cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 24/03/2015 19:13:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cindy\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,75 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 77,89% Memory free
5,73 Gb Paging File | 4,58 Gb Available in Paging File | 79,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,15 Gb Total Space | 49,04 Gb Free Space | 35,24% Space Free | Partition Type: NTFS
Drive E: | 7,46 Gb Total Space | 7,46 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
Drive F: | 142,94 Gb Total Space | 134,76 Gb Free Space | 94,28% Space Free | Partition Type: NTFS

Computer Name: MAISON | User Name: Cindy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Users\Cindy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe ()
PRC - C:\Genius\ioCentre\gMouseTask.exe ()
PRC - C:\Genius\ioCentre\gTaskBar.exe ()
PRC - C:\Genius\ioCentre\gKbdTask.exe ()
PRC - C:\Genius\ioCentre\gIoCentreFunMgm.exe (TODO: <Company name>)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Users\Cindy\Downloads\rarext.dll ()
MOD - C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe ()
MOD - C:\Program Files\TRENDnet\TEW-649UB\WlanDll.dll ()
MOD - C:\Genius\ioCentre\gMouseTask.exe ()
MOD - C:\Genius\ioCentre\gTaskBar.exe ()
MOD - C:\Genius\ioCentre\gKbdTask.exe ()
MOD - C:\Genius\ioCentre\gIoCentreHook.dll ()
MOD - C:\Genius\ioCentre\gfSystem.dll ()
MOD - C:\Genius\ioCentre\gfOffice.dll ()
MOD - C:\Genius\ioCentre\gfMedia.dll ()
MOD - C:\Genius\ioCentre\gfEmail.dll ()
MOD - C:\Genius\ioCentre\gfBrowser.dll ()
MOD - C:\Genius\ioCentre\gZoom.dll ()
MOD - C:\Genius\ioCentre\gTaskSwitch.dll ()
MOD - C:\Genius\ioCentre\gTabSwitch.dll ()
MOD - C:\Genius\ioCentre\gPreset.dll ()
MOD - C:\Genius\ioCentre\gKbStatus.dll ()
MOD - C:\Genius\ioCentre\gIMMgm.dll ()
MOD - C:\Genius\ioCentre\gIMHook.dll ()
MOD - C:\Genius\ioCentre\gDeskMgm.dll ()
MOD - C:\Genius\ioCentre\gAutoScroll.dll ()
MOD - C:\Genius\ioCentre\gAutoPan.dll ()
MOD - C:\Program Files\TRENDnet\TEW-649UB\WPSCtrl.dll ()
MOD - C:\Genius\ioCentre\GenXml.dll ()
MOD - C:\Genius\ioCentre\gDevMgm.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3008.0__739b31b1908c49e5\Framework.UIComponent.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3008.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3008.0__9ecdf03bb2054f94\Framework.PluginInterface.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3008.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3008.0__672b450de5a7e94a\Framework.Host.dll ()
MOD - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
MOD - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe ()
MOD - C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\fr\Framework.AppBar.resources.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - (MyOSProtect) -- C:\Program Files\PCTRunner\MyOSProtect.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (WlanWpsSvc) -- C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe ()
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (USBAAPL) -- System32\Drivers\usbaapl.sys File not found
DRV - (RTL8192su) -- system32\DRIVERS\RTL8192su.sys File not found
DRV - (RTL8187) -- system32\DRIVERS\RTL8187.sys File not found
DRV - (RT2500USB) -- system32\DRIVERS\rt73.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (a63qac7o) -- File not found
DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (pcwatch) -- C:\Windows\System32\drivers\pcwatch.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (gMouPS2) -- C:\Windows\System32\drivers\gMouPS2.sys ( Mouse Upfilter Driver )
DRV - (gHidPnp) -- C:\Windows\System32\drivers\gHidPnp.sys ()
DRV - (gMouUsb) -- C:\Windows\System32\drivers\gMouUsb.sys ()
DRV - (sfdrv01) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (RtlProt) -- C:\Windows\System32\drivers\RtlProt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (VX1000) -- C:\Windows\System32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (sfsync02) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (SNP2STD) -- C:\Windows\System32\drivers\snp2sxp.sys ()
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6C10BE0B-AA09-497E-9E7B-457ACE2BCB0C}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Cindy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/07/04 16:50:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\web@veoh.com: C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2010/12/12 22:56:37 | 000,000,000 | ---D | M]

[2014/11/27 14:40:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cindy\AppData\Roaming\mozilla\Extensions
[2009/03/14 20:23:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cindy\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2015/03/20 18:16:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/03/20 18:16:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://www.google.fr/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3242339
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - plugin: Premier utilisateur (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google\u00A0Drive = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: cbhfdchmklhpcngcgjmpdbjakdggkkjp = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp\15833.4269.518_0\
CHR - Extension: No name found = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: ddehdnnhjimbggeeenghijehnpakijod = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddehdnnhjimbggeeenghijehnpakijod\18702.9421.7597_0\
CHR - Extension: Torrent Beast = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjceekmpapinmdhfghihaeikdmbdnipm\181\
CHR - Extension: gomekmidlodglbbmalcneegieacbdmki = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12041.9650.3049_0\
CHR - Extension: Film Stack = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpcloglcoibdbkafhnmghmaeofdikpnm\209\
CHR - Extension: Favicon Changer = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijaabbaphikljkkcbgpbaljfjpflpeoo\220\
CHR - Extension: Extreme User Agent Switcher = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilmdgdmjdkojpcchfiegejaihkopkhid\120\
CHR - Extension: FB Dislike = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpekolbadenjphaaapbgdienjjpgbali\183\
