OTL logfile created on: 2013-06-08 10:37:07 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Client\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd 2,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 43,95% Memory free 5,71 Gb Paging File | 4,09 Gb Available in Paging File | 71,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 336,05 Gb Total Space | 6,63 Gb Free Space | 1,97% Space Free | Partition Type: NTFS Drive E: | 250,36 Gb Total Space | 228,41 Gb Free Space | 91,23% Space Free | Partition Type: NTFS Computer Name: GULZAR | User Name: Client | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-06-08 10:34:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe PRC - [2013-05-10 22:58:47 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2013-05-10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-04-22 10:55:08 | 000,754,000 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\MaConfigAgent.exe PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013-01-31 05:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-11-13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2012-11-13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2012-08-01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe PRC - [2012-01-31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe PRC - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG10\avgrsx.exe PRC - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG10\avgchsvx.exe PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe PRC - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe PRC - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe PRC - [2011-01-06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe PRC - [2010-01-21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2010-01-21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 09:18:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-11-13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2012-11-13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2011-06-24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-06-24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (TrkWks) SRV - File not found [Disabled | Stopped] -- \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp [WARNING: \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp] -- (srv14DC) SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService) SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService) SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService) SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (RpcSs) SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (DcomLaunch) SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (BITS) SRV - [2013-05-26 20:31:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-04-22 10:55:08 | 000,754,000 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent) SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013-03-01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-11-22 16:49:59 | 000,125,952 | ---- | M] (Yuna Software) [On_Demand | Stopped] -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService) SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-09-07 22:06:24 | 001,828,496 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012-06-11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-06-09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation) SRV - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws) SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2011-01-06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe -- (ServicepointService) SRV - [2010-07-04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [On_Demand | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010-05-18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010-01-21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2010-01-21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) SRV - [2008-01-20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NPF) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mcdbus) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp) DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ApfiltrService) DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013-01-31 07:21:23 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-11-12 05:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-08-29 18:47:56 | 000,190,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2012-07-03 11:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012-06-11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-01-09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-10-21 22:14:59 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32) DRV - [2011-07-21 21:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2011-05-27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-05-10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl) DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-02-10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-02-10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsnmea.sys -- (zghsnmea) DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsmdm.sys -- (zghsmdm) DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsdiag.sys -- (zghsdiag) DRV - [2010-11-25 06:59:16 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2010-07-12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd) DRV - [2010-06-14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-26 22:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2010-04-26 22:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) DRV - [2010-04-26 22:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2010-04-09 02:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2010-04-09 02:32:54 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32) DRV - [2010-03-22 18:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010-03-04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET) DRV - [2010-03-04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD) DRV - [2009-12-30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2008-07-29 05:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2003-01-31 18:08:54 | 000,028,005 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://qc.answers.yahoo.com/questi [Binary data over 200 bytes] IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.commentcamarche.net/forum/affich-27973237-ie-9-fonctionne-pas-a-cause-de-http-localhost-9000-proxy-pac IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx?ocid=iehp IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 65 02 7B 82 44 CE 01 [binary data] IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes,DefaultScope = {9CA7DA1C-773A-4588-8E84-47F0508BCB5E} IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{9CA7DA1C-773A-4588-8E84-47F0508BCB5E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GUEA_frCA474 IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr" FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.5 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6 FF - prefs.js..network.proxy.autoconfig_url: "http://localhost:9000/proxy.pac" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 55879 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.type: 2 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - prefs.js..browser.startup.homepage: "http://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ff" FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=11: C:\Program Files\Google\Google Updater\2.1.850.19570\npCIDetect11.dll (Google) FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Bell\Internet Service Advisor\nprpspa.dll (Bell) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Client\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-03-06 19:07:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-06-04 11:04:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013-04-10 10:20:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-03-06 19:07:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012-10-05 21:22:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-03 23:31:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-01 23:18:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-20 14:19:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.1\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2013-04-01 23:18:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.1\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2013-05-20 14:19:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2013-01-08 22:11:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\search@helper: C:\Users\Client\AppData\Roaming\Mozilla\Firefox\Profiles\0xn7o7r9.default\extensions\SearchHelper [2013-03-09 14:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Extensions [2013-06-07 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\0xn7o7r9.default\extensions [2013-06-07 20:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\q4gg7ezh.default\extensions [2013-03-10 14:07:06 | 000,000,000 | ---D | M] ("Savevid.com Easy Video Downloader") -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\q4gg7ezh.default\extensions\ffmenu@savevid.com [2013-01-11 21:25:56 | 000,004,020 | ---- | M] () (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\firefox\profiles\q4gg7ezh.default\extensions\{1705b07d-787f-41cb-b244-3ab25edf9e8e}.xpi [2013-03-27 20:24:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\firefox\profiles\q4gg7ezh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-07 20:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012-11-21 23:47:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-03-01 20:09:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-05-26 18:52:39 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-09-05 21:54:26 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2012-09-05 21:54:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012-09-05 21:54:27 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2012-09-05 21:54:26 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2012-09-05 21:54:26 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2012-09-05 21:54:27 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml Hosts file not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {F999A48B-1950-4D81-9971-79018F807B4B} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {F999A48B-1950-4D81-9971-79018F807B4B} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: annonce123.com ([]https in Sites de confiance) O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: keepvid.com ([]https in Sites de confiance) O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: youtube.com ([www] https in Sites de confiance) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{734D13B3-BC74-4F3E-98AC-3B7710C53D9D}: DhcpNameServer = 192.168.254.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{913C7B26-A9F1-45EF-8EF6-8E56CF00D453}: DhcpNameServer = 64.71.255.205 64.71.255.253 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADA076BF-A0CD-486F-BB28-1331A8A9D7E8}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-07-26 02:52:25 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{37786602-5d9a-11e2-8f35-00218538ec81}\Shell - "" = AutoRun O33 - MountPoints2\{37786602-5d9a-11e2-8f35-00218538ec81}\Shell\AutoRun\command - "" = G:\DigitalPhotoViewer.exe O33 - MountPoints2\{5364be4a-d601-11de-89cb-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5364be4a-d601-11de-89cb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Mehfil.exe O33 - MountPoints2\{77516076-00be-11d6-91ca-a8f00530693c}\Shell\AutoRun\command - "" = F:\IEXPLORE.EXE O33 - MountPoints2\{84b4642e-5dad-11e2-ac4e-00218538ec81}\Shell - "" = AutoRun O33 - MountPoints2\{84b4642e-5dad-11e2-ac4e-00218538ec81}\Shell\AutoRun\command - "" = G:\DigitalPhotoViewer.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) O34 - HKLM BootExecute: (sdnclean.exe) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) MsConfig - State: "startup" - 2 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 NetSvcs: srv14DC - \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp File not found NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: 77329793.sys - Driver SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: klmdb.sys - Driver SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: ServicepointService - C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe (Radialpoint Inc.) SafeBootMin: srv14DC - \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp File not found SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: 77329793.sys - Driver SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: klmdb.sys - Driver SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: ServicepointService - C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe (Radialpoint Inc.) SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-06-08 10:34:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe [2013-06-08 10:34:01 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F} [2013-06-07 22:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013-06-07 22:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013-06-07 22:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013-06-07 22:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013-06-07 22:30:51 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\coupe papier [2013-06-07 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\RK_Quarantine [2013-06-07 18:11:00 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3} [2013-06-07 14:24:54 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70} [2013-06-07 13:20:29 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E} [2013-06-06 20:39:04 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045} [2013-06-06 08:36:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66} [2013-06-05 21:34:30 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\nouveaux chansons [2013-06-05 17:17:06 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D} [2013-06-05 08:38:26 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD} [2013-06-04 22:07:20 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\Audio [2013-06-04 19:42:33 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091} [2013-06-04 07:39:28 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703} [2013-06-04 07:37:55 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55} [2013-06-03 17:17:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1} [2013-06-02 22:48:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5} [2013-06-02 21:35:54 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\King Kong 2005 1080P HDRiP TRUEFRENCH AC3 SUBFORCES X264-SubZero [2013-06-02 10:45:26 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C} [2013-06-01 11:30:12 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B} [2013-06-01 11:28:25 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD} [2013-05-31 