cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 2013-06-08 10:37:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Client\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

2,75 Gb Total Physical Memory | 1,21 Gb Available Physical Memory | 43,95% Memory free
5,71 Gb Paging File | 4,09 Gb Available in Paging File | 71,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 336,05 Gb Total Space | 6,63 Gb Free Space | 1,97% Space Free | Partition Type: NTFS
Drive E: | 250,36 Gb Total Space | 228,41 Gb Free Space | 91,23% Space Free | Partition Type: NTFS

Computer Name: GULZAR | User Name: Client | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-06-08 10:34:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe
PRC - [2013-05-10 22:58:47 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2013-05-10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-04-22 10:55:08 | 000,754,000 | ---- | M] (CybelSoft) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-01-31 05:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-11-13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012-11-13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012-08-01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012-01-31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011-09-09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011-08-18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG10\avgrsx.exe
PRC - [2011-05-23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
PRC - [2011-03-28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
PRC - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011-02-08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2011-01-06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe
PRC - [2010-01-21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010-01-21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 09:18:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012-11-13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011-06-24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011-06-24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011-02-10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (TrkWks)
SRV - File not found [Disabled | Stopped] -- \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp [WARNING: \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp] -- (srv14DC)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (RpcSs)
SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (DcomLaunch)
SRV - File not found [Auto | Running] -- Reg Error: Key error. -- (BITS)
SRV - [2013-05-26 20:31:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-05-10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-04-22 10:55:08 | 000,754,000 | ---- | M] (CybelSoft) [Auto | Running] -- C:\Program Files\ma-config.com\MaConfigAgent.exe -- (MaConfigAgent)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-03-01 12:11:32 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-11-22 16:49:59 | 000,125,952 | ---- | M] (Yuna Software) [On_Demand | Stopped] -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe -- (MsgPlusService)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [On_Demand | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-07 22:06:24 | 001,828,496 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012-06-11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-01-31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-06-09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [On_Demand | Stopped] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2011-03-09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011-02-08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2011-01-06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe -- (ServicepointService)
SRV - [2010-07-04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [On_Demand | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010-05-18 15:13:58 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010-01-21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010-01-21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2008-01-20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NPF)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ApfiltrService)
DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013-01-31 07:21:23 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-11-12 05:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012-08-29 18:47:56 | 000,190,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2012-07-03 11:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012-06-11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012-01-09 17:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012-01-09 17:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011-10-21 22:14:59 | 000,023,456 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DrvAgent32.sys -- (DrvAgent32)
DRV - [2011-07-21 21:55:50 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
DRV - [2011-05-27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-05-10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011-04-05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-03-16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-03-01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-02-10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-02-10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsnmea.sys -- (zghsnmea)
DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsmdm.sys -- (zghsmdm)
DRV - [2011-01-13 04:17:18 | 000,106,752 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zghsdiag.sys -- (zghsdiag)
DRV - [2010-11-25 06:59:16 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010-07-12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010-06-14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-04-26 22:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010-04-26 22:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2010-04-26 22:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010-04-09 02:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2010-04-09 02:32:54 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2010-03-22 18:29:08 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2010-03-04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010-03-04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2009-12-30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008-07-29 05:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2003-01-31 18:08:54 | 000,028,005 | ---- | M] (Efficient Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enethusb.sys -- (ENETHUSB)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://qc.answers.yahoo.com/questi [Binary data over 200 bytes]
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.commentcamarche.net/forum/affich-27973237-ie-9-fonctionne-pas-a-cause-de-http-localhost-9000-proxy-pac
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/defaultf.aspx?ocid=iehp
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 65 02 7B 82 44 CE 01 [binary data]
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes,DefaultScope = {9CA7DA1C-773A-4588-8E84-47F0508BCB5E}
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..\SearchScopes\{9CA7DA1C-773A-4588-8E84-47F0508BCB5E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GUEA_frCA474
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr"
FF - prefs.js..extensions.enabledItems: linkuryfirefoxremoteplugin@linkury.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.4.0.5
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6
FF - prefs.js..network.proxy.autoconfig_url: "http://localhost:9000/proxy.pac"
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 55879
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.type: 2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - prefs.js..browser.startup.homepage: "http://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ff"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=11: C:\Program Files\Google\Google Updater\2.1.850.19570\npCIDetect11.dll (Google)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Bell\Internet Service Advisor\nprpspa.dll (Bell)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Client\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-03-06 19:07:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-06-04 11:04:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013-04-10 10:20:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-03-06 19:07:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012-10-05 21:22:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-03 23:31:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-01 23:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-05-20 14:19:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.1\extensions\\Components: C:\Program Files\Netscape\Navigator 9\components [2013-04-01 23:18:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape Navigator 9.0.0.1\extensions\\Plugins: C:\Program Files\Netscape\Navigator 9\plugins [2013-05-20 14:19:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2013-01-08 22:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\search@helper: C:\Users\Client\AppData\Roaming\Mozilla\Firefox\Profiles\0xn7o7r9.default\extensions\SearchHelper

[2013-03-09 14:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Extensions
[2013-06-07 20:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\0xn7o7r9.default\extensions
[2013-06-07 20:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\q4gg7ezh.default\extensions
[2013-03-10 14:07:06 | 000,000,000 | ---D | M] ("Savevid.com Easy Video Downloader") -- C:\Users\Client\AppData\Roaming\mozilla\Firefox\Profiles\q4gg7ezh.default\extensions\ffmenu@savevid.com
[2013-01-11 21:25:56 | 000,004,020 | ---- | M] () (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\firefox\profiles\q4gg7ezh.default\extensions\{1705b07d-787f-41cb-b244-3ab25edf9e8e}.xpi
[2013-03-27 20:24:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Client\AppData\Roaming\mozilla\firefox\profiles\q4gg7ezh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-06-07 20:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012-11-21 23:47:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-03-01 20:09:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-05-26 18:52:39 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012-09-05 21:54:26 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012-09-05 21:54:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-09-05 21:54:27 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012-09-05 21:54:26 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012-09-05 21:54:26 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012-09-05 21:54:27 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

Hosts file not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {F999A48B-1950-4D81-9971-79018F807B4B} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {F999A48B-1950-4D81-9971-79018F807B4B} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: annonce123.com ([]https in Sites de confiance)
O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: keepvid.com ([]https in Sites de confiance)
O15 - HKU\S-1-5-21-848290530-2912923882-1970363955-1000\..Trusted Domains: youtube.com ([www] https in Sites de confiance)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{734D13B3-BC74-4F3E-98AC-3B7710C53D9D}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{913C7B26-A9F1-45EF-8EF6-8E56CF00D453}: DhcpNameServer = 64.71.255.205 64.71.255.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADA076BF-A0CD-486F-BB28-1331A8A9D7E8}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-07-26 02:52:25 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{37786602-5d9a-11e2-8f35-00218538ec81}\Shell - "" = AutoRun
O33 - MountPoints2\{37786602-5d9a-11e2-8f35-00218538ec81}\Shell\AutoRun\command - "" = G:\DigitalPhotoViewer.exe
O33 - MountPoints2\{5364be4a-d601-11de-89cb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5364be4a-d601-11de-89cb-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Mehfil.exe
O33 - MountPoints2\{77516076-00be-11d6-91ca-a8f00530693c}\Shell\AutoRun\command - "" = F:\IEXPLORE.EXE
O33 - MountPoints2\{84b4642e-5dad-11e2-ac4e-00218538ec81}\Shell - "" = AutoRun
O33 - MountPoints2\{84b4642e-5dad-11e2-ac4e-00218538ec81}\Shell\AutoRun\command - "" = G:\DigitalPhotoViewer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

MsConfig - State: "startup" - 2
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0

