cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 15/11/2015 20:35:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Admin\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,87 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 33,11% Memory free
5,96 Gb Paging File | 3,89 Gb Available in Paging File | 65,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,42 Gb Total Space | 110,71 Gb Free Space | 49,77% Space Free | Partition Type: NTFS
Drive D: | 10,47 Gb Total Space | 6,25 Gb Free Space | 59,69% Space Free | Partition Type: NTFS

Computer Name: PC-DE-ADMIN | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2015/11/15 20:16:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2015/11/15 12:34:36 | 007,004,376 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/11/15 12:34:26 | 000,174,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015/10/30 03:22:40 | 000,392,872 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/10/01 09:46:26 | 003,024,576 | ---- | M] (Index Education) -- C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe
PRC - [2015/05/05 15:27:31 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2014/05/04 12:09:40 | 001,216,512 | ---- | M] (www.IslamicFinder.org) -- C:\Program Files\Athan\Athan.exe
PRC - [2013/01/31 10:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/31 10:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/08/13 09:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 09:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/04/11 09:38:28 | 001,232,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/07/19 18:57:32 | 002,231,616 | ---- | M] () -- C:\Program Files\devolo\dlan\devolonetsvc.exe
PRC - [2010/04/16 15:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
PRC - [2009/07/20 11:28:26 | 000,059,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\LBTWiz.exe
PRC - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/19 08:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/08 15:13:08 | 000,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 8300 Series\ezprint.exe
PRC - [2007/05/08 15:10:36 | 000,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
PRC - [2007/02/08 04:52:50 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2015/11/15 12:34:44 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015/11/15 12:34:34 | 000,103,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015/11/15 12:34:34 | 000,103,888 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\log.dll
MOD - [2015/11/15 12:34:33 | 000,466,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2015/11/15 12:34:29 | 000,125,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015/11/15 12:34:29 | 000,125,512 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2012/08/10 15:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/11/21 15:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/03/08 20:08:28 | 000,282,697 | ---- | M] () -- C:\Program Files\Athan\vbp.dll
MOD - [2005/12/20 13:25:56 | 000,118,784 | ---- | M] () -- C:\Program Files\Lexmark 8300 Series\lxcjdrec.dll
MOD - [2005/06/14 16:08:28 | 000,196,608 | ---- | M] () -- C:\Program Files\Lexmark 8300 Series\iptk.dll
MOD - [2004/12/25 11:37:22 | 000,258,121 | ---- | M] () -- C:\Program Files\Athan\vbh.dll
MOD - [2004/03/20 12:49:40 | 000,229,444 | ---- | M] () -- C:\Program Files\Athan\vbq.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2015/11/15 12:34:26 | 000,174,416 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2015/11/11 09:29:05 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/10/30 03:22:54 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/10/28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/10/01 09:46:26 | 003,024,576 | ---- | M] (Index Education) [Auto | Running] -- C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe -- (MajIndexEducationService)
SRV - [2015/07/29 15:43:54 | 002,909,472 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015/07/09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/05/05 15:27:31 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/12/19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/07/19 18:57:32 | 002,231,616 | ---- | M] () [Auto | Running] -- C:\Program Files\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010/04/16 15:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009/09/24 10:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\WINDOWS\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/02/08 04:52:50 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcjcoms.exe -- (lxcj_device)
SRV - [2007/01/09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sscdmdm.sys -- (sscdmdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sscdmdfl.sys -- (sscdmdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\sscdbus.sys -- (sscdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (ialm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Admin\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0p6oyax)
DRV - [2015/11/15 12:34:46 | 000,435,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2015/11/15 12:34:46 | 000,209,432 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015/11/15 12:34:46 | 000,167,152 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswStmXP.sys -- (aswStmXP)
DRV - [2015/11/15 12:34:46 | 000,081,168 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015/11/15 12:34:46 | 000,057,888 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2015/11/15 12:34:46 | 000,055,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2015/11/15 12:34:46 | 000,049,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015/11/15 12:34:46 | 000,024,016 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2015/11/15 12:34:14 | 000,794,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2015/05/05 15:43:27 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2015/05/05 15:27:25 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2015/05/05 15:23:48 | 002,474,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTWlanU.sys -- (RtlWlanu)
DRV - [2015/05/05 15:23:48 | 002,474,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\RTWlanU.sys -- (RTL8192cu)
DRV - [2015/05/05 15:11:43 | 000,023,840 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2010/12/02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/06/10 12:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2009/10/24 12:59:18 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/06/17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 17:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009/06/17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 17:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009/06/17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/04/11 06:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/01/19 07:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/05/11 16:31:36 | 003,580,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2007/05/11 16:31:22 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/03/01 14:52:42 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2006/11/30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/28 03:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 10:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tpm.sys -- (TPM)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/11/02 00:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/06/28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:8.3.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin: C:\Program Files\Java\jre1.6.0_22\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.6.0_22\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/11/15 12:38:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{354dbb0a-71d5-4e9f-9c02-6c88b9d387ba}: C:\ProgramData\SExtension\SExtension\{354dbb0a-71d5-4e9f-9c02-6c88b9d387ba}
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/10/01 19:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2015/11/15 17:54:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\jq8lung9.default-1411916631521\extensions
[2015/11/15 17:39:46 | 000,000,000 | ---D | M] ("Flash Video Downloader - YouTube HD Download [4K]") -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\jq8lung9.default-1411916631521\extensions\artur.dubovoy@gmail.com
[2015/11/15 17:54:52 | 000,636,306 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\jq8lung9.default-1411916631521\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
[2015/11/15 17:38:23 | 000,962,762 | ---- | M] () (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\jq8lung9.default-1411916631521\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015/11/15 17:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2015/11/15 17:34:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/10/24 14:17:57 | 000,000,794 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 nwmaster.bioware.com
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_22\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_22\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E5A1E26F-0D1D-4307-868F-FBD9A374AB54} - No CLSID value found.