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\AoA audio extractor [2013-05-31 15:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AoA Audio Extractor [2013-05-31 15:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\AoA Audio Extractor [2013-05-31 14:43:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541} [2013-05-30 20:37:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1} [2013-05-30 08:35:11 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505} [2013-05-29 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078} [2013-05-29 18:12:08 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Roaming\Trillian [2013-05-29 18:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian [2013-05-29 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\AVG PC Tuneup Pro 2013 [2013-05-29 08:29:21 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B} [2013-05-28 20:01:50 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B} [2013-05-28 07:35:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964} [2013-05-27 17:17:10 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC} [2013-05-26 23:21:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE} [2013-05-26 11:19:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1} [2013-05-25 23:16:37 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51} [2013-05-25 11:04:12 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B} [2013-05-24 14:55:59 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673} [2013-05-23 21:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flv Audio Extractor [2013-05-23 21:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Flv Audio Extractor [2013-05-23 20:34:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E} [2013-05-23 08:31:36 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940} [2013-05-23 08:29:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2} [2013-05-22 20:21:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE} [2013-05-22 08:18:04 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9} [2013-05-21 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF} [2013-05-21 07:28:54 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769} [2013-05-20 11:25:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205} [2013-05-19 14:57:49 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Roaming\AVG [2013-05-19 14:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG [2013-05-19 14:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013-05-19 11:15:50 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E} [2013-05-18 23:11:53 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060} [2013-05-18 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7} [2013-05-17 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922} [2013-05-16 20:39:13 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8} [2013-05-16 08:36:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F} [2013-05-15 20:34:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3} [2013-05-15 18:38:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013-05-15 08:34:02 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013-05-15 08:34:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013-05-15 08:34:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013-05-15 08:34:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013-05-15 08:34:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013-05-15 08:34:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013-05-15 08:33:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013-05-15 08:33:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677} [2013-05-15 08:32:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013-05-15 08:32:31 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013-05-14 23:07:32 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys [2013-05-14 23:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [2013-05-14 23:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2013-05-14 17:22:30 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787} [2013-05-13 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E} [2013-05-13 08:07:57 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A} [2013-05-12 23:50:05 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2} [2013-05-12 11:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013-05-12 11:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013-05-12 11:47:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5} [2013-05-12 11:46:49 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05} [2013-05-12 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142} [2013-05-11 23:13:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7} [2013-05-11 18:40:06 | 000,000,000 | ---D | C] -- C:\Users\Client\.config [2013-05-11 18:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emesene [2013-05-11 18:34:09 | 000,000,000 | ---D | C] -- C:\Users\Client\amsn [2013-05-11 12:04:49 | 000,000,000 | ---D | C] -- C:\Users\Client\.appwork [2013-05-11 11:10:35 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522} [2013-05-10 13:45:38 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338} [2013-05-09 20:40:33 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1} [2010-12-28 19:09:55 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2010-09-11 16:17:34 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013-06-08 10:38:01 | 000,722,628 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2013-06-08 10:38:01 | 000,631,228 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013-06-08 10:38:01 | 000,145,606 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2013-06-08 10:38:01 | 000,120,098 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013-06-08 10:35:17 | 122,496,639 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2013-06-08 10:34:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe [2013-06-08 10:33:00 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2013-06-08 10:30:29 | 000,004,368 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013-06-08 10:30:29 | 000,004,368 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013-06-08 10:30:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-06-08 00:09:12 | 000,003,666 | ---- | M] () -- C:\Users\Client\Desktop\je n'Aime pas les menteuse.jpg [2013-06-07 22:34:12 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013-06-05 21:56:00 | 000,018,646 | ---- | M] () -- C:\Users\Client\ma photo 2007.jpg [2013-06-05 21:55:52 | 000,625,585 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2013-06-05 21:38:10 | 051,900,587 | ---- | M] () -- C:\Users\Client\Desktop\Ishq-Samundar-[Full-Song]-Kaante[www.savevid.com].wav [2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-06-03 20:58:26 | 000,245,299 | ---- | M] () -- C:\Users\Client\Desktop\calendrier.jpg [2013-06-03 20:50:46 | 000,003,788 | ---- | M] () -- C:\Users\Client\Desktop\contentMiddle.jpg [2013-06-03 17:22:29 | 000,028,840 | ---- | M] () -- C:\Users\Client\photo.jpg [2013-06-02 20:51:25 | 003,330,619 | ---- | M] () -- C:\Users\Client\Desktop\ma photo.jpg [2013-06-02 19:00:12 | 367,265,458 | ---- | M] () -- C:\Users\Client\Desktop\The.Mentalist.S05E10.FRENCH.LD.HDTV.XviD-MiND.avi [2013-06-02 19:00:02 | 367,529,710 | ---- | M] () -- C:\Users\Client\Desktop\The.Mentalist.S05E09.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-29 17:17:58 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2013-05-27 23:18:30 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013-05-26 21:24:32 | 003,047,549 | ---- | M] () -- C:\Users\Client\khalid bhai.eml [2013-05-26 20:31:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013-05-26 20:31:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013-05-26 13:00:17 | 000,011,002 | ---- | M] () -- C:\Users\Client\nom d'usager.rtf [2013-05-20 11:25:55 | 000,000,218 | ---- | M] () -- C:\Windows\wininit.ini [2013-05-19 17:39:13 | 000,012,039 | ---- | M] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg [2013-05-19 15:16:06 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013-05-18 19:43:21 | 000,000,134 | ---- | M] () -- C:\Windows\(null)toolkit.ini [2013-05-17 16:55:25 | 002,560,594 | ---- | M] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg [2013-05-17 16:41:49 | 000,014,242 | ---- | M] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg [2013-05-16 21:06:55 | 000,045,254 | ---- | M] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg [2013-05-15 09:44:40 | 000,384,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013-05-14 07:36:28 | 004,935,240 | ---- | M] () -- C:\Users\Client\khalid bhai poste canada 2.jpg [2013-05-14 07:34:43 | 004,834,521 | ---- | M] () -- C:\Users\Client\Khalid Bhai poste canada.jpg [2013-05-12 21:41:52 | 367,252,094 | R--- | M] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-12 21:37:43 | 367,200,050 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-06-08 10:40:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013-06-08 00:09:12 | 000,003,666 | ---- | C] () -- C:\Users\Client\Desktop\je n'Aime pas les menteuse.jpg [2013-06-07 22:34:12 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013-06-05 21:38:08 | 051,900,587 | ---- | C] () -- C:\Users\Client\Desktop\Ishq-Samundar-[Full-Song]-Kaante[www.savevid.com].wav [2013-06-05 09:52:52 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job [2013-06-03 20:58:26 | 000,245,299 | ---- | C] () -- C:\Users\Client\Desktop\calendrier.jpg [2013-06-03 20:52:17 | 000,003,788 | ---- | C] () -- C:\Users\Client\Desktop\contentMiddle.jpg [2013-06-03 17:22:42 | 000,028,840 | ---- | C] () -- C:\Users\Client\photo.jpg [2013-06-02 20:51:57 | 003,330,619 | ---- | C] () -- C:\Users\Client\Desktop\ma photo.jpg [2013-06-02 18:56:24 | 367,265,458 | ---- | C] () -- C:\Users\Client\Desktop\The.Mentalist.S05E10.FRENCH.LD.HDTV.XviD-MiND.avi [2013-06-02 18:55:53 | 367,529,710 | ---- | C] () -- C:\Users\Client\Desktop\The.Mentalist.S05E09.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-29 17:17:58 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2013-05-26 21:24:31 | 003,047,549 | ---- | C] () -- C:\Users\Client\khalid bhai.eml [2013-05-23 21:22:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\actskn43.ocx [2013-05-20 11:25:47 | 000,000,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trillian.lnk [2013-05-19 17:39:37 | 000,012,039 | ---- | C] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg [2013-05-18 19:43:21 | 000,000,134 | ---- | C] () -- C:\Windows\(null)toolkit.ini [2013-05-17 16:55:09 | 002,560,594 | ---- | C] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg [2013-05-17 16:41:52 | 000,014,242 | ---- | C] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg [2013-05-14 07:36:17 | 004,935,240 | ---- | C] () -- C:\Users\Client\khalid bhai poste canada 2.jpg [2013-05-14 07:34:21 | 004,834,521 | ---- | C] () -- C:\Users\Client\Khalid Bhai poste canada.jpg [2013-05-12 21:38:42 | 367,252,094 | R--- | C] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-12 21:35:26 | 367,200,050 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-06 22:27:23 | 367,374,406 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E02.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-06 21:57:07 | 367,406,570 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E01.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-05 14:17:09 | 000,028,740 | ---- | C] () -- C:\Users\Client\1292890809_148415350_4-2005-Ford-Freestar-Vehicles.jpg [2013-05-04 18:24:02 | 000,384,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013-05-03 20:19:49 | 000,001,589 | ---- | C] () -- C:\Program Files\Uninstall.ini [2013-04-28 14:32:35 | 000,045,254 | ---- | C] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg [2013-04-22 19:44:31 | 000,188,416 | RHS- | C] () -- C:\Windows\System32\winDCE32.dll [2013-04-22 19:44:31 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll [2013-04-08 20:10:21 | 000,081,903 | ---- | C] () -- C:\Users\Client\face.JPG [2013-04-07 12:25:12 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2013-04-05 20:13:55 | 000,011,002 | ---- | C] () -- C:\Users\Client\nom d'usager.rtf [2013-03-06 21:28:29 | 000,000,664 | RHS- | C] () -- C:\Users\Client\ntuser.pol [2013-03-02 15:47:44 | 000,003,076 | ---- | C] () -- C:\Users\Client\75288a_t.jpg [2013-02-28 19:02:02 | 000,002,240 | ---- | C] () -- C:\Users\Client\173326_100002127565566_1304893357_q.jpg [2013-02-23 17:56:15 | 000,344,064 | ---- | C] () -- C:\Users\Client\!cid_3D892220-7DB0-4C23-BE5F-61C54B31AF4B.jpg [2013-02-23 17:56:09 | 001,290,240 | ---- | C] () -- C:\Users\Client\!cid_1C93C6A5-809A-49E6-B022-D5B77BC5B5E3.png [2013-02-11 22:35:25 | 000,000,600 | ---- | C] () -- C:\Users\Client\AppData\Roaming\winscp.rnd [2013-01-25 23:14:19 | 014,558,611 | ---- | C] () -- C:\Users\Client\iphone_guide_de_l_utilisateur.pdf [2013-01-19 16:44:55 | 000,018,646 | ---- | C] () -- C:\Users\Client\ma photo 2007.jpg [2013-01-17 15:02:30 | 026,026,753 | ---- | C] () -- C:\Windows\System32\trillian-v5.3.0.12.exe [2013-01-11 07:48:18 | 000,006,530 | ---- | C] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx [2013-01-10 18:38:42 | 000,000,218 | ---- | C] () -- C:\Windows\wininit.ini [2012-12-28 15:39:45 | 000,024,841 | ---- | C] () -- C:\Users\Client\irene.png [2012-10-25 18:07:55 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll [2012-10-25 18:07:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll [2012-04-14 16:59:17 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2012-04-14 16:03:40 | 000,000,088 | ---- | C] () -- C:\Windows\ENX230.ini [2012-03-18 13:49:25 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI [2012-02-14 22:05:02 | 000,252,967 | ---- | C] () -- C:\Users\Client\FidoBill-FactureFido.pdf [2012-01-01 11:59:12 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012-01-01 11:59:12 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011-10-02 19:56:48 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll [2011-10-02 19:56:48 | 000,090,784 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll [2011-08-14 14:12:53 | 000,000,308 | ---- | C] () -- C:\Program Files\Program Files.ini [2011-07-17 22:33:51 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2011-06-11 14:14:13 | 000,014,741 | ---- | C] () -- C:\Users\Client\AppData\Roaming\D6AC.844 [2011-06-04 04:48:48 | 000,000,336 | ---- | C] () -- C:\ProgramData\31907576 [2011-05-28 14:19:24 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol [2011-05-22 16:03:32 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088} [2011-05-22 15:48:03 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3} [2010-09-20 22:05:28 | 001,094,776 | ---- | C] () -- C:\Users\Client\Mastering.Hypnosis M2Tv.pdf [2010-09-19 22:35:20 | 000,000,184 | ---- | C] () -- C:\Users\Client\AppData\Roaming\default.rss [2010-09-19 22:35:20 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Roaming\downloads.m3u [2010-09-08 17:05:59 | 020,107,707 | ---- | C] () -- C:\Users\Client\Namaz_Kay_Ahkaam.rar [2010-09-08 16:36:33 | 1642,897,258 | ---- | C] () -- C:\Users\Client\Naat Sharif.rar [2010-07-17 16:29:28 | 098,045,996 | ---- | C] () -- C:\Users\Client\Manqbat e Imam Abu Hanifa Radhi Allahu Anhu [www.keepvid.com].wav [2010-04-20 21:27:18 | 029,928,516 | ---- | C] () -- C:\Users\Client\MadarijunNabuwat2of2.pdf [2010-04-20 21:24:02 | 023,071,331 | ---- | C] () -- C:\Users\Client\MadarijunNabuwat1of2.pdf [2010-03-31 22:32:00 | 000,019,078 | ---- | C] () -- C:\Users\Client\AppData\Roaming\UserTile.png [2010-02-24 22:39:08 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat [2010-01-01 16:55:16 | 000,004,096 | ---- | C] () -- C:\Users\Client\AppData\Local\keyfile3.drm [2009-12-20 22:33:19 | 020,097,456 | ---- | C] () -- C:\Users\Client\Naat Book.pdf [2009-12-13 14:27:34 | 636,029,205 | ---- | C] () -- C:\Users\Client\Kanzul-Emaan.zip [2009-11-19 21:00:38 | 000,225,792 | ---- | C] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-18 17:51:42 | 000,001,356 | ---- | C] () -- C:\Users\Client\AppData\Local\d3d9caps.