NetSvcs: srv14DC - \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: 77329793.sys - Driver
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: klmdb.sys - Driver
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: ServicepointService - C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe (Radialpoint Inc.)
SafeBootMin: srv14DC - \\?\globalroot\Device\HarddiskVolume1\Users\Client\AppData\Local\Temp\srv14DC.tmp File not found
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: 77329793.sys - Driver
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: klmdb.sys - Driver
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: ServicepointService - C:\Program Files\Bell\Internet Service Advisor\ServicepointService.exe (Radialpoint Inc.)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-06-08 10:34:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe
[2013-06-08 10:34:01 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F}
[2013-06-07 22:34:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013-06-07 22:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-06-07 22:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-06-07 22:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013-06-07 22:30:51 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\coupe papier
[2013-06-07 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\RK_Quarantine
[2013-06-07 18:11:00 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3}
[2013-06-07 14:24:54 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70}
[2013-06-07 13:20:29 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E}
[2013-06-06 20:39:04 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045}
[2013-06-06 08:36:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66}
[2013-06-05 21:34:30 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\nouveaux chansons
[2013-06-05 17:17:06 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D}
[2013-06-05 08:38:26 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD}
[2013-06-04 22:07:20 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\Audio
[2013-06-04 19:42:33 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091}
[2013-06-04 07:39:28 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703}
[2013-06-04 07:37:55 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55}
[2013-06-03 17:17:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1}
[2013-06-02 22:48:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5}
[2013-06-02 21:35:54 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\King Kong 2005 1080P HDRiP TRUEFRENCH AC3 SUBFORCES X264-SubZero
[2013-06-02 10:45:26 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C}
[2013-06-01 11:30:12 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B}
[2013-06-01 11:28:25 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD}
[2013-05-31 15:35:51 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\AoA audio extractor
[2013-05-31 15:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AoA Audio Extractor
[2013-05-31 15:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\AoA Audio Extractor
[2013-05-31 14:43:31 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541}
[2013-05-30 20:37:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1}
[2013-05-30 08:35:11 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505}
[2013-05-29 20:32:39 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078}
[2013-05-29 18:12:08 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Roaming\Trillian
[2013-05-29 18:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trillian
[2013-05-29 17:33:48 | 000,000,000 | ---D | C] -- C:\Users\Client\Desktop\AVG PC Tuneup Pro 2013
[2013-05-29 08:29:21 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B}
[2013-05-28 20:01:50 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B}
[2013-05-28 07:35:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964}
[2013-05-27 17:17:10 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC}
[2013-05-26 23:21:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE}
[2013-05-26 11:19:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1}
[2013-05-25 23:16:37 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51}
[2013-05-25 11:04:12 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B}
[2013-05-24 14:55:59 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673}
[2013-05-23 21:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flv Audio Extractor
[2013-05-23 21:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Flv Audio Extractor
[2013-05-23 20:34:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E}
[2013-05-23 08:31:36 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940}
[2013-05-23 08:29:41 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2}
[2013-05-22 20:21:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE}
[2013-05-22 08:18:04 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9}
[2013-05-21 19:31:58 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF}
[2013-05-21 07:28:54 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769}
[2013-05-20 11:25:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205}
[2013-05-19 14:57:49 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Roaming\AVG
[2013-05-19 14:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013-05-19 14:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013-05-19 11:15:50 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E}
[2013-05-18 23:11:53 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060}
[2013-05-18 10:28:32 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7}
[2013-05-17 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922}
[2013-05-16 20:39:13 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8}
[2013-05-16 08:36:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F}
[2013-05-15 20:34:09 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3}
[2013-05-15 18:38:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013-05-15 08:34:02 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013-05-15 08:34:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013-05-15 08:34:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013-05-15 08:34:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013-05-15 08:34:01 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013-05-15 08:34:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013-05-15 08:33:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013-05-15 08:33:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677}
[2013-05-15 08:32:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013-05-15 08:32:31 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013-05-14 23:07:32 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2013-05-14 23:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013-05-14 23:07:30 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013-05-14 17:22:30 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787}
[2013-05-13 20:10:18 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E}
[2013-05-13 08:07:57 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A}
[2013-05-12 23:50:05 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2}
[2013-05-12 11:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013-05-12 11:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013-05-12 11:47:42 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5}
[2013-05-12 11:46:49 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05}
[2013-05-12 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142}
[2013-05-11 23:13:07 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7}
[2013-05-11 18:40:06 | 000,000,000 | ---D | C] -- C:\Users\Client\.config
[2013-05-11 18:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emesene
[2013-05-11 18:34:09 | 000,000,000 | ---D | C] -- C:\Users\Client\amsn
[2013-05-11 12:04:49 | 000,000,000 | ---D | C] -- C:\Users\Client\.appwork
[2013-05-11 11:10:35 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522}
[2013-05-10 13:45:38 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338}
[2013-05-09 20:40:33 | 000,000,000 | ---D | C] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1}
[2010-12-28 19:09:55 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe
[2010-09-11 16:17:34 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013-06-08 10:38:01 | 000,722,628 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013-06-08 10:38:01 | 000,631,228 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-06-08 10:38:01 | 000,145,606 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013-06-08 10:38:01 | 000,120,098 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-06-08 10:35:17 | 122,496,639 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013-06-08 10:34:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Client\Desktop\OTL.exe
[2013-06-08 10:33:00 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013-06-08 10:30:29 | 000,004,368 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-08 10:30:29 | 000,004,368 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-08 10:30:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-08 00:09:12 | 000,003,666 | ---- | M] () -- C:\Users\Client\Desktop\je n'Aime pas les menteuse.jpg
[2013-06-07 22:34:12 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013-06-05 21:56:00 | 000,018,646 | ---- | M] () -- C:\Users\Client\ma photo 2007.jpg
[2013-06-05 21:55:52 | 000,625,585 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013-06-05 21:38:10 | 051,900,587 | ---- | M] () -- C:\Users\Client\Desktop\Ishq-Samundar-[Full-Song]-Kaante[www.savevid.com].wav
[2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-06-03 20:58:26 | 000,245,299 | ---- | M] () -- C:\Users\Client\Desktop\calendrier.jpg
[2013-06-03 20:50:46 | 000,003,788 | ---- | M] () -- C:\Users\Client\Desktop\contentMiddle.jpg
[2013-06-03 17:22:29 | 000,028,840 | ---- | M] () -- C:\Users\Client\photo.jpg
[2013-06-02 20:51:25 | 003,330,619 | ---- | M] () -- C:\Users\Client\Desktop\ma photo.jpg
[2013-06-02 19:00:12 | 367,265,458 | ---- | M] () -- C:\Users\Client\Desktop\The.Mentalist.S05E10.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-06-02 19:00:02 | 367,529,710 | ---- | M] () -- C:\Users\Client\Desktop\The.Mentalist.S05E09.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-29 17:17:58 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013-05-27 23:18:30 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013-05-26 21:24:32 | 003,047,549 | ---- | M] () -- C:\Users\Client\khalid bhai.eml
[2013-05-26 20:31:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013-05-26 20:31:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013-05-26 13:00:17 | 000,011,002 | ---- | M] () -- C:\Users\Client\nom d'usager.rtf
[2013-05-20 11:25:55 | 000,000,218 | ---- | M] () -- C:\Windows\wininit.ini
[2013-05-19 17:39:13 | 000,012,039 | ---- | M] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg
[2013-05-19 15:16:06 | 000,196,608 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013-05-18 19:43:21 | 000,000,134 | ---- | M] () -- C:\Windows\(null)toolkit.ini
[2013-05-17 16:55:25 | 002,560,594 | ---- | M] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg
[2013-05-17 16:41:49 | 000,014,242 | ---- | M] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg
[2013-05-16 21:06:55 | 000,045,254 | ---- | M] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg
[2013-05-15 09:44:40 | 000,384,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-05-14 07:36:28 | 004,935,240 | ---- | M] () -- C:\Users\Client\khalid bhai poste canada 2.jpg
[2013-05-14 07:34:43 | 004,834,521 | ---- | M] () -- C:\Users\Client\Khalid Bhai poste canada.jpg
[2013-05-12 21:41:52 | 367,252,094 | R--- | M] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-12 21:37:43 | 367,200,050 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013-06-08 10:40:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013-06-08 00:09:12 | 000,003,666 | ---- | C] () -- C:\Users\Client\Desktop\je n'Aime pas les menteuse.jpg
[2013-06-07 22:34:12 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013-06-05 21:38:08 | 051,900,587 | ---- | C] () -- C:\Users\Client\Desktop\Ishq-Samundar-[Full-Song]-Kaante[www.savevid.com].wav
[2013-06-05 09:52:52 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2013-06-03 20:58:26 | 000,245,299 | ---- | C] () -- C:\Users\Client\Desktop\calendrier.jpg
[2013-06-03 20:52:17 | 000,003,788 | ---- | C] () -- C:\Users\Client\Desktop\contentMiddle.jpg
[2013-06-03 17:22:42 | 000,028,840 | ---- | C] () -- C:\Users\Client\photo.jpg
[2013-06-02 20:51:57 | 003,330,619 | ---- | C] () -- C:\Users\Client\Desktop\ma photo.jpg
[2013-06-02 18:56:24 | 367,265,458 | ---- | C] () -- C:\Users\Client\Desktop\The.Mentalist.S05E10.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-06-02 18:55:53 | 367,529,710 | ---- | C] () -- C:\Users\Client\Desktop\The.Mentalist.S05E09.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-29 17:17:58 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013-05-26 21:24:31 | 003,047,549 | ---- | C] () -- C:\Users\Client\khalid bhai.eml
[2013-05-23 21:22:25 | 000,389,120 | ---- | C] () -- C:\Windows\System32\actskn43.ocx
[2013-05-20 11:25:47 | 000,000,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2013-05-19 17:39:37 | 000,012,039 | ---- | C] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg
[2013-05-18 19:43:21 | 000,000,134 | ---- | C] () -- C:\Windows\(null)toolkit.ini
[2013-05-17 16:55:09 | 002,560,594 | ---- | C] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg
[2013-05-17 16:41:52 | 000,014,242 | ---- | C] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg
[2013-05-14 07:36:17 | 004,935,240 | ---- | C] () -- C:\Users\Client\khalid bhai poste canada 2.jpg
[2013-05-14 07:34:21 | 004,834,521 | ---- | C] () -- C:\Users\Client\Khalid Bhai poste canada.jpg
[2013-05-12 21:38:42 | 367,252,094 | R--- | C] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-12 21:35:26 | 367,200,050 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-06 22:27:23 | 367,374,406 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E02.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-06 21:57:07 | 367,406,570 | ---- | C] () -- C:\Users\Client\The.Mentalist.S05E01.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-05 14:17:09 | 000,028,740 | ---- | C] () -- C:\Users\Client\1292890809_148415350_4-2005-Ford-Freestar-Vehicles.jpg
[2013-05-04 18:24:02 | 000,384,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-05-03 20:19:49 | 000,001,589 | ---- | C] () -- C:\Program Files\Uninstall.ini
[2013-04-28 14:32:35 | 000,045,254 | ---- | C] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg
[2013-04-22 19:44:31 | 000,188,416 | RHS- | C] () -- C:\Windows\System32\winDCE32.dll
[2013-04-22 19:44:31 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2013-04-08 20:10:21 | 000,081,903 | ---- | C] () -- C:\Users\Client\face.JPG
[2013-04-07 12:25:12 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013-04-05 20:13:55 | 000,011,002 | ---- | C] () -- C:\Users\Client\nom d'usager.rtf
[2013-03-06 21:28:29 | 000,000,664 | RHS- | C] () -- C:\Users\Client\ntuser.pol
[2013-03-02 15:47:44 | 000,003,076 | ---- | C] () -- C:\Users\Client\75288a_t.jpg
[2013-02-28 19:02:02 | 000,002,240 | ---- | C] () -- C:\Users\Client\173326_100002127565566_1304893357_q.jpg
[2013-02-23 17:56:15 | 000,344,064 | ---- | C] () -- C:\Users\Client\!cid_3D892220-7DB0-4C23-BE5F-61C54B31AF4B.jpg
[2013-02-23 17:56:09 | 001,290,240 | ---- | C] () -- C:\Users\Client\!cid_1C93C6A5-809A-49E6-B022-D5B77BC5B5E3.png
[2013-02-11 22:35:25 | 000,000,600 | ---- | C] () -- C:\Users\Client\AppData\Roaming\winscp.rnd
[2013-01-25 23:14:19 | 014,558,611 | ---- | C] () -- C:\Users\Client\iphone_guide_de_l_utilisateur.pdf
[2013-01-19 16:44:55 | 000,018,646 | ---- | C] () -- C:\Users\Client\ma photo 2007.jpg
[2013-01-17 15:02:30 | 026,026,753 | ---- | C] () -- C:\Windows\System32\trillian-v5.3.0.12.exe
[2013-01-11 07:48:18 | 000,006,530 | ---- | C] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx
[2013-01-10 18:38:42 | 000,000,218 | ---- | C] () -- C:\Windows\wininit.ini
[2012-12-28 15:39:45 | 000,024,841 | ---- | C] () -- C:\Users\Client\irene.png
[2012-10-25 18:07:55 | 000,129,024 | ---- | C] () -- C:\Windows\System32\AVERM.dll
[2012-10-25 18:07:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\AVEQT.dll
[2012-04-14 16:59:17 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2012-04-14 16:03:40 | 000,000,088 | ---- | C] () -- C:\Windows\ENX230.ini
[2012-03-18 13:49:25 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2012-02-14 22:05:02 | 000,252,967 | ---- | C] () -- C:\Users\Client\FidoBill-FactureFido.pdf
[2012-01-01 11:59:12 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2012-01-01 11:59:12 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-10-02 19:56:48 | 000,109,216 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll
[2011-10-02 19:56:48 | 000,090,784 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011-08-14 14:12:53 | 000,000,308 | ---- | C] () -- C:\Program Files\Program Files.ini
[2011-07-17 22:33:51 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011-06-11 14:14:13 | 000,014,741 | ---- | C] () -- C:\Users\Client\AppData\Roaming\D6AC.844
[2011-06-04 04:48:48 | 000,000,336 | ---- | C] () -- C:\ProgramData\31907576
[2011-05-28 14:19:24 | 000,000,290 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2011-05-22 16:03:32 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088}
[2011-05-22 15:48:03 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3}
[2010-09-20 22:05:28 | 001,094,776 | ---- | C] () -- C:\Users\Client\Mastering.Hypnosis M2Tv.pdf
[2010-09-19 22:35:20 | 000,000,184 | ---- | C] () -- C:\Users\Client\AppData\Roaming\default.rss
[2010-09-19 22:35:20 | 000,000,000 | ---- | C] () -- C:\Users\Client\AppData\Roaming\downloads.m3u
[2010-09-08 17:05:59 | 020,107,707 | ---- | C] () -- C:\Users\Client\Namaz_Kay_Ahkaam.rar
[2010-09-08 16:36:33 | 1642,897,258 | ---- | C] () -- C:\Users\Client\Naat Sharif.rar
[2010-07-17 16:29:28 | 098,045,996 | ---- | C] () -- C:\Users\Client\Manqbat e Imam Abu Hanifa Radhi Allahu Anhu [www.keepvid.com].wav
[2010-04-20 21:27:18 | 029,928,516 | ---- | C] () -- C:\Users\Client\MadarijunNabuwat2of2.pdf
[2010-04-20 21:24:02 | 023,071,331 | ---- | C] () -- C:\Users\Client\MadarijunNabuwat1of2.pdf
[2010-03-31 22:32:00 | 000,019,078 | ---- | C] () -- C:\Users\Client\AppData\Roaming\UserTile.png
[2010-02-24 22:39:08 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010-01-01 16:55:16 | 000,004,096 | ---- | C] () -- C:\Users\Client\AppData\Local\keyfile3.drm
[2009-12-20 22:33:19 | 020,097,456 | ---- | C] () -- C:\Users\Client\Naat Book.pdf
[2009-12-13 14:27:34 | 636,029,205 | ---- | C] () -- C:\Users\Client\Kanzul-Emaan.zip
[2009-11-19 21:00:38 | 000,225,792 | ---- | C] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-11-18 17:51:42 | 000,001,356 | ---- | C] () -- C:\Users\Client\AppData\Local\d3d9caps.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006-11-02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 09:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 09:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]


[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< HKCU\Software >[/color]
"GUID" = 881a2ece-e1fd-4d5c-8312-b4014c18c94f
"TrueAudioDevice" = Haut-parleurs (Périphérique High Definition Audio)

[HKEY_CURRENT_USER\Software\3ivx]

[HKEY_CURRENT_USER\Software\8322898]

[HKEY_CURRENT_USER\Software\AC3Filter]

[HKEY_CURRENT_USER\Software\Adobe]

[HKEY_CURRENT_USER\Software\Ahead]

[HKEY_CURRENT_USER\Software\AoAAudioExtractor]

[HKEY_CURRENT_USER\Software\AppConf]

[HKEY_CURRENT_USER\Software\AppDataLow]

[HKEY_CURRENT_USER\Software\Apple Computer, Inc.]

[HKEY_CURRENT_USER\Software\Apple Inc.]

[HKEY_CURRENT_USER\Software\ASProtect]

[HKEY_CURRENT_USER\Software\Auslogics]

[HKEY_CURRENT_USER\Software\Avg]

[HKEY_CURRENT_USER\Software\Binary Noise]

[HKEY_CURRENT_USER\Software\BitComet]

[HKEY_CURRENT_USER\Software\BitTorrent]

[HKEY_CURRENT_USER\Software\Boilsoft]

[HKEY_CURRENT_USER\Software\Borland]

[HKEY_CURRENT_USER\Software\Bump Technologies, Inc.]

[HKEY_CURRENT_USER\Software\Bytescout]

[HKEY_CURRENT_USER\Software\Bywifi]

[HKEY_CURRENT_USER\Software\CDDB]

[HKEY_CURRENT_USER\Software\CeQuadrat]

[HKEY_CURRENT_USER\Software\Clients]

[HKEY_CURRENT_USER\Software\cooliris]

[HKEY_CURRENT_USER\Software\CoreAAC]

[HKEY_CURRENT_USER\Software\Digital River]

[HKEY_CURRENT_USER\Software\DivX]

[HKEY_CURRENT_USER\Software\DivXNetworks]

[HKEY_CURRENT_USER\Software\DownloadToolz]

[HKEY_CURRENT_USER\Software\DT Soft]

[HKEY_CURRENT_USER\Software\Enigma Protector]

[HKEY_CURRENT_USER\Software\EPSON]

[HKEY_CURRENT_USER\Software\Escolade]

[HKEY_CURRENT_USER\Software\FastStone]

[HKEY_CURRENT_USER\Software\FDRLab]

[HKEY_CURRENT_USER\Software\Flock]

[HKEY_CURRENT_USER\Software\Flowmix]

[HKEY_CURRENT_USER\Software\FLV Player X]

[HKEY_CURRENT_USER\Software\Freecorder]

[HKEY_CURRENT_USER\Software\Gabest]

[HKEY_CURRENT_USER\Software\GameSpy]

[HKEY_CURRENT_USER\Software\GetFLV]

[HKEY_CURRENT_USER\Software\GNU]

[HKEY_CURRENT_USER\Software\Google]

[HKEY_CURRENT_USER\Software\GreenTree Applications]

[HKEY_CURRENT_USER\Software\GSpot Appliance Corp]

[HKEY_CURRENT_USER\Software\Haali]

[HKEY_CURRENT_USER\Software\HookNetwork]

[HKEY_CURRENT_USER\Software\IM Providers]

[HKEY_CURRENT_USER\Software\Image Power]

[HKEY_CURRENT_USER\Software\Industriya]

[HKEY_CURRENT_USER\Software\Inspyder]

[HKEY_CURRENT_USER\Software\InterVideo]

[HKEY_CURRENT_USER\Software\ISSS]

[HKEY_CURRENT_USER\Software\JavaSoft]

[HKEY_CURRENT_USER\Software\JEDI-VCL]

[HKEY_CURRENT_USER\Software\Lavalys]

[HKEY_CURRENT_USER\Software\Licenses]

[HKEY_CURRENT_USER\Software\Ligos]

[HKEY_CURRENT_USER\Software\LSoft Technologies]