O4 - HKLM..\Run: [Athan] C:\Program Files\Athan\Athan.exe (www.IslamicFinder.org)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent File not found
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LXCJCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcjmon.exe] C:\Program Files\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729)" -"http://www.miniclip.com/games/sewer-run/fr/" File not found
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.com/download/vexcast.cab (VodClient Control Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{132A62C9-EC13-4884-A4C3-0827B09DF2FF}: DhcpNameServer = 89.2.0.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E58453E-2A9D-4777-93D4-AADD7AD54E55}: DhcpNameServer = 89.2.0.10
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~1\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d3569142-c094-11de-9bf7-002264bcfe1b}\Shell - "" = AutoRun
O33 - MountPoints2\{d3569142-c094-11de-9bf7-002264bcfe1b}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{d3569142-c094-11de-9bf7-002264bcfe1b}\Shell\configure\command - "" = G:\SETUP.EXE
O33 - MountPoints2\{d3569142-c094-11de-9bf7-002264bcfe1b}\Shell\install\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: pcwatch.sys - Driver
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MyOSProtect - service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: pcwatch.sys - Driver
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3911CF56-9EF2-39BA-846A-C27BD3CD0685} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework
ActiveX: {C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0} - Microsoft .NET Framework 1.1 Security Update (KB2833941)
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/11/15 20:16:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2015/11/15 17:55:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/11/15 17:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015/11/15 17:34:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/11/15 12:38:17 | 000,322,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015/11/15 12:36:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\AVAST Software
[2015/11/15 12:35:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015/11/15 12:34:56 | 000,057,888 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2015/11/15 12:34:55 | 000,167,152 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStmXP.sys
[2015/11/15 12:34:54 | 000,435,464 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015/11/15 12:34:54 | 000,209,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015/11/15 12:34:53 | 000,081,168 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015/11/15 12:34:53 | 000,049,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015/11/15 12:34:53 | 000,024,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015/11/15 12:34:52 | 000,055,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2015/11/15 12:34:51 | 000,794,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015/11/15 12:34:34 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/11/15 12:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015/11/11 22:58:54 | 002,068,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/11/11 22:45:50 | 003,606,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/11/11 22:45:49 | 003,554,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/11/11 22:36:03 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/11/11 22:36:02 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2015/11/11 09:35:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/11/11 09:35:59 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/11/11 09:35:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/11/11 09:35:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/11/11 09:35:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/11/11 09:35:58 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/11/11 09:35:57 | 001,436,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/11/11 09:35:57 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/11/11 09:35:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/11/11 09:35:56 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/11/11 09:35:56 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/11/11 09:35:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/11/11 09:35:53 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/10/21 11:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Admin\Desktop\*.tmp files -> C:\Users\Admin\Desktop\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/11/15 20:37:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/11/15 20:29:16 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/11/15 20:16:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2015/11/15 20:12:58 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/15 20:06:09 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/15 20:05:56 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/11/15 20:05:56 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/11/15 20:05:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/11/15 20:05:46 | 3085,365,248 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/15 20:04:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2015/11/15 19:35:43 | 001,732,096 | ---- | M] () -- C:\Users\Admin\Desktop\adwcleaner_5.021.exe
[2015/11/15 17:34:54 | 000,000,870 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/11/15 13:48:23 | 000,393,671 | ---- | M] () -- C:\Users\Admin\Desktop\Les cons.png
[2015/11/15 12:35:24 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/11/15 12:34:46 | 000,435,464 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2015/11/15 12:34:46 | 000,209,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2015/11/15 12:34:46 | 000,167,152 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStmXP.sys
[2015/11/15 12:34:46 | 000,081,168 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2015/11/15 12:34:46 | 000,057,888 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2015/11/15 12:34:46 | 000,055,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2015/11/15 12:34:46 | 000,049,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2015/11/15 12:34:46 | 000,024,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2015/11/15 12:34:34 | 000,322,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2015/11/15 12:34:34 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015/11/15 12:34:14 | 000,794,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2015/11/15 11:41:46 | 000,982,287 | ---- | M] () -- C:\Users\Admin\Desktop\Changer de religion.mp4
[2015/11/14 22:25:26 | 000,731,628 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/11/14 22:25:26 | 000,642,602 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/11/14 22:25:26 | 000,150,520 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/11/14 22:25:25 | 000,123,530 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/11/14 15:47:50 | 000,269,169 | ---- | M] () -- C:\Users\Admin\Desktop\Bachar le cynique.png
[2015/11/14 00:18:49 | 000,023,722 | ---- | M] () -- C:\Users\Admin\Desktop\Taha Abbès.png
[2015/11/13 14:25:21 | 000,335,762 | ---- | M] () -- C:\Users\Admin\Desktop\Cherkaw.jpg
[2015/11/12 13:24:45 | 000,407,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/11/11 09:29:05 | 000,780,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015/11/11 09:29:05 | 000,142,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2015/11/08 23:09:15 | 000,133,809 | ---- | M] () -- C:\Users\Admin\Desktop\Jasa Mariam 2.jpg
[2015/11/08 23:08:44 | 000,239,043 | ---- | M] () -- C:\Users\Admin\Desktop\Jasa Mariam 1.jpg
[2015/11/08 23:07:43 | 000,228,727 | ---- | M] () -- C:\Users\Admin\Desktop\JSA Mariam.jpg
[2015/11/08 22:23:29 | 000,021,689 | ---- | M] () -- C:\Users\Admin\Desktop\najat trabelsi.odt
[2015/11/07 14:11:21 | 000,087,552 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/11/05 21:55:04 | 000,005,213 | ---- | M] () -- C:\Users\Admin\Desktop\Rimes à tâtons.odt
[2015/11/03 15:32:51 | 000,048,796 | ---- | M] () -- C:\Users\Admin\Desktop\patron_boite_rectangulaire.jpg
[2015/11/03 15:28:50 | 000,003,478 | ---- | M] () -- C:\Users\Admin\AppData\Local\recently-used.xbel
[2015/10/31 22:25:22 | 000,041,534 | ---- | M] () -- C:\Users\Admin\Desktop\Monastir Karra3ia.jpg
[2015/10/31 19:38:21 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/10/31 19:37:41 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/10/31 19:36:55 | 001,436,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/10/31 19:36:47 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/10/31 19:36:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/10/31 19:36:44 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/10/31 19:36:39 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/10/31 19:36:35 | 000,358,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/10/31 19:36:35 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/10/31 19:36:34 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/10/31 19:36:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/10/31 19:36:29 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/10/31 19:36:26 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/10/29 19:09:45 | 000,512,243 | ---- | M] () -- C:\Users\Admin\Desktop\citation Jaziri.png
[2015/10/23 19:44:50 | 000,010,203 | ---- | M] () -- C:\Users\Admin\Desktop\Nidaa.odt
[2015/10/20 21:43:19 | 000,668,199 | ---- | M] () -- C:\Users\Admin\Desktop\capture Les fellagas.png
[2015/10/20 12:53:32 | 000,338,817 | ---- | M] () -- C:\Users\Admin\Desktop\capture sncf.png
