profiles-with-social-login-235 [2015/06/18 11:18:09 | 000,000,000 | ---D | C] -- C:\Users\mannour\Desktop\indeed-social-media_v5.1 [2015/06/11 14:47:35 | 000,000,000 | ---D | C] -- C:\Users\mannour\AppData\Roaming\Thinstall [2015/06/11 14:47:35 | 000,000,000 | ---D | C] -- C:\Users\mannour\AppData\Local\Thinstall [2015/06/08 21:03:23 | 000,000,000 | ---D | C] -- C:\Users\mannour\Documents\automapa 7.0.1-full+ key-pp [2015/06/08 21:02:17 | 000,000,000 | ---D | C] -- C:\Users\mannour\Documents\AutoMapa v1.7.1 Final Patched - lets you avoid traffic jams and other disruptions on Polish roads with LiveDrive! technology [2015/06/08 11:02:56 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver [2015/06/07 23:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com [2015/06/07 23:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com [2015/06/07 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\mannour\AppData\Roaming\HP [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/07/07 06:46:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2015/07/07 06:44:11 | 000,030,483 | ---- | M] () -- C:\Windows\diagwrn.xml [2015/07/07 06:44:11 | 000,030,483 | ---- | M] () -- C:\Windows\diagerr.xml [2015/07/07 06:19:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mannour\Desktop\OTL.exe [2015/07/07 06:16:01 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/07/07 04:30:10 | 001,300,922 | ---- | M] () -- C:\Users\mannour\Documents\indeed-social-media_v5.1.zip [2015/07/07 04:14:15 | 002,829,189 | ---- | M] () -- C:\Users\mannour\Documents\codecanyon-5958681-userpro-user-profiles-with-social-login-235.zip [2015/07/07 03:59:22 | 000,000,932 | ---- | M] () -- C:\Users\mannour\Desktop\Hot Virtual Keyboard.lnk [2015/07/07 03:51:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/07/07 03:49:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2015/07/07 03:48:45 | 1717,608,448 | -HS- | M] () -- C:\hiberfil.sys [2015/07/07 03:04:43 | 000,000,081 | ---- | M] () -- C:\spyhunter.fix [2015/06/24 20:04:10 | 000,002,216 | ---- | M] () -- C:\Users\mannour\Desktop\SpyHunter.lnk [2015/06/24 20:04:10 | 000,001,478 | ---- | M] () -- C:\Users\mannour\Desktop\gimp-console-2.8 - Raccourci.lnk [2015/06/24 20:04:10 | 000,001,406 | ---- | M] () -- C:\Users\mannour\Desktop\gimp-2.8 - Raccourci.lnk [2015/06/24 20:04:10 | 000,001,188 | ---- | M] () -- C:\Users\mannour\Desktop\Photo Montage Guide.lnk [2015/06/24 20:04:10 | 000,001,186 | ---- | M] () -- C:\Users\mannour\Desktop\DriverPack Solution.lnk [2015/06/24 20:04:10 | 000,001,162 | ---- | M] () -- C:\Users\mannour\Desktop\Photo Frame Studio.lnk [2015/06/24 20:04:10 | 000,001,151 | ---- | M] () -- C:\Users\mannour\Desktop\AVS Image Converter.lnk [2015/06/24 20:04:10 | 000,001,127 | ---- | M] () -- C:\Users\mannour\Desktop\AVS Video Editor.lnk [2015/06/24 20:04:10 | 000,001,115 | ---- | M] () -- C:\Users\mannour\Desktop\AVS Photo Editor.lnk [2015/06/24 20:04:10 | 000,001,010 | ---- | M] () -- C:\Users\mannour\Desktop\PhotoFiltre Studio X.lnk [2015/06/24 20:04:10 | 000,000,965 | ---- | M] () -- C:\Users\mannour\Desktop\Easy GIF Animator.lnk [2015/06/24 20:04:10 | 000,000,951 | ---- | M] () -- C:\Users\mannour\Desktop\Internet Download Manager.lnk [2015/06/24 20:04:10 | 000,000,879 | ---- | M] () -- C:\Users\mannour\Desktop\PHOTO SLIDE SHOW.lnk [2015/06/24 20:04:10 | 000,000,590 | ---- | M] () -- C:\Users\mannour\Desktop\FreeOCR.lnk [2015/06/24 20:04:10 | 000,000,562 | ---- | M] () -- C:\Users\mannour\Desktop\1150 sound effects.lnk [2015/06/20 02:30:19 | 000,000,528 | R--- | M] () -- C:\MediaID.bin [2015/06/10 14:54:30 | 335,544,320 | ---- | M] () -- C:\Users\mannour\Documents\AutoMapa6_EU.rar [2015/06/10 14:54:30 | 1988,100,096 | ---- | M] () -- C:\Users\mannour\Documents\AutoMapa7_EU_AutoInstaller.iso [2015/06/10 14:54:30 | 165,675,008 | ---- | M] () -- C:\Users\mannour\Documents\AutoMapa 1.4.1 (0165) Mapa 1206 Cracked.iso [2015/06/10 14:34:24 | 000,013,433 | ---- | M] () -- C:\Users\mannour\Desktop\Sans titre.png [2015/06/10 13:49:06 | 000,025,515 | ---- | M] () -- C:\Users\mannour\Desktop\11407020_1441052702867396_8373590440807827615_n.jpg [2015/06/10 00:35:59 | 1919,366,720 | ---- | M] () -- C:\Users\mannour\Documents\AutoMapa 6.8.0 (1384) Europa+patcher.rar [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/07/07 06:46:39 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2015/07/07 04:27:56 | 001,300,922 | ---- | C] () -- C:\Users\mannour\Documents\indeed-social-media_v5.1.zip [2015/07/07 04:14:08 | 002,829,189 | ---- | C] () -- C:\Users\mannour\Documents\codecanyon-5958681-userpro-user-profiles-with-social-login-235.zip [2015/07/04 14:52:10 | 000,000,081 | ---- | C] () -- C:\spyhunter.fix [2015/06/20 02:30:19 | 000,000,528 | R--- | C] () -- C:\MediaID.bin [2015/06/10 14:34:24 | 000,013,433 | ---- | C] () -- C:\Users\mannour\Desktop\Sans titre.png [2015/06/10 13:49:04 | 000,025,515 | ---- | C] () -- C:\Users\mannour\Desktop\11407020_1441052702867396_8373590440807827615_n.jpg [2015/06/10 13:09:49 | 1988,100,096 | ---- | C] () -- C:\Users\mannour\Documents\AutoMapa7_EU_AutoInstaller.iso [2015/06/10 12:59:03 | 165,675,008 | ---- | C] () -- C:\Users\mannour\Documents\AutoMapa 1.4.1 (0165) Mapa 1206 Cracked.iso [2015/06/10 12:57:27 | 335,544,320 | ---- | C] () -- C:\Users\mannour\Documents\AutoMapa6_EU.rar [2015/06/08 21:54:39 | 1919,366,720 | ---- | C] () -- C:\Users\mannour\Documents\AutoMapa 6.8.0 (1384) Europa+patcher.rar [2015/06/08 20:34:49 | 000,000,111 | ---- | C] () -- C:\Users\mannour\Documents\PremiumApk.url [2015/06/08 20:34:47 | 011,694,973 | ---- | C] () -- C:\Users\mannour\Documents\BackCountry Navigator TOPO GPS v5.7.4.apk [2015/06/05 15:12:14 | 000,000,993 | ---- | C] () -- C:\Users\mannour\AppData\Local\recently-used.xbel [2015/05/05 12:33:28 | 000,006,651 | ---- | C] () -- C:\Windows\mgxoschk.ini [2015/05/03 