[HKEY_CURRENT_USER\Software\Macromedia]

[HKEY_CURRENT_USER\Software\MainConcept]

[HKEY_CURRENT_USER\Software\Malwarebytes' Anti-Malware]

[HKEY_CURRENT_USER\Software\Martin Prikryl]

[HKEY_CURRENT_USER\Software\MediaArea.net]

[HKEY_CURRENT_USER\Software\Microsoft]

[HKEY_CURRENT_USER\Software\MightyUninstaller]

[HKEY_CURRENT_USER\Software\Mirage]

[HKEY_CURRENT_USER\Software\Mobileleader]

[HKEY_CURRENT_USER\Software\Motive]

[HKEY_CURRENT_USER\Software\Mountain King Studios]

[HKEY_CURRENT_USER\Software\Moyea]

[HKEY_CURRENT_USER\Software\Mozilla]

[HKEY_CURRENT_USER\Software\MozillaPlugins]

[HKEY_CURRENT_USER\Software\Mystik Media]

[HKEY_CURRENT_USER\Software\NATATA eBook]

[HKEY_CURRENT_USER\Software\Nbeshine]

[HKEY_CURRENT_USER\Software\NCH Software]

[HKEY_CURRENT_USER\Software\NCH Swift Sound]

[HKEY_CURRENT_USER\Software\Nero]

[HKEY_CURRENT_USER\Software\Netscape]

[HKEY_CURRENT_USER\Software\NFS HS Expansion Pack]

[HKEY_CURRENT_USER\Software\Nokia]

[HKEY_CURRENT_USER\Software\Nuclear Coffee]

[HKEY_CURRENT_USER\Software\NVIDIA Corporation]

[HKEY_CURRENT_USER\Software\ODBC]

[HKEY_CURRENT_USER\Software\OJOsoft Corporation]

[HKEY_CURRENT_USER\Software\Pacestar Software]

[HKEY_CURRENT_USER\Software\ParetoLogic]

[HKEY_CURRENT_USER\Software\PeterSoft]

[HKEY_CURRENT_USER\Software\Phoenix Technologies]

[HKEY_CURRENT_USER\Software\Piriform]

[HKEY_CURRENT_USER\Software\Policies]

[HKEY_CURRENT_USER\Software\PolySoft]

[HKEY_CURRENT_USER\Software\ProgSense]

[HKEY_CURRENT_USER\Software\Python]

[HKEY_CURRENT_USER\Software\Radialpoint]

[HKEY_CURRENT_USER\Software\RealNetworks]

[HKEY_CURRENT_USER\Software\redsn0w]

[HKEY_CURRENT_USER\Software\ReducBarre]

[HKEY_CURRENT_USER\Software\Safer Networking Limited]

[HKEY_CURRENT_USER\Software\Samsung]

[HKEY_CURRENT_USER\Software\Save Tube Video]

[HKEY_CURRENT_USER\Software\SeriousBit]

[HKEY_CURRENT_USER\Software\Skype]

[HKEY_CURRENT_USER\Software\Stardock]

[HKEY_CURRENT_USER\Software\SWiSHzone.com]

[HKEY_CURRENT_USER\Software\SynergeticSoft]

[HKEY_CURRENT_USER\Software\Sysinternals]

[HKEY_CURRENT_USER\Software\Systweak]

[HKEY_CURRENT_USER\Software\TeleCharger]

[HKEY_CURRENT_USER\Software\The Silicon Realms Toolworks]

[HKEY_CURRENT_USER\Software\Torch]

[HKEY_CURRENT_USER\Software\Trolltech]

[HKEY_CURRENT_USER\Software\TuneUp]

[HKEY_CURRENT_USER\Software\UniMessenger]

[HKEY_CURRENT_USER\Software\Uninstall Plus Pers]

[HKEY_CURRENT_USER\Software\Uninstall Plus v4.1]

[HKEY_CURRENT_USER\Software\Unity]

[HKEY_CURRENT_USER\Software\VB and VBA Program Settings]

[HKEY_CURRENT_USER\Software\Video Download Capture]

[HKEY_CURRENT_USER\Software\VideoJoiner]

[HKEY_CURRENT_USER\Software\VirtualDub.org]

[HKEY_CURRENT_USER\Software\Viscomsoft]

[HKEY_CURRENT_USER\Software\VS Revo Group]

[HKEY_CURRENT_USER\Software\VSO]

[HKEY_CURRENT_USER\Software\WinRAR]

[HKEY_CURRENT_USER\Software\WinRAR SFX]

[HKEY_CURRENT_USER\Software\WiseUninstaller]

[HKEY_CURRENT_USER\Software\Yahoo]

[HKEY_CURRENT_USER\Software\Yuna Software]

[HKEY_CURRENT_USER\Software\{6E2C24BD-6185-4A60-90B6-6711D4D49B38}]

[HKEY_CURRENT_USER\Software\Classes]

[color=#A23BEC]< HKLM\Software >[/color]

[HKEY_LOCAL_MACHINE\Software\Acer]

[HKEY_LOCAL_MACHINE\Software\Adobe]

[HKEY_LOCAL_MACHINE\Software\AdwCleaner]

[HKEY_LOCAL_MACHINE\Software\Ahead]

[HKEY_LOCAL_MACHINE\Software\AMI]

[HKEY_LOCAL_MACHINE\Software\AppDataLow]

[HKEY_LOCAL_MACHINE\Software\Apple Computer, Inc.]

[HKEY_LOCAL_MACHINE\Software\Apple Inc.]

[HKEY_LOCAL_MACHINE\Software\Avg]

[HKEY_LOCAL_MACHINE\Software\AviSynth]

[HKEY_LOCAL_MACHINE\Software\BackupOptions]

[HKEY_LOCAL_MACHINE\Software\Bunndle]

[HKEY_LOCAL_MACHINE\Software\Bywifi]

[HKEY_LOCAL_MACHINE\Software\CDDB]

[HKEY_LOCAL_MACHINE\Software\Classes]

[HKEY_LOCAL_MACHINE\Software\Clients]

[HKEY_LOCAL_MACHINE\Software\cybelsoft]

[HKEY_LOCAL_MACHINE\Software\DivX]

[HKEY_LOCAL_MACHINE\Software\DivXNetworks]

[HKEY_LOCAL_MACHINE\Software\DT Soft]

[HKEY_LOCAL_MACHINE\Software\DVDVideoSoft]

[HKEY_LOCAL_MACHINE\Software\Electronic Arts]

[HKEY_LOCAL_MACHINE\Software\Elf_1]

[HKEY_LOCAL_MACHINE\Software\EPSON]

[HKEY_LOCAL_MACHINE\Software\Flowmix]

[HKEY_LOCAL_MACHINE\Software\GameSpy]

[HKEY_LOCAL_MACHINE\Software\GEAR Software]

[HKEY_LOCAL_MACHINE\Software\Google]

[HKEY_LOCAL_MACHINE\Software\GSplit]

[HKEY_LOCAL_MACHINE\Software\HaaliMkx]

[HKEY_LOCAL_MACHINE\Software\HitmanPro]

[HKEY_LOCAL_MACHINE\Software\IM Providers]

[HKEY_LOCAL_MACHINE\Software\IncrediMail]

[HKEY_LOCAL_MACHINE\Software\Industriya]

[HKEY_LOCAL_MACHINE\Software\InstallShield]

[HKEY_LOCAL_MACHINE\Software\instinno]

[HKEY_LOCAL_MACHINE\Software\Intel]

[HKEY_LOCAL_MACHINE\Software\Intel Corporation]

[HKEY_LOCAL_MACHINE\Software\InterVideo]

[HKEY_LOCAL_MACHINE\Software\IPHider]

[HKEY_LOCAL_MACHINE\Software\ISSS]

[HKEY_LOCAL_MACHINE\Software\iTinySoft]

[HKEY_LOCAL_MACHINE\Software\JavaSoft]

[HKEY_LOCAL_MACHINE\Software\Jodix]

[HKEY_LOCAL_MACHINE\Software\JreMetrics]

[HKEY_LOCAL_MACHINE\Software\K-Lite]

[HKEY_LOCAL_MACHINE\Software\Khronos]

[HKEY_LOCAL_MACHINE\Software\Lexmark]

[HKEY_LOCAL_MACHINE\Software\Licenses]

[HKEY_LOCAL_MACHINE\Software\Lidan]

[HKEY_LOCAL_MACHINE\Software\LimeRunner]

[HKEY_LOCAL_MACHINE\Software\LimeSharePro]

[HKEY_LOCAL_MACHINE\Software\LimeWireTurbo]

[HKEY_LOCAL_MACHINE\Software\Look@LAN]

[HKEY_LOCAL_MACHINE\Software\Macromedia]

[HKEY_LOCAL_MACHINE\Software\Magnet]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware]

[HKEY_LOCAL_MACHINE\Software\Malwarebytes' Anti-Malware (Trial)]

[HKEY_LOCAL_MACHINE\Software\MarkAny]

[HKEY_LOCAL_MACHINE\Software\Martin Prikryl]

[HKEY_LOCAL_MACHINE\Software\Microsoft]

[HKEY_LOCAL_MACHINE\Software\MimarSinan]

[HKEY_LOCAL_MACHINE\Software\Motive]

[HKEY_LOCAL_MACHINE\Software\Moyea]

[HKEY_LOCAL_MACHINE\Software\Mozilla]

[HKEY_LOCAL_MACHINE\Software\mozilla.org]

[HKEY_LOCAL_MACHINE\Software\MozillaPlugins]

[HKEY_LOCAL_MACHINE\Software\Nbeshine]

[HKEY_LOCAL_MACHINE\Software\NCH Swift Sound]

[HKEY_LOCAL_MACHINE\Software\Nero]

[HKEY_LOCAL_MACHINE\Software\NeroUpdate]

[HKEY_LOCAL_MACHINE\Software\Netscape]

[HKEY_LOCAL_MACHINE\Software\NFS HS Expansion Pack]

[HKEY_LOCAL_MACHINE\Software\NFS HS Mixer]

[HKEY_LOCAL_MACHINE\Software\Nokia]

[HKEY_LOCAL_MACHINE\Software\Nuclear Coffee]

[HKEY_LOCAL_MACHINE\Software\NVIDIA Corporation]

[HKEY_LOCAL_MACHINE\Software\ODBC]

[HKEY_LOCAL_MACHINE\Software\OldTimer Tools]

[HKEY_LOCAL_MACHINE\Software\Osen Kusnadi]

[HKEY_LOCAL_MACHINE\Software\Pakistan Data Management Services]

[HKEY_LOCAL_MACHINE\Software\Paretologic]

[HKEY_LOCAL_MACHINE\Software\PC Connectivity Solution]

[HKEY_LOCAL_MACHINE\Software\PCSuite]

[HKEY_LOCAL_MACHINE\Software\PCTools]

[HKEY_LOCAL_MACHINE\Software\PeterSoft]

[HKEY_LOCAL_MACHINE\Software\Photo Notifier and Animation Creator]

[HKEY_LOCAL_MACHINE\Software\Piriform]

[HKEY_LOCAL_MACHINE\Software\Policies]

[HKEY_LOCAL_MACHINE\Software\Radialpoint]

[HKEY_LOCAL_MACHINE\Software\RapidShare Manager]

[HKEY_LOCAL_MACHINE\Software\RealNetworks]

[HKEY_LOCAL_MACHINE\Software\Realtek]

[HKEY_LOCAL_MACHINE\Software\Realtek Semiconductor Corp.]

[HKEY_LOCAL_MACHINE\Software\RegisteredApplications]

[HKEY_LOCAL_MACHINE\Software\RichFX]

[HKEY_LOCAL_MACHINE\Software\S3R521]

[HKEY_LOCAL_MACHINE\Software\Safer Networking Limited]

[HKEY_LOCAL_MACHINE\Software\SAMSUNG]

[HKEY_LOCAL_MACHINE\Software\Simple Adblock]

[HKEY_LOCAL_MACHINE\Software\SimpleAdblock]

[HKEY_LOCAL_MACHINE\Software\Skype]

[HKEY_LOCAL_MACHINE\Software\SmallRockets]

[HKEY_LOCAL_MACHINE\Software\Sonic]

[HKEY_LOCAL_MACHINE\Software\Stardock]

[HKEY_LOCAL_MACHINE\Software\SynergeticSoft]

[HKEY_LOCAL_MACHINE\Software\The Silicon Realms Toolworks]

[HKEY_LOCAL_MACHINE\Software\Torch]

[HKEY_LOCAL_MACHINE\Software\TrendMicro]

[HKEY_LOCAL_MACHINE\Software\TuneUp]

[HKEY_LOCAL_MACHINE\Software\Uniblue]

[HKEY_LOCAL_MACHINE\Software\Uninstall Plus v4.1]

[HKEY_LOCAL_MACHINE\Software\Unreal]

[HKEY_LOCAL_MACHINE\Software\VDownloader]

[HKEY_LOCAL_MACHINE\Software\VideoLAN]

[HKEY_LOCAL_MACHINE\Software\Volatile]

[HKEY_LOCAL_MACHINE\Software\Windows]

[HKEY_LOCAL_MACHINE\Software\WinRAR]

[HKEY_LOCAL_MACHINE\Software\WiseConvert_B]

[HKEY_LOCAL_MACHINE\Software\Wondershare]

[HKEY_LOCAL_MACHINE\Software\WOW6432Node]

[HKEY_LOCAL_MACHINE\Software\Xing Technology Corp.]