[2015/10/19 13:32:49 | 000,382,114 | ---- | M] () -- C:\Users\Admin\Desktop\Harak Algerie Marzouk.png
[2015/10/17 15:24:27 | 002,068,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Admin\Desktop\*.tmp files -> C:\Users\Admin\Desktop\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/11/15 20:37:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/11/15 19:35:42 | 001,732,096 | ---- | C] () -- C:\Users\Admin\Desktop\adwcleaner_5.021.exe
[2015/11/15 17:34:54 | 000,000,870 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2015/11/15 17:34:47 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015/11/15 13:48:23 | 000,393,671 | ---- | C] () -- C:\Users\Admin\Desktop\Les cons.png
[2015/11/15 12:35:24 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015/11/15 11:41:45 | 000,982,287 | ---- | C] () -- C:\Users\Admin\Desktop\Changer de religion.mp4
[2015/11/14 15:47:50 | 000,269,169 | ---- | C] () -- C:\Users\Admin\Desktop\Bachar le cynique.png
[2015/11/14 00:18:49 | 000,023,722 | ---- | C] () -- C:\Users\Admin\Desktop\Taha Abbès.png
[2015/11/13 14:25:19 | 000,335,762 | ---- | C] () -- C:\Users\Admin\Desktop\Cherkaw.jpg
[2015/11/08 23:09:14 | 000,133,809 | ---- | C] () -- C:\Users\Admin\Desktop\Jasa Mariam 2.jpg
[2015/11/08 23:08:42 | 000,239,043 | ---- | C] () -- C:\Users\Admin\Desktop\Jasa Mariam 1.jpg
[2015/11/08 23:07:43 | 000,228,727 | ---- | C] () -- C:\Users\Admin\Desktop\JSA Mariam.jpg
[2015/11/08 21:51:56 | 000,021,689 | ---- | C] () -- C:\Users\Admin\Desktop\najat trabelsi.odt
[2015/11/03 15:32:29 | 000,048,796 | ---- | C] () -- C:\Users\Admin\Desktop\patron_boite_rectangulaire.jpg
[2015/11/03 15:28:50 | 000,003,478 | ---- | C] () -- C:\Users\Admin\AppData\Local\recently-used.xbel
[2015/10/31 22:25:12 | 000,041,534 | ---- | C] () -- C:\Users\Admin\Desktop\Monastir Karra3ia.jpg
[2015/10/29 19:09:45 | 000,512,243 | ---- | C] () -- C:\Users\Admin\Desktop\citation Jaziri.png
[2015/10/23 18:21:48 | 000,005,213 | ---- | C] () -- C:\Users\Admin\Desktop\Rimes à tâtons.odt
[2015/10/20 21:43:18 | 000,668,199 | ---- | C] () -- C:\Users\Admin\Desktop\capture Les fellagas.png
[2015/10/20 12:53:32 | 000,338,817 | ---- | C] () -- C:\Users\Admin\Desktop\capture sncf.png
[2015/10/19 20:40:17 | 002,856,291 | ---- | C] () -- C:\Users\Admin\Desktop\falaise 2012.JPG
[2015/10/19 13:32:49 | 000,382,114 | ---- | C] () -- C:\Users\Admin\Desktop\Harak Algerie Marzouk.png
[2015/10/18 19:39:22 | 000,010,203 | ---- | C] () -- C:\Users\Admin\Desktop\Nidaa.odt
[2015/09/03 12:54:16 | 002,862,488 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2015/05/05 15:45:19 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2015/05/05 15:23:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/05 15:20:57 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2015/05/05 15:20:39 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2015/05/05 15:20:39 | 000,087,864 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2014/09/30 07:26:34 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/09/29 19:10:04 | 000,000,065 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\WB.CFG
[2014/09/28 20:22:45 | 000,000,059 | ---- | C] () -- C:\Windows\wininit.ini
[2014/08/25 12:14:13 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2014/01/03 17:59:52 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2012/09/01 19:25:13 | 000,029,696 | -H-- | C] () -- C:\Users\Admin\photothumb.db
[2010/01/01 17:54:46 | 000,000,680 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2009/10/24 13:01:32 | 000,000,552 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d8caps.dat
[2009/10/11 14:36:06 | 003,353,800 | ---- | C] () -- C:\Users\Admin\IMGP0069.JPG
[2009/10/11 14:36:06 | 003,326,232 | ---- | C] () -- C:\Users\Admin\IMGP0075.JPG
[2009/10/11 14:36:06 | 003,153,269 | ---- | C] () -- C:\Users\Admin\IMGP0077.JPG
[2009/10/11 14:36:06 | 003,110,513 | ---- | C] () -- C:\Users\Admin\IMGP0066.JPG
[2009/10/11 14:36:06 | 003,089,230 | ---- | C] () -- C:\Users\Admin\IMGP0067.JPG
[2009/10/11 14:36:06 | 003,035,631 | ---- | C] () -- C:\Users\Admin\IMGP0071.JPG
[2009/10/11 14:36:06 | 002,984,736 | ---- | C] () -- C:\Users\Admin\IMGP0076.JPG
[2009/10/11 14:36:06 | 002,895,692 | ---- | C] () -- C:\Users\Admin\IMGP0065.JPG
[2009/10/11 14:36:06 | 002,849,383 | ---- | C] () -- C:\Users\Admin\IMGP0068.JPG
[2009/10/11 14:36:06 | 002,820,359 | ---- | C] () -- C:\Users\Admin\IMGP0070.JPG
[2009/10/03 12:41:04 | 000,087,552 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/03 12:35:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/29 01:46:08 | 011,588,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2014/05/15 17:43:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\.purple
[2014/09/30 16:52:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Audacity
[2015/11/15 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVAST Software
[2014/05/15 17:43:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\avidemux
[2010/11/20 16:43:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BitTorrent
[2015/09/03 20:17:35 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Capturino
[2015/09/03 13:09:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2014/09/30 16:52:54 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Delivery
[2015/09/03 13:09:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileZilla
[2015/09/03 19:48:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Garmin
[2010/06/12 11:15:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\gtk-2.0
[2014/05/15 17:44:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IndexEducation
[2015/09/03 12:44:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\IObit
[2009/10/24 13:39:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Leadertech
[2010/02/18 19:16:40 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\NVD
[2011/08/27 18:48:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ooVoo Details
[2009/10/05 18:37:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenOffice.org
[2011/05/22 13:44:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PhotoFiltre
[2015/09/07 15:15:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PhotoScape
[2015/09/03 12:45:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ProductData
[2014/12/03 13:56:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SampleView
[2014/05/15 17:44:50 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scribus
[2010/11/02 17:34:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client
[2010/02/18 19:13:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TP
[2014/10/01 20:32:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TuneUp Software
[2015/06/10 19:59:24 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ZHP
[2011/11/27 14:32:04 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\_dlytmp

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/04/17 02:57:26 | 000,000,000 | ---- | M] () -- C:\C_USERPART
[2015/11/15 20:05:46 | 3085,365,248 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/03 12:46:31 | 000,006,315 | ---- | M] () -- C:\Installer.log
[2010/01/26 19:05:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/26 19:05:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
[2015/11/15 20:05:44 | 3399,237,632 | -HS- | M] () -- C:\pagefile.sys
[2015/06/10 18:46:40 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2015/11/15 20:37:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2009/10/03 11:42:54 | 000,000,090 | ---- | M] () -- C:\Setup.log
[2013/03/11 20:19:10 | 000,401,408 | ---- | M] () -- C:\wget.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2013/03/11 20:19:10 | 000,401,408 | ---- | M] () -- C:\wget.exe

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/10/14 15:39:28 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2011/06/18 09:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2014/05/15 17:33:48 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2015/09/06 19:36:16 | 000,000,000 | ---D | M] -- C:\Program Files\Athan
[2015/11/15 12:33:17 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2015/07/05 20:42:08 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2015/09/07 15:06:18 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/04/17 02:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/10/24 13:04:33 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2014/05/15 17:33:51 | 000,000,000 | ---D | M] -- C:\Program Files\Delivery
[2014/05/15 17:33:51 | 000,000,000 | ---D | M] -- C:\Program Files\devolo
[2015/09/03 19:49:25 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2013/03/10 12:47:14 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive
[2006/12/06 19:35:12 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2010/12/05 17:39:50 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2015/11/15 17:57:30 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2015/08/26 15:35:46 | 000,000,000 | ---D | M] -- C:\Program Files\GUM5DA9.tmp
[2014/05/15 17:33:53 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/01/01 18:13:09 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2015/10/01 12:19:15 | 000,000,000 | ---D | M] -- C:\Program Files\Index Education
[2015/09/04 13:05:22 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2015/11/12 13:20:05 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2015/09/08 07:24:36 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2014/05/10 09:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2012/11/22 20:27:10 | 000,000,000 | ---D | M] -- C:\Program Files\Jeux.fr
[2009/10/03 16:52:15 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 8300 Series