CHR - Extension: No name found = C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2015/03/20 19:16:41 | 000,000,768 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\MyOSProtect.dll (MyOSCompany)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\MyOSProtect.dll (MyOSCompany)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\MyOSProtect.dll (MyOSCompany)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\MyOSProtect.dll (MyOSCompany)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\MyOSProtect.dll (MyOSCompany)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldfr-fr.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab (Java Plug-in 1.7.0_71)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldfr-fr.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECF751A8-F9C3-4A3B-9C7F-0FEEDE515AFB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F791400F-D473-4577-B42C-3D8F3CB725D3}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Cindy\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Cindy\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk C:\
O33 - MountPoints2\{2dd368de-da45-11df-8b5a-001d72b15934}\Shell - "" = AutoRun
O33 - MountPoints2\{2dd368de-da45-11df-8b5a-001d72b15934}\Shell\AutoRun\command - "" = D:\Autorun.exe
O33 - MountPoints2\{2e5e0ed6-c7c6-11df-96f6-001d72b15934}\Shell\1\Command - "" = RunDll32.exe .\SysInfo2.Dll,MyFun
O33 - MountPoints2\{2e5e0ed6-c7c6-11df-96f6-001d72b15934}\Shell\AutoRun\command - "" = RunDll32.exe .\SysInfo2.Dll,MyFun
O33 - MountPoints2\{7b44476f-c56c-11df-bbf1-001d72b15934}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL zEAbeI.Exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9858455C-0B8A-477C-A6AB-FB1E3267E8BF} - Package Orange
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{B7F251D6-02B6-427B-97E1-F7217A6D4DBA} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/03/24 19:09:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cindy\Desktop\OTL.exe
[2015/03/23 17:18:41 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\Solvusoft
[2015/03/23 17:18:36 | 000,017,840 | ---- | C] (solvusoft) -- C:\Windows\System32\roboot.exe
[2015/03/23 14:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2015/03/22 21:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2015/03/22 20:57:20 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/03/21 10:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
[2015/03/21 10:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2015/03/21 10:02:46 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\ZHP
[2015/03/21 10:02:07 | 006,876,452 | ---- | C] (Nicolas Coolman ) -- C:\Users\Cindy\Desktop\ZHPDiag2-2015.3.19.31.exe
[2015/03/21 09:49:13 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2015/03/21 09:41:15 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2015/03/21 09:35:51 | 002,064,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/03/21 09:34:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2015/03/21 09:23:45 | 000,296,960 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/03/21 09:23:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/03/21 09:20:15 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/03/21 09:20:14 | 003,604,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/03/21 09:20:14 | 003,552,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/03/21 09:15:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2015/03/21 09:02:19 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2015/03/21 08:56:14 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Local\CrashDumps
[2015/03/20 19:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2015/03/20 19:11:48 | 017,450,080 | ---- | C] (Adlice Software ) -- C:\Users\Cindy\Desktop\setup.exe
[2015/03/20 18:16:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015/03/20 18:16:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/03/20 17:34:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/03/20 15:10:25 | 000,000,000 | ---D | C] -- C:\Program Files\FB Dislike
[2015/03/20 14:44:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/03/20 14:44:43 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/03/20 14:44:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/03/20 14:44:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/03/20 14:44:43 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/03/20 14:44:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/03/20 14:44:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/03/20 14:44:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/03/20 14:44:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/03/20 14:44:41 | 001,810,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/03/20 14:44:41 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/03/20 14:44:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/03/20 14:44:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/03/20 14:39:55 | 000,000,000 | ---D | C] -- C:\Program Files\Extreme User Agent Switcher
[2015/03/20 14:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\12503653337730069757UL
[2015/03/19 18:40:51 | 000,000,000 | ---D | C] -- C:\Program Files\Film Stack
[2015/03/19 13:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Phantasmat Une Nuit Sans Fin Edition Collector
[2015/03/19 13:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasmat Une Nuit Sans Fin Edition Collector
[2015/03/19 13:31:22 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\vlc
[2015/03/19 13:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015/03/19 12:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2015/03/19 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\Eipix
[2015/03/19 12:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2015/03/19 12:33:10 | 000,000,000 | ---D | C] -- C:\Program Files\Final Cut La Grande Echappee Edition Collector
[2015/03/19 12:31:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Cut La Grande Echappee Edition Collector
[2015/03/19 12:29:32 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\ECloZion
[2015/03/19 12:17:51 | 000,000,000 | ---D | C] -- C:\Users\Cindy\AppData\Roaming\Elephant Games
[2015/03/19 11:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[31 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Users\Cindy\AppData\Local\*.tmp files -> C:\Users\Cindy\AppData\Local\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/03/24 19:17:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/03/24 19:15:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/03/24 19:07:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cindy\Desktop\OTL.exe