[HKEY_LOCAL_MACHINE\Software\Yahoo]

[HKEY_LOCAL_MACHINE\Software\Yuna Software]

[HKEY_LOCAL_MACHINE\Software\ZalmanInstaller_otshot]

[HKEY_LOCAL_MACHINE\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}]

[color=#A23BEC]< %Homedrive%\* >[/color]
[2011-10-06 19:44:27 | 000,001,338 | -H-- | M] () -- C:\aaw7boot.cmd
[2006-09-18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2012-07-25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2012-06-02 10:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013-01-30 18:58:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011-02-05 19:38:27 | 000,000,010 | R-S- | M] () -- C:\config.sys
[2011-02-14 19:00:00 | 000,206,312 | R-S- | M] () -- C:\grldr
[2012-11-26 23:33:14 | 000,020,419 | ---- | M] () -- C:\INSTALLHELPER.LOG
[2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2013-06-08 10:30:21 | 3265,798,144 | -HS- | M] () -- C:\pagefile.sys
[2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[color=#A23BEC]< %Homedrive%\*. >[/color]
[2012-03-28 19:09:06 | 000,000,000 | -H-D | M] -- C:\$AVG
[2013-05-02 19:46:12 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012-03-04 21:56:42 | 000,000,000 | ---D | M] -- C:\Acer
[2013-05-15 22:59:21 | 000,000,000 | -HSD | M] -- C:\Boot
[2013-02-26 18:58:03 | 000,000,000 | ---D | M] -- C:\CAB
[2013-01-08 20:53:54 | 000,000,000 | ---D | M] -- C:\Kido
[2010-09-11 16:21:33 | 000,000,000 | ---D | M] -- C:\My Games
[2013-03-08 21:41:51 | 000,000,000 | ---D | M] -- C:\Pre_Scan
[2013-06-08 10:30:54 | 000,000,000 | R--D | M] -- C:\Program Files
[2013-06-07 22:33:28 | 000,000,000 | ---D | M] -- C:\ProgramData
[2013-01-04 20:56:55 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013-06-08 10:40:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013-04-07 13:44:11 | 000,000,000 | R--D | M] -- C:\Users
[2013-05-29 19:23:53 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %Userprofile%\* >[/color]
[2013-02-23 17:56:03 | 001,290,240 | ---- | M] () -- C:\Users\Client\!cid_1C93C6A5-809A-49E6-B022-D5B77BC5B5E3.png
[2013-05-17 16:55:25 | 002,560,594 | ---- | M] () -- C:\Users\Client\!cid_1FC22F82-5B30-43B8-A380-CA058F18C124.jpg
[2013-02-23 17:56:12 | 000,344,064 | ---- | M] () -- C:\Users\Client\!cid_3D892220-7DB0-4C23-BE5F-61C54B31AF4B.jpg
[2013-05-17 16:41:49 | 000,014,242 | ---- | M] () -- C:\Users\Client\!cid_739C9E90-B1ED-456A-98A5-66EAE4E63B4B.jpg
[2013-05-16 21:06:55 | 000,045,254 | ---- | M] () -- C:\Users\Client\1292890809_148415350_1-Pictures-of--2005-Ford-Freestar.jpg
[2013-05-05 14:17:01 | 000,028,740 | ---- | M] () -- C:\Users\Client\1292890809_148415350_4-2005-Ford-Freestar-Vehicles.jpg
[2013-02-28 18:57:29 | 000,002,240 | ---- | M] () -- C:\Users\Client\173326_100002127565566_1304893357_q.jpg
[2013-05-19 17:39:13 | 000,012,039 | ---- | M] () -- C:\Users\Client\5187a9e2e76a8bc222b917c74.jpg
[2013-03-02 15:46:31 | 000,003,076 | ---- | M] () -- C:\Users\Client\75288a_t.jpg
[2013-01-05 14:04:47 | 000,030,208 | ---- | M] () -- C:\Users\Client\Abdul Gulzar Hussain CV english.doc
[2012-06-24 11:05:34 | 000,000,183 | ---- | M] () -- C:\Users\Client\Amex,master card,td et fido.txt
[2013-06-06 17:27:06 | 000,030,720 | ---- | M] () -- C:\Users\Client\annonce $.doc
[2013-06-06 17:26:54 | 000,026,624 | ---- | M] () -- C:\Users\Client\annonce intime.doc
[2012-04-28 11:15:57 | 000,000,086 | ---- | M] () -- C:\Users\Client\ebay.txt
[2013-04-08 20:09:54 | 000,081,903 | ---- | M] () -- C:\Users\Client\face.JPG
[2012-02-14 22:05:06 | 000,252,967 | ---- | M] () -- C:\Users\Client\FidoBill-FactureFido.pdf
[2013-01-25 23:14:21 | 014,558,611 | ---- | M] () -- C:\Users\Client\iphone_guide_de_l_utilisateur.pdf
[2012-12-28 15:38:34 | 000,024,841 | ---- | M] () -- C:\Users\Client\irene.png
[2011-10-09 18:15:09 | 636,029,205 | ---- | M] () -- C:\Users\Client\Kanzul-Emaan.zip
[2013-05-14 07:36:28 | 004,935,240 | ---- | M] () -- C:\Users\Client\khalid bhai poste canada 2.jpg
[2013-05-14 07:34:43 | 004,834,521 | ---- | M] () -- C:\Users\Client\Khalid Bhai poste canada.jpg
[2013-05-26 21:24:32 | 003,047,549 | ---- | M] () -- C:\Users\Client\khalid bhai.eml
[2013-06-05 21:56:00 | 000,018,646 | ---- | M] () -- C:\Users\Client\ma photo 2007.jpg
[2010-04-20 21:24:03 | 023,071,331 | ---- | M] () -- C:\Users\Client\MadarijunNabuwat1of2.pdf
[2010-04-20 21:27:19 | 029,928,516 | ---- | M] () -- C:\Users\Client\MadarijunNabuwat2of2.pdf
[2010-07-17 16:29:31 | 098,045,996 | ---- | M] () -- C:\Users\Client\Manqbat e Imam Abu Hanifa Radhi Allahu Anhu [www.keepvid.com].wav
[2012-02-24 15:38:05 | 000,000,055 | ---- | M] () -- C:\Users\Client\master card.txt
[2010-09-20 22:06:05 | 001,094,776 | ---- | M] () -- C:\Users\Client\Mastering.Hypnosis M2Tv.pdf
[2009-12-20 22:33:20 | 020,097,456 | ---- | M] () -- C:\Users\Client\Naat Book.pdf
[2010-09-08 16:38:53 | 1642,897,258 | ---- | M] () -- C:\Users\Client\Naat Sharif.rar
[2011-10-09 18:16:17 | 020,107,707 | ---- | M] () -- C:\Users\Client\Namaz_Kay_Ahkaam.rar
[2013-05-26 13:00:17 | 000,011,002 | ---- | M] () -- C:\Users\Client\nom d'usager.rtf
[2013-06-08 10:41:26 | 015,466,496 | ---- | M] () -- C:\Users\Client\ntuser.dat
[2013-06-08 10:41:26 | 000,262,144 | -H-- | M] () -- C:\Users\Client\ntuser.dat.LOG1
[2009-11-18 17:51:42 | 000,000,000 | -H-- | M] () -- C:\Users\Client\ntuser.dat.LOG2
[2013-05-19 15:19:16 | 000,000,000 | -H-- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_new.LOG1
[2013-05-19 15:19:16 | 000,000,000 | -H-- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_new.LOG2
[2013-05-19 15:19:34 | 017,448,960 | ---- | M] () -- C:\Users\Client\NTUSER.DAT_tureg_old
[2012-06-17 12:35:49 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TM.blf
[2012-06-17 12:35:49 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TMContainer00000000000000000001.regtrans-ms
[2011-05-15 18:34:20 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{409ee163-7f06-11e0-8855-00218538ec81}.TMContainer00000000000000000002.regtrans-ms
[2013-06-08 00:16:41 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TM.blf
[2013-06-08 00:16:41 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2013-05-19 17:52:15 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{a48bc9b0-c0b8-11e2-b023-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2013-05-19 15:19:32 | 000,065,536 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TM.blf
[2013-05-19 15:19:32 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TMContainer00000000000000000001.regtrans-ms
[2012-06-17 13:14:56 | 000,524,288 | -HS- | M] () -- C:\Users\Client\ntuser.dat{f0736f69-b89b-11e1-8656-00218538ec81}.TMContainer00000000000000000002.regtrans-ms
[2009-11-18 17:51:42 | 000,000,020 | -HS- | M] () -- C:\Users\Client\ntuser.ini
[2013-03-07 19:41:00 | 000,000,664 | RHS- | M] () -- C:\Users\Client\ntuser.pol
[2013-06-03 17:22:29 | 000,028,840 | ---- | M] () -- C:\Users\Client\photo.jpg
[2013-04-06 16:27:22 | 000,000,169 | ---- | M] () -- C:\Users\Client\sonia courriel.txt
[2013-05-06 22:00:15 | 367,406,570 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E01.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-06 22:30:53 | 367,374,406 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E02.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-12 21:37:43 | 367,200,050 | ---- | M] () -- C:\Users\Client\The.Mentalist.S05E03.FRENCH.LD.HDTV.XviD-MiND.avi
[2013-05-12 21:41:52 | 367,252,094 | R--- | M] () -- C:\Users\Client\The.Mentalist.S05E04.FRENCH.LD.HDTV.XviD-MiND.avi
[2012-04-01 17:31:00 | 000,000,110 | ---- | M] () -- C:\Users\Client\VIRGINE MOBILE.txt

[color=#A23BEC]< %Userprofile%\*. >[/color]
[2013-05-11 12:04:49 | 000,000,000 | ---D | M] -- C:\Users\Client\.appwork
[2013-05-11 18:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\.config
[2013-05-25 13:42:35 | 000,000,000 | ---D | M] -- C:\Users\Client\.rs
[2013-05-11 18:37:46 | 000,000,000 | ---D | M] -- C:\Users\Client\amsn
[2010-08-18 20:59:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData
[2013-01-05 14:38:50 | 000,000,000 | ---D | M] -- C:\Users\Client\Application Data
[2012-09-21 21:04:22 | 000,000,000 | ---D | M] -- C:\Users\Client\Aslam Movie Umer Fainal
[2010-04-11 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\Bahar-e-Shariat - PDF
[2010-09-19 22:30:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Bahar-e-Shariat RAR
[2013-05-04 15:49:37 | 000,000,000 | ---D | M] -- C:\Users\Client\Chansons
[2011-04-08 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Client\condesé
[2013-01-14 09:22:11 | 000,000,000 | R--D | M] -- C:\Users\Client\Contacts
[2013-04-05 22:08:10 | 000,000,000 | ---D | M] -- C:\Users\Client\Dawat-e-Islami
[2013-06-08 10:34:48 | 000,000,000 | R--D | M] -- C:\Users\Client\Desktop
[2013-04-22 19:47:17 | 000,000,000 | R--D | M] -- C:\Users\Client\Documents
[2013-02-12 19:11:22 | 000,000,000 | ---D | M] -- C:\Users\Client\Downloads
[2010-08-28 21:52:11 | 000,000,000 | ---D | M] -- C:\Users\Client\ErosExotica
[2011-02-12 17:38:50 | 000,000,000 | ---D | M] -- C:\Users\Client\Farhan Ali Qadri
[2013-06-01 13:00:50 | 000,000,000 | R--D | M] -- C:\Users\Client\Favorites
[2013-03-06 19:07:41 | 000,000,000 | ---D | M] -- C:\Users\Client\Guldasta-e-Naat
[2013-04-22 08:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\Kama Sutra (ErosExotica)
[2010-01-31 20:53:49 | 000,000,000 | ---D | M] -- C:\Users\Client\Learn Quran RAR
[2011-06-20 21:46:24 | 000,000,000 | ---D | M] -- C:\Users\Client\Learn to read Quran Video
[2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Links
[2013-04-14 17:09:36 | 000,000,000 | ---D | M] -- C:\Users\Client\Mufti Akmal
[2013-04-29 22:54:30 | 000,000,000 | R--D | M] -- C:\Users\Client\Music
[2011-10-09 19:01:10 | 000,000,000 | ---D | M] -- C:\Users\Client\Naat Sharif
[2013-01-08 22:11:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Namaz kay ahkaam
[2011-06-20 23:17:30 | 000,000,000 | ---D | M] -- C:\Users\Client\Other Naats Video
[2013-02-21 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Client\photo gulzar
[2013-06-07 23:12:29 | 000,000,000 | R--D | M] -- C:\Users\Client\Pictures
[2013-01-31 09:39:14 | 000,000,000 | ---D | M] -- C:\Users\Client\Privé
[2011-01-29 12:26:45 | 000,000,000 | ---D | M] -- C:\Users\Client\Qari Shahid Mehmood audio
[2012-03-18 14:07:00 | 000,000,000 | ---D | M] -- C:\Users\Client\Qari Shahid Mehmood Video
[2011-08-14 14:30:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Quran Majeed
[2013-01-08 22:11:42 | 000,000,000 | ---D | M] -- C:\Users\Client\Quran_Release
[2013-05-09 08:28:37 | 000,000,000 | ---D | M] -- C:\Users\Client\Romantic.Melodies.Moonlight.Sax-VA.2007.Flac.Lossless
[2013-05-07 23:16:36 | 000,000,000 | ---D | M] -- C:\Users\Client\Romantic_Saxophone_Quintet-Dinner_Music-CD-2001-yNOT
[2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Saved Games
[2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Searches
[2013-04-20 23:00:51 | 000,000,000 | ---D | M] -- C:\Users\Client\Shared
[2013-03-13 08:21:53 | 000,000,000 | ---D | M] -- C:\Users\Client\Tracing
[2013-06-08 10:34:13 | 000,000,000 | ---D | M] -- C:\Users\Client\Téléchargement
[2013-01-08 22:11:42 | 000,000,000 | R--D | M] -- C:\Users\Client\Videos
[2013-04-06 16:08:34 | 000,000,000 | ---D | M] -- C:\Users\Client\{2af66dfd-7123-49e1-9ca5-d2d4c8bd82a2}

[color=#A23BEC]< %Allusersprofile%\* >[/color]
[2011-06-04 04:48:48 | 000,000,336 | ---- | M] () -- C:\ProgramData\31907576
[2010-05-28 23:37:00 | 000,015,086 | ---- | M] () -- C:\ProgramData\Amazon.ico
[2010-07-20 13:53:26 | 000,071,926 | ---- | M] () -- C:\ProgramData\MercadoLivre.ico
[2011-05-28 14:19:24 | 000,000,290 | R-S- | M] () -- C:\ProgramData\ntuser.pol
[2010-02-24 22:39:08 | 000,000,075 | ---- | M] () -- C:\ProgramData\nvUnsupRes.dat
[2010-05-20 12:05:56 | 000,025,214 | ---- | M] () -- C:\ProgramData\QuickStores.ico