[2010/11/20 16:53:07 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2010/10/06 16:51:12 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2015/11/11 21:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\Lx_cats
[2013/04/04 12:30:57 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2009/12/11 12:26:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/11/02 13:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/02/03 15:32:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2013/04/04 12:35:28 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2013/04/04 12:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2013/04/04 12:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2013/04/04 12:36:30 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2015/08/27 12:01:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2013/04/04 12:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2013/03/10 18:43:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mindscape
[2010/09/01 18:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2015/11/15 17:34:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2015/11/15 17:34:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2013/04/04 12:37:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2015/05/05 15:44:05 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2013/05/11 23:07:59 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2014/05/15 17:34:01 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2015/09/07 15:14:26 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoScape
[2010/06/12 11:19:35 | 000,000,000 | ---D | M] -- C:\Program Files\Pidgin
[2015/05/05 15:22:27 | 000,000,000 | ---D | M] -- C:\Program Files\REALTEK
[2006/11/02 13:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/01/21 18:13:26 | 000,000,000 | ---D | M] -- C:\Program Files\Scribus 1.4.0
[2009/10/03 11:42:28 | 000,000,000 | ---D | M] -- C:\Program Files\Securitoo
[2015/08/26 15:52:21 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/01/26 19:13:50 | 000,000,000 | ---D | M] -- C:\Program Files\STOREX-Aivx370
[2007/04/17 02:58:15 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/11/02 22:27:24 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2009/10/03 11:45:14 | 000,000,000 | ---D | M] -- C:\Program Files\Wanadoo
[2009/10/23 17:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/10/23 17:57:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/10/23 17:57:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012/04/12 12:15:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2015/06/11 10:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/12/06 19:35:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/10/23 17:57:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 12:03:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2015/11/15 12:34:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2012/11/22 20:28:55 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2015/07/05 20:34:42 | 000,000,000 | ---D | M] -- C:\Program Files\ZHPDiag

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/04/17 02:37:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007/04/17 02:37:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007/04/17 02:37:44 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\drivers\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/10/03 22:44:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/10/03 22:44:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/10/03 22:44:52 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\WINDOWS\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/19 08:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006/11/02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\WINDOWS\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008/01/19 06:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\WINDOWS\System32\drivers\beep.sys
[2008/01/19 06:49:10 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006/11/02 09:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/10/03 22:43:00 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/10/03 22:42:59 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/10/03 22:42:59 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/10/03 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009/10/03 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/10/03 22:42:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\WINDOWS\System32\hidserv.dll
[2009/04/11 07:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\WINDOWS\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll
[2006/11/02 10:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\WINDOWS\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2008/01/19 08:34:33 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\WINDOWS\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[2006/11/02 10:46:05 | 000,115,200 | ---- | M] (Microsoft Corporation) MD5=EE12864398F1C3BF5BEE91F6AF9842E1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
[2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\System32\imm32.dll
[2009/04/11 07:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/10/03 22:25:01 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[2006/11/02 10:46:05 | 000,874,496 | ---- | M] (Microsoft Corporation) MD5=1E36AE445E4DA83B82D51FEB2D4F8772 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
[2011/04/12 15:53:05 | 000,890,368 | ---- | M] (Microsoft Corporation) MD5=306835D4E74E49A5D10F0FCA0B422EB1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[2011/04/12 15:30:37 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=497A2DA8181560B3E2F8FFE0092FD1E6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[2011/04/12 17:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) MD5=574B473FACAA0E91702B86578440B525 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[2014/02/06 02:56:54 | 000,894,464 | ---- | M] (Microsoft Corporation) MD5=695DB97B018FB06F693F37108322AA1E -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_9587d7775386a817\kernel32.dll
[2015/05/08 23:51:41 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=700178867665441A00AB3215B5450C7A -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23688_none_95df6f4c6cc92ab5\kernel32.dll
[2011/04/12 16:08:23 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=7062DEB220FA1CCB1B65FC40D6E7D807 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[2012/09/28 15:53:03 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=A9204E65A74AF0E801EA46F5A92C87A2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[2014/02/06 03:43:24 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=B439D7A2127B81EC7274019D14784D75 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_961b47b06c9d0ce7\kernel32.dll
[2009/10/03 22:25:02 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[2009/10/03 22:25:02 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[2009/04/11 07:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[2009/10/03 22:25:01 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[2008/01/19 08:34:36 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[2012/09/28 17:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=DC3105CC925A0D47F61B54E66AB730FC -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[2015/05/09 00:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\System32\kernel32.dll
[2015/05/09 00:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19381_none_954eccaf53b1df3c\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2006/11/02 10:46:10 | 000,227,328 | ---- | M] (Microsoft Corporation) MD5=54E9576169A248AD62A1EB9773225826 -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
[2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\WINDOWS\System32\mswsock.dll
[2009/04/11 07:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/19 08:35:15 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2015/10/10 16:38:52 | 000,526,272 | ---- | M] (Microsoft Corporation) MD5=0F1F3E5E29927C8054A8A21EE78F9EF6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.23822_none_aa23976a326169bd\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006/11/02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008/01/19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2015/10/10 17:02:40 | 000,526,272 | ---- | M] (Microsoft Corporation) MD5=DEC4B200C459FA929B0A764E79904B79 -- C:\WINDOWS\System32\drivers\ndis.sys
[2015/10/10 17:02:40 | 000,526,272 | ---- | M] (Microsoft Corporation) MD5=DEC4B200C459FA929B0A764E79904B79 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.19512_none_a9a4c6bf193bb3b4\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2006/11/02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2009/10/03 22:44:54 | 001,060,920 | ---- | M] (Microsoft Corporation) MD5=2620822A21B76375F5FD6E0986407CD1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
[2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\WINDOWS\System32\drivers\ntfs.sys
[2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys
[2009/10/03 23:00:39 | 001,060,920 | ---- | M] (Microsoft Corporation) MD5=37430AA7A66D7A63407ADC2C0D05E9F6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16615_none_a4851c9d1fc8a346\ntfs.sys
[2006/11/02 10:51:47 | 001,056,360 | ---- | M] (Microsoft Corporation) MD5=3F379380A4A2637F559444E338CF1B51 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
[2009/04/11 07:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/19 08:43:40 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[2009/10/03 22:44:54 | 001,061,432 | ---- | M] (Microsoft Corporation) MD5=B5BE45B1F554DF9E1976CBC855365E60 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