[2015/03/24 19:07:03 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cd9a8b671fcf50.job
[2015/03/24 19:07:02 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/03/24 19:06:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/03/24 09:54:35 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2015/03/24 09:54:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/03/24 09:54:29 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/03/24 09:54:15 | 2951,270,400 | -HS- | M] () -- C:\hiberfil.sys
[2015/03/23 18:27:55 | 000,035,064 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2015/03/23 17:26:47 | 000,000,675 | ---- | M] () -- C:\Users\Cindy\Desktop\ntuser - Raccourci.lnk
[2015/03/23 16:58:28 | 000,002,032 | ---- | M] () -- C:\Users\Cindy\AppData\Local\d3d9caps.dat
[2015/03/22 21:22:08 | 016,660,056 | ---- | M] () -- C:\Users\Cindy\Desktop\RogueKiller.exe
[2015/03/22 09:13:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/03/22 08:31:53 | 000,000,715 | ---- | M] () -- C:\Users\Cindy\Desktop\ZHPCleaner.lnk
[2015/03/22 08:10:15 | 000,727,610 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/03/22 08:10:15 | 000,639,794 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/03/22 08:10:15 | 000,148,164 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/03/22 08:10:15 | 000,121,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/03/21 13:06:03 | 000,216,064 | ---- | M] () -- C:\Users\Cindy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/03/21 10:07:04 | 001,700,864 | ---- | M] () -- C:\Users\Cindy\Desktop\ZHPCleaner-2015.3.20.132.exe
[2015/03/21 10:02:48 | 000,001,732 | ---- | M] () -- C:\Users\Cindy\Desktop\ZHPFix.lnk
[2015/03/21 10:02:48 | 000,001,609 | ---- | M] () -- C:\Users\Cindy\Desktop\ZHPDiag.lnk
[2015/03/21 10:00:24 | 006,876,452 | ---- | M] (Nicolas Coolman ) -- C:\Users\Cindy\Desktop\ZHPDiag2-2015.3.19.31.exe
[2015/03/21 09:46:21 | 000,416,704 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/03/21 09:02:32 | 000,000,902 | ---- | M] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2015/03/20 19:09:16 | 017,450,080 | ---- | M] (Adlice Software ) -- C:\Users\Cindy\Desktop\setup.exe
[2015/03/20 18:16:32 | 000,000,834 | ---- | M] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/03/20 18:16:32 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/03/20 17:39:12 | 000,000,923 | ---- | M] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015/03/20 17:39:12 | 000,000,587 | ---- | M] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2015/03/20 17:28:46 | 002,171,392 | ---- | M] () -- C:\Users\Cindy\Desktop\adwcleaner_4-112_fr_430277.exe
[2015/03/19 13:48:59 | 000,000,835 | ---- | M] () -- C:\Users\Cindy\Desktop\Films.lnk
[2015/03/19 13:30:47 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/03/19 13:08:03 | 000,000,367 | ---- | M] () -- C:\Users\Cindy\Desktop\jeux.lnk
[2015/03/19 10:58:05 | 000,030,271 | ---- | M] () -- C:\Windows\wininit.ini
[2015/03/19 10:50:30 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/03/19 10:50:30 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/02/26 03:01:43 | 003,604,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/02/26 03:01:43 | 003,552,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/02/26 01:18:25 | 002,064,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/02/24 04:23:36 | 000,246,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[31 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Users\Cindy\AppData\Local\*.tmp files -> C:\Users\Cindy\AppData\Local\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/03/24 19:15:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/03/23 17:26:47 | 000,000,675 | ---- | C] () -- C:\Users\Cindy\Desktop\ntuser - Raccourci.lnk
[2015/03/23 17:00:00 | 2951,270,400 | -HS- | C] () -- C:\hiberfil.sys
[2015/03/22 21:23:13 | 016,660,056 | ---- | C] () -- C:\Users\Cindy\Desktop\RogueKiller.exe
[2015/03/21 10:51:23 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2015/03/21 10:08:39 | 000,000,715 | ---- | C] () -- C:\Users\Cindy\Desktop\ZHPCleaner.lnk
[2015/03/21 10:08:25 | 001,700,864 | ---- | C] () -- C:\Users\Cindy\Desktop\ZHPCleaner-2015.3.20.132.exe
[2015/03/21 10:02:48 | 000,001,732 | ---- | C] () -- C:\Users\Cindy\Desktop\ZHPFix.lnk
[2015/03/21 10:02:48 | 000,001,609 | ---- | C] () -- C:\Users\Cindy\Desktop\ZHPDiag.lnk
[2015/03/21 09:02:32 | 000,000,902 | ---- | C] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2015/03/20 19:12:33 | 000,035,064 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2015/03/20 18:16:32 | 000,000,834 | ---- | C] () -- C:\Users\Cindy\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/03/20 18:16:32 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/03/20 18:16:32 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015/03/20 17:33:10 | 002,171,392 | ---- | C] () -- C:\Users\Cindy\Desktop\adwcleaner_4-112_fr_430277.exe
[2015/03/19 13:30:47 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015/03/19 13:08:09 | 000,000,367 | ---- | C] () -- C:\Users\Cindy\Desktop\jeux.lnk
[2015/03/19 11:32:29 | 000,000,835 | ---- | C] () -- C:\Users\Cindy\Desktop\Films.lnk
[2014/11/28 13:54:20 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2014/11/28 13:54:20 | 000,032,879 | ---- | C] () -- C:\ProgramData\nvModes.001
[2014/10/28 19:59:11 | 000,019,384 | ---- | C] () -- C:\Windows\System32\drivers\SPPD.sys
[2014/09/15 08:58:57 | 000,019,840 | ---- | C] () -- C:\Windows\System32\drivers\pcwatch.sys
[2014/04/30 12:11:38 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013/12/19 00:18:01 | 000,000,171 | ---- | C] () -- C:\Users\Cindy\AppData\Roaming\WB.CFG
[2011/11/16 16:16:16 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/17 14:22:52 | 000,002,032 | ---- | C] () -- C:\Users\Cindy\AppData\Local\d3d9caps.dat
[2009/04/27 18:02:24 | 000,012,312 | ---- | C] () -- C:\Users\Cindy\AppData\Roaming\UserTile.png
[2009/03/15 22:49:18 | 000,011,390 | ---- | C] () -- C:\Users\Cindy\AppData\Roaming\wklnhst.dat