[color=#A23BEC]< %Allusersprofile%\*. >[/color]
[2013-06-07 22:34:04 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013-04-01 23:23:30 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1(100)
[2013-05-24 23:30:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2013-01-09 19:07:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2010-02-12 19:48:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2013-01-11 21:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data
[2013-01-02 19:14:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Auto-Tracker
[2013-05-19 14:58:49 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG
[2013-01-29 14:58:01 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG January 2013 Campaign
[2013-04-10 10:20:44 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG10
[2013-01-03 21:42:30 | 000,000,000 | ---D | M] -- C:\ProgramData\B3001E420824284D0000B2FF6B472CDD
[2013-04-06 19:02:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Bell
[2013-01-18 07:43:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Common Files
[2011-06-11 14:39:49 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2012-03-05 22:35:51 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro
[2012-12-26 17:46:05 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX
[2012-11-11 22:05:13 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2011-10-10 10:34:56 | 000,000,000 | ---D | M] -- C:\ProgramData\FileCure
[2012-10-01 20:17:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2013-06-07 17:59:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Google Updater
[2011-06-04 12:24:44 | 000,000,000 | ---D | M] -- C:\ProgramData\hF01831BbOaA01831
[2013-01-30 18:55:20 | 000,000,000 | ---D | M] -- C:\ProgramData\HitmanPro
[2011-10-06 17:48:10 | 000,000,000 | ---D | M] -- C:\ProgramData\IM
[2013-02-27 18:34:32 | 000,000,000 | ---D | M] -- C:\ProgramData\IncrediMail
[2012-09-15 14:22:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2013-02-11 19:48:57 | 000,000,000 | ---D | M] -- C:\ProgramData\LimeWireTurbo
[2013-05-03 20:30:12 | 000,000,000 | ---D | M] -- C:\ProgramData\ma-config.com
[2013-06-07 23:05:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2012-12-01 19:43:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Messenger Plus!
[2013-03-08 21:41:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Messenger Plus! for Skype
[2011-06-04 11:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2013-04-27 13:57:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft
[2012-10-03 18:47:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Motive
[2012-09-29 23:42:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2011-03-26 22:02:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2011-06-04 11:04:10 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2013-04-07 13:44:01 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2013-04-07 12:18:09 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2011-04-13 12:08:59 | 000,000,000 | ---D | M] -- C:\ProgramData\oCp01829fJiOc01829
[2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2012-09-03 11:57:44 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Tools
[2013-04-14 19:21:42 | 000,000,000 | ---D | M] -- C:\ProgramData\PC1Data
[2011-10-06 17:48:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Photo Notifier and Animation Creator
[2013-04-06 16:24:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Radialpoint
[2013-03-06 19:07:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Real
[2012-01-01 11:59:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Samsung
[2013-05-12 11:49:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2013-03-10 19:01:13 | 000,000,000 | ---D | M] -- C:\ProgramData\SmallRockets
[2012-11-27 00:10:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2010-06-16 12:12:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2013-06-07 20:39:01 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2011-07-03 12:00:59 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2013-03-06 20:33:10 | 000,000,000 | ---D | M] -- C:\ProgramData\VS Revo Group
[2013-03-10 14:07:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Wincert
[2012-10-05 21:22:53 | 000,000,000 | ---D | M] -- C:\ProgramData\YouTube Downloader
[2013-03-24 14:33:38 | 000,000,000 | ---D | M] -- C:\ProgramData\YTD Video Downloader
[2012-10-05 21:22:53 | 000,000,000 | ---D | M] -- C:\ProgramData\YTD YouTube Downloader & Converter
[2011-07-02 22:35:47 | 000,000,000 | -HSD | M] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010-06-18 17:48:40 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013-03-10 14:07:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\{C296F8FF-A964-4BB7-814C-2DE7755A03C9}
[2013-05-29 17:34:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2013-01-11 21:25:05 | 000,006,530 | ---- | M] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx
[2013-05-02 22:03:09 | 000,001,356 | ---- | M] () -- C:\Users\Client\AppData\Local\d3d9caps.dat
[2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-11 16:21:14 | 000,000,093 | ---- | M] () -- C:\Users\Client\AppData\Local\DownloadLog.txt
[2013-05-04 16:18:37 | 000,108,128 | ---- | M] () -- C:\Users\Client\AppData\Local\GDIPFONTCACHEV1.DAT
[2013-06-08 00:16:31 | 003,212,780 | -H-- | M] () -- C:\Users\Client\AppData\Local\IconCache.db
[2011-06-06 05:16:26 | 000,004,096 | ---- | M] () -- C:\Users\Client\AppData\Local\keyfile3.drm
[2011-05-22 15:48:03 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3}
[2011-05-22 16:03:32 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088}

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2011-05-15 12:18:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Adobe
[2009-11-24 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ahead
[2013-04-01 23:17:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple
[2012-11-11 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple Computer
[2011-02-05 12:26:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ares
[2013-02-26 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\BitZipper
[2010-10-20 20:56:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Cooliris
[2013-06-03 22:45:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CrashDumps
[2012-05-25 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CRE
[2012-12-26 17:58:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\DDMSettings
[2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Digsby
[2012-01-01 12:01:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Downloaded Installations
[2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Download_Energy
[2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\eSupport.com
[2010-09-17 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Geckofx
[2013-05-20 14:06:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Google
[2010-06-15 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IAInterface
[2013-02-27 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IM
[2011-10-20 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Innovative Solutions
[2010-08-21 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Inspyder_Software_Inc
[2011-08-14 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IsolatedStorage
[2013-02-11 22:44:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\libimobiledevice
[2013-03-09 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macromedia
[2013-02-11 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macroplant
[2012-12-01 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Messenger_Plus_Live
[2013-03-10 16:13:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft
[2010-12-19 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Corporation
[2012-09-16 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Games
[2010-11-14 18:20:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Mozilla
[2011-09-25 14:09:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nero
[2010-02-12 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Netscape
[2011-03-26 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nokia
[2010-08-22 13:16:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Quran
[2010-01-30 17:12:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\RapidShare
[2012-11-11 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Remove_Empty_Directories
[2013-03-10 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\SmallRockets
[2013-06-08 10:41:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Temp
[2013-03-15 00:09:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Torch
[2012-06-02 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Unity
[2010-09-18 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\utd
[2012-10-21 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VDownloader
[2012-10-08 12:18:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VENEA.NET
[2009-11-19 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VirtualStore
[2013-03-06 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VS Revo Group
[2013-06-07 18:14:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live
[2013-04-06 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live Writer
[2010-09-18 23:00:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\YouTubeBatchDownloader
[2013-05-22 08:19:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9}
[2013-04-15 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{02F61704-CE1A-4D97-9306-C5707E29E546}
[2013-06-03 17:18:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1}
[2013-03-15 15:52:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05509D5C-F052-4D7B-A04B-C675BC01196E}
[2013-05-26 11:20:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1}
[2013-05-03 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0A355716-BC45-43DD-8682-F210888AE237}
[2013-03-26 07:28:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0D73277E-9D14-40CB-852D-69D0DFFF7885}
[2013-06-01 11:28:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD}
[2013-05-13 20:11:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E}
[2013-04-05 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{13846BE2-A7D9-48D2-B06A-2C97D6D267C0}
[2013-03-11 20:37:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1398B2C1-57AF-4D8E-896E-78D116DAE291}
[2013-06-06 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66}
[2013-03-23 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{166135FB-A695-4F0E-B4A9-1771522F5735}
[2013-03-10 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{176312A2-2D6E-4918-BD97-96754FD64E3B}
[2013-04-11 08:32:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{18CB25DB-4D59-44E5-80CD-B4F9AFDC9938}
[2013-03-25 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{197FF8B3-D813-436E-90E7-32F291F3FD59}
[2013-03-13 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1A4CCDAA-E864-4319-9E05-BB3BD4EEBA39}
[2013-06-07 13:22:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E}
[2013-03-12 17:20:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1D718673-71F9-4F32-94DC-CAB8113D32F6}
[2013-04-10 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1EA88370-62B4-41A7-8E6B-20F40F89A375}
[2013-04-16 17:15:20 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2068F6EE-C478-4194-ABCF-6E6552304DF2}
[2013-06-02 10:46:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C}
[2013-04-20 23:12:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{23D5E56E-84AC-4DFB-AEE0-7D168D6024D7}
[2013-05-09 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1}
[2013-04-24 22:56:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27205ABD-3FAD-4995-840A-8F29FD37EF58}
[2013-04-03 20:13:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27326D5D-9B64-446C-81E7-4E75148E97EB}
[2013-04-01 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{288DE837-F63E-4C38-AD2C-714315B198C5}
[2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05}
[2013-05-22 20:22:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE}
[2013-05-26 23:23:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE}
[2013-05-05 12:00:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F2233A3-5AE1-4946-9771-DAA594A2682A}
[2013-03-09 12:49:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F5FED16-B1B9-4CEC-B241-812404471D1A}
[2013-06-04 07:40:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703}
[2013-03-20 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{33404A28-F6E2-43D4-B346-C577458D2C05}
[2013-04-25 21:40:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34953690-5174-462E-AB49-7F0B89539C5D}
[2013-03-22 13:42:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34AF0C1E-7260-431E-8025-78759A9CFC84}
[2013-04-26 15:07:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{35885372-F855-43B6-A31B-F0CBE19432E3}
[2013-05-06 08:06:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3647DA5F-19B5-4831-8010-303CE0324383}
[2013-04-21 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3774A3A6-FC9A-4189-9E05-01DCC8328234}
[2013-04-11 20:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{379EF0C1-D27B-4817-AE44-F682B1AE9B0C}
[2013-04-10 08:27:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{386FEEAC-4BED-44E4-A0F6-EA97B8E5BBF1}
[2013-03-17 11:04:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{38A49E88-A6CF-4A33-9B51-9DB5DC2F4C7B}
[2013-03-08 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3B5C018C-BBCD-48C4-966D-C757CB7E04C2}
[2013-06-05 17:18:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D}
[2013-04-06 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3D81A400-D55F-42F7-8E2A-351F4FC428AC}
[2013-04-22 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3DB7B5CC-946C-4998-9894-02846D8DF2DC}
[2013-03-21 08:29:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3FA4D04C-73B6-4467-9449-B988E69397F1}
[2013-05-23 08:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2}
[2013-04-03 08:10:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{447F6B6A-6BE4-410F-8F70-9872CC2B2BDE}
[2013-05-11 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7}
[2013-04-17 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{494C7BAC-0469-4870-9847-21D1FB4BF907}
[2013-03-28 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4AD80222-263A-4906-B6B5-60A533F76886}
[2013-05-18 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060}
[2013-04-06 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4DA97FDA-B894-48D4-A6C6-F8139EEEE559}
[2013-05-16 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8}
[2013-05-27 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC}
[2013-04-07 11:55:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{51E4E422-777E-4594-9B8A-2EE1D7C52CEF}
[2013-03-27 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{56DFC0A5-A10D-485C-A362-642EFBAC7A55}
[2013-05-21 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF}
[2013-04-18 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A059D31-1855-4E0F-B3C9-66B1917C45D0}
[2013-04-12 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A05A412-F109-4790-8A6B-4559FD129F85}
[2013-04-02 19:49:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5CF85527-F2DB-4607-9864-67E97F231F0F}
[2013-05-13 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A}
[2013-05-06 20:08:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{615BC0B8-6EB5-4316-A94B-CF87E5601695}
[2013-04-28 12:02:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{63472693-E9EF-4AB6-B86A-681CE717E843}
[2013-03-28 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{64FBCB0E-461D-4CB6-BBF7-AA84902811BA}
[2013-05-28 07:36:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964}
[2013-06-04 07:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55}
[2013-03-21 20:31:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{689CD01E-48D6-41BA-B687-29C0CA18E375}
[2013-03-19 17:23:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{6F771EA8-7B49-4E96-8FB4-CC7E8B51B660}
[2013-04-06 11:11:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{715AF2EA-CDB1-40DE-A74B-334E92F745B8}
[2012-10-04 20:56:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{72625176-0E87-11E2-8271-B8AC6F996F26}
[2013-05-30 08:36:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505}
[2013-03-26 19:30:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{747AAEE5-2902-4B36-8723-FAB84C648630}
[2013-06-07 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70}
[2013-05-31 14:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541}
[2013-05-17 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922}
[2013-04-19 14:17:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{79F6B5A6-02A5-4419-ADC3-316D715C2F90}
[2013-03-11 08:34:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7B060B84-D44F-4A9F-9421-AF9A94A8FA58}
[2013-05-23 20:35:51 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E}
[2013-03-18 20:34:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{82C148E9-0CEE-46E5-ACE9-DC12FD1AC784}
[2013-03-18 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{84847170-87D6-4936-AEF4-AF28E9ED37C1}
[2013-04-24 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8628D768-30F6-47D7-BCF2-75FEEF103F41}
[2013-04-18 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8AF158E0-02F0-4D9A-B3F1-EC6085C7222F}
[2013-05-15 20:35:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3}
[2013-04-13 10:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E32A447-EF11-4259-A8E7-5D49F6188561}
[2013-05-02 22:14:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E8E7301-64A6-40D6-BD5B-94244196EDE2}
[2013-04-29 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8F479CB7-AD6C-47F6-B510-7D91683BE091}
[2013-04-08 08:06:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9016759D-37B6-43DA-BB28-E5EAC71A39E0}
[2013-05-29 20:33:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078}
[2013-03-29 13:49:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{93E72CAA-8FF1-4DE3-9227-710EC1816684}
[2013-05-01 08:40:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{943198E9-7EEF-4805-90DC-559A89D4A7D9}
[2013-05-25 11:05:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B}
[2013-04-14 11:35:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{99ECDFB8-B2AE-4DD1-88DD-57BF5B236F4D}
[2013-04-15 20:37:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9B0C33EC-9A0C-4A05-A074-A2D0BE88BE4C}
[2013-04-22 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9C6CAD96-289C-4CD1-9D1A-2F1F0107DC3A}
[2013-03-10 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9D2D0008-E704-4CC9-80EB-0C3AE5400206}
[2013-05-14 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787}
[2013-05-10 13:46:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338}
[2013-04-17 08:27:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A11B04CA-CAC2-4230-B87B-867F5DE8526F}
[2013-04-06 18:14:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A1CF4E20-CF1B-41C7-8BB2-EB0A0CCD10F8}
[2013-04-04 08:15:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A240A8A7-4616-41CF-88B1-43367A8DE9C5}
[2013-05-11 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522}
[2013-05-04 12:33:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A288E71C-C886-4034-BFBD-7A51174C3330}
[2013-05-30 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1}
[2013-03-17 23:06:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7C8854D-2DA9-4A59-B79C-73F8A39148B3}
[2013-06-06 20:41:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045}
[2013-03-29 18:39:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A9220EE4-6909-4D5E-B6DC-29C0305498DC}
[2013-05-03 16:38:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A936AC81-DF5D-4EC0-9F05-4408D1744D7F}
[2013-04-08 20:35:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AE747FB6-3DFC-41D4-AF15-5D562CBF8119}
[2013-06-01 11:31:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B}
[2013-03-14 08:27:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AFE3668A-19A0-41C5-AF36-BF20FB75387F}
[2013-03-30 10:41:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B2156300-C48C-4A16-9F7F-974A331936EA}
[2013-05-08 08:34:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B3FADE9B-5B77-41F4-BF38-D201F0B858B5}
[2013-03-15 14:58:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B45A3EB8-D588-48EA-9AA8-1AA33CBB29EC}
[2013-05-19 11:16:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E}
[2013-05-24 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673}
[2013-04-14 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B6AED0F5-E72C-4064-AAA2-0F48EF950BE9}
[2013-05-18 10:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7}
[2013-03-20 08:24:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7259649-8060-4BCD-B187-77EA4E3A3AC1}
[2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142}
[2013-05-29 08:30:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B}
[2013-05-16 08:37:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F}
[2013-05-21 07:30:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769}
[2013-03-11 21:12:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8EF046-FC22-4B7A-804A-EE30EF75AD63}
[2013-04-04 20:48:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C1B861E0-572A-4518-9A13-EE74349440BC}
[2013-05-12 11:48:52 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5}
[2013-03-24 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C349652D-2EF3-47F4-BC94-F2FB57F2A3D6}
[2013-03-15 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C6717879-EE85-41DC-94F0-AA348175FDDF}
[2013-04-15 08:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C74C4801-2B13-4FDC-BA93-5AF091CD7CAB}
[2013-04-20 11:09:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C9AF2682-F6CB-445E-B9D6-33952D72EDA3}
[2013-05-20 11:26:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205}
[2013-03-16 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CCD7E887-4447-448B-92AA-9C463EAC1C70}
[2013-05-15 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677}
[2013-05-12 23:50:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2}
[2013-03-29 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D15E95E2-8768-4887-A45B-3AF5EC063917}
[2013-05-07 17:17:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5251DA3-79B5-48B7-9933-0CA2FCCBEEA1}
[2013-06-07 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3}
[2013-03-29 14:43:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5FC862A-95C5-4399-9DE7-10B4056DE579}
[2013-05-09 08:39:09 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D8CA2107-2FA1-4F0D-A4FD-D3662DAAEBE2}
[2013-03-31 11:33:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAB90DF8-EF61-47DA-8299-2D38CDA09FB4}
[2013-06-04 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091}
[2013-06-02 22:49:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5}
[2013-03-30 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAE86099-7666-4142-A0A6-DC19906A4671}
[2013-05-01 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DCFFAD45-327A-43D5-8791-9E90D3E46CDB}
[2013-03-27 08:00:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DD989BC1-1AE0-46FD-BDF5-12BAFF47081D}
[2013-04-29 08:12:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DEEF9AF4-0B8B-4A8D-8F89-F2AC1365134B}
[2013-04-02 06:54:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DF6D7198-2EC2-423F-BA0F-68B8518E3516}
[2013-06-08 10:34:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F}
[2013-04-06 16:57:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E06F497A-719D-47C5-AEEF-9DCBEA73B6DD}
[2013-05-25 23:17:46 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51}
[2013-04-09 17:17:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E286396B-5447-4C84-8D27-38F88B0BF3FD}
[2013-03-14 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E43D0919-DD7E-4517-84B1-28E9606BBB9A}
[2013-04-27 23:36:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E601940B-FF76-41D4-9BCA-CC1F6C0E4F7F}
[2013-05-02 08:32:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E9B93578-230A-413F-877B-9CD71B67A96C}
[2013-05-08 20:36:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{EAC5F31F-F971-4455-89EE-5C7C0A91CDCE}
[2013-03-23 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED2E8BC5-36FA-4083-AFB0-B18C404F8FC2}
[2013-04-23 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED9007F5-7385-4C9B-8913-971B8CC84FC0}
[2013-04-27 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F3C4ACC5-AE4F-4B53-9FB7-48E6F0CA9FDD}
[2013-03-24 11:20:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F53B4753-4FB9-4E14-B8BF-3D853F059331}
[2013-03-13 08:19:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F718DC28-F9DC-41C9-81EC-769706CF0C41}
[2013-06-05 08:38:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD}
[2013-04-30 17:23:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9A025DC-0F1C-4C4B-B5FB-8C5A4EB6F891}
[2013-04-08 08:32:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9BCCAB9-9E8B-4F5C-ACDC-5DCF3C301470}
[2013-05-23 08:32:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940}
[2013-05-28 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B}