19:22:08 | 000,000,044 | ---- | C] () -- C:\Users\mannour\آٌ¸ نëے âèنهîىîيٍàوà يà pooshock.ru.url [2015/05/02 18:57:28 | 000,721,263 | ---- | C] () -- C:\Windows\System32\AiCM64.dll [2015/05/02 18:57:27 | 000,214,528 | ---- | C] () -- C:\Windows\System32\AiCM32.dll [2015/04/30 17:11:34 | 000,397,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2015/04/29 14:01:58 | 000,006,144 | ---- | C] () -- C:\Users\mannour\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2015/04/22 22:52:50 | 000,088,392 | ---- | C] () -- C:\Windows\System32\runcosk.exe [2015/04/22 22:52:49 | 000,197,960 | ---- | C] () -- C:\Windows\System32\CsCredentialLogon.dll [2015/04/22 22:52:49 | 000,023,880 | ---- | C] () -- C:\Windows\System32\cskeyboardlogon.dll [2015/04/21 21:00:47 | 000,083,968 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll [2015/04/21 12:48:15 | 003,826,628 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2015/04/20 19:51:29 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2015/04/20 19:43:44 | 002,140,976 | ---- | C] () -- C:\Windows\System32\SStudio.dll [2015/04/20 19:43:34 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat [2015/04/20 19:43:23 | 001,099,203 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2015/04/20 19:42:29 | 000,029,496 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll [2015/04/20 19:42:27 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll [2015/04/11 18:11:24 | 000,000,042 | ---- | C] () -- C:\Users\mannour\دîèٌê â èيٍهًيهٍه.URL [2015/03/12 14:35:03 | 000,000,223 | ---- | C] () -- C:\Users\mannour\(45) Télécharger tous les Livres de medecine gratuitement.url [2015/03/07 23:48:54 | 000,000,203 | ---- | C] () -- C:\Users\mannour\Photo de Miloud Hassan.url [2015/02/26 00:10:18 | 000,000,213 | ---- | C] () -- C:\Users\mannour\alfin.wahdach.url [2015/02/25 00:52:41 | 000,000,136 | ---- | C] () -- C:\Users\mannour\MP3 to Video - Convert MP3 to Video in a few clicks, for free MP3Toobox.net.url [2015/02/17 22:22:20 | 000,000,051 | ---- | C] () -- C:\Users\mannour\.gtkrc-2.0 [2015/02/09 21:33:26 | 002,597,888 | ---- | C] () -- C:\Users\mannour\dsl-4.4.10.iso.lili-download [2015/02/09 21:29:42 | 002,478,080 | ---- | C] () -- C:\Users\mannour\dsl-4.4.10.iso [color=#E56717]========== ZeroAccess Check ==========[/color] [2015/05/31 18:59:32 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/02/17 07:13:06 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2012/07/26 05:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2015/04/20 20:21:14 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\ComfortSoftware [2015/06/14 01:59:52 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\DMCache [2015/05/01 14:36:11 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\DRPSu [2015/04/22 21:05:34 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\DxO Labs [2015/06/14 10:34:39 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\IDM [2015/05/01 13:00:51 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\IObit [2015/04/29 09:36:29 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\IPVideoTrans [2015/06/02 23:10:41 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\Leadertech [2015/05/05 18:31:12 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\MAGIX [2015/06/14 10:42:01 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\MassPlannerNew [2015/05/01 12:45:39 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\Media Get LLC [2015/04/25 13:23:20 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\mojosoft [2015/05/02 17:53:09 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\MOVAVI [2015/06/14 10:44:35 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\MyPhoneExplorer [2015/05/01 12:45:40 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\PhotoFiltre Studio X [2015/06/14 10:43:01 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\PhotoMontageGuide [2015/05/01 12:45:40 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\ProductData [2015/06/11 14:47:35 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\Thinstall [2015/05/01 12:45:08 | 000,000,000 | ---D | M] -- C:\Users\mannour\AppData\Roaming\YouTube Downloader Free [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2012/07/26 08:52:25 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2012/07/26 05:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr [2012/06/02 16:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2012/07/26 08:52:25 | 000,000,010 | ---- | M] () -- C:\config.sys [2015/02/14 20:14:04 | 000,362,496 | ---- | M] () -- C:\Fedora-Live-KDE-i686-21-5.iso [2015/02/14 20:22:52 | 000,392,192 | ---- | M] () -- C:\Fedora-Live-KDE-i686-21-5.iso.lili-download [2001/09/05 22:00:58 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\gdiplus.dll [2015/02/19 18:48:33 | 000,000,034 | ---- | M] () -- C:\hcwclear.txt [2015/07/07 03:48:45 | 1717,608,448 | -HS- | M] () -- C:\hiberfil.sys [2015/03/14 23:17:17 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2015/06/20 02:30:19 | 000,000,528 | R--- | M] () -- C:\MediaID.bin [2015/03/14 23:17:17 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2015/07/07 03:48:48 | 2080,374,784 | -HS- | M] () -- C:\pagefile.sys [2015/07/07 06:46:39 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2015/05/15 23:16:37 | 000,000,692 | ---- | M] () -- C:\sh4_service.log [2013/10/18 15:01:12 | 000,285,747 | ---- | M] () -- C:\shldr [2013/10/18 15:01:12 | 000,008,192 | ---- | M] () -- C:\shldr.mbr [2015/07/07 03:04:43 | 000,000,081 | ---- | M] () -- C:\spyhunter.fix [2015/05/16 01:14:32 | 000,001,695 | ---- | M] () -- C:\spyhunter.log [2015/07/07 03:49:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2012/07/26 08:52:42 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2015/06/14 10:42:44 | 000,000,000 | ---D | M] -- C:\Program Files\A-FF Find and Mount [2015/06/14 10:42:45 | 000,000,000 | ---D | M] -- C:\Program Files\Aimersoft [2015/05/02 20:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU [2015/05/31 18:59:46 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2015/06/14 10:33:59 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2015/06/01 23:58:05 | 000,000,000 | ---D | M] -- C:\Program Files\CPUID [2015/05/05 01:14:22 | 000,000,000 | ---D | M] -- C:\Program Files\directx [2015/05/01 14:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\DriverPackSolution [2015/04/22 20:55:08 | 000,000,000 | ---D | M] -- C:\Program Files\DxO Labs [2015/04/24 11:21:09 | 000,000,000 | ---D | M] -- C:\Program Files\Easy GIF Animator [2015/05/01 20:16:06 | 000,000,000 | ---D | M] -- C:\Program Files\Enigma Software Group [2015/04/23 21:57:48 | 000,000,000 | ---D | M] -- C:\Program Files\FastStone Photo Resizer [2015/04/20 19:00:58 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs [2015/04/21 23:25:28 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP 2 [2015/05/25 16:36:42 | 000,000,000 | ---D | M] -- C:\Program Files\GrandSoft [2015/04/30 18:31:26 | 000,000,000 | ---D | M] -- C:\Program Files\GreenTree Applications [2015/04/22 22:52:52 | 000,000,000 | ---D | M] -- C:\Program Files\HotVirtualKeyboard [2015/05/01 19:58:22 | 000,000,000 | ---D | M] -- C:\Program Files\IDM Computer Solutions [2015/06/14 10:42:51 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2015/05/31 12:33:06 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Download Manager [2015/06/14 10:44:35 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2015/05/01 20:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\IObit [2015/05/01 15:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\IPVideoTrans [2015/06/02 23:03:47 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech [2015/06/14 10:42:35 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com [2015/05/05 01:12:54 | 000,000,000 | ---D | M] -- C:\Program Files\MAGIX [2012/07/26 08:53:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2015/04/25 13:23:19 | 000,000,000 | ---D | M] -- C:\Program Files\MOJOSOFT [2015/05/02 17:41:29 | 000,000,000 | ---D | M] -- C:\Program Files\Movavi Core 5.1.0 [2015/05/02 14:44:37 | 000,000,000 | ---D | M] -- C:\Program Files\Movavi Video Editor 4 [2015/05/02 17:41:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movavi Video Suite 12 [2015/07/07 04:56:12 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2015/07/07 04:58:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2015/04/28 19:42:49 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2015/05/03 19:11:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2015/05/05 22:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\MyPhoneExplorer [2015/05/05 00:50:33 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software [2015/05/05 23:05:14 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia [2015/04/21 12:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation [2015/04/27 22:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Stamp Remover [2015/04/23 17:43:41 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoFiltre Studio X [2015/04/25 13:40:20 | 000,000,000 | ---D | M] -- C:\Program Files\Pivot Stickfigure Animator [2015/06/14 10:44:35 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2015/05/12 23:17:21 | 000,000,000 | ---D | M] -- C:\Program Files\Readon Technology [2015/04/20 19:42:27 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2015/04/28 19:42:50 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2015/04/27 20:54:33 | 000,000,000 | ---D | M] -- C:\Program Files\RonyaSoft [2015/05/12 22:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\SDA [2015/04/29 14:00:56 | 000,000,000 | ---D | M] -- C:\Program Files\slideshow [2015/04/29 12:57:39 | 000,000,000 | ---D | M] -- C:\Program Files\Socusoft [2015/04/20 19:51:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Temp [2015/04/27 19:50:00 | 000,000,000 | ---D | M] -- C:\Program Files\Tint Guide [2012/07/26 08:04:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2015/04/29 13:23:59 | 000,000,000 | ---D | M] -- C:\Program Files\Video to Picture Image Converter [2015/05/12 23:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2015/06/14 10:44:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2015/05/15 23:10:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal [2012/07/26 10:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2015/04/26 11:27:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2012/07/26 08:53:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Multimedia Platform [2015/04/20 19:00:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2015/04/24 00:10:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer [2012/07/26 08:53:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices [2012/07/26 08:53:43 | 000,000,000 | -HSD | M] -- C:\Program Files\Windows Sidebar [2015/07/07 05:19:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsApps [2015/05/01 12:45:26 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader Free [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\Drivers\AGP440.sys [2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_38ff1f7a86c4c6d7\AGP440.sys [2012/07/26 05:42:31 | 000,055,536 | ---- | M] (Microsoft Corporation) MD5=73BB2C687305C4195ED7511587B041AA -- C:\Windows\WinSxS\x86_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_b6bdf91c90179e3b\AGP440.sys [color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color] [2012/07/26 05:17:52 | 000,152,064 | ---- | M] (Microsoft Corporation) MD5=8F0F777B167CADDF9D206180B8558433 -- C:\Windows\System32\appmgmts.dll [2012/07/26 05:17:52 | 000,152,064 | ---- | M] (Microsoft Corporation) MD5=8F0F777B167CADDF9D206180B8558433 -- C:\Windows\WinSxS\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.2.9200.16384_none_7e79f4452d7065fa\appmgmts.dll [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\Drivers\atapi.sys [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_79ee6a786812523f\atapi.sys [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_c73107fbdd37000b\atapi.sys [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_d9e333faf2f0935d\atapi.sys [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_da12789ef2cc8343\atapi.sys [2012/07/26 05:42:31 | 000,022,768 | ---- | M] (Microsoft Corporation) MD5=48D8C3F2006698691F5AE0BB595FDCC8 -- C:\Windows\WinSxS\x86_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_da8b43c20bf7a6f4\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2015/05/04 21:10:54 | 000,034,714 | ---- | M] () MD5=1FF57390EADBBF36D8962CE1C6CE593B -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe [2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\System32\autochk.exe [2013/05/15 04:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe [2015/05/04 21:10:57 | 000,000,619 | ---- | M] () MD5=8ED3CBF9A56B767D529DACB8A9A4A634 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2012/07/26 04:38:40 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E53DDF8C101E3CB6A0483D592A8CC476 -- C:\Windows\System32\Drivers\beep.sys [2012/07/26 04:38:40 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=E53DDF8C101E3CB6A0483D592A8CC476 -- C:\Windows\WinSxS\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.2.9200.16384_none_c0cbad33d9040d1c\beep.sys [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2015/05/09 16:16:40 | 000,191,971 | ---- | M] () MD5=2BF81329A214435476FAB8888B7BCC26 -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_4f1f6140641844bc\explorer.exe [2015/05/09 16:16:08 | 000,191,954 | ---- | M] () MD5=3D02A4B9473DDD3D7DADBE4CC1BB5BA7 -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_4e94c42b4afb8b9b\explorer.exe [2015/05/09 16:15:32 | 000,193,417 | ---- | M] () MD5=BA6E2D0CD0399E96ED034A3AAFF949FB -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_4e5fb2f34b233380\explorer.exe [2015/05/09 16:18:04 | 000,190,082 | ---- | M] () MD5=E754255CDAB9DEF80C9CCD0900FF9C56 -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_4f1e64c2641925b3\explorer.exe [2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\explorer.exe [2013/06/01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\x86_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_4ea499554aeee8ab\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2012/07/26 05:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=C0A9999E5B4C1953C6B07CD9105B41FD -- C:\Windows\System32\hidserv.dll [2012/07/26 05:18:34 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=C0A9999E5B4C1953C6B07CD9105B41FD -- C:\Windows\WinSxS\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.2.9200.16384_none_d357544e58d56cf8\hidserv.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\Drivers\iaStorV.sys [2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_819876bbe5c3b25f\iaStorV.sys [2012/07/26 05:42:33 | 000,333,552 | ---- | M] (Intel Corporation) MD5=C444F83C318BE18719DC1FDAEFF10898 -- C:\Windows\WinSxS\x86_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_abbc5e59592ebf50\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2012/07/26 05:18:42 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=BD54942F8BD80208D9857748E13F0605 -- C:\Windows\System32\imm32.dll [2012/07/26 05:18:42 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=BD54942F8BD80208D9857748E13F0605 -- C:\Windows\WinSxS\x86_microsoft-windows-imm32_31bf3856ad364e35_6.2.9200.16384_none_590129f74bd1c1c3\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2014/03/01 10:07:24 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=00BF1BF1B779CE1AF41371426821E0C2 -- C:\Windows\System32\kernel32.dll [2014/03/01 10:07:24 | 001,011,712 | ---- | M] (Microsoft Corporation) MD5=00BF1BF1B779CE1AF41371426821E0C2 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16859_none_908e6bd627956a12\kernel32.dll [2015/05/10 11:03:09 | 000,116,321 | ---- | M] () MD5=0B70FDCB2E1BD4C2A6535DF558CD4276 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16384_none_9068f12227b24d6f\kernel32.dll [2015/05/10 11:04:02 | 000,063,874 | ---- | M] () MD5=1A02A03592C53B9997BF24F6C2D700C0 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16815_none_90b5aa5e277894f2\kernel32.dll [2015/05/10 11:03:48 | 000,082,073 | ---- | M] () MD5=24A98E49891C76AF770FA8331AD56036 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16627_none_90acd73a277ee943\kernel32.dll [2015/05/10 11:04:36 | 000,116,603 | ---- | M] () MD5=6B5B847D7C9C07E1BE4E9AC3A98E501E -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20732_none_9126a2a740a9264b\kernel32.dll [2015/05/10 11:05:00 | 000,112,718 | ---- | M] () MD5=7E4C3158655992232A09A7D001E211B0 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20978_none_9101687f40c42867\kernel32.dll [2015/05/10 11:03:29 | 000,105,824 | ---- | M] () MD5=9EBBD65EF411AB153C19F526DF94F475 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16604_none_90bf76342771655c\kernel32.dll [2015/05/10 11:04:55 | 000,115,323 | ---- | M] () MD5=A600544E43AA487452164112933430B9 -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20935_none_9129a75140a66c9e\kernel32.dll [2015/05/10 11:04:19 | 000,128,960 | ---- | M] () MD5=CD8D5A4AD9B9FFE9B8B003AC536A40FF -- C:\Windows\WinSxS\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20708_none_914d1427408b6a82\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2012/10/11 07:06:45 | 000,289,280 | ---- | M] (Microsoft Corporation) MD5=C317E72447B437F99CC750BD876DF30E -- C:\Windows\System32\mswsock.dll [2012/10/11 07:06:45 | 000,289,280 | ---- | M] (Microsoft Corporation) MD5=C317E72447B437F99CC750BD876DF30E -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_b533741efe8adb6a\mswsock.dll [2015/05/28 13:52:28 | 