[2009/03/14 15:00:23 | 000,216,064 | ---- | C] () -- C:\Users\Cindy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/18 03:02:58 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2014/10/28 14:18:49 | 000,049,778 | ---- | M] () -- C:\9d7ac390-0b42-41f6-8801-0bd45daf206f.dmp
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/05/12 11:43:59 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2015/03/24 09:54:15 | 2951,270,400 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/13 22:26:34 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2009/03/14 12:49:52 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/09/02 20:55:26 | 000,034,244 | ---- | M] () -- C:\monitorsvc.exe
[2009/03/14 12:49:52 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
[2015/03/24 09:54:14 | 3265,060,864 | -HS- | M] () -- C:\pagefile.sys
[2007/04/25 16:45:58 | 000,000,631 | ---- | M] () -- C:\PDVD.iss
[2015/03/22 09:13:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/03/24 19:15:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2008/05/12 18:08:03 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log
[2013/03/11 20:19:10 | 000,401,408 | ---- | M] () -- C:\wget.exe
[31 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2014/09/02 20:55:26 | 000,034,244 | ---- | M] () -- C:\monitorsvc.exe
[2013/03/11 20:19:10 | 000,401,408 | ---- | M] () -- C:\wget.exe
[31 C:\*.tmp files -> C:\*.tmp -> ]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2009/03/14 12:21:02 | 000,000,000 | ---D | M] -- C:\Program Files\Acer
[2006/10/10 23:26:32 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Arcade Live
[2014/06/13 21:25:29 | 000,000,000 | ---D | M] -- C:\Program Files\Acer GameZone
[2008/05/12 18:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2013/01/18 06:26:19 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2012/06/30 20:08:04 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Download Assistant
[2010/02/11 14:28:50 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2015/03/22 20:57:36 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2014/11/28 11:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/05/12 18:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Cyberlink
[2010/10/17 22:58:40 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2014/09/06 14:29:10 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2009/07/29 22:41:37 | 000,000,000 | ---D | M] -- C:\Program Files\DVDVideoSoft
[2015/03/20 14:39:55 | 000,000,000 | ---D | M] -- C:\Program Files\Extreme User Agent Switcher
[2015/03/20 15:10:25 | 000,000,000 | ---D | M] -- C:\Program Files\FB Dislike
[2009/03/14 12:17:03 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2015/03/19 18:40:51 | 000,000,000 | ---D | M] -- C:\Program Files\Film Stack
[2015/03/19 12:33:10 | 000,000,000 | ---D | M] -- C:\Program Files\Final Cut La Grande Echappee Edition Collector
[2009/10/06 22:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\Free Audio Pack
[2015/01/20 19:23:18 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2014/11/28 11:40:51 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2010/10/07 18:12:06 | 000,000,000 | ---D | M] -- C:\Program Files\icons
[2010/04/24 20:47:43 | 000,000,000 | ---D | M] -- C:\Program Files\Imikimi
[2014/11/28 11:55:33 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/03/21 09:41:56 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2014/10/29 15:42:44 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/26 20:17:49 | 000,000,000 | ---D | M] -- C:\Program Files\JRE
[2012/12/27 16:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2006/11/02 13:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/04/23 15:33:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2012/04/04 18:01:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2015/01/20 17:59:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Security Client
[2014/11/27 16:14:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/10/02 11:10:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/04/28 12:23:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/10/15 23:35:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/10/20 16:54:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft WSE
[2010/06/26 02:06:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 10:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2015/03/20 18:16:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2015/03/20 18:16:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2006/11/02 13:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/04/28 11:27:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2015/01/20 17:56:24 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2008/05/12 18:53:45 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
[2015/01/20 17:56:24 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2010/04/26 20:17:47 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2015/03/19 13:41:58 | 000,000,000 | ---D | M] -- C:\Program Files\Phantasmat Une Nuit Sans Fin Edition Collector
[2011/03/19 11:20:23 | 000,000,000 | ---D | M] -- C:\Program Files\profile
[2010/12/28 19:09:23 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2006/11/02 13:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/06/07 12:17:22 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2014/09/06 14:26:47 | 000,000,000 | ---D | M] -- C:\Program Files\TRENDnet
[2010/05/16 20:56:51 | 000,000,000 | ---D | M] -- C:\Program Files\TubeMaster++
[2006/11/02 13:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2014/09/08 10:09:30 | 000,000,000 | ---D | M] -- C:\Program Files\VDownloader
[2013/03/27 16:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\Veoh Networks
[2009/04/05 21:40:10 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/03/24 20:40:09 | 000,000,000 | ---D | M] -- C:\Program Files\VistaCodecPack
[2009/09/26 12:36:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/09/26 12:36:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/09/26 12:36:09 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2013/03/27 13:41:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012/04/13 20:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/12/12 22:56:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/03/14 12:17:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/09/26 12:36:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 11:27:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2012/12/28 08:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2014/04/30 12:11:41 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap
[2010/05/01 17:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2011/03/19 11:21:12 | 000,000,000 | ---D | M] -- C:\Program Files\YUAN
[2015/03/22 09:13:53 | 000,000,000 | ---D | M] -- C:\Program Files\ZHPDiag
[2009/10/27 23:40:48 | 000,000,000 | ---D | M] -- C:\Program Files\Zylom Games

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 03:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008/01/21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/21 03:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2007/01/12 21:30:08 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\Cyberlink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll
[2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll
[2006/11/02 10:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2008/01/21 03:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll
[2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/02/13 09:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[2011/04/12 15:53:05 | 000,890,368 | ---- | M] (Microsoft Corporation) MD5=306835D4E74E49A5D10F0FCA0B422EB1 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[2011/04/12 15:30:37 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=497A2DA8181560B3E2F8FFE0092FD1E6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[2011/04/12 17:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) MD5=574B473FACAA0E91702B86578440B525 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[2011/04/12 16:08:23 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=7062DEB220FA1CCB1B65FC40D6E7D807 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[2012/09/28 15:53:03 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=A9204E65A74AF0E801EA46F5A92C87A2 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[2014/02/06 03:43:24 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=B439D7A2127B81EC7274019D14784D75 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_961b47b06c9d0ce7\kernel32.dll
[2009/02/13 08:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[2009/02/13 08:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[2009/02/13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[2008/01/21 03:33:52 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[2012/09/28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=DC3105CC925A0D47F61B54E66AB730FC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[2014/02/06 02:56:54 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll
[2014/02/06 02:56:54 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_9587d7775386a817\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/21 03:33:36 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 03:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\System32\drivers\ntfs.sys
[2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 03:33:23 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[2013/03/03 20:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys

[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2008/01/21 03:35:18 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe
[2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2008/01/21 03:34:49 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll
[2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/21 03:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 03:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/01/21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2014/10/11 01:34:03 | 000,452,096 | ---- | M] (Microsoft Corporation) MD5=B33E73457ED6616F6CA316694267FEE3 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_90faa76f6a97633b\termsrv.dll
[2009/04/11 07:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[2008/01/21 03:33:51 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\System32\termsrv.dll
[2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_907ed7a2516ef937\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2006/11/02 10:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2012/08/21 12:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\drivers\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2008/01/21 03:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 03:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2011/12/14 03:28:29 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=022A78194E2C7106F5AF9F2BC6AC8774 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll
[2014/09/19 22:35:18 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=0247DDE7AAC890C68E88F158305461BB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_c27a6e92f8c5a0d7\wininet.dll
[2011/11/03 23:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=02F98B5C0E397AD06124D84428CF8F1A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[2013/02/02 04:30:21 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=03728C624D05C2F157BBD46F6B7F6EA0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[2011/02/22 07:21:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=047CDEFF94B63F0A4791372B47427B60 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[2014/03/07 23:20:16 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=04F7F03B4D4C3EFF8BA6E25F24063250 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_c24a5eccf8e8c76f\wininet.dll
[2012/11/14 02:33:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=0635D714351F842D43EA184E75C4A3FF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[2009/11/21 16:03:43 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=0B603B1B76FF6CA2D88B658A9ECC40E8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[2012/02/28 01:58:46 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=11A34DCA08EB2A586246F2D6C2A81D58 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[2013/02/02 04:36:46 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1284D72C04B553ED5382EA14303D66DB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[2014/08/15 15:40:13 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=15CBB5EC923B37F34039525998E080B3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_c21a1daaf90db880\wininet.dll