[color=#A23BEC]< %programFiles%\* >[/color]
[2012-05-23 21:20:58 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2010-12-28 19:09:57 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis.exe
[2013-01-11 21:30:09 | 000,009,059 | ---- | M] () -- C:\Program Files\hijackthis.log
[2012-03-31 11:49:38 | 000,000,308 | ---- | M] () -- C:\Program Files\Program Files.ini
[2011-06-06 05:12:38 | 000,774,144 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2013-05-03 20:19:49 | 000,001,589 | ---- | M] () -- C:\Program Files\Uninstall.ini

[color=#A23BEC]< %programFiles%\*. >[/color]
[2011-08-07 14:33:18 | 000,000,000 | ---D | M] -- C:\Program Files\AC3Filter
[2011-06-25 14:21:54 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2013-05-31 15:34:29 | 000,000,000 | ---D | M] -- C:\Program Files\AoA Audio Extractor
[2011-07-17 16:54:56 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010-07-30 14:26:23 | 000,000,000 | ---D | M] -- C:\Program Files\Auto Shutdown
[2013-01-02 19:14:54 | 000,000,000 | ---D | M] -- C:\Program Files\Auto-Tracker
[2013-05-29 17:46:45 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010-12-22 20:05:20 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2013-06-07 18:46:11 | 000,000,000 | ---D | M] -- C:\Program Files\backups
[2013-04-10 10:21:47 | 000,000,000 | ---D | M] -- C:\Program Files\Bell
[2013-02-26 20:14:36 | 000,000,000 | ---D | M] -- C:\Program Files\BitZipper
[2012-02-02 21:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2013-05-27 23:18:30 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2013-06-07 20:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2013-05-06 22:11:06 | 000,000,000 | ---D | M] -- C:\Program Files\DAP
[2010-08-22 12:52:27 | 000,000,000 | ---D | M] -- C:\Program Files\Dawat-e-Islami
[2011-03-26 18:36:22 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2012-12-26 17:46:05 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2011-09-14 22:10:44 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Program Files\eMule
[2012-04-15 16:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2012-04-15 16:12:39 | 000,000,000 | ---D | M] -- C:\Program Files\Epson Software
[2013-04-22 19:44:28 | 000,000,000 | ---D | M] -- C:\Program Files\eRightSoft
[2013-05-23 21:22:27 | 000,000,000 | ---D | M] -- C:\Program Files\Flv Audio Extractor
[2012-11-26 23:28:49 | 000,000,000 | ---D | M] -- C:\Program Files\FMS Empty Folder Remover
[2013-06-06 17:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Free Audio Extractor
[2013-04-06 18:09:46 | 000,000,000 | ---D | M] -- C:\Program Files\Free FLV Converter
[2012-10-24 18:15:05 | 000,000,000 | ---D | M] -- C:\Program Files\Free WebM to AVI Converter
[2012-11-11 22:05:06 | 000,000,000 | ---D | M] -- C:\Program Files\GameSpy Arcade
[2013-05-07 23:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012-09-25 21:13:07 | 000,000,000 | ---D | M] -- C:\Program Files\GreenTree Applications
[2012-10-08 22:10:28 | 000,000,000 | ---D | M] -- C:\Program Files\Gskstudio
[2010-09-23 08:37:06 | 000,000,000 | ---D | M] -- C:\Program Files\GSplit
[2013-04-10 10:21:15 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2013-05-15 08:44:02 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2013-06-07 22:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2013-04-01 23:23:02 | 000,000,000 | ---D | M] -- C:\Program Files\iPod(4)
[2013-06-07 22:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2013-04-01 23:23:30 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes(5)
[2013-04-26 23:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2013-04-29 23:22:53 | 000,000,000 | ---D | M] -- C:\Program Files\Kastor Free Audio Extractor
[2013-05-03 20:30:13 | 000,000,000 | ---D | M] -- C:\Program Files\ma-config.com
[2010-01-17 15:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\MajorShare
[2013-02-12 19:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Makayama Interactive
[2013-04-16 17:20:32 | 000,000,000 | ---D | M] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE
[2013-04-16 17:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011-05-15 11:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\MediaInfo
[2012-09-06 19:43:52 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger Plus!
[2012-06-17 11:43:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011-06-29 08:40:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2013-03-13 08:36:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2012-06-16 16:43:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition(12)
[2009-11-18 18:32:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2011-04-16 20:54:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2009-11-20 08:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011-04-14 07:29:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010-08-11 23:35:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2013-01-03 23:31:29 | 000,000,000 | ---D | M] -- C:\Program Files\Moyea
[2012-11-11 22:05:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010-06-24 10:06:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2011-01-29 12:03:05 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2010-09-19 20:14:32 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2011-05-15 12:17:54 | 000,000,000 | ---D | M] -- C:\Program Files\Netscape
[2013-01-15 20:33:40 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia
[2013-04-07 12:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2012-04-26 21:31:24 | 000,000,000 | ---D | M] -- C:\Program Files\OJOsoft
[2009-12-12 19:27:43 | 000,000,000 | ---D | M] -- C:\Program Files\Pakistan Data Management Services
[2012-03-17 22:35:14 | 000,000,000 | ---D | M] -- C:\Program Files\pazera-software
[2012-10-05 21:22:47 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2011-10-06 17:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\Photo Notifier and Animation Creator
[2011-05-21 11:24:38 | 000,000,000 | ---D | M] -- C:\Program Files\PicLensIE
[2013-04-01 23:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2013-05-25 13:41:06 | 000,000,000 | ---D | M] -- C:\Program Files\RapidShareManager
[2010-12-13 21:35:17 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2012-11-27 00:06:23 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006-11-02 08:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011-06-27 22:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\RM to MP3 Converter
[2012-01-01 12:00:04 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2013-03-10 14:07:06 | 000,000,000 | ---D | M] -- C:\Program Files\SavevidPlug-in
[2013-05-12 11:49:15 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2013-03-10 19:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\Small Rockets
[2013-04-27 13:57:51 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy 2
[2011-07-17 11:18:34 | 000,000,000 | ---D | M] -- C:\Program Files\SwarmPlayer
[2013-04-06 18:09:31 | 000,000,000 | ---D | M] -- C:\Program Files\Total Video Converter
[2013-06-07 20:25:58 | 000,000,000 | ---D | M] -- C:\Program Files\Trillian
[2012-10-25 18:13:09 | 000,000,000 | ---D | M] -- C:\Program Files\Ultra Video Joiner
[2013-05-11 10:34:54 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2013-02-16 13:21:57 | 000,000,000 | ---D | M] -- C:\Program Files\VDownloader
[2012-04-18 21:08:18 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2013-01-03 23:31:29 | 000,000,000 | ---D | M] -- C:\Program Files\virtual dub
[2013-03-07 21:24:44 | 000,000,000 | ---D | M] -- C:\Program Files\Visual IP Trace 2009
[2013-05-14 23:07:30 | 000,000,000 | ---D | M] -- C:\Program Files\VS Revo Group
[2009-04-11 09:23:33 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009-04-11 09:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009-04-11 09:23:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012-05-11 08:59:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2013-03-06 19:07:25 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012-04-11 17:29:57 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011-05-15 12:17:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2012-11-26 23:32:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009-04-11 09:23:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009-11-18 21:57:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2013-05-19 14:59:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2013-05-19 20:40:42 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011-10-16 12:33:20 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2013-03-24 14:33:34 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader
[2012-12-01 19:43:53 | 000,000,000 | ---D | M] -- C:\Program Files\Yuna Software

[color=#A23BEC]< %Systemroot%\Temp\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.exe /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\*.in* >[/color]
[2006-11-02 08:56:07 | 000,000,082 | -HS- | M] () -- C:\Windows\system32\desktop.ini
[2013-03-07 22:17:56 | 000,072,822 | ---- | M] () -- C:\Windows\system32\ieuinit.inf
[2003-04-01 11:58:02 | 000,005,260 | ---- | M] () -- C:\Windows\system32\OUTLPERF.INI
[2006-09-18 17:37:10 | 000,013,750 | ---- | M] () -- C:\Windows\system32\pacerprf.ini
[2010-10-17 10:59:34 | 000,000,016 | ---- | M] () -- C:\Windows\system32\PCProxyOff.ini
[2013-06-08 10:38:00 | 001,621,220 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2008-01-20 22:24:38 | 000,060,124 | ---- | M] () -- C:\Windows\system32\tcpmon.ini