000,000,998 | ---- | M] () MD5=E28DD7E229FE40A190D0E586A9F744CA -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_b5be113417a7948b\mswsock.dll [2015/05/28 13:52:26 | 000,009,902 | ---- | M] () MD5=FA7E4BC32791186A98D0369EB1B2C724 -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_b4fe62e6feb2834f\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2015/05/10 23:38:19 | 000,102,322 | ---- | M] () MD5=001063A58F7BAE4097F5497C2B67D6C4 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16420_none_563d6a5bf945c0a3\ndis.sys [2015/05/10 23:38:47 | 000,082,283 | ---- | M] () MD5=0130BF1568777B32A3538FAA89DB2EC9 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20750_none_56a69b2f127bae8e\ndis.sys [2015/05/10 23:38:40 | 000,087,112 | ---- | M] () MD5=0A2F4C53C6CF5EE4E995E1DD03FE1014 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20623_none_56ca09eb1260a999\ndis.sys [2015/05/10 23:38:23 | 000,102,308 | ---- | M] () MD5=2959CAC4594EEFE8786AD7989A3E982F -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16433_none_56359b4df94b2899\ndis.sys [2015/05/10 23:38:33 | 000,102,320 | ---- | M] () MD5=3E1058BA6314140D9226725859D7C365 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20521_none_56c80771126279c4\ndis.sys [2013/06/17 00:33:43 | 000,816,896 | ---- | M] (Microsoft Corporation) MD5=46D2FC2CB94830C57EA760CE6FD32F37 -- C:\Windows\System32\Drivers\ndis.sys [2013/06/17 00:33:43 | 000,816,896 | ---- | M] (Microsoft Corporation) MD5=46D2FC2CB94830C57EA760CE6FD32F37 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16643_none_562acf2df9533ed8\ndis.sys [2015/05/10 23:38:15 | 000,102,695 | ---- | M] () MD5=5CBECBE807702FC99870D601383300EF -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16384_none_56008a15f972d07e\ndis.sys [2015/05/10 23:38:30 | 000,042,993 | ---- | M] () MD5=92104CB44472CC24318143C3F29BB35E -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16628_none_56457077f93e85a9\ndis.sys [2015/05/10 23:38:44 | 000,084,951 | ---- | M] () MD5=9CAC0A6E9E5839EDAA85977F99BF28B5 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20733_none_56bf3be51268c2b1\ndis.sys [2015/05/10 23:38:37 | 000,102,305 | ---- | M] () MD5=DFBB4C9EFA58C1C396ED2BDE71ECF244 -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.20534_none_56c038631267e1ba\ndis.sys [2015/05/10 23:38:26 | 000,087,099 | ---- | M] () MD5=F7F9C30E8E9320D770C41FB2736FC37A -- C:\Windows\WinSxS\x86_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.2.9200.16518_none_56503e7df9366c91\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\System32\netlogon.dll [2012/07/26 05:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_fa62c3240960ad18\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2015/05/11 22:07:07 | 000,271,711 | ---- | M] () MD5=3185D82D08ECDB77227130716DDDC3E8 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.16384_none_a31c359dee525e54\ntfs.sys [2015/05/11 22:08:07 | 000,271,369 | ---- | M] () MD5=4754F7B2AE2F037ECBB4D10858620E5E -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.20623_none_a3e5b5730740376f\ntfs.sys [2014/01/27 03:09:37 | 001,618,264 | ---- | M] (Microsoft Corporation) MD5=6C816842AC5E2B0E033ED0BD1058E077 -- C:\Windows\System32\Drivers\ntfs.sys [2014/01/27 03:09:37 | 001,618,264 | ---- | M] (Microsoft Corporation) MD5=6C816842AC5E2B0E033ED0BD1058E077 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.16808_none_a376bfa3ee0dd5eb\ntfs.sys [2015/05/11 22:07:52 | 000,271,433 | ---- | M] () MD5=755ED160346F601F1007DE165CF5F120 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.20604_none_a3fc5595072f18e4\ntfs.sys [2015/05/11 22:07:38 | 000,271,364 | ---- | M] () MD5=7D74DB1D5F847C0C535EC6F1FFF181C6 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.16518_none_a36bea05ee15fa67\ntfs.sys [2015/05/11 22:07:21 | 000,271,451 | ---- | M] () MD5=C23BDF2FD86F2F7952DBAD316929B5A7 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.16497_none_a3146875ee57c371\ntfs.sys [2015/05/11 22:08:19 | 000,316,748 | ---- | M] () MD5=CFACE912413A468B2C72741DD7D7C787 -- C:\Windows\WinSxS\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.2.9200.20927_none_a3e9bc4d073c9440\ntfs.sys [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\Drivers\nvstor.sys [2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_7ba65ba4b222e751\nvstor.sys [2012/07/26 05:42:15 | 000,141,552 | ---- | M] (NVIDIA Corporation) MD5=108DD54A5B1E73F583AF7DC94CCE52B8 -- C:\Windows\WinSxS\x86_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_3685cf0890656928\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2012/07/26 05:20:53 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=B7D1E1915AA8A55E2FAF56BC3B524C48 -- C:\Windows\System32\proquota.exe [2012/07/26 05:20:53 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=B7D1E1915AA8A55E2FAF56BC3B524C48 -- C:\Windows\WinSxS\x86_microsoft-windows-proquota_31bf3856ad364e35_6.2.9200.16384_none_247203b863cbecaa\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2012/07/26 05:19:47 | 000,630,272 | ---- | M] (Microsoft Corporation) MD5=6723B30920D4371367F468DF6061A7E9 -- C:\Windows\System32\qmgr.dll [2012/07/26 05:19:47 | 000,630,272 | ---- | M] (Microsoft Corporation) MD5=6723B30920D4371367F468DF6061A7E9 -- C:\Windows\WinSxS\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.2.9200.16384_none_203bd0cdcad8d04d\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\System32\scecli.dll [2012/07/26 05:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_34b8ee3caa8233d3\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2012/07/26 05:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=D246A6F32CD74A0AE1F00EF7C73A1DBC -- C:\Windows\System32\spoolsv.exe [2012/07/26 05:20:58 | 000,496,640 | ---- | M] (Microsoft Corporation) MD5=D246A6F32CD74A0AE1F00EF7C73A1DBC -- C:\Windows\WinSxS\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.2.9200.16384_none_d2f6af0292ef89d7\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2015/05/11 22:47:10 | 000,000,583 | ---- | M] () MD5=160FBA3A12266BA1608B8247EA0511E8 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe [2015/05/11 22:47:10 | 000,003,208 | ---- | M] () MD5=97F040D473B7AF5E71E0B2CB484C75A7 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe [2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\System32\svchost.exe [2012/09/20 07:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2015/05/24 10:41:30 | 000,057,909 | ---- | M] () MD5=29E1CF4B41ED794A49266E3652C5DCE1 -- C:\Windows\WinSxS\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.2.9200.21166_none_8beb6e663eb698e5\termsrv.dll [2014/07/07 06:01:20 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=D4868697E71011CC2244D2244AED2FB5 -- C:\Windows\System32\termsrv.dll [2014/07/07 06:01:20 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=D4868697E71011CC2244D2244AED2FB5 -- C:\Windows\WinSxS\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.2.9200.17048_none_8b7972072586f3e7\termsrv.dll [2015/05/24 10:41:27 | 000,069,993 | ---- | M] () MD5=FA04590771BD2AC8FA3F12816B5D714E -- C:\Windows\WinSxS\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.2.9200.16384_none_8b4a4da925aadc23\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\System32\userinit.exe [2012/07/26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2014/07/04 08:53:35 | 000,281,920 | ---- | M] (Microsoft Corporation) MD5=44B0168425FAA64C50F6C213BC49B57E -- C:\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_6.2.9200.21165_none_1301e3d4e68862f9\volsnap.sys [2012/07/26 05:39:34 | 000,282,352 | ---- | M] (Microsoft Corporation) MD5=8E15C3D58A8ADE841060661DBA6E7A9B -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_eb1b31bc10814d8e\volsnap.sys [2012/07/26 05:39:34 | 000,282,352 | ---- | M] (Microsoft Corporation) MD5=8E15C3D58A8ADE841060661DBA6E7A9B -- C:\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_6.2.9200.16384_none_1261c361cd7bbf8e\volsnap.sys [2013/06/01 12:09:55 | 000,282,368 | ---- | M] (Microsoft Corporation) MD5=8EEE6F2A88F9279AFDC53EFB505AC47B -- C:\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_6.2.9200.20733_none_13207530e671b1c1\volsnap.sys [2014/07/04 09:12:33 | 000,281,408 | ---- | M] (Microsoft Corporation) MD5=BF079843E272759BAE587FB980163293 -- C:\Windows\System32\Drivers\volsnap.sys [2014/07/04 09:12:33 | 000,281,408 | ---- | M] (Microsoft Corporation) MD5=BF079843E272759BAE587FB980163293 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_26b935e62ca79ede\volsnap.sys [2014/07/04 09:12:33 | 000,281,408 | ---- | M] (Microsoft Corporation) MD5=BF079843E272759BAE587FB980163293 -- C:\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_6.2.9200.17047_none_128fe775cd58bdfb\volsnap.sys [2013/06/01 11:41:30 | 000,281,344 | ---- | M] (Microsoft Corporation) MD5=C9C8573006D7A8391AFE35D99036B6A0 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_32fa78b37bb08471\volsnap.sys [2013/06/01 11:41:30 | 000,281,344 | ---- | M] (Microsoft Corporation) MD5=C9C8573006D7A8391AFE35D99036B6A0 -- C:\Windows\WinSxS\x86_volume.inf_31bf3856ad364e35_6.2.9200.16628_none_12a6a9c3cd4774b9\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2015/05/09 19:27:59 | 000,345,259 | ---- | M] () MD5=1B99511C6C523A1EEB39153D24827A47 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16433_none_450cb66b27d4bbcd\wininet.dll [2015/05/21 09:32:05 | 000,316,973 | ---- | M] () MD5=22AA8440781561091CFEE8DFD658CF30 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.21470_none_2e43573541783122\wininet.dll [2015/05/09 19:27:49 | 000,345,256 | ---- | M] () MD5=341EFED9F1774E4363612BF2FFD58DCC -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16420_none_450bfa7927d55593\wininet.dll [2015/04/21 16:33:27 | 001,763,328 | ---- | M] (Microsoft Corporation) MD5=39FA6C7F56B65F6FB3B8074CD5D12A96 -- C:\Windows\System32\wininet.dll [2015/04/21 16:33:27 | 001,763,328 | ---- | M] (Microsoft Corporation) MD5=39FA6C7F56B65F6FB3B8074CD5D12A96 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.17357_none_45192db127cb3635\wininet.dll [2015/05/09 19:28:08 | 000,345,231 | ---- | M] () MD5=6B6685F2C5AF9271A394EA371B65E256 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20521_none_2e336d294184eada\wininet.dll [2015/05/09 19:28:17 | 000,345,266 | ---- | M] () MD5=7805CF9989DEB9A5AE7F45B8E2F85808 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20534_none_2e34291b41845114\wininet.dll [2015/05/28 02:48:33 | 001,770,496 | ---- | M] (Microsoft Corporation) MD5=7B08BA7F4147E3D553E4E88136E7E750 -- C:\Windows\SoftwareDistribution\Download\d0a4dd4c66f2760a0fb537a3cbaaa23c\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.21489_none_2e438a7741783122\wininet.dll [2015/05/09 19:28:27 | 000,315,886 | ---- | M] () MD5=90EF4935D0B1DB331760FA6059116941 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.21413_none_2e3d1121417de5fb\wininet.dll [2015/05/28 02:45:12 | 001,763,328 | ---- | M] (Microsoft Corporation) MD5=B35C734515AA416DA9DDA96082694B00 -- C:\Windows\SoftwareDistribution\Download\d0a4dd4c66f2760a0fb537a3cbaaa23c\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.17377_none_451b2e4527c968e3\wininet.dll [2015/05/21 09:31:52 | 000,190,889 | ---- | M] () MD5=CD943F9EA2ED772D5A20EC87CD9C2E0B -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.17296_none_4528158d27bf65ff\wininet.dll [2015/05/09 19:27:40 | 000,340,790 | ---- | M] () MD5=D9D6ADD594753E32D1E07C8EB912EAC3 -- C:\Windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16384_none_451c710127c83830\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2012/07/26 05:21:01 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=7109FF769FFF962869C50D720F7AA7D7 -- C:\Windows\System32\wininit.exe [2012/07/26 05:21:01 