[2013/01/08 21:41:13 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=16C45E6881449C6330567E51C13920FA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[2013/11/14 23:38:27 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=1C0B5D8A0A0F4614F032751E418E87E1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[2012/05/17 23:35:47 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1C191A4F0960F21B5D58C8A65BAF5427 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[2011/12/14 03:57:18 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=1D94FA7C81D2FFE494AF094619BA706F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[2010/01/02 15:56:17 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=1DC5E46312CBA5C1614B3D3359DB09C5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[2014/02/23 06:40:18 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1E5DF19A5F053345430D7AF87943C47A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_c1c59031dfc873aa\wininet.dll
[2013/07/31 10:52:44 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=21A5424935A32080A58DD40F2712212C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[2014/07/24 18:27:51 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=228CC2A0F31917A9E2E4B95D86D8827B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_c232be60f8facca3\wininet.dll
[2010/02/23 16:06:06 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=24427C9C96556887A2F161800F00B2DE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[2012/08/24 08:12:40 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=2895E29EFCFC0B1BCF8AEE1A0C67913C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[2013/04/04 21:55:36 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=28B2DD8DBAEE306290A74ED03DB3768F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[2011/07/22 03:48:26 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=2C7332C222D1FE1FC57D622699A8C001 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_c1d45f5fdfbcbfee\wininet.dll
[2013/04/04 23:02:17 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=2C96B3921B4CDE10DBAED5AAD760DB67 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[2014/09/19 23:38:15 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=3252D4791357FEE6C2BAF0619C041317 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_c19e51a9dfe548ca\wininet.dll
[2011/11/04 00:07:24 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=32569DF2F9BEF05DD7D56E30590EDFD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll
[2009/03/03 05:32:59 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=3ED9859939928CA568F487AB42175A33 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll
[2012/05/17 23:19:05 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=43BAC67996D8765A5F1B3A4EA6231E21 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[2012/02/28 02:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=44465367256D1C72B58F5ABAA19E7016 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[2008/01/21 03:34:21 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[2008/02/22 06:01:41 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=482BCCBF1FCBB3378100FF97081438C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[2013/02/22 04:35:17 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=490E24D5E427DFA55B1C1182F0DB861C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[2009/05/12 23:49:30 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=4BEDA2520729640D927E09A51AB916C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22874_none_e51403c2d0f31852\wininet.dll
[2013/11/14 23:42:41 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=4CC9DF09C3D915BA0A101A11DB684F26 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[2008/02/22 05:52:21 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=4E962B645608E6EDB7D31B75921D07FA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[2013/09/22 12:27:02 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=508484580EA124FB03C41C58D4A63BE1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[2014/07/24 18:51:52 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=526014FFF6F612D9D0E86C874E7B0C36 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_c1b2f137dfd5f791\wininet.dll
[2010/09/08 07:01:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=545264F1F3AC5BD57B159EBBDC4FDC58 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[2012/06/28 23:54:19 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=54C30A4066A28F9A017E095E283B2762 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[2012/08/24 07:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=5553611E2F9EA6F613079177F1233068 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[2010/11/02 07:01:54 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=5681261BF2572F8776E1344DCB090C0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[2014/02/05 10:44:41 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=5EDAA4D8E5E762B4487813DC4053F244 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[2009/07/21 22:52:28 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=6206A2BF9741B31C258ACC51972AFCAA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll
[2014/03/08 00:02:07 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=62077F806BC59CBD5A404338D710D133 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll
[2015/02/21 18:21:58 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6293D025E82071B9424877E30B6AC1C8 -- C:\Windows\System32\wininet.dll
[2015/02/21 18:21:58 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6293D025E82071B9424877E30B6AC1C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16633_none_c1d362e1dfbda0e5\wininet.dll
[2009/01/15 05:19:13 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=65647F41CEC0C8EEC9DF5BC1168EC76C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
[2014/02/05 09:50:39 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=679EAED8E703235BA81AA2E58F4E2D16 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[2013/07/25 03:26:10 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6839F14A2507D9273BD13565DD880377 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[2013/05/16 23:28:26 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6A25377A76479A0C0BF3DB6FC42FE09A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[2009/01/16 06:00:04 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6A986C2CD30633447DAB21A4852E40D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