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2006-11-02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 09:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 09:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKCU\Software >[/color] "GUID" = 881a2ece-e1fd-4d5c-8312-b4014c18c94f "TrueAudioDevice" = Haut-parleurs (Périphérique High Definition Audio) [HKEY_CURRENT_USER\Software\3ivx] [HKEY_CURRENT_USER\Software\8322898] [HKEY_CURRENT_USER\Software\AC3Filter] [HKEY_CURRENT_USER\Software\Adobe] [HKEY_CURRENT_USER\Software\Ahead] [HKEY_CURRENT_USER\Software\AoAAudioExtractor] [HKEY_CURRENT_USER\Software\AppConf] [HKEY_CURRENT_USER\Software\AppDataLow] [HKEY_CURRENT_USER\Software\Apple Computer, Inc.] [HKEY_CURRENT_USER\Software\Apple Inc.] [HKEY_CURRENT_USER\Software\ASProtect] [HKEY_CURRENT_USER\Software\Auslogics] [HKEY_CURRENT_USER\Software\Avg] [HKEY_CURRENT_USER\Software\Binary Noise] [HKEY_CURRENT_USER\Software\BitComet] [HKEY_CURRENT_USER\Software\BitTorrent] [HKEY_CURRENT_USER\Software\Boilsoft] [HKEY_CURRENT_USER\Software\Borland] [HKEY_CURRENT_USER\Software\Bump Technologies, Inc.] [HKEY_CURRENT_USER\Software\Bytescout] [HKEY_CURRENT_USER\Software\Bywifi] [HKEY_CURRENT_USER\Software\CDDB] [HKEY_CURRENT_USER\Software\CeQuadrat] [HKEY_CURRENT_USER\Software\Clients] [HKEY_CURRENT_USER\Software\cooliris] [HKEY_CURRENT_USER\Software\CoreAAC] [HKEY_CURRENT_USER\Software\Digital River] [HKEY_CURRENT_USER\Software\DivX] [HKEY_CURRENT_USER\Software\DivXNetworks] [HKEY_CURRENT_USER\Software\DownloadToolz] [HKEY_CURRENT_USER\Software\DT Soft] [HKEY_CURRENT_USER\Software\Enigma Protector] [HKEY_CURRENT_USER\Software\EPSON] [HKEY_CURRENT_USER\Software\Escolade] [HKEY_CURRENT_USER\Software\FastStone] [HKEY_CURRENT_USER\Software\FDRLab] [HKEY_CURRENT_USER\Software\Flock] [HKEY_CURRENT_USER\Software\Flowmix] [HKEY_CURRENT_USER\Software\FLV Player X] [HKEY_CURRENT_USER\Software\Freecorder] [HKEY_CURRENT_USER\Software\Gabest] [HKEY_CURRENT_USER\Software\GameSpy] [HKEY_CURRENT_USER\Software\GetFLV] [HKEY_CURRENT_USER\Software\GNU] [HKEY_CURRENT_USER\Software\Google] [HKEY_CURRENT_USER\Software\GreenTree Applications] [HKEY_CURRENT_USER\Software\GSpot Appliance Corp] [HKEY_CURRENT_USER\Software\Haali] [HKEY_CURRENT_USER\Software\HookNetwork] [HKEY_CURRENT_USER\Software\IM Providers] [HKEY_CURRENT_USER\Software\Image Power] [HKEY_CURRENT_USER\Software\Industriya] [HKEY_CURRENT_USER\Software\Inspyder] [HKEY_CURRENT_USER\Software\InterVideo] [HKEY_CURRENT_USER\Software\ISSS] [HKEY_CURRENT_USER\Software\JavaSoft] [HKEY_CURRENT_USER\Software\JEDI-VCL] [HKEY_CURRENT_USER\Software\Lavalys] [HKEY_CURRENT_USER\Software\Licenses] [HKEY_CURRENT_USER\Software\Ligos] [HKEY_CURRENT_USER\Software\LSoft Technologies] [HKEY_CURRENT_USER\Software\Macromedia] [HKEY_CURRENT_USER\Software\MainConcept] [HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware] [HKEY_CURRENT_USER\Software\Martin Prikryl] [HKEY_CURRENT_USER\Software\MediaArea.net] [HKEY_CURRENT_USER\Software\Microsoft] [HKEY_CURRENT_USER\Software\MightyUninstaller] [HKEY_CURRENT_USER\Software\Mirage] [HKEY_CURRENT_USER\Software\Mobileleader] [HKEY_CURRENT_USER\Software\Motive] [HKEY_CURRENT_USER\Software\Mountain King Studios] [HKEY_CURRENT_USER\Software\Moyea] [HKEY_CURRENT_USER\Software\Mozilla] [HKEY_CURRENT_USER\Software\MozillaPlugins] [HKEY_CURRENT_USER\Software\Mystik Media] [HKEY_CURRENT_USER\Software\NATATA eBook] [HKEY_CURRENT_USER\Software\Nbeshine] [HKEY_CURRENT_USER\Software\NCH Software] [HKEY_CURRENT_USER\Software\NCH Swift Sound] [HKEY_CURRENT_USER\Software\Nero] [HKEY_CURRENT_USER\Software\Netscape] [HKEY_CURRENT_USER\Software\NFS HS Expansion Pack] [HKEY_CURRENT_USER\Software\Nokia] [HKEY_CURRENT_USER\Software\Nuclear Coffee] [HKEY_CURRENT_USER\Software\NVIDIA Corporation] [HKEY_CURRENT_USER\Software\ODBC] [HKEY_CURRENT_USER\Software\OJOsoft Corporation] [HKEY_CURRENT_USER\Software\Pacestar Software] [HKEY_CURRENT_USER\Software\ParetoLogic] [HKEY_CURRENT_USER\Software\PeterSoft] [HKEY_CURRENT_USER\Software\Phoenix Technologies] [HKEY_CURRENT_USER\Software\Piriform] [HKEY_CURRENT_USER\Software\Policies] [HKEY_CURRENT_USER\Software\PolySoft] [HKEY_CURRENT_USER\Software\ProgSense] [HKEY_CURRENT_USER\Software\Python] [HKEY_CURRENT_USER\Software\Radialpoint] [HKEY_CURRENT_USER\Software\RealNetworks] [HKEY_CURRENT_USER\Software\redsn0w] [HKEY_CURRENT_USER\Software\ReducBarre] [HKEY_CURRENT_USER\Software\Safer Networking Limited] [HKEY_CURRENT_USER\Software\Samsung] [HKEY_CURRENT_USER\Software\Save Tube Video] [HKEY_CURRENT_USER\Software\SeriousBit] [HKEY_CURRENT_USER\Software\Skype] [HKEY_CURRENT_USER\Software\Stardock] [HKEY_CURRENT_USER\Software\SWiSHzone.com] [HKEY_CURRENT_USER\Software\SynergeticSoft] [HKEY_CURRENT_USER\Software\Sysinternals] [HKEY_CURRENT_USER\Software\Systweak] [HKEY_CURRENT_USER\Software\TeleCharger] [HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks] [HKEY_CURRENT_USER\Software\Torch] [HKEY_CURRENT_USER\Software\Trolltech] [HKEY_CURRENT_USER\Software\TuneUp] [HKEY_CURRENT_USER\Software\UniMessenger] [HKEY_CURRENT_USER\Software\Uninstall Plus Pers] [HKEY_CURRENT_USER\Software\Uninstall Plus v4.1] [HKEY_CURRENT_USER\Software\Unity] [HKEY_CURRENT_USER\Software\VB and VBA Program Settings] [HKEY_CURRENT_USER\Software\Video Download Capture] [HKEY_CURRENT_USER\Software\VideoJoiner] [HKEY_CURRENT_USER\Software\VirtualDub.org] [HKEY_CURRENT_USER\Software\Viscomsoft] [HKEY_CURRENT_USER\Software\VS Revo Group] [HKEY_CURRENT_USER\Software\VSO] [HKEY_CURRENT_USER\Software\WinRAR] [HKEY_CURRENT_USER\Software\WinRAR SFX] [HKEY_CURRENT_USER\Software\WiseUninstaller] [HKEY_CURRENT_USER\Software\Yahoo] [HKEY_CURRENT_USER\Software\Yuna Software] [HKEY_CURRENT_USER\Software\{6E2C24BD-6185-4A60-90B6-6711D4D49B38}] [HKEY_CURRENT_USER\Software\Classes] [color=#A23BEC]< HKLM\Software >[/color] [HKEY_LOCAL_MACHINE\Software\Acer] [HKEY_LOCAL_MACHINE\Software\Adobe] [HKEY_LOCAL_MACHINE\Software\AdwCleaner] [HKEY_LOCAL_MACHINE\Software\Ahead] [HKEY_LOCAL_MACHINE\Software\AMI] [HKEY_LOCAL_MACHINE\Software\AppDataLow] [HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.] [HKEY_LOCAL_MACHINE\Software\Apple Inc.] [HKEY_LOCAL_MACHINE\Software\Avg] [HKEY_LOCAL_MACHINE\Software\AviSynth] [HKEY_LOCAL_MACHINE\Software\BackupOptions] [HKEY_LOCAL_MACHINE\Software\Bunndle] [HKEY_LOCAL_MACHINE\Software\Bywifi] [HKEY_LOCAL_MACHINE\Software\CDDB] [HKEY_LOCAL_MACHINE\Software\Classes] [HKEY_LOCAL_MACHINE\Software\Clients] [HKEY_LOCAL_MACHINE\Software\cybelsoft] [HKEY_LOCAL_MACHINE\Software\DivX] [HKEY_LOCAL_MACHINE\Software\DivXNetworks] [HKEY_LOCAL_MACHINE\Software\DT Soft] [HKEY_LOCAL_MACHINE\Software\DVDVideoSoft] [HKEY_LOCAL_MACHINE\Software\Electronic Arts] [HKEY_LOCAL_MACHINE\Software\Elf_1] [HKEY_LOCAL_MACHINE\Software\EPSON] [HKEY_LOCAL_MACHINE\Software\Flowmix] [HKEY_LOCAL_MACHINE\Software\GameSpy] [HKEY_LOCAL_MACHINE\Software\GEAR Software] [HKEY_LOCAL_MACHINE\Software\Google] [HKEY_LOCAL_MACHINE\Software\GSplit] [HKEY_LOCAL_MACHINE\Software\HaaliMkx] [HKEY_LOCAL_MACHINE\Software\HitmanPro] [HKEY_LOCAL_MACHINE\Software\IM Providers] [HKEY_LOCAL_MACHINE\Software\IncrediMail] [HKEY_LOCAL_MACHINE\Software\Industriya] [HKEY_LOCAL_MACHINE\Software\InstallShield] [HKEY_LOCAL_MACHINE\Software\instinno] [HKEY_LOCAL_MACHINE\Software\Intel] [HKEY_LOCAL_MACHINE\Software\Intel Corporation] [HKEY_LOCAL_MACHINE\Software\InterVideo] [HKEY_LOCAL_MACHINE\Software\IPHider] [HKEY_LOCAL_MACHINE\Software\ISSS] [HKEY_LOCAL_MACHINE\Software\iTinySoft] [HKEY_LOCAL_MACHINE\Software\JavaSoft] [HKEY_LOCAL_MACHINE\Software\Jodix] [HKEY_LOCAL_MACHINE\Software\JreMetrics] [HKEY_LOCAL_MACHINE\Software\K-Lite] [HKEY_LOCAL_MACHINE\Software\Khronos] [HKEY_LOCAL_MACHINE\Software\Lexmark] [HKEY_LOCAL_MACHINE\Software\Licenses] [HKEY_LOCAL_MACHINE\Software\Lidan] [HKEY_LOCAL_MACHINE\Software\LimeRunner] [HKEY_LOCAL_MACHINE\Software\LimeSharePro] [HKEY_LOCAL_MACHINE\Software\LimeWireTurbo] [HKEY_LOCAL_MACHINE\Software\Look@LAN] [HKEY_LOCAL_MACHINE\Software\Macromedia] [HKEY_LOCAL_MACHINE\Software\Magnet] [HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware] [HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware (Trial)] [HKEY_LOCAL_MACHINE\Software\MarkAny] [HKEY_LOCAL_MACHINE\Software\Martin Prikryl] [HKEY_LOCAL_MACHINE\Software\Microsoft] [HKEY_LOCAL_MACHINE\Software\MimarSinan] [HKEY_LOCAL_MACHINE\Software\Motive] [HKEY_LOCAL_MACHINE\Software\Moyea] [HKEY_LOCAL_MACHINE\Software\Mozilla] [HKEY_LOCAL_MACHINE\Software\mozilla.org] [HKEY_LOCAL_MACHINE\Software\MozillaPlugins] [HKEY_LOCAL_MACHINE\Software\Nbeshine] [HKEY_LOCAL_MACHINE\Software\NCH Swift Sound] [HKEY_LOCAL_MACHINE\Software\Nero] [HKEY_LOCAL_MACHINE\Software\NeroUpdate] [HKEY_LOCAL_MACHINE\Software\Netscape] [HKEY_LOCAL_MACHINE\Software\NFS HS Expansion Pack] [HKEY_LOCAL_MACHINE\Software\NFS HS Mixer] [HKEY_LOCAL_MACHINE\Software\Nokia] [HKEY_LOCAL_MACHINE\Software\Nuclear Coffee] [HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation] [HKEY_LOCAL_MACHINE\Software\ODBC] [HKEY_LOCAL_MACHINE\Software\OldTimer Tools] [HKEY_LOCAL_MACHINE\Software\Osen Kusnadi] [HKEY_LOCAL_MACHINE\Software\Pakistan Data Management Services] [HKEY_LOCAL_MACHINE\Software\Paretologic] [HKEY_LOCAL_MACHINE\Software\PC Connectivity Solution] [HKEY_LOCAL_MACHINE\Software\PCSuite] [HKEY_LOCAL_MACHINE\Software\PCTools] [HKEY_LOCAL_MACHINE\Software\PeterSoft] [HKEY_LOCAL_MACHINE\Software\Photo Notifier and Animation Creator] [HKEY_LOCAL_MACHINE\Software\Piriform] [HKEY_LOCAL_MACHINE\Software\Policies] [HKEY_LOCAL_MACHINE\Software\Radialpoint] [HKEY_LOCAL_MACHINE\Software\RapidShare Manager] [HKEY_LOCAL_MACHINE\Software\RealNetworks] [HKEY_LOCAL_MACHINE\Software\Realtek] [HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.] [HKEY_LOCAL_MACHINE\Software\RegisteredApplications] [HKEY_LOCAL_MACHINE\Software\RichFX] [HKEY_LOCAL_MACHINE\Software\S3R521] [HKEY_LOCAL_MACHINE\Software\Safer Networking Limited] [HKEY_LOCAL_MACHINE\Software\SAMSUNG] [HKEY_LOCAL_MACHINE\Software\Simple Adblock] [HKEY_LOCAL_MACHINE\Software\SimpleAdblock] [HKEY_LOCAL_MACHINE\Software\Skype] [HKEY_LOCAL_MACHINE\Software\SmallRockets] [HKEY_LOCAL_MACHINE\Software\Sonic] [HKEY_LOCAL_MACHINE\Software\Stardock] [HKEY_LOCAL_MACHINE\Software\SynergeticSoft] [HKEY_LOCAL_MACHINE\Software\The Silicon Realms Toolworks] [HKEY_LOCAL_MACHINE\Software\Torch] [HKEY_LOCAL_MACHINE\Software\TrendMicro] [HKEY_LOCAL_MACHINE\Software\TuneUp] [HKEY_LOCAL_MACHINE\Software\Uniblue] [HKEY_LOCAL_MACHINE\Software\Uninstall Plus v4.1] [HKEY_LOCAL_MACHINE\Software\Unreal] [HKEY_LOCAL_MACHINE\Software\VDownloader] [HKEY_LOCAL_MACHINE\Software\VideoLAN] [HKEY_LOCAL_MACHINE\Software\Volatile] [HKEY_LOCAL_MACHINE\Software\Windows] [HKEY_LOCAL_MACHINE\Software\WinRAR] [HKEY_LOCAL_MACHINE\Software\WiseConvert_B] [HKEY_LOCAL_MACHINE\Software\Wondershare] [HKEY_LOCAL_MACHINE\Software\WOW6432Node] [HKEY_LOCAL_MACHINE\Software\Xing Technology Corp.] [HKEY_LOCAL_MACHINE\Software\Yahoo] [HKEY_LOCAL_MACHINE\Software\Yuna Software] [HKEY_LOCAL_MACHINE\Software\ZalmanInstaller_otshot] [HKEY_LOCAL_MACHINE\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}] [color=#A23BEC]< %Homedrive%\* >[/color] [2011-10-06 19:44:27 | 000,001,338 | -H-- | M] () -- C:\aaw7boot.cmd [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2012-07-25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr [2012-06-02 10:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2013-01-30 18:58:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011-02-05 19:38:27 | 000,000,010 | R-S- | M] () -- C:\config.sys [2011-02-14 19:00:00 | 000,206,312 | R-S- | M] () -- C:\grldr [2012-11-26 23:33:14 | 000,020,419 | ---- | M] () -- C:\INSTALLHELPER.LOG [2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\IO.SYS [2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS [2013-06-08 10:30:21 | 3265,798,144 | -HS- | M] () -- C:\pagefile.sys [2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [color=#A23BEC]< %Homedrive%\*. >[/color] [2012-03-28 19:09:06 | 000,000,000 | -H-D | M] -- C:\$AVG [2013-05-02 19:46:12 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012-03-04 21:56:42 | 000,000,000 | ---D | M] -- C:\Acer [2013-05-15 22:59:21 | 000,000,000 | -HSD | M] -- C:\Boot [2013-02-26 18:58:03 | 000,000,000 | ---D | M] -- C:\CAB [2013-01-08 20:53:54 | 000,000,000 | ---D | M] -- C:\Kido [2010-09-11 16:21:33 | 000,000,000 | ---D | M] -- C:\My Games [2013-03-08 21:41:51 | 000,000,000 | ---D | M] -- C:\Pre_Scan [2013-06-08 10:30:54 | 000,000,000 | R--D | M] -- C:\Program Files [2013-06-07 22:33:28 | 000,000,000 | ---D | M] -- C:\ProgramData [2013-01-04 20:56:55 | 000,000,000 | -HSD | M] -- C:\Recovery [2013-06-08 10:40:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2013-04-07 13:44:11 | 000,000,000 | R--D | M] -- C:\Users [2013-05-29 19:23:53 | 000,000,000 | ---D | M] -- C:\Windows [color=#A23BEC]< %Userprofile%\* >[/color] [2013-02-23 17:56:03 | 001,290,240 | ---- | M] () -- C:\Users\Client\!cid_1C93C6A5-809A-49E6-B022-D5B77BC5B5E3.png [2013-05-17 16:55:25 | 002,560,594 | ---- | M] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg [2013-02-23 17:56:12 | 000,344,064 | ---- | M] () -- C:\Users\Client\!cid_3D892220-7DB0-4C23-BE5F-61C54B31AF4B.jpg [2013-05-17 16:41:49 | 000,014,242 | ---- | M] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg [2013-05-16 21:06:55 | 000,045,254 | ---- | M] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg [2013-05-05 14:17:01 | 000,028,740 | ---- | M] () -- C:\Users\Client\1292890809_148415350_4-2005-Ford-Freestar-Vehicles.jpg [2013-02-28 18:57:29 | 000,002,240 | ---- | M] () -- C:\Users\Client\173326_100002127565566_1304893357_q.jpg [2013-05-19 17:39:13 | 000,012,039 | ---- | M] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg [2013-03-02 15:46:31 | 000,003,076 | ---- | M] () -- C:\Users\Client\75288a_t.jpg [2013-01-05 14:04:47 | 000,030,208 | ---- | M] () -- C:\Users\Client\Abdul Gulzar Hussain CV english.doc [2012-06-24 11:05:34 | 000,000,183 | ---- | M] () -- C:\Users\Client\Amex,master card,td et fido.txt [2013-06-06 17:27:06 | 000,030,720 | ---- | M] () -- C:\Users\Client\annonce $.doc [2013-06-06 17:26:54 | 000,026,624 | ---- | M] () -- C:\Users\Client\annonce intime.doc [2012-04-28 11:15:57 | 000,000,086 | ---- | M] () -- C:\Users\Client\ebay.txt [2013-04-08 20:09:54 | 000,081,903 | ---- | M] () -- C:\Users\Client\face.JPG [2012-02-14 22:05:06 | 000,252,967 | ---- | M] () -- C:\Users\Client\FidoBill-FactureFido.pdf [2013-01-25 23:14:21 | 014,558,611 | ---- | M] () -- C:\Users\Client\iphone_guide_de_l_utilisateur.pdf [2012-12-28 15:38:34 | 000,024,841 | ---- | M] () -- C:\Users\Client\irene.png [2011-10-09 18:15:09 | 636,029,205 | ---- | M] () -- C:\Users\Client\Kanzul-Emaan.zip [2013-05-14 07:36:28 | 004,935,240 | ---- | M] () -- C:\Users\Client\khalid bhai poste canada 2.jpg [2013-05-14 07:34:43 | 004,834,521 | ---- | M] () -- C:\Users\Client\Khalid Bhai poste canada.jpg [2013-05-26 21:24:32 | 003,047,549 | ---- | M] () -- C:\Users\Client\khalid bhai.eml [2013-06-05 21:56:00 | 000,018,646 | ---- | M] () -- C:\Users\Client\ma photo 2007.jpg [2010-04-20 21:24:03 | 023,071,331 | ---- | M] () -- C:\Users\Client\MadarijunNabuwat1of2.pdf [2010-04-20 21:27:19 | 029,928,516 | ---- | M] () -- C:\Users\Client\MadarijunNabuwat2of2.pdf [2010-07-17 16:29:31 | 098,045,996 | ---- | M] () -- C:\Users\Client\Manqbat e Imam Abu Hanifa Radhi Allahu Anhu [www.keepvid.com].wav [2012-02-24 15:38:05 | 000,000,055 | ---- | M] () -- C:\Users\Client\master card.txt [2010-09-20 22:06:05 | 001,094,776 | ---- | M] () -- C:\Users\Client\Mastering.Hypnosis M2Tv.pdf [2009-12-20 22:33:20 | 020,097,456 | ---- | M] () -- C:\Users\Client\Naat Book.pdf [2010-09-08 16:38:53 | 1642,897,258 | ---- | M] () -- C:\Users\Client\Naat Sharif.rar [2011-10-09 18:16:17 | 020,107,707 | ---- | M] () -- C:\Users\Client\Namaz_Kay_Ahkaam.rar [2013-05-26 13:00:17 | 000,011,002 | ---- | M] () -- C:\Users\Client\nom d'usager.rtf [2013-06-08 10:41:26 | 015,466,496 | ---- | M] () -- C:\Users\Client\ntuser.dat [2013-06-08 10:41:26 | 000,262,144 | -H-- | M] () -- C:\Users\Client\ntuser.dat.LOG1 [2009-11-18 17:51:42 | 000,000,000 | -H-- | M] () -- C:\Users\Client\ntuser.dat.LOG2 [2013-05-19 15:19:16 | 000,000,000 | -H-- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_new.LOG1 [2013-05-19 15:19:16 | 000,000,000 | -H-- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_new.LOG2 [2013-05-19 15:19:34 | 017,448,960 | ---- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_old [2012-06-17 12:35:49 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TM.blf [2012-06-17 12:35:49 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TMContainer00000000000000000001.regtrans-ms [2011-05-15 18:34:20 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TMContainer00000000000000000002.regtrans-ms [2013-06-08 00:16:41 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TM.blf [2013-06-08 00:16:41 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2013-05-19 17:52:15 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2013-05-19 15:19:32 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TM.blf [2013-05-19 15:19:32 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TMContainer00000000000000000001.regtrans-ms [2012-06-17 13:14:56 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TMContainer00000000000000000002.regtrans-ms [2009-11-18 17:51:42 | 000,000,020 | -HS- | M] () -- C:\Users\Client\ntuser.ini [2013-03-07 19:41:00 | 000,000,664 | RHS- | M] () -- C:\Users\Client\ntuser.pol [2013-06-03 17:22:29 | 000,028,840 | ---- | M] () -- C:\Users\Client\photo.jpg [2013-04-06 16:27:22 | 000,000,169 | ---- | M] () -- C:\Users\Client\sonia courriel.txt [2013-05-06 22:00:15 | 367,406,570 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E01.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-06 22:30:53 | 367,374,406 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E02.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-12 21:37:43 | 367,200,050 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi [2013-05-12 21:41:52 | 367,252,094 | R--- | M] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi [2012-04-01 17:31:00 | 000,000,110 | ---- | M] () -- C:\Users\Client\VIRGINE MOBILE.txt [color=#A23BEC]< %Userprofile%\*. >[/color] [2013-05-11 12:04:49 | 000,000,000 | ---D | M] -- C:\Users\Client\.appwork [2013-05-11 18:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\.config [2013-05-25 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\Client\.rs [2013-05-11 18:37:46 | 000,000,000 | ---D | M] -- C:\Users\Client\amsn [2010-08-18 20:59:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData [2013-01-05 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\Client\Application Data [2012-09-21 21:04:22 | 000,000,000 | ---D | M] -- C:\Users\Client\Aslam Movie Umer Fainal [2010-04-11 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\Bahar-e-Shariat - PDF [2010-09-19 22:30:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Bahar-e-Shariat RAR [2013-05-04 15:49:37 | 000,000,000 | ---D | M] -- C:\Users\Client\Chansons [2011-04-08 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Client\condesé [2013-01-14 09:22:11 | 000,000,000 | R--D | M] -- C:\Users\Client\Contacts [2013-04-05 22:08:10 | 000,000,000 | ---D | M] -- C:\Users\Client\Dawat-e-Islami [2013-06-08 10:34:48 | 000,000,000 | R--D | M] -- C:\Users\Client\Desktop [2013-04-22 19:47:17 | 000,000,000 | R--D | M] -- C:\Users\Client\Documents [2013-02-12 19:11:22 | 000,000,000 | ---D | M] -- C:\Users\Client\Downloads [2010-08-28 21:52:11 | 000,000,000 | ---D | M] -- C:\Users\Client\ErosExotica [2011-02-12 17:38:50 | 000,000,000 | ---D | M] -- C:\Users\Client\Farhan Ali Qadri [2013-06-01 13:00:50 | 000,000,000 | R--D | M] -- C:\Users\Client\Favorites [2013-03-06 19:07:41 | 000,000,000 | ---D | M] -- C:\Users\Client\Guldasta-e-Naat [2013-04-22 08:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\Kama Sutra (ErosExotica) [2010-01-31 20:53:49 | 000,000,000 | ---D | M] -- C:\Users\Client\Learn Quran RAR [2011-06-20 21:46:24 | 000,000,000 | ---D | M] -- C:\Users\Client\Learn to read Quran Video [2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Links [2013-04-14 17:09:36 | 000,000,000 | ---D | M] -- C:\Users\Client\Mufti Akmal [2013-04-29 22:54:30 | 000,000,000 | R--D | M] -- C:\Users\Client\Music [2011-10-09 19:01:10 | 000,000,000 | ---D | M] -- C:\Users\Client\Naat Sharif [2013-01-08 22:11:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Namaz kay ahkaam [2011-06-20 23:17:30 | 000,000,000 | ---D | M] -- C:\Users\Client\Other Naats Video [2013-02-21 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Client\photo gulzar [2013-06-07 23:12:29 | 000,000,000 | R--D | M] -- C:\Users\Client\Pictures [2013-01-31 09:39:14 | 000,000,000 | ---D | M] -- C:\Users\Client\Privé [2011-01-29 12:26:45 | 000,000,000 | ---D | M] -- C:\Users\Client\Qari Shahid Mehmood audio [2012-03-18 14:07:00 | 000,000,000 | ---D | M] -- C:\Users\Client\Qari Shahid Mehmood Video [2011-08-14 14:30:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Quran Majeed [2013-01-08 22:11:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Quran_Release [2013-05-09 08:28:37 | 000,000,000 | ---D | M] -- C:\Users\Client\Romantic.Melodies.Moonlight.Sax-VA.2007.Flac.Lossless [2013-05-07 23:16:36 | 000,000,000 | ---D | M] -- C:\Users\Client\Romantic_Saxophone_Quintet-Dinner_Music-CD-2001-yNOT [2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Saved Games [2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Searches [2013-04-20 23:00:51 | 000,000,000 | ---D | M] -- C:\Users\Client\Shared [2013-03-13 08:21:53 | 000,000,000 | ---D | M] -- C:\Users\Client\Tracing [2013-06-08 10:34:13 | 000,000,000 | ---D | M] -- C:\Users\Client\Téléchargement [2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Videos [2013-04-06 16:08:34 | 000,000,000 | ---D | M] -- C:\Users\Client\{2af66dfd-7123-49e1-9ca5-d2d4c8bd82a2} [color=#A23BEC]< %Allusersprofile%\* >[/color] [2011-06-04 04:48:48 | 000,000,336 | ---- | M] () -- C:\ProgramData\31907576 [2010-05-28 23:37:00 | 000,015,086 | ---- | M] () -- C:\ProgramData\Amazon.ico [2010-07-20 13:53:26 | 000,071,926 | ---- | M] () -- C:\ProgramData\MercadoLivre.ico [2011-05-28 14:19:24 | 000,000,290 | R-S- | M] () -- C:\ProgramData\ntuser.pol [2010-02-24 22:39:08 | 000,000,075 | ---- | M] () -- C:\ProgramData\nvUnsupRes.dat [2010-05-20 12:05:56 | 000,025,214 | ---- | M] () -- C:\ProgramData\QuickStores.ico [color=#A23BEC]< %Allusersprofile%\*. >[/color] [2013-06-07 22:34:04 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013-04-01 23:23:30 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1(100) [2013-05-24 23:30:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe [2013-01-09 19:07:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple [2010-02-12 19:48:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer [2013-01-11 21:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data [2013-01-02 19:14:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Auto-Tracker [2013-05-19 14:58:49 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG [2013-01-29 14:58:01 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG January 2013 Campaign [2013-04-10 10:20:44 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG10 [2013-01-03 21:42:30 | 000,000,000 | ---D | M] -- C:\ProgramData\B3001E420824284D0000B2FF6B472CDD [2013-04-06 19:02:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Bell [2013-01-18 07:43:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Common Files [2011-06-11 14:39:49 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite [2012-03-05 22:35:51 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro [2012-12-26 17:46:05 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX [2012-11-11 22:05:13 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON [2011-10-10 10:34:56 | 000,000,000 | ---D | M] -- C:\ProgramData\FileCure [2012-10-01 20:17:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Google [2013-06-07 17:59:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Google Updater [2011-06-04 12:24:44 | 000,000,000 | ---D | M] -- C:\ProgramData\hF01831BbOaA01831 [2013-01-30 18:55:20 | 000,000,000 | ---D | M] -- C:\ProgramData\HitmanPro [2011-10-06 17:48:10 | 000,000,000 | ---D | M] -- C:\ProgramData\IM [2013-02-27 18:34:32 | 000,000,000 | ---D | M] -- C:\ProgramData\IncrediMail [2012-09-15 14:22:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations [2013-02-11 19:48:57 | 000,000,000 | ---D | M] -- C:\ProgramData\LimeWireTurbo [2013-05-03 20:30:12 | 000,000,000 | ---D | M] -- C:\ProgramData\ma-config.com [2013-06-07 23:05:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes [2012-12-01 19:43:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Messenger Plus! [2013-03-08 21:41:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Messenger Plus! for Skype [2011-06-04 11:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData [2013-04-27 13:57:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft [2012-10-03 18:47:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Motive [2012-09-29 23:42:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla [2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero [2011-03-26 22:02:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia [2011-06-04 11:04:10 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache [2013-04-07 13:44:01 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA [2013-04-07 12:18:09 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation [2011-04-13 12:08:59 | 000,000,000 | ---D | M] -- C:\ProgramData\oCp01829fJiOc01829 [2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite [2012-09-03 11:57:44 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Tools [2013-04-14 19:21:42 | 000,000,000 | ---D | M] -- C:\ProgramData\PC1Data [2011-10-06 17:48:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Photo Notifier and Animation Creator [2013-04-06 16:24:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Radialpoint [2013-03-06 19:07:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Real [2012-01-01 11:59:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung [2013-05-12 11:49:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype [2013-03-10 19:01:13 | 000,000,000 | ---D | M] -- C:\ProgramData\SmallRockets [2012-11-27 00:10:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy [2010-06-16 12:12:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun [2013-06-07 20:39:01 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP [2011-07-03 12:00:59 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software [2013-03-06 20:33:10 | 000,000,000 | ---D | M] -- C:\ProgramData\VS Revo Group [2013-03-10 14:07:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Wincert [2012-10-05 21:22:53 | 000,000,000 | ---D | M] -- C:\ProgramData\YouTube Downloader [2013-03-24 14:33:38 | 000,000,000 | ---D | M] -- C:\ProgramData\YTD Video Downloader [2012-10-05 21:22:53 | 000,000,000 | ---D | M] -- C:\ProgramData\YTD YouTube Downloader & Converter [2011-07-02 22:35:47 | 000,000,000 | -HSD | M] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2010-06-18 17:48:40 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2013-03-10 14:07:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\{C296F8FF-A964-4BB7-814C-2DE7755A03C9} [2013-05-29 17:34:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [color=#A23BEC]< %LocalAppData%\* >[/color] [2013-01-11 21:25:05 | 000,006,530 | ---- | M] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx [2013-05-02 22:03:09 | 000,001,356 | ---- | M] () -- C:\Users\Client\AppData\Local\d3d9caps.dat [2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-11 16:21:14 | 000,000,093 | ---- | M] () -- C:\Users\Client\AppData\Local\DownloadLog.txt [2013-05-04 16:18:37 | 000,108,128 | ---- | M] () -- C:\Users\Client\AppData\Local\GDIPFONTCACHEV1.DAT [2013-06-08 00:16:31 | 003,212,780 | -H-- | M] () -- C:\Users\Client\AppData\Local\IconCache.db [2011-06-06 05:16:26 | 000,004,096 | ---- | M] () -- C:\Users\Client\AppData\Local\keyfile3.drm [2011-05-22 15:48:03 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3} [2011-05-22 16:03:32 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088} [color=#A23BEC]< %LocalAppData%\*. >[/color] [2011-05-15 12:18:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Adobe [2009-11-24 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ahead [2013-04-01 23:17:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple [2012-11-11 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple Computer [2011-02-05 12:26:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ares [2013-02-26 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\BitZipper [2010-10-20 20:56:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Cooliris [2013-06-03 22:45:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CrashDumps [2012-05-25 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CRE [2012-12-26 17:58:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\DDMSettings [2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Digsby [2012-01-01 12:01:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Downloaded Installations [2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Download_Energy [2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\eSupport.com [2010-09-17 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Geckofx [2013-05-20 14:06:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Google [2010-06-15 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IAInterface [2013-02-27 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IM [2011-10-20 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Innovative Solutions [2010-08-21 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Inspyder_Software_Inc [2011-08-14 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IsolatedStorage [2013-02-11 22:44:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\libimobiledevice [2013-03-09 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macromedia [2013-02-11 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macroplant [2012-12-01 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Messenger_Plus_Live [2013-03-10 16:13:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft [2010-12-19 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Corporation [2012-09-16 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Games [2010-11-14 18:20:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Mozilla [2011-09-25 14:09:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nero [2010-02-12 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Netscape [2011-03-26 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nokia [2010-08-22 13:16:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Quran [2010-01-30 17:12:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\RapidShare [2012-11-11 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Remove_Empty_Directories [2013-03-10 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\SmallRockets [2013-06-08 10:41:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Temp [2013-03-15 00:09:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Torch [2012-06-02 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Unity [2010-09-18 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\utd [2012-10-21 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VDownloader [2012-10-08 12:18:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VENEA.NET [2009-11-19 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VirtualStore [2013-03-06 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VS Revo Group [2013-06-07 18:14:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live [2013-04-06 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live Writer [2010-09-18 23:00:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\YouTubeBatchDownloader [2013-05-22 08:19:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9} [2013-04-15 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{02F61704-CE1A-4D97-9306-C5707E29E546} [2013-06-03 17:18:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1} [2013-03-15 15:52:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05509D5C-F052-4D7B-A04B-C675BC01196E} [2013-05-26 11:20:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1} [2013-05-03 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0A355716-BC45-43DD-8682-F210888AE237} [2013-03-26 07:28:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0D73277E-9D14-40CB-852D-69D0DFFF7885} [2013-06-01 11:28:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD} [2013-05-13 20:11:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E} [2013-04-05 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{13846BE2-A7D9-48D2-B06A-2C97D6D267C0} [2013-03-11 20:37:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1398B2C1-57AF-4D8E-896E-78D116DAE291} [2013-06-06 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66} [2013-03-23 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{166135FB-A695-4F0E-B4A9-1771522F5735} [2013-03-10 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{176312A2-2D6E-4918-BD97-96754FD64E3B} [2013-04-11 08:32:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{18CB25DB-4D59-44E5-80CD-B4F9AFDC9938} [2013-03-25 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{197FF8B3-D813-436E-90E7-32F291F3FD59} [2013-03-13 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1A4CCDAA-E864-4319-9E05-BB3BD4EEBA39} [2013-06-07 13:22:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E} [2013-03-12 17:20:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1D718673-71F9-4F32-94DC-CAB8113D32F6} [2013-04-10 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1EA88370-62B4-41A7-8E6B-20F40F89A375} [2013-04-16 17:15:20 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2068F6EE-C478-4194-ABCF-6E6552304DF2} [2013-06-02 10:46:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C} [2013-04-20 23:12:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{23D5E56E-84AC-4DFB-AEE0-7D168D6024D7} [2013-05-09 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1} [2013-04-24 22:56:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27205ABD-3FAD-4995-840A-8F29FD37EF58} [2013-04-03 20:13:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27326D5D-9B64-446C-81E7-4E75148E97EB} [2013-04-01 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{288DE837-F63E-4C38-AD2C-714315B198C5} [2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05} [2013-05-22 20:22:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE} [2013-05-26 23:23:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE} [2013-05-05 12:00:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F2233A3-5AE1-4946-9771-DAA594A2682A} [2013-03-09 12:49:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F5FED16-B1B9-4CEC-B241-812404471D1A} [2013-06-04 07:40:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703} [2013-03-20 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{33404A28-F6E2-43D4-B346-C577458D2C05} [2013-04-25 21:40:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34953690-5174-462E-AB49-7F0B89539C5D} [2013-03-22 13:42:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34AF0C1E-7260-431E-8025-78759A9CFC84} [2013-04-26 15:07:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{35885372-F855-43B6-A31B-F0CBE19432E3} [2013-05-06 08:06:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3647DA5F-19B5-4831-8010-303CE0324383} [2013-04-21 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3774A3A6-FC9A-4189-9E05-01DCC8328234} [2013-04-11 20:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{379EF0C1-D27B-4817-AE44-F682B1AE9B0C} [2013-04-10 08:27:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{386FEEAC-4BED-44E4-A0F6-EA97B8E5BBF1} [2013-03-17 11:04:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{38A49E88-A6CF-4A33-9B51-9DB5DC2F4C7B} [2013-03-08 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3B5C018C-BBCD-48C4-966D-C757CB7E04C2} [2013-06-05 17:18:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D} [2013-04-06 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3D81A400-D55F-42F7-8E2A-351F4FC428AC} [2013-04-22 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3DB7B5CC-946C-4998-9894-02846D8DF2DC} [2013-03-21 08:29:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3FA4D04C-73B6-4467-9449-B988E69397F1} [2013-05-23 08:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2} [2013-04-03 08:10:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{447F6B6A-6BE4-410F-8F70-9872CC2B2BDE} [2013-05-11 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7} [2013-04-17 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{494C7BAC-0469-4870-9847-21D1FB4BF907} [2013-03-28 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4AD80222-263A-4906-B6B5-60A533F76886} [2013-05-18 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060} [2013-04-06 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4DA97FDA-B894-48D4-A6C6-F8139EEEE559} [2013-05-16 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8} [2013-05-27 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC} [2013-04-07 11:55:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{51E4E422-777E-4594-9B8A-2EE1D7C52CEF} [2013-03-27 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{56DFC0A5-A10D-485C-A362-642EFBAC7A55} [2013-05-21 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF} [2013-04-18 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A059D31-1855-4E0F-B3C9-66B1917C45D0} [2013-04-12 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A05A412-F109-4790-8A6B-4559FD129F85} [2013-04-02 19:49:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5CF85527-F2DB-4607-9864-67E97F231F0F} [2013-05-13 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A} [2013-05-06 20:08:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{615BC0B8-6EB5-4316-A94B-CF87E5601695} [2013-04-28 12:02:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{63472693-E9EF-4AB6-B86A-681CE717E843} [2013-03-28 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{64FBCB0E-461D-4CB6-BBF7-AA84902811BA} [2013-05-28 07:36:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964} [2013-06-04 07:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55} [2013-03-21 20:31:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{689CD01E-48D6-41BA-B687-29C0CA18E375} [2013-03-19 17:23:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{6F771EA8-7B49-4E96-8FB4-CC7E8B51B660} [2013-04-06 11:11:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{715AF2EA-CDB1-40DE-A74B-334E92F745B8} [2012-10-04 20:56:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{72625176-0E87-11E2-8271-B8AC6F996F26} [2013-05-30 08:36:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505} [2013-03-26 19:30:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{747AAEE5-2902-4B36-8723-FAB84C648630} [2013-06-07 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70} [2013-05-31 14:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541} [2013-05-17 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922} [2013-04-19 14:17:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{79F6B5A6-02A5-4419-ADC3-316D715C2F90} [2013-03-11 08:34:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7B060B84-D44F-4A9F-9421-AF9A94A8FA58} [2013-05-23 20:35:51 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E} [2013-03-18 20:34:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{82C148E9-0CEE-46E5-ACE9-DC12FD1AC784} [2013-03-18 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{84847170-87D6-4936-AEF4-AF28E9ED37C1} [2013-04-24 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8628D768-30F6-47D7-BCF2-75FEEF103F41} [2013-04-18 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8AF158E0-02F0-4D9A-B3F1-EC6085C7222F} [2013-05-15 20:35:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3} [2013-04-13 10:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E32A447-EF11-4259-A8E7-5D49F6188561} [2013-05-02 22:14:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E8E7301-64A6-40D6-BD5B-94244196EDE2} [2013-04-29 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8F479CB7-AD6C-47F6-B510-7D91683BE091} [2013-04-08 08:06:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9016759D-37B6-43DA-BB28-E5EAC71A39E0} [2013-05-29 20:33:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078} [2013-03-29 13:49:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{93E72CAA-8FF1-4DE3-9227-710EC1816684} [2013-05-01 08:40:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{943198E9-7EEF-4805-90DC-559A89D4A7D9} [2013-05-25 11:05:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B} [2013-04-14 11:35:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{99ECDFB8-B2AE-4DD1-88DD-57BF5B236F4D} [2013-04-15 20:37:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9B0C33EC-9A0C-4A05-A074-A2D0BE88BE4C} [2013-04-22 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9C6CAD96-289C-4CD1-9D1A-2F1F0107DC3A} [2013-03-10 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9D2D0008-E704-4CC9-80EB-0C3AE5400206} [2013-05-14 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787} [2013-05-10 13:46:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338} [2013-04-17 08:27:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A11B04CA-CAC2-4230-B87B-867F5DE8526F} [2013-04-06 18:14:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A1CF4E20-CF1B-41C7-8BB2-EB0A0CCD10F8} [2013-04-04 08:15:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A240A8A7-4616-41CF-88B1-43367A8DE9C5} [2013-05-11 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522} [2013-05-04 12:33:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A288E71C-C886-4034-BFBD-7A51174C3330} [2013-05-30 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1} [2013-03-17 23:06:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7C8854D-2DA9-4A59-B79C-73F8A39148B3} [2013-06-06 20:41:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045} [2013-03-29 18:39:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A9220EE4-6909-4D5E-B6DC-29C0305498DC} [2013-05-03 16:38:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A936AC81-DF5D-4EC0-9F05-4408D1744D7F} [2013-04-08 20:35:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AE747FB6-3DFC-41D4-AF15-5D562CBF8119} [2013-06-01 11:31:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B} [2013-03-14 08:27:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AFE3668A-19A0-41C5-AF36-BF20FB75387F} [2013-03-30 10:41:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B2156300-C48C-4A16-9F7F-974A331936EA} [2013-05-08 08:34:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B3FADE9B-5B77-41F4-BF38-D201F0B858B5} [2013-03-15 14:58:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B45A3EB8-D588-48EA-9AA8-1AA33CBB29EC} [2013-05-19 11:16:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E} [2013-05-24 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673} [2013-04-14 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B6AED0F5-E72C-4064-AAA2-0F48EF950BE9} [2013-05-18 10:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7} [2013-03-20 08:24:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7259649-8060-4BCD-B187-77EA4E3A3AC1} [2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142} [2013-05-29 08:30:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B} [2013-05-16 08:37:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F} [2013-05-21 07:30:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769} [2013-03-11 