[2013/03/03 20:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys
[2009/10/03 23:00:39 | 001,061,944 | ---- | M] (Microsoft Corporation) MD5=F08824715CA6076F5E73E005AB83B9C8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20740_none_a4e9483239031830\ntfs.sys

[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2006/11/02 13:35:06 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=957CC0F372BB5D79C477363952276859 -- C:\WINDOWS\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6000.16386_none_0c076ff411279f33\ntmssvc.dll
[2008/01/19 08:35:58 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\WINDOWS\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\drivers\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\WINDOWS\System32\proquota.exe
[2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2008/01/19 08:36:13 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\WINDOWS\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2006/11/02 10:46:12 | 000,749,568 | ---- | M] (Microsoft Corporation) MD5=733FB484A06B9D6A44DD9CA1D3BE937B -- C:\WINDOWS\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
[2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\WINDOWS\System32\qmgr.dll
[2009/04/11 07:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\WINDOWS\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[2009/10/03 21:36:05 | 000,750,080 | ---- | M] (Microsoft Corporation) MD5=DA551697E34D2B9943C8B1C8EAFFE89A -- C:\WINDOWS\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[2009/10/03 21:36:05 | 000,750,080 | ---- | M] (Microsoft Corporation) MD5=F1148566FA5173A4FD48AF8E8BC09401 -- C:\WINDOWS\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 07:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/19 08:33:32 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\WINDOWS\System32\spoolsv.exe
[2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2006/11/02 10:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) MD5=DA612EF2556776DF2630B68BF2D48935 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
[2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2006/11/02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\System32\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2014/10/11 01:34:03 | 000,452,096 | ---- | M] (Microsoft Corporation) MD5=B33E73457ED6616F6CA316694267FEE3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_90faa76f6a97633b\termsrv.dll
[2009/04/11 07:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\WINDOWS\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[2008/01/19 08:36:39 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\WINDOWS\System32\termsrv.dll
[2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\WINDOWS\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_907ed7a2516ef937\termsrv.dll
[2006/11/02 10:46:13 | 000,427,520 | ---- | M] (Microsoft Corporation) MD5=FAD71C1E8E4047B154E899AE31EB8CAA -- C:\WINDOWS\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2006/11/02 10:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2009/10/03 22:44:51 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=327639D2EC931B057F3826A51ADC73E9 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.20709_none_146318401803edb5\volsnap.sys
[2012/08/21 12:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\System32\drivers\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2009/10/03 22:44:51 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_f47b2c78\volsnap.sys
[2009/10/03 22:44:51 | 000,211,000 | ---- | M] (Microsoft Corporation) MD5=80DC0C9BCB579ED9815001A4D37CBFD5 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6000.16586_none_137ff950ff29e447\volsnap.sys
[2008/01/19 08:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/19 08:42:48 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2011/12/14 03:28:29 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=022A78194E2C7106F5AF9F2BC6AC8774 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20546_none_c2552cd2f8e0ae57\wininet.dll
[2014/09/19 22:35:18 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=0247DDE7AAC890C68E88F158305461BB -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_c27a6e92f8c5a0d7\wininet.dll
[2011/11/03 23:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=02F98B5C0E397AD06124D84428CF8F1A -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16440_none_c1c58e4bdfc87683\wininet.dll
[2013/02/02 04:30:21 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=03728C624D05C2F157BBD46F6B7F6EA0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[2011/02/22 07:21:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=047CDEFF94B63F0A4791372B47427B60 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[2014/03/07 23:20:16 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=04F7F03B4D4C3EFF8BA6E25F24063250 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_c24a5eccf8e8c76f\wininet.dll
[2012/11/14 02:33:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=0635D714351F842D43EA184E75C4A3FF -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[2009/11/21 16:03:43 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=0B603B1B76FF6CA2D88B658A9ECC40E8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[2015/09/11 08:16:09 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=0ED0C46A3407B6BA8774603D9327A389 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16708_none_c1f8d5fddfa0c8ec\wininet.dll
[2012/02/28 01:58:46 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=11A34DCA08EB2A586246F2D6C2A81D58 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[2013/02/02 04:36:46 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1284D72C04B553ED5382EA14303D66DB -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[2015/07/22 21:46:19 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=152110AF82E06FF13C325EB99236B271 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16684_none_c19e538fdfe545f1\wininet.dll
[2014/08/15 15:40:13 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=15CBB5EC923B37F34039525998E080B3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_c21a1daaf90db880\wininet.dll
[2013/01/08 21:41:13 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=16C45E6881449C6330567E51C13920FA -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[2015/03/09 23:57:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=19B481D70FBC176AE5D3E91347B0128F -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16636_none_c1d663bfdfbaecea\wininet.dll
[2013/11/14 23:38:27 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=1C0B5D8A0A0F4614F032751E418E87E1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[2012/05/17 23:35:47 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1C191A4F0960F21B5D58C8A65BAF5427 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[2011/12/14 03:57:18 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=1D94FA7C81D2FFE494AF094619BA706F -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[2010/01/02 15:56:17 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=1DC5E46312CBA5C1614B3D3359DB09C5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[2014/02/23 06:40:18 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=1E5DF19A5F053345430D7AF87943C47A -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_c1c59031dfc873aa\wininet.dll
[2006/11/02 10:46:14 | 000,822,272 | ---- | M] (Microsoft Corporation) MD5=214A456AADCC7DD1B36E2287BA71A9CA -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
[2013/07/31 10:52:44 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=21A5424935A32080A58DD40F2712212C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[2014/07/24 18:27:51 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=228CC2A0F31917A9E2E4B95D86D8827B -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_c232be60f8facca3\wininet.dll
[2010/02/23 16:06:06 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=24427C9C96556887A2F161800F00B2DE -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[2012/08/24 08:12:40 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=2895E29EFCFC0B1BCF8AEE1A0C67913C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[2013/04/04 21:55:36 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=28B2DD8DBAEE306290A74ED03DB3768F -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[2015/10/31 19:36:50 | 001,088,512 | ---- | M] (Microsoft Corporation) MD5=29F1DB11ACFD4FF1920C3F50929181AC -- C:\WINDOWS\System32\wininet.dll
[2015/10/31 19:36:50 | 001,088,512 | ---- | M] (Microsoft Corporation) MD5=29F1DB11ACFD4FF1920C3F50929181AC -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16717_none_c1ed05c7dfa9cb86\wininet.dll
[2009/08/27 15:02:34 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=2BD22AA29893876347BA1BE62487748A -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll
[2011/07/22 03:48:26 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=2C7332C222D1FE1FC57D622699A8C001 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16434_none_c1d45f5fdfbcbfee\wininet.dll
[2013/04/04 23:02:17 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=2C96B3921B4CDE10DBAED5AAD760DB67 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[2014/09/19 23:38:15 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=3252D4791357FEE6C2BAF0619C041317 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_c19e51a9dfe548ca\wininet.dll
[2011/11/04 00:07:24 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=32569DF2F9BEF05DD7D56E30590EDFD9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20544_none_c2532c3ef8e27ba9\wininet.dll