[2009/03/08 12:34:57 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[2010/09/08 07:25:04 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=6D4B5C39BB00A8BD98462664E73AC403 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[2009/03/03 05:40:12 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=6E115E2D3FAE5077A361A5BCE78FF170 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll
[2012/10/08 08:37:57 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6E3AC8A54A1881806BA2B58539483788 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[2013/05/29 03:51:52 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=745410A5E043E8F880C932007034F8B6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[2014/10/27 20:32:20 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=746B4DDFD053B4A363D43D077F5B3916 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_c28270e2f8be6b8f\wininet.dll
[2010/12/18 07:27:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=74BCC23D622F32DA0450D164735ACAB1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[2012/06/29 01:09:01 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=75A97A2C060E72AB49E071E08C7DD2BA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[2010/06/26 07:05:49 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=78D42E00B5AB233F34116C0EF07F1BC9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[2010/12/18 08:18:09 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7D6AACE6BF60B5A1D572E082DEC9F0F0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[2012/11/14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=7FA3A810F383588D46220967DE8B64FF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[2009/04/11 07:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[2009/03/03 05:18:09 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=88B57405AC5B2BF513069086F8963635 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll
[2012/06/02 09:25:08 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=8E87270C4704CF2951E1E7820D6C8A2B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[2010/01/02 07:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=91B8712BDC74295DA14A08F519B70D65 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[2013/07/31 10:38:25 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=99991FC7D1430A61F27B48AC3D43B028 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[2012/10/08 08:48:03 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=9CB0D2A9A77D91D9614355EE9FF00519 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[2010/05/04 07:31:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9DF755B063C647A1CAEB17F3E2FDDE1D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[2011/08/03 18:19:30 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll
[2011/07/22 02:48:19 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=AA75F065975FCE762FC9BBF5A3C08368 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20534_none_c25dfc2af8da5fb8\wininet.dll
[2011/02/22 08:18:35 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=B3A938D522F085171387FEF112AEECF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[2013/01/08 23:03:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=B49B56B64F57699A1A663D2CF7D0A56F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[2015/02/21 18:17:10 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=B617816D90817B98FF209701B2EAE555 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20747_none_c25630e8f8dfc1fc\wininet.dll
[2014/10/27 19:59:06 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=B6260FAA9ACF8AC13312C739B23BD0BE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_c1918129dfef320d\wininet.dll
[2009/03/03 05:20:12 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=BA68744F8FE1BAAC35362F18774972A3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll
[2014/08/15 15:37:03 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=BAE2B45ED648DEA784A2048BDB22F3F8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_c1aa21dfdfdc4630\wininet.dll
[2011/09/01 02:57:54 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=C0FCEE8D760C70DB6EF858BB2262288E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_c260fd08f8d7abbd\wininet.dll
[2013/10/13 10:35:38 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C36E38AD3C7FAFF0E30C4CBCB28CE7FB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[2013/02/22 04:38:00 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C5B6468422DB1C8AA36C32CBB0197E5E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[2013/09/22 11:13:22 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C8ADAA6948993D839D14524847EA5B75 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[2013/05/16 22:43:29 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=CC25EA1287613DC45D25A26037B4DBDD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[2014/05/28 17:32:59 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=CFD26829131439B71D0109F9D5345573 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll
[2009/08/27 14:29:46 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=D0DD9439DB3C927209CFFE095AA1F097 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[2010/11/02 08:12:02 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D364DEB34DB229A4C1EFB1BC68F505C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[2011/09/01 03:28:15 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=D3788D91530CFA005BD516189A4C676E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_c1d7603ddfba0bf3\wininet.dll
[2009/05/09 06:50:28 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=D78B62CC91F043CED52F23F0085E7FE2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18783_none_e47e96c1b7de7b22\wininet.dll
[2008/02/21 05:43:42 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=DAEED2799D4D19F955C3E90B22A1E91E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[2009/11/21 07:40:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DCB9E422810877D7C4115BACE54B084C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[2011/05/28 07:08:58 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DE4685DE5130039FA63DA66C0F72F787 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[2011/05/28 08:12:07 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=E1E66EB05099B9DDCA178A9A00FCFF74 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[2014/05/28 17:35:22 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=E267DC5D759E11BB895C41E7EFC1A54C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll
[2009/08/27 06:22:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=E3AB6EBE520E1898663B011D2FC0DF11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[2012/06/02 09:16:44 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=E430161A632F9A8FE512DE0CA5685559 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[2009/07/22 07:03:04 | 000,915,456 | ---- | M] (Microsoft Corporation) MD5=E48ADF567FE3EFCC2EB88A2BE5E020CB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll
[2013/05/29 02:41:08 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=EA952A5C277CABCBA69EA806146BB984 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[2010/02/23 07:39:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=EC3B3E6071E3FCD4290BFD42676EE064 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[2013/07/25 03:32:36 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=EFA69C15A411D9794131CBCF6B59EA08 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[2013/10/13 10:08:35 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=F1771715A3DC3DB14BD374F63507878D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[2010/05/04 06:59:21 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F317362AEB06140E7FB1B29331FDC038 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[2010/06/26 07:51:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=F60F99762FABCD7F4B53A4A0EBAE3505 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[2014/02/23 07:10:01 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=F68EBB98CE1CFC06EA5CCE5F78056412 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_c2455d5af8ed48bc\wininet.dll
[2008/02/22 05:52:15 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F7FF1E0D443788D6AE4CBCA593530099 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[2009/01/15 07:11:16 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=FB79A2AA5E92653B9A394FE26D799BF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
[2009/01/15 05:16:03 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=FF35D495AC08549154D1D96990513CD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 03:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[color=#A23BEC]< MD5 for: WININIT.INI >[/color]
[2015/03/19 10:58:05 | 000,030,271 | ---- | M] () MD5=B185EC04E450ECE283375A49427576CB -- C:\Windows\wininit.ini

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/21 03:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008/01/21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll
[2008/01/21 03:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr??entControlSet\Control\Session? Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\??*.sys /lockedfiles >[/color]
[2014/09/01 19:29:16 | 000,019,840 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\pcwatch.sys
[2010/10/17 22:58:13 | 000,691,696 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\system32\drivers\sptd.sys

[color=#A23BEC]< %systemroot%\System32\config\*??.sav >[/color]
[2008/01/21 04:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 04:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 04:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2009/07/03 11:07:10 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-20\desktop.ini
[2008/12/04 15:00:37 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2760852498-2543259003-1422614318-1000\desktop.ini
[2014/06/13 20:18:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I0UX1C6.URL
[2014/03/25 17:18:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I2237AX.rar
[2014/10/28 18:35:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I26JEDT.exe
[2011/06/18 20:15:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I3GYFQO.JPG
[2014/04/02 13:17:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I515ADD.NEF
[2014/03/22 20:41:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I60YPAP.rar
[2013/04/25 21:33:53 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I71Z4IB.exe
[2014/10/28 19:42:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$I98YTFD.exe
[2014/03/23 11:56:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IA11BQS.avi
[2014/03/25 17:33:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IATNLRL.htm
[2014/04/04 21:48:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IEVPKJ2.jpg
[2014/10/28 21:52:24 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IFKMJWS.exe
[2014/10/29 10:59:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IHJCVVN.avi
[2014/04/04 21:48:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IIAOLA1.jpg
[2013/04/25 21:36:41 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IK5RHTS.exe
[2014/03/25 17:33:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$ILTT4I4
[2014/04/04 21:48:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$INQVM4A.jpg
[2014/10/28 21:52:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IO5025Q.exe
[2014/10/28 21:52:19 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IQQNND4.exe
[2014/03/25 09:01:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IRRQ4LW.rar
[2015/03/23 18:28:18 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$ISO9JCV.log
[2014/10/28 21:47:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$ITLLWFY.avi
[2014/10/28 21:52:12 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$ITSZ6Q5.avi
[2014/10/28 21:52:46 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IUX0LM5.exe
[2013/10/24 12:52:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IVM82GQ.gif
[2014/04/04 21:49:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$IZ1LWSE.jpg
[2015/03/22 21:32:01 | 000,005,556 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\$RSO9JCV.log
[2009/03/14 12:22:35 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-1000\desktop.ini
[2006/10/10 23:13:27 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-760544857-3597052433-3567250934-500\desktop.ini

< End of report >

Publicité


Signaler le contenu de ce document

Publicité