21:12:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8EF046-FC22-4B7A-804A-EE30EF75AD63} [2013-04-04 20:48:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C1B861E0-572A-4518-9A13-EE74349440BC} [2013-05-12 11:48:52 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5} [2013-03-24 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C349652D-2EF3-47F4-BC94-F2FB57F2A3D6} [2013-03-15 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C6717879-EE85-41DC-94F0-AA348175FDDF} [2013-04-15 08:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C74C4801-2B13-4FDC-BA93-5AF091CD7CAB} [2013-04-20 11:09:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C9AF2682-F6CB-445E-B9D6-33952D72EDA3} [2013-05-20 11:26:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205} [2013-03-16 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CCD7E887-4447-448B-92AA-9C463EAC1C70} [2013-05-15 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677} [2013-05-12 23:50:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2} [2013-03-29 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D15E95E2-8768-4887-A45B-3AF5EC063917} [2013-05-07 17:17:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5251DA3-79B5-48B7-9933-0CA2FCCBEEA1} [2013-06-07 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3} [2013-03-29 14:43:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5FC862A-95C5-4399-9DE7-10B4056DE579} [2013-05-09 08:39:09 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D8CA2107-2FA1-4F0D-A4FD-D3662DAAEBE2} [2013-03-31 11:33:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAB90DF8-EF61-47DA-8299-2D38CDA09FB4} [2013-06-04 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091} [2013-06-02 22:49:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5} [2013-03-30 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAE86099-7666-4142-A0A6-DC19906A4671} [2013-05-01 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DCFFAD45-327A-43D5-8791-9E90D3E46CDB} [2013-03-27 08:00:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DD989BC1-1AE0-46FD-BDF5-12BAFF47081D} [2013-04-29 08:12:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DEEF9AF4-0B8B-4A8D-8F89-F2AC1365134B} [2013-04-02 06:54:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DF6D7198-2EC2-423F-BA0F-68B8518E3516} [2013-06-08 10:34:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F} [2013-04-06 16:57:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E06F497A-719D-47C5-AEEF-9DCBEA73B6DD} [2013-05-25 23:17:46 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51} [2013-04-09 17:17:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E286396B-5447-4C84-8D27-38F88B0BF3FD} [2013-03-14 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E43D0919-DD7E-4517-84B1-28E9606BBB9A} [2013-04-27 23:36:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E601940B-FF76-41D4-9BCA-CC1F6C0E4F7F} [2013-05-02 08:32:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E9B93578-230A-413F-877B-9CD71B67A96C} [2013-05-08 20:36:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{EAC5F31F-F971-4455-89EE-5C7C0A91CDCE} [2013-03-23 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED2E8BC5-36FA-4083-AFB0-B18C404F8FC2} [2013-04-23 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED9007F5-7385-4C9B-8913-971B8CC84FC0} [2013-04-27 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F3C4ACC5-AE4F-4B53-9FB7-48E6F0CA9FDD} [2013-03-24 11:20:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F53B4753-4FB9-4E14-B8BF-3D853F059331} [2013-03-13 08:19:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F718DC28-F9DC-41C9-81EC-769706CF0C41} [2013-06-05 08:38:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD} [2013-04-30 17:23:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9A025DC-0F1C-4C4B-B5FB-8C5A4EB6F891} [2013-04-08 08:32:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9BCCAB9-9E8B-4F5C-ACDC-5DCF3C301470} [2013-05-23 08:32:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940} [2013-05-28 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B} [color=#A23BEC]< %programFiles%\* >[/color] [2012-05-23 21:20:58 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini [2010-12-28 19:09:57 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe [2013-01-11 21:30:09 | 000,009,059 | ---- | M] () -- C:\Program Files\hijackthis.log [2012-03-31 11:49:38 | 000,000,308 | ---- | M] () -- C:\Program Files\Program Files.ini [2011-06-06 05:12:38 | 000,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll [2013-05-03 20:19:49 | 000,001,589 | ---- | M] () -- C:\Program Files\Uninstall.ini [color=#A23BEC]< %programFiles%\*. >[/color] [2011-08-07 14:33:18 | 000,000,000 | ---D | M] -- C:\Program Files\AC3Filter [2011-06-25 14:21:54 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2013-05-31 15:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\AoA Audio Extractor [2011-07-17 16:54:56 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update [2010-07-30 14:26:23 | 000,000,000 | ---D | M] -- C:\Program Files\Auto Shutdown [2013-01-02 19:14:54 | 000,000,000 | ---D | M] -- C:\Program Files\Auto-Tracker [2013-05-29 17:46:45 | 000,000,000 | ---D | M] -- C:\Program Files\AVG [2010-12-22 20:05:20 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5 [2013-06-07 18:46:11 | 000,000,000 | ---D | M] -- C:\Program Files\backups [2013-04-10 10:21:47 | 000,000,000 | ---D | M] -- C:\Program Files\Bell [2013-02-26 20:14:36 | 000,000,000 | ---D | M] -- C:\Program Files\BitZipper [2012-02-02 21:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour [2013-05-27 23:18:30 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner [2013-06-07 20:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2013-05-06 22:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\DAP [2010-08-22 12:52:27 | 000,000,000 | ---D | M] -- C:\Program Files\Dawat-e-Islami [2011-03-26 18:36:22 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX [2012-12-26 17:46:05 | 000,000,000 | ---D | M] -- C:\Program Files\DivX [2011-09-14 22:10:44 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts [2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Program Files\eMule [2012-04-15 16:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\epson [2012-04-15 16:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\Epson Software [2013-04-22 19:44:28 | 000,000,000 | ---D | M] -- C:\Program Files\eRightSoft [2013-05-23 21:22:27 | 000,000,000 | ---D | M] -- C:\Program Files\Flv Audio Extractor [2012-11-26 23:28:49 | 000,000,000 | ---D | M] -- C:\Program Files\FMS Empty Folder Remover [2013-06-06 17:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Free Audio Extractor [2013-04-06 18:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\Free FLV Converter [2012-10-24 18:15:05 | 000,000,000 | ---D | M] -- C:\Program Files\Free WebM to AVI Converter [2012-11-11 22:05:06 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade [2013-05-07 23:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2012-09-25 21:13:07 | 000,000,000 | ---D | M] -- C:\Program Files\GreenTree Applications [2012-10-08 22:10:28 | 000,000,000 | ---D | M] -- C:\Program Files\Gskstudio [2010-09-23 08:37:06 | 000,000,000 | ---D | M] -- C:\Program Files\GSplit [2013-04-10 10:21:15 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2013-05-15 08:44:02 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2013-06-07 22:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\iPod [2013-04-01 23:23:02 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(4) [2013-06-07 22:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes [2013-04-01 23:23:30 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(5) [2013-04-26 23:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2013-04-29 23:22:53 | 000,000,000 | ---D | M] -- C:\Program Files\Kastor Free Audio Extractor [2013-05-03 20:30:13 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com [2010-01-17 15:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\MajorShare [2013-02-12 19:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Makayama Interactive [2013-04-16 17:20:32 | 000,000,000 | ---D | M] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE [2013-04-16 17:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-05-15 11:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\MediaInfo [2012-09-06 19:43:52 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger Plus! [2012-06-17 11:43:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft [2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games [2011-06-29 08:40:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2013-03-13 08:36:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2012-06-16 16:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition(12) [2009-11-18 18:32:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2011-04-16 20:54:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor [2009-11-20 08:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2011-04-14 07:29:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2010-08-11 23:35:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2013-01-03 23:31:29 | 000,000,000 | ---D | M] -- C:\Program Files\Moyea [2012-11-11 22:05:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2010-06-24 10:06:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache [2011-01-29 12:03:05 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound [2010-09-19 20:14:32 | 000,000,000 | ---D | M] -- C:\Program Files\Nero [2011-05-15 12:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\Netscape [2013-01-15 20:33:40 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia [2013-04-07 12:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation [2012-04-26 21:31:24 | 000,000,000 | ---D | M] -- C:\Program Files\OJOsoft [2009-12-12 19:27:43 | 000,000,000 | ---D | M] -- C:\Program Files\Pakistan Data Management Services [2012-03-17 22:35:14 | 000,000,000 | ---D | M] -- C:\Program Files\pazera-software [2012-10-05 21:22:47 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution [2011-10-06 17:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Notifier and Animation Creator [2011-05-21 11:24:38 | 000,000,000 | ---D | M] -- C:\Program Files\PicLensIE [2013-04-01 23:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2013-05-25 13:41:06 | 000,000,000 | ---D | M] -- C:\Program Files\RapidShareManager [2010-12-13 21:35:17 | 000,000,000 | ---D | M] -- C:\Program Files\Real [2012-11-27 00:06:23 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2011-06-27 22:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\RM to MP3 Converter [2012-01-01 12:00:04 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung [2013-03-10 14:07:06 | 000,000,000 | ---D | M] -- C:\Program Files\SavevidPlug-in [2013-05-12 11:49:15 | 000,000,000 | R--D | M] -- C:\Program Files\Skype [2013-03-10 19:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\Small Rockets [2013-04-27 13:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy 2 [2011-07-17 11:18:34 | 000,000,000 | ---D | M] -- C:\Program Files\SwarmPlayer [2013-04-06 18:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\Total Video Converter [2013-06-07 20:25:58 | 000,000,000 | ---D | M] -- C:\Program Files\Trillian [2012-10-25 18:13:09 | 000,000,000 | ---D | M] -- C:\Program Files\Ultra Video Joiner [2013-05-11 10:34:54 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent [2013-02-16 13:21:57 | 000,000,000 | ---D | M] -- C:\Program Files\VDownloader [2012-04-18 21:08:18 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2013-01-03 23:31:29 | 000,000,000 | ---D | M] -- C:\Program Files\virtual dub [2013-03-07 21:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\Visual IP Trace 2009 [2013-05-14 23:07:30 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group [2009-04-11 09:23:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar [2009-04-11 09:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration [2009-04-11 09:23:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2012-05-11 08:59:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal [2013-03-06 19:07:25 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live [2012-04-11 17:29:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2011-05-15 12:17:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2012-11-26 23:32:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2009-04-11 09:23:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery [2009-11-18 21:57:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices [2013-05-19 14:59:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar [2013-05-19 20:40:42 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR [2011-10-16 12:33:20 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid [2013-03-24 14:33:34 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader [2012-12-01 19:43:53 | 000,000,000 | ---D | M] -- C:\Program Files\Yuna Software [color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\*.in* >[/color] [2006-11-02 08:56:07 | 000,000,082 | -HS- | M] () -- C:\Windows\system32\desktop.ini [2013-03-07 22:17:56 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf [2003-04-01 11:58:02 | 000,005,260 | ---- | M] () -- C:\Windows\system32\OUTLPERF.INI [2006-09-18 17:37:10 | 000,013,750 | ---- | M] () -- C:\Windows\system32\pacerprf.ini [2010-10-17 10:59:34 | 000,000,016 | ---- | M] () -- C:\Windows\system32\PCProxyOff.ini [2013-06-08 10:38:00 | 001,621,220 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI [2008-01-20 22:24:38 | 000,060,124 | ---- | M] () -- C:\Windows\system32\tcpmon.ini [color=#A23BEC]< %systemroot%\Tasks\* >[/color] [2013-06-08 10:33:00 | 000,001,000 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job [2013-06-08 10:30:27 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2013-06-08 00:16:53 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#A23BEC]< %systemroot%\Tasks\*. >[/color] [color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color] [2013-02-15 23:28:22 | 000,003,598 | ---- | M] () -- C:\Windows\system32\Tasks\Escolade [2013-06-08 10:33:00 | 000,004,106 | ---- | M] () -- C:\Windows\system32\Tasks\Google Software Updater [2011-05-27 20:22:47 | 000,003,692 | ---- | M] () -- C:\Windows\system32\Tasks\User_Feed_Synchronization-{7DD8751E-D5CE-4C81-AE16-927C32AC4541} [2012-04-16 05:59:31 | 000,003,692 | ---- | M] () -- C:\Windows\system32\Tasks\User_Feed_Synchronization-{A65DAA1F-E8DC-4C02-A952-4526A3EB042E} [color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color] [2013-03-06 19:07:49 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft [2012-02-02 22:03:02 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\NCH Swift Sound [2011-05-21 11:13:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\WPD [color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color] [2013-03-06 18:48:58 | 001,004,888 | ---- | M] (Solid State Networks) -- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chrd_aih.exe [2013-03-06 