[color=#A23BEC]< %systemroot%\Tasks\* >[/color]
[2013-06-08 10:33:00 | 000,001,000 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2013-06-08 10:30:27 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2013-06-08 00:16:53 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\Tasks\*. >[/color]

[color=#A23BEC]< %systemroot%\system32\Tasks\* >[/color]
[2013-02-15 23:28:22 | 000,003,598 | ---- | M] () -- C:\Windows\system32\Tasks\Escolade
[2013-06-08 10:33:00 | 000,004,106 | ---- | M] () -- C:\Windows\system32\Tasks\Google Software Updater
[2011-05-27 20:22:47 | 000,003,692 | ---- | M] () -- C:\Windows\system32\Tasks\User_Feed_Synchronization-{7DD8751E-D5CE-4C81-AE16-927C32AC4541}
[2012-04-16 05:59:31 | 000,003,692 | ---- | M] () -- C:\Windows\system32\Tasks\User_Feed_Synchronization-{A65DAA1F-E8DC-4C02-A952-4526A3EB042E}

[color=#A23BEC]< %systemroot%\system32\Tasks\*. >[/color]
[2013-03-06 19:07:49 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\Microsoft
[2012-02-02 22:03:02 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\NCH Swift Sound
[2011-05-21 11:13:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks\WPD

[color=#A23BEC]< %systemroot%\system32\drivers\*.sy* /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\config\*.exe /s >[/color]
[2013-03-06 18:48:58 | 001,004,888 | ---- | M] (Solid State Networks) -- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chrd_aih.exe
[2013-03-06 18:54:28 | 001,004,952 | ---- | M] (Solid State Networks) -- C:\Windows\system32\config\systemprofile\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
[2013-03-06 18:53:27 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\config\systemprofile\Desktop\uninstall_flash_player (1).exe
[2013-03-06 18:52:10 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\config\systemprofile\Desktop\uninstall_flash_player.exe

[color=#A23BEC]< %Systemroot%\ServiceProfiles\*.exe /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.sys >[/color]
[2006-11-02 03:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2009-04-11 09:18:18 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2006-11-02 03:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2010-06-14 10:32:54 | 000,036,608 | ---- | M] () -- C:\Windows\system32\FsUsbExDisk.Sys
[2006-11-02 03:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2006-11-02 03:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2006-11-02 03:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2006-11-02 03:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2006-11-02 03:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2006-11-02 03:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2006-11-02 03:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2006-11-02 03:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2006-11-02 03:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2006-11-02 03:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2006-11-02 03:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2006-11-02 03:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2006-11-02 03:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2013-04-08 21:36:18 | 002,049,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys

[color=#A23BEC]< %temp%\*.exe /s >[/color]
[2013-05-29 18:11:40 | 000,143,240 | ---- | M] (Ask.com) -- C:\Users\Client\AppData\Local\Temp\ApnStub.exe
[2013-05-29 18:11:40 | 003,500,712 | ---- | M] (Ask) -- C:\Users\Client\AppData\Local\Temp\ApnToolbarInstaller.exe
[9 C:\Users\Client\AppData\Local\Temp\*.tmp files -> C:\Users\Client\AppData\Local\Temp\*.tmp -> ]
[2010-11-18 12:27:32 | 000,073,216 | ---- | M] () -- C:\Users\Client\AppData\Local\Temp\nsd8F9C.tmp\lzma.exe

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2013-01-11 21:22:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Application Data\Speedbit

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2013-02-15 23:28:22 | 000,009,728 | ---- | M] () -- C:\Users\Client\AppData\Roaming\iPumper\Updater.exe
[2012-09-04 19:48:45 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
[2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_6FEFF9B68218417F98F549.exe
[2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_71D1786D8FA5ABE21D7928.exe
[2010-06-15 17:17:39 | 000,003,638 | R--- | M] () -- C:\Users\Client\AppData\Roaming\Microsoft\Installer\{C7A0891A-EAA5-4FF9-87ED-094747A0C550}\_D127D482DF711FFE93053F.exe
[2011-06-06 05:21:34 | 000,110,592 | ---- | M] () -- C:\Users\Client\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
[2012-12-19 22:14:17 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012-12-19 22:14:17 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012-12-20 08:24:38 | 039,447,008 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe
[2012-12-20 08:24:02 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Client\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe

[color=#A23BEC]< %LocalAppData%\* >[/color]
[2013-01-11 21:25:05 | 000,006,530 | ---- | M] () -- C:\Users\Client\AppData\Local\1705b07d-787f-41cb-b244-3ab25edf9e8e.crx
[2013-05-02 22:03:09 | 000,001,356 | ---- | M] () -- C:\Users\Client\AppData\Local\d3d9caps.dat
[2013-06-04 22:48:28 | 000,225,792 | ---- | M] () -- C:\Users\Client\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-09-11 16:21:14 | 000,000,093 | ---- | M] () -- C:\Users\Client\AppData\Local\DownloadLog.txt
[2013-05-04 16:18:37 | 000,108,128 | ---- | M] () -- C:\Users\Client\AppData\Local\GDIPFONTCACHEV1.DAT
[2013-06-08 00:16:31 | 003,212,780 | -H-- | M] () -- C:\Users\Client\AppData\Local\IconCache.db
[2011-06-06 05:16:26 | 000,004,096 | ---- | M] () -- C:\Users\Client\AppData\Local\keyfile3.drm
[2011-05-22 15:48:03 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{37823620-6BC6-4473-B84E-85B7C471D2C3}
[2011-05-22 16:03:32 | 000,000,000 | ---- | M] () -- C:\Users\Client\AppData\Local\{A62C36CC-53D9-41D2-9566-2298E34B2088}