[2009/10/03 22:21:18 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=387B0601FCA64AF5117C321E46C4C4E2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[2009/10/03 22:21:18 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=408A0A6E83333F98D564D95CDBB6D3C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[2012/05/17 23:19:05 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=43BAC67996D8765A5F1B3A4EA6231E21 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[2012/02/28 02:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) MD5=44465367256D1C72B58F5ABAA19E7016 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[2008/01/19 08:36:55 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[2013/02/22 04:35:17 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=490E24D5E427DFA55B1C1182F0DB861C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[2013/11/14 23:42:41 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=4CC9DF09C3D915BA0A101A11DB684F26 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[2013/09/22 12:27:02 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=508484580EA124FB03C41C58D4A63BE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[2014/07/24 18:51:52 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=526014FFF6F612D9D0E86C874E7B0C36 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_c1b2f137dfd5f791\wininet.dll
[2010/09/08 07:01:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=545264F1F3AC5BD57B159EBBDC4FDC58 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[2012/06/28 23:54:19 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=54C30A4066A28F9A017E095E283B2762 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[2012/08/24 07:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=5553611E2F9EA6F613079177F1233068 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[2010/11/02 07:01:54 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=5681261BF2572F8776E1344DCB090C0B -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[2009/08/27 13:56:34 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=5E382486BCCCF4C50A810E2DF18C8CDB -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll
[2014/02/05 10:44:41 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=5EDAA4D8E5E762B4487813DC4053F244 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[2009/08/27 14:32:41 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=604E16194F1E60084B948ACAE8334E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll
[2015/08/17 18:12:06 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=605FFF8DF63D05DB523E635A14DDB43C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16696_none_c1958437dfeb9490\wininet.dll
[2014/06/07 00:02:16 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=61D9AD9E55D7A1E10C0EF701ADE1C486 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_c1b0f0a3dfd7c4e3\wininet.dll
[2014/03/08 00:02:07 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=62077F806BC59CBD5A404338D710D133 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll
[2015/02/21 18:21:58 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6293D025E82071B9424877E30B6AC1C8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16633_none_c1d362e1dfbda0e5\wininet.dll
[2015/05/31 00:49:49 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6788C8BBFD00EA99D6DA2AB5EA4F9A2C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16659_none_c1c3c4c5dfc870d1\wininet.dll
[2014/02/05 09:50:39 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=679EAED8E703235BA81AA2E58F4E2D16 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[2013/07/25 03:26:10 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6839F14A2507D9273BD13565DD880377 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[2013/05/16 23:28:26 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6A25377A76479A0C0BF3DB6FC42FE09A -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[2009/03/08 12:34:57 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[2010/09/08 07:25:04 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=6D4B5C39BB00A8BD98462664E73AC403 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[2012/10/08 08:37:57 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6E3AC8A54A1881806BA2B58539483788 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[2013/05/29 03:51:52 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=745410A5E043E8F880C932007034F8B6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[2014/10/27 20:32:20 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=746B4DDFD053B4A363D43D077F5B3916 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_c28270e2f8be6b8f\wininet.dll
[2010/12/18 07:27:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=74BCC23D622F32DA0450D164735ACAB1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[2012/06/29 01:09:01 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=75A97A2C060E72AB49E071E08C7DD2BA -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[2015/10/31 19:34:40 | 001,089,536 | ---- | M] (Microsoft Corporation) MD5=769152274779B40B1D6D1763992A6E0E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20832_none_c25c0148f8dc247f\wininet.dll
[2014/11/24 22:34:25 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=771EE57063F9F6798DC2E52DC0042912 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_c274a018f8c93b7b\wininet.dll
[2010/06/26 07:05:49 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=78D42E00B5AB233F34116C0EF07F1BC9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[2015/01/14 02:42:51 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=79E75447CCEB8522756FCD1EA1B858FF -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16609_none_c1f9d461df9fe51c\wininet.dll
[2015/09/11 08:17:43 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=7B6F72A543118733D028A3387C8ACAE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20823_none_c267d17ef8d321e5\wininet.dll
[2010/12/18 08:18:09 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7D6AACE6BF60B5A1D572E082DEC9F0F0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[2012/11/14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=7FA3A810F383588D46220967DE8B64FF -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[2009/10/03 22:21:16 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=7FCA93009963EE8A7AF1740661412F1E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[2015/08/17 18:13:22 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=827E5900805499AF36B06FE35D7494F3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20811_none_c270a0d6f8ccd346\wininet.dll
[2009/04/11 07:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[2009/10/03 22:21:32 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=87D84C48693EB949350FA938D63512D8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[2015/01/14 03:34:23 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=8C1A011CB32B2A254B3DE9138DF10C47 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20725_none_c269d02cf8d1576c\wininet.dll
[2012/06/02 09:25:08 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=8E87270C4704CF2951E1E7820D6C8A2B -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[2010/01/02 07:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=91B8712BDC74295DA14A08F519B70D65 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[2013/07/31 10:38:25 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=99991FC7D1430A61F27B48AC3D43B028 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[2012/10/08 08:48:03 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=9CB0D2A9A77D91D9614355EE9FF00519 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[2010/05/04 07:31:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9DF755B063C647A1CAEB17F3E2FDDE1D -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[2015/05/31 00:56:17 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=A04528F5740D17A8AAB95FAE38BFD82D -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20774_none_c232c046f8fac9ca\wininet.dll
[2011/05/11 18:08:47 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=A1236375B74EA63C75657D564890C436 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16421_none_c1dc2e6ddfb757f8\wininet.dll
[2014/11/24 21:35:25 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=AA680F0065A505118BDD9181BCE7C83D -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll
[2011/07/22 02:48:19 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=AA75F065975FCE762FC9BBF5A3C08368 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20534_none_c25dfc2af8da5fb8\wininet.dll
[2011/02/22 08:18:35 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=B3A938D522F085171387FEF112AEECF5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[2013/01/08 23:03:20 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=B49B56B64F57699A1A663D2CF7D0A56F -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[2015/02/21 18:17:10 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=B617816D90817B98FF209701B2EAE555 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20747_none_c25630e8f8dfc1fc\wininet.dll
[2014/10/27 19:59:06 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=B6260FAA9ACF8AC13312C739B23BD0BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_c1918129dfef320d\wininet.dll
[2014/08/15 15:37:03 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=BAE2B45ED648DEA784A2048BDB22F3F8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_c1aa21dfdfdc4630\wininet.dll
[2011/09/01 02:57:54 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=C0FCEE8D760C70DB6EF858BB2262288E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20537_none_c260fd08f8d7abbd\wininet.dll