18:54:28 | 001,004,952 | ---- | M] (Solid State Networks) -- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe [2013-03-06 18:53:27 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\config\systemprofile\Desktop\uninstall_flash_player (1).exe [2013-03-06 18:52:10 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\config\systemprofile\Desktop\uninstall_flash_player.exe [color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.sys >[/color] [2006-11-02 03:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS [2009-04-11 09:18:18 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys [2006-11-02 03:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys [2010-06-14 10:32:54 | 000,036,608 | ---- | M] () -- C:\Windows\system32\FsUsbExDisk.Sys [2006-11-02 03:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS [2006-11-02 03:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS [2006-11-02 03:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS [2006-11-02 03:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS [2006-11-02 03:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS [2006-11-02 03:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS [2006-11-02 03:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS [2006-11-02 03:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS [2006-11-02 03:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS [2006-11-02 03:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS [2006-11-02 03:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS [2006-11-02 03:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS [2006-11-02 03:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS [2013-04-08 21:36:18 | 002,049,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys [color=#A23BEC]< %temp%\*.exe /s >[/color] [2013-05-29 18:11:40 | 000,143,240 | ---- | M] (Ask.com) -- C:\Users\Client\AppData\Local\Temp\ApnStub.exe [2013-05-29 18:11:40 | 003,500,712 | ---- | M] (Ask) -- C:\Users\Client\AppData\Local\Temp\ApnToolbarInstaller.exe [9 C:\Users\Client\AppData\Local\Temp\*.tmp files -> C:\Users\Client\AppData\Local\Temp\*.tmp -> ] [2010-11-18 12:27:32 | 000,073,216 | ---- | M] () -- C:\Users\Client\AppData\Local\Temp\nsd8F9C.tmp\lzma.exe [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color] [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color] [2013-01-11 21:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Speedbit [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2013-02-15 23:28:22 | 000,009,728 | ---- | M] () -- C:\Users\Client\AppData\Roaming\iPumper\Updater.exe [2012-09-04 19:48:45 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe [2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_6FEFF9B68218417F98F549.exe [2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_71D1786D8FA5ABE21D7928.exe [2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_D127D482DF711FFE93053F.exe [2011-06-06 05:21:34 | 000,110,592 | ---- | M] () -- C:\Users\Client\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe [2012-12-19 22:14:17 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe [2012-12-19 22:14:17 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-20 08:24:38 | 039,447,008 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe [2012-12-20 08:24:02 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe [color=#A23BEC]< %LocalAppData%\* >[/color] [2013-01-11 21:25:05 | 000,006,530 | ---- | M] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx [2013-05-02 22:03:09 | 000,001,356 | ---- | M] () -- C:\Users\Client\AppData\Local\d3d9caps.dat [2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-11 16:21:14 | 000,000,093 | ---- | M] () -- C:\Users\Client\AppData\Local\DownloadLog.txt [2013-05-04 16:18:37 | 000,108,128 | ---- | M] () -- C:\Users\Client\AppData\Local\GDIPFONTCACHEV1.DAT [2013-06-08 00:16:31 | 003,212,780 | -H-- | M] () -- C:\Users\Client\AppData\Local\IconCache.db [2011-06-06 05:16:26 | 000,004,096 | ---- | M] () -- C:\Users\Client\AppData\Local\keyfile3.drm [2011-05-22 15:48:03 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3} [2011-05-22 16:03:32 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088} [color=#A23BEC]< %LocalAppData%\*. >[/color] [2011-05-15 12:18:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Adobe [2009-11-24 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ahead [2013-04-01 23:17:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple [2012-11-11 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple Computer [2011-02-05 12:26:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ares [2013-02-26 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\BitZipper [2010-10-20 20:56:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Cooliris [2013-06-03 22:45:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CrashDumps [2012-05-25 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CRE [2012-12-26 17:58:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\DDMSettings [2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Digsby [2012-01-01 12:01:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Downloaded Installations [2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Download_Energy [2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\eSupport.com [2010-09-17 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Geckofx [2013-05-20 14:06:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Google [2010-06-15 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IAInterface [2013-02-27 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IM [2011-10-20 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Innovative Solutions [2010-08-21 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Inspyder_Software_Inc [2011-08-14 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IsolatedStorage [2013-02-11 22:44:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\libimobiledevice [2013-03-09 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macromedia [2013-02-11 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macroplant [2012-12-01 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Messenger_Plus_Live [2013-03-10 16:13:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft [2010-12-19 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Corporation [2012-09-16 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Games [2010-11-14 18:20:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Mozilla [2011-09-25 14:09:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nero [2010-02-12 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Netscape [2011-03-26 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nokia [2010-08-22 13:16:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Quran [2010-01-30 17:12:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\RapidShare [2012-11-11 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Remove_Empty_Directories [2013-03-10 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\SmallRockets [2013-06-08 10:41:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Temp [2013-03-15 00:09:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Torch [2012-06-02 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Unity [2010-09-18 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\utd [2012-10-21 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VDownloader [2012-10-08 12:18:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VENEA.NET [2009-11-19 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VirtualStore [2013-03-06 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VS Revo Group [2013-06-07 18:14:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live [2013-04-06 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live Writer [2010-09-18 23:00:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\YouTubeBatchDownloader [2013-05-22 08:19:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9} [2013-04-15 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{02F61704-CE1A-4D97-9306-C5707E29E546} [2013-06-03 17:18:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1} [2013-03-15 15:52:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05509D5C-F052-4D7B-A04B-C675BC01196E} [2013-05-26 11:20:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1} [2013-05-03 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0A355716-BC45-43DD-8682-F210888AE237} [2013-03-26 07:28:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0D73277E-9D14-40CB-852D-69D0DFFF7885} [2013-06-01 11:28:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD} [2013-05-13 20:11:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E} [2013-04-05 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{13846BE2-A7D9-48D2-B06A-2C97D6D267C0} [2013-03-11 20:37:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1398B2C1-57AF-4D8E-896E-78D116DAE291} [2013-06-06 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66} [2013-03-23 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{166135FB-A695-4F0E-B4A9-1771522F5735} [2013-03-10 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{176312A2-2D6E-4918-BD97-96754FD64E3B} [2013-04-11 08:32:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{18CB25DB-4D59-44E5-80CD-B4F9AFDC9938} [2013-03-25 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{197FF8B3-D813-436E-90E7-32F291F3FD59} [2013-03-13 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1A4CCDAA-E864-4319-9E05-BB3BD4EEBA39} [2013-06-07 13:22:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E} [2013-03-12 17:20:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1D718673-71F9-4F32-94DC-CAB8113D32F6} [2013-04-10 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1EA88370-62B4-41A7-8E6B-20F40F89A375} [2013-04-16 17:15:20 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2068F6EE-C478-4194-ABCF-6E6552304DF2} [2013-06-02 10:46:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C} [2013-04-20 23:12:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{23D5E56E-84AC-4DFB-AEE0-7D168D6024D7} [2013-05-09 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1} [2013-04-24 22:56:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27205ABD-3FAD-4995-840A-8F29FD37EF58} [2013-04-03 20:13:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27326D5D-9B64-446C-81E7-4E75148E97EB} [2013-04-01 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{288DE837-F63E-4C38-AD2C-714315B198C5} [2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05} [2013-05-22 20:22:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE} [2013-05-26 23:23:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE} [2013-05-05 12:00:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F2233A3-5AE1-4946-9771-DAA594A2682A} [2013-03-09 12:49:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F5FED16-B1B9-4CEC-B241-812404471D1A} [2013-06-04 07:40:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703} [2013-03-20 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{33404A28-F6E2-43D4-B346-C577458D2C05} [2013-04-25 21:40:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34953690-5174-462E-AB49-7F0B89539C5D} [2013-03-22 13:42:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34AF0C1E-7260-431E-8025-78759A9CFC84} [2013-04-26 15:07:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{35885372-F855-43B6-A31B-F0CBE19432E3} [2013-05-06 08:06:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3647DA5F-19B5-4831-8010-303CE0324383} [2013-04-21 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3774A3A6-FC9A-4189-9E05-01DCC8328234} [2013-04-11 20:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{379EF0C1-D27B-4817-AE44-F682B1AE9B0C} [2013-04-10 08:27:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{386FEEAC-4BED-44E4-A0F6-EA97B8E5BBF1} [2013-03-17 11:04:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{38A49E88-A6CF-4A33-9B51-9DB5DC2F4C7B} [2013-03-08 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3B5C018C-BBCD-48C4-966D-C757CB7E04C2} [2013-06-05 17:18:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D} [2013-04-06 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3D81A400-D55F-42F7-8E2A-351F4FC428AC} [2013-04-22 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3DB7B5CC-946C-4998-9894-02846D8DF2DC} [2013-03-21 08:29:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3FA4D04C-73B6-4467-9449-B988E69397F1} [2013-05-23 08:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2} [2013-04-03 08:10:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{447F6B6A-6BE4-410F-8F70-9872CC2B2BDE} [2013-05-11 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7} [2013-04-17 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{494C7BAC-0469-4870-9847-21D1FB4BF907} [2013-03-28 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4AD80222-263A-4906-B6B5-60A533F76886} [2013-05-18 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060} [2013-04-06 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4DA97FDA-B894-48D4-A6C6-F8139EEEE559} [2013-05-16 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8} [2013-05-27 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC} [2013-04-07 11:55:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{51E4E422-777E-4594-9B8A-2EE1D7C52CEF} [2013-03-27 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{56DFC0A5-A10D-485C-A362-642EFBAC7A55} [2013-05-21 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF} [2013-04-18 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A059D31-1855-4E0F-B3C9-66B1917C45D0} [2013-04-12 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A05A412-F109-4790-8A6B-4559FD129F85} [2013-04-02 19:49:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5CF85527-F2DB-4607-9864-67E97F231F0F} [2013-05-13 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A} [2013-05-06 20:08:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{615BC0B8-6EB5-4316-A94B-CF87E5601695} [2013-04-28 12:02:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{63472693-E9EF-4AB6-B86A-681CE717E843} [2013-03-28 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{64FBCB0E-461D-4CB6-BBF7-AA84902811BA} [2013-05-28 07:36:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964} [2013-06-04 07:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55} [2013-03-21 20:31:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{689CD01E-48D6-41BA-B687-29C0CA18E375} [2013-03-19 17:23:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{6F771EA8-7B49-4E96-8FB4-CC7E8B51B660} [2013-04-06 11:11:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{715AF2EA-CDB1-40DE-A74B-334E92F745B8} [2012-10-04 20:56:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{72625176-0E87-11E2-8271-B8AC6F996F26} [2013-05-30 08:36:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505} [2013-03-26 19:30:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{747AAEE5-2902-4B36-8723-FAB84C648630} [2013-06-07 