[color=#A23BEC]< %LocalAppData%\*. >[/color]
[2011-05-15 12:18:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Adobe
[2009-11-24 22:10:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ahead
[2013-04-01 23:17:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple
[2012-11-11 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Apple Computer
[2011-02-05 12:26:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Ares
[2013-02-26 20:14:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\BitZipper
[2010-10-20 20:56:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Cooliris
[2013-06-03 22:45:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CrashDumps
[2012-05-25 16:26:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\CRE
[2012-12-26 17:58:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\DDMSettings
[2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Digsby
[2012-01-01 12:01:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Downloaded Installations
[2013-03-08 21:41:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Download_Energy
[2013-01-08 22:11:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\eSupport.com
[2010-09-17 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Geckofx
[2013-05-20 14:06:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Google
[2010-06-15 17:17:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IAInterface
[2013-02-27 18:36:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IM
[2011-10-20 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Innovative Solutions
[2010-08-21 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Inspyder_Software_Inc
[2011-08-14 13:42:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\IsolatedStorage
[2013-02-11 22:44:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\libimobiledevice
[2013-03-09 14:30:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macromedia
[2013-02-11 22:16:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Macroplant
[2012-12-01 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Messenger_Plus_Live
[2013-03-10 16:13:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft
[2010-12-19 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Corporation
[2012-09-16 20:41:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Microsoft Games
[2010-11-14 18:20:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Mozilla
[2011-09-25 14:09:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nero
[2010-02-12 21:24:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Netscape
[2011-03-26 21:58:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Nokia
[2010-08-22 13:16:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Quran
[2010-01-30 17:12:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\RapidShare
[2012-11-11 22:19:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Remove_Empty_Directories
[2013-03-10 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\SmallRockets
[2013-06-08 10:41:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Temp
[2013-03-15 00:09:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Torch
[2012-06-02 11:09:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Unity
[2010-09-18 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\utd
[2012-10-21 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VDownloader
[2012-10-08 12:18:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VENEA.NET
[2009-11-19 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VirtualStore
[2013-03-06 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\VS Revo Group
[2013-06-07 18:14:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live
[2013-04-06 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\Windows Live Writer
[2010-09-18 23:00:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\YouTubeBatchDownloader
[2013-05-22 08:19:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{029F3193-0DC3-4BD8-9937-DDB1BD966FA9}
[2013-04-15 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{02F61704-CE1A-4D97-9306-C5707E29E546}
[2013-06-03 17:18:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05270030-B9F6-4FD1-B236-29EC3DCB29D1}
[2013-03-15 15:52:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{05509D5C-F052-4D7B-A04B-C675BC01196E}
[2013-05-26 11:20:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{07CE8AFF-E087-4F1F-B494-1A840FCAA9C1}
[2013-05-03 16:18:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0A355716-BC45-43DD-8682-F210888AE237}
[2013-03-26 07:28:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0D73277E-9D14-40CB-852D-69D0DFFF7885}
[2013-06-01 11:28:25 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{0E39E53A-8B87-46E3-B7DE-82D6E33F74AD}
[2013-05-13 20:11:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{109A2371-7CDD-4A13-9C13-45F180B0F67E}
[2013-04-05 14:01:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{13846BE2-A7D9-48D2-B06A-2C97D6D267C0}
[2013-03-11 20:37:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1398B2C1-57AF-4D8E-896E-78D116DAE291}
[2013-06-06 08:37:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1411EBC1-5774-470A-B3DD-574C5C73BA66}
[2013-03-23 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{166135FB-A695-4F0E-B4A9-1771522F5735}
[2013-03-10 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{176312A2-2D6E-4918-BD97-96754FD64E3B}
[2013-04-11 08:32:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{18CB25DB-4D59-44E5-80CD-B4F9AFDC9938}
[2013-03-25 17:10:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{197FF8B3-D813-436E-90E7-32F291F3FD59}
[2013-03-13 20:22:30 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1A4CCDAA-E864-4319-9E05-BB3BD4EEBA39}
[2013-06-07 13:22:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1C641EEE-9989-4A78-BC16-0EB3439EEA2E}
[2013-03-12 17:20:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1D718673-71F9-4F32-94DC-CAB8113D32F6}
[2013-04-10 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{1EA88370-62B4-41A7-8E6B-20F40F89A375}
[2013-04-16 17:15:20 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2068F6EE-C478-4194-ABCF-6E6552304DF2}
[2013-06-02 10:46:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{20EF7DE6-E6AC-4F22-8891-CB95D7FE997C}
[2013-04-20 23:12:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{23D5E56E-84AC-4DFB-AEE0-7D168D6024D7}
[2013-05-09 20:41:42 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{26041AA0-49F1-45DA-9B16-8764691F42F1}
[2013-04-24 22:56:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27205ABD-3FAD-4995-840A-8F29FD37EF58}
[2013-04-03 20:13:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{27326D5D-9B64-446C-81E7-4E75148E97EB}
[2013-04-01 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{288DE837-F63E-4C38-AD2C-714315B198C5}
[2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2A94B5E9-9840-4BCB-B093-C475EEE7AB05}
[2013-05-22 20:22:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2B1A84AD-0025-45C0-B105-2429BF8029BE}
[2013-05-26 23:23:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2CEF0719-F1C9-43FC-A2E7-5CBBA815FBEE}
[2013-05-05 12:00:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F2233A3-5AE1-4946-9771-DAA594A2682A}
[2013-03-09 12:49:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2F5FED16-B1B9-4CEC-B241-812404471D1A}
[2013-06-04 07:40:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{2FB480D8-1F41-4BC7-B24C-736571F36703}
[2013-03-20 20:26:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{33404A28-F6E2-43D4-B346-C577458D2C05}
[2013-04-25 21:40:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34953690-5174-462E-AB49-7F0B89539C5D}
[2013-03-22 13:42:56 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{34AF0C1E-7260-431E-8025-78759A9CFC84}
[2013-04-26 15:07:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{35885372-F855-43B6-A31B-F0CBE19432E3}
[2013-05-06 08:06:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3647DA5F-19B5-4831-8010-303CE0324383}
[2013-04-21 11:28:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3774A3A6-FC9A-4189-9E05-01DCC8328234}
[2013-04-11 20:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{379EF0C1-D27B-4817-AE44-F682B1AE9B0C}
[2013-04-10 08:27:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{386FEEAC-4BED-44E4-A0F6-EA97B8E5BBF1}
[2013-03-17 11:04:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{38A49E88-A6CF-4A33-9B51-9DB5DC2F4C7B}
[2013-03-08 22:03:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3B5C018C-BBCD-48C4-966D-C757CB7E04C2}
[2013-06-05 17:18:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3C515AF8-CD28-4A5B-9C50-7C40D5C56F4D}
[2013-04-06 19:07:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3D81A400-D55F-42F7-8E2A-351F4FC428AC}
[2013-04-22 20:11:38 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3DB7B5CC-946C-4998-9894-02846D8DF2DC}
[2013-03-21 08:29:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{3FA4D04C-73B6-4467-9449-B988E69397F1}
[2013-05-23 08:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{43CBC34A-2FA9-41B0-BD87-7456CEDC14C2}
[2013-04-03 08:10:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{447F6B6A-6BE4-410F-8F70-9872CC2B2BDE}
[2013-05-11 23:14:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{45877C58-CBE8-47C9-969A-6BEC20D3A1E7}
[2013-04-17 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{494C7BAC-0469-4870-9847-21D1FB4BF907}
[2013-03-28 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4AD80222-263A-4906-B6B5-60A533F76886}
[2013-05-18 23:12:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4C3C9050-189D-44BD-BDC3-66C66235C060}
[2013-04-06 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{4DA97FDA-B894-48D4-A6C6-F8139EEEE559}
[2013-05-16 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{50F41DA2-5143-4828-B7FD-DA742F634AA8}
[2013-05-27 17:18:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{510D6B41-A4EB-4535-A330-95D0C6A925CC}
[2013-04-07 11:55:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{51E4E422-777E-4594-9B8A-2EE1D7C52CEF}
[2013-03-27 20:02:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{56DFC0A5-A10D-485C-A362-642EFBAC7A55}
[2013-05-21 19:33:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5839A5C9-63F5-4193-8BD9-87902644C1AF}
[2013-04-18 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A059D31-1855-4E0F-B3C9-66B1917C45D0}
[2013-04-12 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5A05A412-F109-4790-8A6B-4559FD129F85}
[2013-04-02 19:49:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5CF85527-F2DB-4607-9864-67E97F231F0F}
[2013-05-13 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{5E17D5F0-3435-4B75-BABA-9AB38FC5C55A}
[2013-05-06 20:08:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{615BC0B8-6EB5-4316-A94B-CF87E5601695}
[2013-04-28 12:02:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{63472693-E9EF-4AB6-B86A-681CE717E843}
[2013-03-28 08:25:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{64FBCB0E-461D-4CB6-BBF7-AA84902811BA}
[2013-05-28 07:36:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{652CDF72-E680-4157-9DC2-F7FEC0DB6964}
[2013-06-04 07:37:55 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{685C7735-6B40-4112-8DEF-A2D1E0C9EE55}
[2013-03-21 20:31:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{689CD01E-48D6-41BA-B687-29C0CA18E375}
[2013-03-19 17:23:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{6F771EA8-7B49-4E96-8FB4-CC7E8B51B660}
[2013-04-06 11:11:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{715AF2EA-CDB1-40DE-A74B-334E92F745B8}
[2012-10-04 20:56:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{72625176-0E87-11E2-8271-B8AC6F996F26}
[2013-05-30 08:36:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7310A2ED-42E2-4071-8DF8-B4B20C155505}
[2013-03-26 19:30:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{747AAEE5-2902-4B36-8723-FAB84C648630}
[2013-06-07 14:24:54 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{762C3D95-395E-43DD-93E3-6401CB441A70}
[2013-05-31 14:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{77DC736E-A7BB-405D-87C3-4DE683512541}
[2013-05-17 13:51:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{78B57205-7381-4624-A7C6-04C9D2DAD922}
[2013-04-19 14:17:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{79F6B5A6-02A5-4419-ADC3-316D715C2F90}
[2013-03-11 08:34:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7B060B84-D44F-4A9F-9421-AF9A94A8FA58}
[2013-05-23 20:35:51 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{7E81D688-B033-4AFA-9EDD-74BED46EFB2E}
[2013-03-18 20:34:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{82C148E9-0CEE-46E5-ACE9-DC12FD1AC784}
[2013-03-18 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{84847170-87D6-4936-AEF4-AF28E9ED37C1}
[2013-04-24 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8628D768-30F6-47D7-BCF2-75FEEF103F41}
[2013-04-18 21:00:15 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8AF158E0-02F0-4D9A-B3F1-EC6085C7222F}
[2013-05-15 20:35:19 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8C9DC780-17A2-4E92-A823-5C3E89B04EB3}
[2013-04-13 10:44:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E32A447-EF11-4259-A8E7-5D49F6188561}
[2013-05-02 22:14:14 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8E8E7301-64A6-40D6-BD5B-94244196EDE2}
[2013-04-29 20:15:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{8F479CB7-AD6C-47F6-B510-7D91683BE091}
[2013-04-08 08:06:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9016759D-37B6-43DA-BB28-E5EAC71A39E0}
[2013-05-29 20:33:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9130D8C6-2B8A-4360-8639-74E56A31A078}
[2013-03-29 13:49:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{93E72CAA-8FF1-4DE3-9227-710EC1816684}
[2013-05-01 08:40:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{943198E9-7EEF-4805-90DC-559A89D4A7D9}
[2013-05-25 11:05:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{986792D7-97A4-4A42-91F8-0BE096BD742B}
[2013-04-14 11:35:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{99ECDFB8-B2AE-4DD1-88DD-57BF5B236F4D}
[2013-04-15 20:37:23 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9B0C33EC-9A0C-4A05-A074-A2D0BE88BE4C}
[2013-04-22 08:09:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9C6CAD96-289C-4CD1-9D1A-2F1F0107DC3A}
[2013-03-10 12:15:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9D2D0008-E704-4CC9-80EB-0C3AE5400206}
[2013-05-14 17:23:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9DE46BC0-DE62-43E0-AD31-DF29A768D787}
[2013-05-10 13:46:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{9FCF311E-F107-4BE2-A572-409C4D85C338}
[2013-04-17 08:27:28 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A11B04CA-CAC2-4230-B87B-867F5DE8526F}
[2013-04-06 18:14:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A1CF4E20-CF1B-41C7-8BB2-EB0A0CCD10F8}
[2013-04-04 08:15:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A240A8A7-4616-41CF-88B1-43367A8DE9C5}
[2013-05-11 11:11:44 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A262D84A-D227-40F5-BDD6-1987E5277522}
[2013-05-04 12:33:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A288E71C-C886-4034-BFBD-7A51174C3330}
[2013-05-30 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A64F3CC8-5A97-4272-AE54-63135B6398C1}
[2013-03-17 23:06:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7C8854D-2DA9-4A59-B79C-73F8A39148B3}
[2013-06-06 20:41:21 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A7F7D865-6081-498B-AAD1-0F23F9840045}
[2013-03-29 18:39:27 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A9220EE4-6909-4D5E-B6DC-29C0305498DC}
[2013-05-03 16:38:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{A936AC81-DF5D-4EC0-9F05-4408D1744D7F}
[2013-04-08 20:35:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AE747FB6-3DFC-41D4-AF15-5D562CBF8119}
[2013-06-01 11:31:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AF385A15-1DD4-467E-B3B2-26134845FC8B}
[2013-03-14 08:27:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{AFE3668A-19A0-41C5-AF36-BF20FB75387F}
[2013-03-30 10:41:11 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B2156300-C48C-4A16-9F7F-974A331936EA}
[2013-05-08 08:34:16 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B3FADE9B-5B77-41F4-BF38-D201F0B858B5}
[2013-03-15 14:58:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B45A3EB8-D588-48EA-9AA8-1AA33CBB29EC}
[2013-05-19 11:16:59 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B492E093-4D08-417E-B498-ADAF4E08713E}
[2013-05-24 14:56:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B61D8E9E-34EA-4787-8B81-3E9A48279673}
[2013-04-14 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B6AED0F5-E72C-4064-AAA2-0F48EF950BE9}
[2013-05-18 10:29:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B71A1C9B-B853-4DD0-8E50-208257C8D2F7}
[2013-03-20 08:24:31 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7259649-8060-4BCD-B187-77EA4E3A3AC1}
[2013-05-12 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{B7CB9948-2452-42C2-9BA0-E8B0F6264142}
[2013-05-29 08:30:18 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BB95D22D-213E-4AD7-824E-C70F6B1F482B}
[2013-05-16 08:37:50 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF11AD08-A41F-49D5-A809-2D72F82B789F}
[2013-05-21 07:30:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8CF206-0776-4231-BD5F-9CED58578769}
[2013-03-11 21:12:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{BF8EF046-FC22-4B7A-804A-EE30EF75AD63}
[2013-04-04 20:48:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C1B861E0-572A-4518-9A13-EE74349440BC}
[2013-05-12 11:48:52 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C25D5D79-BDB1-44DF-92B0-C3A0741005E5}
[2013-03-24 23:25:32 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C349652D-2EF3-47F4-BC94-F2FB57F2A3D6}
[2013-03-15 13:46:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C6717879-EE85-41DC-94F0-AA348175FDDF}
[2013-04-15 08:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C74C4801-2B13-4FDC-BA93-5AF091CD7CAB}
[2013-04-20 11:09:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{C9AF2682-F6CB-445E-B9D6-33952D72EDA3}
[2013-05-20 11:26:17 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CA9F83C4-533D-4951-9B31-C2C23C409205}
[2013-03-16 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CCD7E887-4447-448B-92AA-9C463EAC1C70}
[2013-05-15 08:33:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CDC7BCDB-5983-4664-8D36-E40CAB4A6677}
[2013-05-12 23:50:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{CF20DD73-7ABD-4C49-A193-7529021FFCD2}
[2013-03-29 13:50:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D15E95E2-8768-4887-A45B-3AF5EC063917}
[2013-05-07 17:17:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5251DA3-79B5-48B7-9933-0CA2FCCBEEA1}
[2013-06-07 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D53677B0-CC43-4ACD-9CE9-43F1633615B3}
[2013-03-29 14:43:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D5FC862A-95C5-4399-9DE7-10B4056DE579}
[2013-05-09 08:39:09 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{D8CA2107-2FA1-4F0D-A4FD-D3662DAAEBE2}
[2013-03-31 11:33:10 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAB90DF8-EF61-47DA-8299-2D38CDA09FB4}
[2013-06-04 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABC914B-4FCC-4CE4-BF12-706296B84091}
[2013-06-02 22:49:39 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DABD9886-8B9E-4EF2-8CBA-A0FD5D74A7D5}
[2013-03-30 22:43:43 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DAE86099-7666-4142-A0A6-DC19906A4671}
[2013-05-01 17:15:34 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DCFFAD45-327A-43D5-8791-9E90D3E46CDB}
[2013-03-27 08:00:04 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DD989BC1-1AE0-46FD-BDF5-12BAFF47081D}
[2013-04-29 08:12:48 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DEEF9AF4-0B8B-4A8D-8F89-F2AC1365134B}
[2013-04-02 06:54:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DF6D7198-2EC2-423F-BA0F-68B8518E3516}
[2013-06-08 10:34:01 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{DFDD4458-27FE-4D5E-8BBE-3866A90D7E4F}
[2013-04-06 16:57:47 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E06F497A-719D-47C5-AEEF-9DCBEA73B6DD}
[2013-05-25 23:17:46 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E08E5FD5-2B22-4131-AFDF-CC7623CC4A51}
[2013-04-09 17:17:24 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E286396B-5447-4C84-8D27-38F88B0BF3FD}
[2013-03-14 20:29:35 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E43D0919-DD7E-4517-84B1-28E9606BBB9A}
[2013-04-27 23:36:53 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E601940B-FF76-41D4-9BCA-CC1F6C0E4F7F}
[2013-05-02 08:32:05 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{E9B93578-230A-413F-877B-9CD71B67A96C}
[2013-05-08 20:36:37 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{EAC5F31F-F971-4455-89EE-5C7C0A91CDCE}
[2013-03-23 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED2E8BC5-36FA-4083-AFB0-B18C404F8FC2}
[2013-04-23 16:28:08 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{ED9007F5-7385-4C9B-8913-971B8CC84FC0}
[2013-04-27 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F3C4ACC5-AE4F-4B53-9FB7-48E6F0CA9FDD}
[2013-03-24 11:20:12 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F53B4753-4FB9-4E14-B8BF-3D853F059331}
[2013-03-13 08:19:58 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F718DC28-F9DC-41C9-81EC-769706CF0C41}
[2013-06-05 08:38:26 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F8D61BCA-05D4-44E5-9311-6D3C66FF28DD}
[2013-04-30 17:23:02 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9A025DC-0F1C-4C4B-B5FB-8C5A4EB6F891}
[2013-04-08 08:32:40 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{F9BCCAB9-9E8B-4F5C-ACDC-5DCF3C301470}
[2013-05-23 08:32:45 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FB33CF5B-DCCB-40AC-8CA4-D6F81B839940}
[2013-05-28 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Client\AppData\Local\{FD50DE59-F0A3-41F3-8B56-5F259A17172B}

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2011-10-06 19:44:27 | 000,001,338 | -H-- | M] () -- C:\aaw7boot.cmd
[2006-09-18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2012-07-25 23:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
[2012-06-02 10:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2013-01-30 18:58:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011-02-05 19:38:27 | 000,000,010 | R-S- | M] () -- C:\config.sys
[2011-02-14 19:00:00 | 000,206,312 | R-S- | M] () -- C:\grldr
[2012-11-26 23:33:14 | 000,020,419 | ---- | M] () -- C:\INSTALLHELPER.LOG
[2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2011-01-10 21:34:12 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2013-06-08 10:30:21 | 3265,798,144 | -HS- | M] () -- C:\pagefile.sys
[2013-06-08 10:40:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 09:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012-11-13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009-04-11 09:18:46 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009-04-11 09:18:46 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008-01-20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008-01-20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 09:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 09:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013-04-04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[color=#A23BEC]< MD5 for: WINSOCK.DLL >[/color]
[2006-11-02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2006-11-02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSOCK.DLL

[color=#E56717]========== Base Services ==========[/color]
SRV - [2006-11-02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008-01-20 22:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008-01-20 22:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (BITS)
SRV - [2009-04-11 09:18:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009-04-11 09:18:24 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008-01-20 22:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012-06-01 20:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (DcomLaunch)
SRV - [2009-04-11 09:18:19 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011-03-02 11:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008-01-20 22:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009-04-11 09:18:09 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008-01-20 22:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009-04-11 09:18:48 | 000,364,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009-04-11 09:18:29 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008-01-20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008-01-20 22:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008-01-20 22:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008-01-20 22:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008-01-20 22:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009-04-11 09:18:19 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010-08-17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009-04-11 09:18:07 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008-01-20 22:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009-04-11 09:18:35 | 000,262,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2008-01-20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\svchost.exe -- (RpcSs)
SRV - [2008-01-20 22:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011-11-16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009-04-11 09:18:06 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010-09-06 12:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009-07-10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-04-11 09:18:51 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010-11-04 14:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009-04-11 09:18:48 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009-07-10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009-04-11 09:18:21 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009-04-11 09:18:15 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009-04-11 09:18:48 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009-04-11 09:18:48 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008-01-20 22:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008-01-20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009-04-11 09:18:15 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009-04-11 09:18:45 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009-04-11 09:18:06 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009-04-11 09:18:32 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009-04-11 09:18:50 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012-06-02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009-04-11 09:18:29 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009-07-11 15:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009-06-10 07:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 688 bytes -> C:\Users\Client\khalid bhai.eml:OECustomProperty
@Alternate Data Stream - 270 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8CE646EE
@Alternate Data Stream - 143 bytes -> C:\Users\Client\Desktop\~$mmaire de transaction de Bell # B69U33L4.eml:OECustomProperty

< End of report >

Publicité

Signaler le contenu de ce document

Publicité