[2013/10/13 10:35:38 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C36E38AD3C7FAFF0E30C4CBCB28CE7FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[2013/02/22 04:38:00 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C5B6468422DB1C8AA36C32CBB0197E5E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[2009/08/27 14:17:42 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=C628812EA5016B1C3E13E082940D5AF6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll
[2013/09/22 11:13:22 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=C8ADAA6948993D839D14524847EA5B75 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[2013/05/16 22:43:29 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=CC25EA1287613DC45D25A26037B4DBDD -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[2014/05/28 17:32:59 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=CFD26829131439B71D0109F9D5345573 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll
[2009/08/27 14:29:46 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=D0DD9439DB3C927209CFFE095AA1F097 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[2014/06/06 22:47:40 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=D19775732C5F0850BB46E4B5CF4E8C39 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_c230bdccf8fc99f5\wininet.dll
[2009/10/03 22:21:32 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=D1E1447C4E2077BDFFDD547972FEBDEB -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[2010/11/02 08:12:02 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D364DEB34DB229A4C1EFB1BC68F505C4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[2011/09/01 03:28:15 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=D3788D91530CFA005BD516189A4C676E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16437_none_c1d7603ddfba0bf3\wininet.dll
[2009/08/27 14:40:40 | 000,840,704 | ---- | M] (Microsoft Corporation) MD5=D5709010F06FEC697CCB2831D0821E0B -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll
[2009/08/27 13:40:58 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=D88D19604AACE2101B13260322FB4A3A -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll
[2009/11/21 07:40:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DCB9E422810877D7C4115BACE54B084C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[2014/05/28 17:35:22 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=E267DC5D759E11BB895C41E7EFC1A54C -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll
[2015/04/10 16:20:33 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=E38E89A0939A42F5EE4292DFC48772DF -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16644_none_c1c9933fdfc4d62d\wininet.dll
[2009/08/27 06:22:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=E3AB6EBE520E1898663B011D2FC0DF11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[2012/06/02 09:16:44 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=E430161A632F9A8FE512DE0CA5685559 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[2015/07/22 21:37:33 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=E64B90961540FE6A07C97C1435A75706 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20799_none_c22221e0f906805f\wininet.dll
[2015/04/10 01:25:23 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=EA51D068CE82A1E7FC338D0D36E83AA3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20758_none_c24c6146f8e6f744\wininet.dll
[2013/05/29 02:41:08 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=EA952A5C277CABCBA69EA806146BB984 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[2015/03/10 00:41:29 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=EB5E1D8224F4EF318708410B469AC239 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20750_none_c2445ef6f8ee2c8c\wininet.dll
[2010/02/23 07:39:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=EC3B3E6071E3FCD4290BFD42676EE064 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[2013/07/25 03:32:36 | 001,129,984 | ---- | M] (Microsoft Corporation) MD5=EFA69C15A411D9794131CBCF6B59EA08 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[2013/10/13 10:08:35 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=F1771715A3DC3DB14BD374F63507878D -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[2010/05/04 06:59:21 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F317362AEB06140E7FB1B29331FDC038 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[2010/06/26 07:51:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=F60F99762FABCD7F4B53A4A0EBAE3505 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[2014/02/23 07:10:01 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=F68EBB98CE1CFC06EA5CCE5F78056412 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_c2455d5af8ed48bc\wininet.dll
[2009/10/03 22:21:17 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=FCB4E3234667317905333B6A4CDF85FC -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\System32\wininit.exe
[2008/01/19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

[color=#A23BEC]< MD5 for: WININIT.INI >[/color]
[2014/09/28 20:22:45 | 000,000,059 | ---- | M] () MD5=AF0F96D5737126F4E56A3EC7FC21C2FC -- C:\WINDOWS\wininit.ini

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2006/11/02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008/01/19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\System32\ws2_32.dll
[2008/01/19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2015/10/31 19:36:35 | 000,358,400 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2015/10/31 19:36:34 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2010/12/11 12:04:52 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-20\desktop.ini
[2015/11/01 21:54:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I03HA8Y.jpg
[2015/11/11 14:56:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I2U0APJ.jpg
[2015/11/07 19:40:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I46KVB3.pdf
[2015/10/24 14:26:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I4D9DWT.jpg
[2015/10/29 22:29:17 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I4YXZBD.jpg
[2015/11/15 15:41:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I5PNC44.html
[2015/11/01 21:54:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I6G2NE6.jpg
[2015/11/08 21:51:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I7BXN1C.jpg
[2015/09/09 20:28:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I7DD6F2.mp4
[2015/11/06 22:41:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I7P61BP.jpg
[2015/11/11 14:56:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I8U5DHQ.jpg
[2015/11/11 14:56:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$I90UJKD.jpg
[2015/11/01 13:24:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IA2464Y.mp4
[2015/11/07 19:46:12 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IAG6PP6.mp4
[2015/11/15 15:41:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IBMYL7A
[2015/10/29 22:29:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IEM2NHY.jpg
[2015/11/13 22:01:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IG199UY.jpg
[2015/11/15 11:49:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$II0E8DW.jpg
[2015/11/07 19:22:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IKFD01K.png
[2015/10/23 16:22:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IKGWB86.jpg
[2015/10/28 17:55:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IKQOJ24.png
[2015/10/28 17:55:39 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$ILAJ0XL.png
[2015/11/03 19:55:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$ILLU1QE.00_jpg_srb
[2015/10/28 17:55:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IMFL62G.png
[2015/11/06 22:41:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IMZO4Y1.jpg
[2015/11/01 21:56:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IN4ZYNL.jpg
[2015/10/22 15:19:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IN6CSLR.jpg
[2015/11/01 21:55:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IN9VYNQ.png
[2015/11/13 22:00:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$INNUM8V.jpg
[2015/11/05 21:50:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$INQR74X.webm
[2015/10/26 22:02:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$INX2YYZ.png
[2015/11/01 21:55:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IO17OUH.jpg
[2015/11/03 10:01:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IP1QMYX.jpg
[2015/10/26 22:02:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IQB97IJ.jpg
[2015/11/13 22:00:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IQCJMW5.jpg
[2015/11/07 19:43:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IQQ9PUQ.mp4
[2015/10/29 22:29:07 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IRILLUV.jpg
[2014/03/12 21:26:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IRKEYDH.flv
[2015/11/05 21:50:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$ISIJRYU.png
[2015/11/07 19:22:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IT314V8.png
[2015/09/17 12:25:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IU3UFZY.jpg
[2015/11/07 19:45:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IUVEQHF.mp4
[2015/10/28 18:03:41 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IV73JDF.png
[2015/11/03 19:55:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IVAVVYE.jpg
[2015/11/07 19:22:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IVRDVVI.png
[2015/11/04 19:11:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IVY6OOL.webm
[2015/10/29 22:30:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IXSLIMS.png
[2015/11/07 19:40:45 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$IYYKZI8.pdf