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70} [2013-05-31 14:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541} [2013-05-17 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922} [2013-04-19 14:17:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{79F6B5A6-02A5-4419-ADC3-316D715C2F90} [2013-03-11 08:34:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7B060B84-D44F-4A9F-9421-AF9A94A8FA58} [2013-05-23 20:35:51 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E} [2013-03-18 20:34:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{82C148E9-0CEE-46E5-ACE9-DC12FD1AC784} [2013-03-18 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{84847170-87D6-4936-AEF4-AF28E9ED37C1} [2013-04-24 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8628D768-30F6-47D7-BCF2-75FEEF103F41} [2013-04-18 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8AF158E0-02F0-4D9A-B3F1-EC6085C7222F} [2013-05-15 20:35:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3} [2013-04-13 10:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E32A447-EF11-4259-A8E7-5D49F6188561} [2013-05-02 22:14:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E8E7301-64A6-40D6-BD5B-94244196EDE2} [2013-04-29 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8F479CB7-AD6C-47F6-B510-7D91683BE091} [2013-04-08 08:06:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9016759D-37B6-43DA-BB28-E5EAC71A39E0} [2013-05-29 20:33:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078} [2013-03-29 13:49:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{93E72CAA-8FF1-4DE3-9227-710EC1816684} [2013-05-01 08:40:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{943198E9-7EEF-4805-90DC-559A89D4A7D9} [2013-05-25 11:05:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B} [2013-04-14 11:35:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{99ECDFB8-B2AE-4DD1-88DD-57BF5B236F4D} [2013-04-15 20:37:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9B0C33EC-9A0C-4A05-A074-A2D0BE88BE4C} [2013-04-22 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9C6CAD96-289C-4CD1-9D1A-2F1F0107DC3A} [2013-03-10 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9D2D0008-E704-4CC9-80EB-0C3AE5400206} [2013-05-14 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787} [2013-05-10 13:46:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338} [2013-04-17 08:27:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A11B04CA-CAC2-4230-B87B-867F5DE8526F} [2013-04-06 18:14:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A1CF4E20-CF1B-41C7-8BB2-EB0A0CCD10F8} [2013-04-04 08:15:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A240A8A7-4616-41CF-88B1-43367A8DE9C5} [2013-05-11 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522} [2013-05-04 12:33:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A288E71C-C886-4034-BFBD-7A51174C3330} [2013-05-30 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1} [2013-03-17 23:06:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7C8854D-2DA9-4A59-B79C-73F8A39148B3} [2013-06-06 20:41:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045} [2013-03-29 18:39:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A9220EE4-6909-4D5E-B6DC-29C0305498DC} [2013-05-03 16:38:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A936AC81-DF5D-4EC0-9F05-4408D1744D7F} [2013-04-08 20:35:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AE747FB6-3DFC-41D4-AF15-5D562CBF8119} [2013-06-01 11:31:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B} [2013-03-14 08:27:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AFE3668A-19A0-41C5-AF36-BF20FB75387F} [2013-03-30 10:41:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B2156300-C48C-4A16-9F7F-974A331936EA} [2013-05-08 08:34:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B3FADE9B-5B77-41F4-BF38-D201F0B858B5} [2013-03-15 14:58:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B45A3EB8-D588-48EA-9AA8-1AA33CBB29EC} [2013-05-19 11:16:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E} [2013-05-24 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673} [2013-04-14 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B6AED0F5-E72C-4064-AAA2-0F48EF950BE9} [2013-05-18 10:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7} [2013-03-20 08:24:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7259649-8060-4BCD-B187-77EA4E3A3AC1} [2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142} [2013-05-29 08:30:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B} [2013-05-16 08:37:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F} [2013-05-21 07:30:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769} [2013-03-11 21:12:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8EF046-FC22-4B7A-804A-EE30EF75AD63} [2013-04-04 20:48:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C1B861E0-572A-4518-9A13-EE74349440BC} [2013-05-12 11:48:52 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5} [2013-03-24 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C349652D-2EF3-47F4-BC94-F2FB57F2A3D6} [2013-03-15 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C6717879-EE85-41DC-94F0-AA348175FDDF} [2013-04-15 08:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C74C4801-2B13-4FDC-BA93-5AF091CD7CAB} [2013-04-20 11:09:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C9AF2682-F6CB-445E-B9D6-33952D72EDA3} [2013-05-20 11:26:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205} [2013-03-16 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CCD7E887-4447-448B-92AA-9C463EAC1C70} [2013-05-15 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677} [2013-05-12 23:50:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2} [2013-03-29 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D15E95E2-8768-4887-A45B-3AF5EC063917} [2013-05-07 17:17:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5251DA3-79B5-48B7-9933-0CA2FCCBEEA1} [2013-06-07 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3} [2013-03-29 14:43:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5FC862A-95C5-4399-9DE7-10B4056DE579} [2013-05-09 08:39:09 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D8CA2107-2FA1-4F0D-A4FD-D3662DAAEBE2} [2013-03-31 11:33:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAB90DF8-EF61-47DA-8299-2D38CDA09FB4} [2013-06-04 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091} [2013-06-02 22:49:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5} [2013-03-30 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAE86099-7666-4142-A0A6-DC19906A4671} [2013-05-01 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DCFFAD45-327A-43D5-8791-9E90D3E46CDB} [2013-03-27 08:00:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DD989BC1-1AE0-46FD-BDF5-12BAFF47081D} [2013-04-29 08:12:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DEEF9AF4-0B8B-4A8D-8F89-F2AC1365134B} [2013-04-02 06:54:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DF6D7198-2EC2-423F-BA0F-68B8518E3516} [2013-06-08 10:34:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F} [2013-04-06 16:57:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E06F497A-719D-47C5-AEEF-9DCBEA73B6DD} [2013-05-25 23:17:46 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51} [2013-04-09 17:17:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E286396B-5447-4C84-8D27-38F88B0BF3FD} [2013-03-14 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E43D0919-DD7E-4517-84B1-28E9606BBB9A} [2013-04-27 23:36:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E601940B-FF76-41D4-9BCA-CC1F6C0E4F7F} [2013-05-02 08:32:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E9B93578-230A-413F-877B-9CD71B67A96C} [2013-05-08 20:36:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{EAC5F31F-F971-4455-89EE-5C7C0A91CDCE} [2013-03-23 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED2E8BC5-36FA-4083-AFB0-B18C404F8FC2} [2013-04-23 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED9007F5-7385-4C9B-8913-971B8CC84FC0} [2013-04-27 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F3C4ACC5-AE4F-4B53-9FB7-48E6F0CA9FDD} [2013-03-24 11:20:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F53B4753-4FB9-4E14-B8BF-3D853F059331} [2013-03-13 08:19:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F718DC28-F9DC-41C9-81EC-769706CF0C41} [2013-06-05 08:38:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD} [2013-04-30 17:23:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9A025DC-0F1C-4C4B-B5FB-8C5A4EB6F891} [2013-04-08 08:32:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9BCCAB9-9E8B-4F5C-ACDC-5DCF3C301470} [2013-05-23 08:32:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940} [2013-05-28 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B} [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2011-10-06 19:44:27 | 000,001,338 | -H-- | M] () -- C:\aaw7boot.cmd [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2012-07-25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr [2012-06-02 10:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT [2013-01-30 18:58:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011-02-05 19:38:27 | 000,000,010 | R-S- | M] () -- C:\config.sys [2011-02-14 19:00:00 | 000,206,312 | R-S- | M] () -- C:\grldr [2012-11-26 23:33:14 | 000,020,419 | ---- | M] () -- C:\INSTALLHELPER.LOG [2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\IO.SYS [2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS [2013-06-08 10:30:21 | 3265,798,144 | -HS- | M] () -- C:\pagefile.sys [2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2012-11-13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] [2009-04-11 09:18:46 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe [2009-04-11 09:18:46 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe [2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008-01-20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008-01-20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-04-11 09:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009-04-11 09:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [color=#A23BEC]< MD5 for: WINSOCK.DLL >[/color] [2006-11-02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL [2006-11-02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSOCK.DLL [color=#E56717]========== Base Services ==========[/color] SRV - [2006-11-02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc) SRV - [2008-01-20 22:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo) SRV - [2008-01-20 22:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG) SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (BITS) SRV - [2009-04-11 09:18:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE) SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso) SRV - [2009-04-11 09:18:24 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem) SRV - [2008-01-20 22:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser) SRV - [2012-06-01 20:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc) SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (DcomLaunch) SRV - [2009-04-11 09:18:19 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp) SRV - [2011-03-02 11:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache) SRV - [2008-01-20 22:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost) SRV - [2009-04-11 09:18:09 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv) SRV - [2008-01-20 22:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) SRV - [2009-04-11 09:18:48 | 000,364,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent) No service found with a name of MsMpSvc No service found with a name of NisSrv SRV - [2009-04-11 09:18:29 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv) SRV - [2008-01-20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS) SRV - [2008-01-20 22:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netman.dll -- (Netman) SRV - [2008-01-20 22:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm) SRV - [2008-01-20 22:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc) SRV - [2008-01-20 22:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi) SRV - [2009-04-11 09:18:19 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay) SRV - [2010-08-17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler) SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage) SRV - [2009-04-11 09:18:07 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt) SRV - [2008-01-20 22:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto) SRV - [2009-04-11 09:18:35 | 000,262,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan) SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (RpcSs) SRV - [2008-01-20 22:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon) SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs) SRV - [2009-04-11 09:18:06 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc) SRV - [2010-09-06 12:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer) SRV - [2009-07-10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection) SRV - [2009-04-11 09:18:51 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc) SRV - [2010-11-04 14:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule) SRV - [2009-04-11 09:18:48 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv) SRV - [2009-07-10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes) SRV - [2009-04-11 09:18:21 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc) SRV - [2009-04-11 09:18:15 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS) SRV - [2009-04-11 09:18:48 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv) SRV - [2009-04-11 09:18:48 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder) SRV - [2008-01-20 22:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC) SRV - [2008-01-20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009-04-11 09:18:15 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog) SRV - [2009-04-11 09:18:45 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc) SRV - [2009-04-11 09:18:06 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc) SRV - [2009-04-11 09:18:32 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver) SRV - [2009-04-11 09:18:50 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt) SRV - [2012-06-02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv) SRV - [2009-04-11 09:18:29 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc) SRV - [2009-07-11 15:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc) SRV - [2009-06-10 07:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation) [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 688 bytes -> C:\Users\Client\khalid bhai.eml:OECustomProperty @Alternate Data Stream - 270 bytes -> C:\ProgramData\TEMP:553CA6CA @Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0B4227B4 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8CE646EE @Alternate Data Stream - 143 bytes -> C:\Users\Client\Desktop\~$mmaire de transaction de Bell # B69U33L4.eml:OECustomProperty < End of report >