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=7109FF769FFF962869C50D720F7AA7D7 -- C:\Windows\WinSxS\x86_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_2d9dc4afd5b76b63\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2015/05/28 14:31:32 | 000,047,281 | ---- | M] () MD5=001433B9EF5EC74756696BFDA3DB03F3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21269_none_6d123078bf6146a4\winlogon.exe [2015/05/28 14:31:32 | 000,047,281 | ---- | M] () MD5=001433B9EF5EC74756696BFDA3DB03F3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21269_none_6d123078bf6146a4\winlogon.exe [2015/05/28 14:31:20 | 000,001,695 | ---- | M] () MD5=0C9BB8218614421B82F6913508D1B453 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17344_none_6c9935dfa637ea93\winlogon.exe [2015/05/28 14:31:20 | 000,001,695 | ---- | M] () MD5=0C9BB8218614421B82F6913508D1B453 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17344_none_6c9935dfa637ea93\winlogon.exe [2015/05/28 14:31:36 | 000,047,281 | ---- | M] () MD5=23F6A6018AB207047DFE7FA789D5840C -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21335_none_6d2ea0fabf4c8a9c\winlogon.exe [2015/05/28 14:31:36 | 000,047,281 | ---- | M] () MD5=23F6A6018AB207047DFE7FA789D5840C -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21335_none_6d2ea0fabf4c8a9c\winlogon.exe [2015/05/28 14:31:03 | 000,061,922 | ---- | M] () MD5=2C6FF8E39055A8098416ECA59E8C7DAF -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_6ca31e2fa63098d1\winlogon.exe [2015/05/28 14:31:03 | 000,061,922 | ---- | M] () MD5=2C6FF8E39055A8098416ECA59E8C7DAF -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_6ca31e2fa63098d1\winlogon.exe [2015/05/28 14:31:14 | 000,001,695 | ---- | M] () MD5=3B452206B5BC5BE637042843227F20B3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17218_none_6cbda4e5a61bfef5\winlogon.exe [2015/05/28 14:31:14 | 000,001,695 | ---- | M] () MD5=3B452206B5BC5BE637042843227F20B3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17218_none_6cbda4e5a61bfef5\winlogon.exe [2015/05/28 14:31:41 | 000,047,281 | ---- | M] () MD5=4120E7D768A93C64E7D6774DBA80C2FA -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21458_none_6d1c03e6bf5a0baa\winlogon.exe [2015/05/28 14:31:41 | 000,047,281 | ---- | M] () MD5=4120E7D768A93C64E7D6774DBA80C2FA -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21458_none_6d1c03e6bf5a0baa\winlogon.exe [2015/05/28 14:31:12 | 000,001,695 | ---- | M] () MD5=4F12551FA3E6628CA862F821B9770DA8 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17172_none_6c76c1bba652116a\winlogon.exe [2015/05/28 14:31:12 | 000,001,695 | ---- | M] () MD5=4F12551FA3E6628CA862F821B9770DA8 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17172_none_6c76c1bba652116a\winlogon.exe [2015/05/28 14:31:01 | 000,067,365 | ---- | M] () MD5=5781ADD6B81A67D8CEEF8447D60BE55A -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_6caaed3da62b30db\winlogon.exe [2015/05/28 14:31:01 | 000,067,365 | ---- | M] () MD5=5781ADD6B81A67D8CEEF8447D60BE55A -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_6caaed3da62b30db\winlogon.exe [2015/05/28 14:30:58 | 000,067,358 | ---- | M] () MD5=75222EE7B8A225521E1636EC9AAD0B32 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe [2015/05/28 14:30:58 | 000,067,358 | ---- | M] () MD5=75222EE7B8A225521E1636EC9AAD0B32 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_6c6e0cf7a65840b6\winlogon.exe [2015/05/28 14:31:06 | 000,001,695 | ---- | M] () MD5=7F2C308A35E159F6E7F895FCC646DBA7 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17014_none_6cb99ff1a61f9f4b\winlogon.exe [2015/05/28 14:31:06 | 000,001,695 | ---- | M] () MD5=7F2C308A35E159F6E7F895FCC646DBA7 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17014_none_6cb99ff1a61f9f4b\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\System32\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\System32\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17150_none_6c8a60ffa643a6da\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17150_none_6c8a60ffa643a6da\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17362_none_6c819573a649efc7\winlogon.exe [2014/04/12 09:24:27 | 000,429,056 | ---- | M] (Microsoft Corporation) MD5=89D6AFD5B257049375008BAA512910EE -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17362_none_6c819573a649efc7\winlogon.exe [2015/05/28 14:31:43 | 000,047,281 | ---- | M] () MD5=8D43D653684CB2430C908138767177BD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21474_none_6d0262e6bf6dde30\winlogon.exe [2015/05/28 14:31:43 | 000,047,281 | ---- | M] () MD5=8D43D653684CB2430C908138767177BD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21474_none_6d0262e6bf6dde30\winlogon.exe [2015/05/28 14:31:28 | 000,047,281 | ---- | M] () MD5=932CBA762F6FCBEBBB2DCA39962772DA -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21133_none_6d2c9c9abf4e5da0\winlogon.exe [2015/05/28 14:31:28 | 000,047,281 | ---- | M] () MD5=932CBA762F6FCBEBBB2DCA39962772DA -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21133_none_6d2c9c9abf4e5da0\winlogon.exe [2015/05/28 14:31:25 | 000,047,281 | ---- | M] () MD5=A86BED01815E8998767901C74B059E98 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_6d413a42bf3f0f40\winlogon.exe [2015/05/28 14:31:25 | 000,047,281 | ---- | M] () MD5=A86BED01815E8998767901C74B059E98 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_6d413a42bf3f0f40\winlogon.exe [2015/05/28 14:31:23 | 000,061,922 | ---- | M] () MD5=B47FAB6F771BE78365DE32D64162E0E7 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_6d2dbb44bf4d51f2\winlogon.exe [2015/05/28 14:31:23 | 000,061,922 | ---- | M] () MD5=B47FAB6F771BE78365DE32D64162E0E7 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_6d2dbb44bf4d51f2\winlogon.exe [2015/05/28 14:31:16 | 000,001,695 | ---- | M] () MD5=C40ABD6F95279C2E525CC504C9350539 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17293_none_6c622413a6615fca\winlogon.exe [2015/05/28 14:31:16 | 000,001,695 | ---- | M] () MD5=C40ABD6F95279C2E525CC504C9350539 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17293_none_6c622413a6615fca\winlogon.exe [2015/05/28 14:31:37 | 000,047,281 | ---- | M] () MD5=CAF73958E83A95BECA4D5C45223D0E75 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21410_none_6d3f4146bf40d12e\winlogon.exe [2015/05/28 14:31:37 | 000,047,281 | ---- | M] () MD5=CAF73958E83A95BECA4D5C45223D0E75 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21410_none_6d3f4146bf40d12e\winlogon.exe [2015/05/28 14:31:29 | 000,047,281 | ---- | M] () MD5=CD46F48DAC3A91B4CB0DDAA1DE2BBCC4 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21243_none_6d21ce94bf5676b8\winlogon.exe [2015/05/28 14:31:29 | 000,047,281 | ---- | M] () MD5=CD46F48DAC3A91B4CB0DDAA1DE2BBCC4 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21243_none_6d21ce94bf5676b8\winlogon.exe [2015/05/28 14:31:18 | 000,001,695 | ---- | M] () MD5=D26DEF92E3951DB94E50739204C5AC81 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17313_none_6cb8a559a6207d69\winlogon.exe [2015/05/28 14:31:18 | 000,001,695 | ---- | M] () MD5=D26DEF92E3951DB94E50739204C5AC81 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17313_none_6cb8a559a6207d69\winlogon.exe [2015/05/28 14:31:05 | 000,001,695 | ---- | M] () MD5=DF5D9B8AD6F1CF4FF208965D15CF87DD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_6c6045aba6630265\winlogon.exe [2015/05/28 14:31:05 | 000,001,695 | ---- | M] () MD5=DF5D9B8AD6F1CF4FF208965D15CF87DD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_6c6045aba6630265\winlogon.exe [2015/05/28 14:31:22 | 000,067,370 | ---- | M] () MD5=E618A23FB2583C0C0850D9E2526AABFD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_6d358a52bf47e9fc\winlogon.exe [2015/05/28 14:31:22 | 000,067,370 | ---- | M] () MD5=E618A23FB2583C0C0850D9E2526AABFD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_6d358a52bf47e9fc\winlogon.exe [2015/05/28 14:31:39 | 000,047,281 | ---- | M] () MD5=E6EB10E1CF8A014AA97153461DA4C4EC -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21428_none_6d3c73aabf41b7d7\winlogon.exe [2015/05/28 14:31:39 | 000,047,281 | ---- | M] () MD5=E6EB10E1CF8A014AA97153461DA4C4EC -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21428_none_6d3c73aabf41b7d7\winlogon.exe [2015/05/28 14:31:08 | 000,001,695 | ---- | M] () MD5=ECADA89BF1671A3BA4DE340EE2D773FD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17126_none_6cb0d27fa625eb11\winlogon.exe [2015/05/28 14:31:08 | 000,001,695 | ---- | M] () MD5=ECADA89BF1671A3BA4DE340EE2D773FD -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17126_none_6cb0d27fa625eb11\winlogon.exe [2015/05/28 14:31:33 | 000,047,281 | ---- | M] () MD5=F28084E1C131402A25E7438E803384F3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21290_none_6ce8be1abf81b668\winlogon.exe [2015/05/28 14:31:33 | 000,047,281 | ---- | M] () MD5=F28084E1C131402A25E7438E803384F3 -- C:\Windows\WinSxS\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21290_none_6ce8be1abf81b668\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2012/07/26 06:17:16 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\System32\ws2_32.dll [2012/07/26 06:17:16 | 000,310,784 | ---- | M] (Microsoft Corporation) MD5=B3CC9EDFD97F7087013A9A47089DF571 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\​*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*​.sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2015/06/20 01:08:06 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1106839670-1729322993-3310929797-1001\desktop.ini [2015/06/16 17:11:36 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1717297061-3309022548-1457237023-1001\desktop.ini [2015/07/07 06:30:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$I0OLR3Z.lnk [2015/07/07 06:29:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$IFE5EB7.txt [2015/07/07 06:31:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$IFPB6IC.mp3 [2015/06/24 20:04:10 | 000,001,018 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$R0OLR3Z.lnk [2015/06/08 14:15:25 | 000,002,487 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$RFE5EB7.txt [2015/03/26 00:46:25 | 005,003,879 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\$RFPB6IC.mp3 [2015/04/20 19:15:59 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1937375374-3075439887-923394577-1001\desktop.ini [2012/07/26 08:04:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2015/04/20 20:44:51 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#E56717]========== Files - Unicode (All) ==========[/color] [2015/05/09 13:33:20 | 000,000,133 | ---- | M] ()(C:\Users\mannour\? how to replace change lcd hinges keyboard dvdwriter of lenovo Y510 - YouTube.url) -- C:\Users\mannour\▶ how to replace change lcd hinges keyboard dvdwriter of lenovo Y510 - YouTube.url [2015/05/09 13:33:20 | 000,000,133 | ---- | C] ()(C:\Users\mannour\? how to replace change lcd hinges keyboard dvdwriter of lenovo Y510 - YouTube.url) -- C:\Users\mannour\▶ how to replace change lcd hinges keyboard dvdwriter of lenovo Y510 - YouTube.url [2015/05/03 19:36:49 | 000,000,000 | ---D | M](C:\Users\mannour\Documents\MAGIX ????? ?????? 21 Plus 14.0.0.160 (?64) RePack by KpoJIuK) -- C:\Users\mannour\Documents\MAGIX Видео Делюкс 21 Plus 14.0.0.160 (х64) RePack by KpoJIuK [2015/05/03 19:22:23 | 000,000,000 | ---D | M](C:\Users\mannour\Documents\MAGIX ????????) -- C:\Users\mannour\Documents\MAGIX загрузки [2015/05/03 19:22:23 | 000,000,000 | ---D | C](C:\Users\mannour\Documents\MAGIX ????????) -- C:\Users\mannour\Documents\MAGIX загрузки [2015/05/02 23:35:46 | 000,000,000 | ---D | C](C:\Users\mannour\Documents\MAGIX ????? ?????? 21 Plus 14.0.0.160 (?64) RePack by KpoJIuK) -- C:\Users\mannour\Documents\MAGIX Видео Делюкс 21 Plus 14.0.0.160 (х64) RePack by KpoJIuK < End of report >