[2015/11/01 18:36:19 | 000,018,271 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R03HA8Y.jpg
[2015/11/09 18:19:54 | 000,002,761 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R2U0APJ.jpg
[2015/06/30 19:56:57 | 000,333,671 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R46KVB3.pdf
[2015/10/23 20:07:32 | 000,300,080 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R4D9DWT.jpg
[2015/10/29 21:22:23 | 000,003,853 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R4YXZBD.jpg
[2015/11/11 14:56:25 | 000,037,841 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R5PNC44.html
[2015/11/01 16:53:21 | 000,045,781 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R6G2NE6.jpg
[2015/11/08 18:59:04 | 000,023,035 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R7BXN1C.jpg
[2015/11/06 20:08:21 | 000,012,947 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R7P61BP.jpg
[2015/11/11 11:31:59 | 000,005,792 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R8U5DHQ.jpg
[2015/11/10 18:28:40 | 000,013,767 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$R90UJKD.jpg
[2015/11/01 13:22:37 | 000,268,970 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RA2464Y.mp4
[2015/09/09 20:30:58 | 012,449,596 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RAG6PP6.mp4
[2015/10/23 19:41:08 | 000,009,357 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$REM2NHY.jpg
[2015/11/13 22:00:51 | 000,178,859 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RG199UY.jpg
[2015/11/14 12:23:21 | 000,011,261 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RI0E8DW.jpg
[2015/09/24 22:00:08 | 000,031,397 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RKFD01K.png
[2015/10/23 15:59:01 | 000,094,271 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RKGWB86.jpg
[2015/10/28 17:51:52 | 000,080,143 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RKQOJ24.png
[2015/10/28 17:54:04 | 000,015,381 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RLAJ0XL.png
[2015/11/03 19:08:53 | 000,074,432 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RLLU1QE.00_jpg_srb
[2015/10/28 17:53:17 | 000,090,470 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RMFL62G.png
[2015/11/06 19:33:52 | 000,005,253 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RMZO4Y1.jpg
[2015/10/29 22:13:47 | 000,018,334 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RN4ZYNL.jpg
[2015/10/22 14:34:24 | 000,084,334 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RN6CSLR.jpg
[2015/10/31 22:19:40 | 000,606,997 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RN9VYNQ.png
[2015/11/13 21:58:45 | 000,178,959 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RNNUM8V.jpg
[2015/11/04 19:11:39 | 000,281,639 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RNQR74X.webm
[2015/10/23 21:24:09 | 000,533,784 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RNX2YYZ.png
[2015/10/30 14:41:16 | 000,005,969 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RO17OUH.jpg
[2015/11/02 21:18:00 | 000,010,247 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RP1QMYX.jpg
[2015/10/26 19:38:15 | 000,010,327 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RQB97IJ.jpg
[2015/11/13 21:58:44 | 000,179,029 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RQCJMW5.jpg
[2015/08/29 11:41:33 | 006,947,098 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RQQ9PUQ.mp4
[2015/10/29 21:20:19 | 000,033,238 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RRILLUV.jpg
[2015/11/04 22:29:20 | 000,296,749 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RSIJRYU.png
[2015/09/24 21:58:56 | 000,006,897 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RT314V8.png
[2015/09/26 18:06:38 | 009,707,602 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RUVEQHF.mp4
[2015/10/28 18:02:26 | 000,077,976 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RV73JDF.png
[2015/11/03 19:35:19 | 000,004,432 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RVAVVYE.jpg
[2015/11/07 13:27:33 | 000,011,851 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RVRDVVI.png
[2015/11/04 19:02:45 | 000,281,639 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RVY6OOL.webm
[2015/10/23 15:54:49 | 000,338,017 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RXSLIMS.png
[2015/06/06 18:56:32 | 000,032,092 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RYYKZI8.pdf
[2009/07/02 12:53:16 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\desktop.ini
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\2554.html
[2015/11/11 14:56:23 | 000,009,595 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\al-kass-tv.png
[2015/11/11 14:56:26 | 000,006,918 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\alkass_hd.html
[2015/11/11 14:56:23 | 000,175,818 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\all.js
[2015/11/11 14:56:24 | 000,042,021 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\bk-static.js
[2015/11/11 14:56:24 | 000,016,371 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\data.js
[2015/11/11 14:56:23 | 000,321,908 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\G9cgUJRgdLb.js
[2015/11/11 14:56:23 | 000,043,082 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\ga.js
[2015/11/11 14:56:24 | 000,000,282 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\icon_close_16px.gif
[2015/11/11 14:56:24 | 000,001,521 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\image.php
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\imp.html
[2015/11/11 14:56:23 | 000,056,632 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\jwplayer.js
[2015/11/11 14:56:23 | 000,001,392 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\key.php
[2015/11/11 14:56:26 | 000,064,518 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\like(1).html
[2015/11/11 14:56:26 | 000,064,195 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\like.html
[2015/11/11 14:56:24 | 000,001,631 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\okads.js
[2015/11/11 14:56:25 | 000,001,330 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\ping.html
[2015/11/11 14:56:24 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\pixel
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\pixel(1)
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\pixel(2)
[2015/11/11 14:56:23 | 000,124,130 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\post-widget.js
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\px.html
[2015/11/11 14:56:23 | 000,095,638 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\r1post.css
[2015/11/11 14:56:26 | 000,000,431 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\rt=ifr.html
[2015/11/11 14:56:22 | 000,000,033 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\saved_resource
[2015/11/11 14:56:22 | 000,001,450 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\saved_resource(1)
[2015/11/11 14:56:23 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\saved_resource(2)
[2015/11/11 14:56:26 | 000,149,739 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\saved_resource.html
[2015/11/11 14:56:23 | 000,001,809 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\share2quote.css
[2015/11/11 14:56:23 | 000,004,845 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\small.js
[2015/11/11 14:56:24 | 000,049,258 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\stretch.png
[2015/11/11 14:56:22 | 000,022,388 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\style.css
[2015/11/11 14:56:22 | 000,013,685 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\tc.js
[2015/11/11 14:56:25 | 000,002,778 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\track.js
[2015/11/11 14:56:23 | 000,000,466 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\tunis-vista-bg-13.png
[2015/11/11 14:56:23 | 000,007,028 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\tv.css
[2015/11/11 14:56:22 | 000,000,608 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\v2
[2015/11/11 14:56:25 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\waframedia.html
[2015/11/11 14:56:25 | 000,032,754 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\wjDNIDNrTQG(1).html
[2015/11/11 14:56:25 | 000,032,756 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\wjDNIDNrTQG.html
[2015/11/11 14:56:23 | 000,000,570 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2077337904-992534304-2070497248-1003\$RBMYL7A\x.gif
[2006/11/02 13:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 13:58:10 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/25 12:20:20 | 000,001,052 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/10/25 12:20:22 | 000,001,056 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/11/12 17:45:46 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2015/11/14 23:46:42 | 000,015,420 | ---- | M] ()(C:\Users\Admin\Desktop\?? ????????? ??? ???????.docx) -- C:\Users\Admin\Desktop\EF (H2J@@@@/ %DI ('1J@@3.docx
[2015/11/14 23:46:40 | 000,015,420 | ---- | C] ()(C:\Users\Admin\Desktop\?? ????????? ??? ???????.docx) -- C:\Users\Admin\Desktop\EF (H2J@@@@/ %DI ('1J@@3.docx
[2015/10/29 23:04:15 | 000,018,852 | ---- | M] ()(C:\Users\Admin\Desktop\???????? ???? ???????.docx) -- C:\Users\Admin\Desktop\('D#49'1 F'E* 'D#F9'E.docx
[2015/10/29 23:04:14 | 000,018,852 | ---- | C] ()(C:\Users\Admin\Desktop\???????? ???? ???????.docx) -- C:\Users\Admin\Desktop\('D#49'1 F'E* 'D#F9'E.docx
[2015/10/19 14:47:08 | 000,027,648 | ---- | M] ()(C:\Users\Admin\Desktop\????-???-?????-.doc) -- C:\Users\Admin\Desktop\HDQJ-2EF-'DA1--.doc
[2015/10/11 20:35:50 | 000,017,307 | ---- | M] ()(C:\Users\Admin\Desktop\??? ???? ????? ???????.docx) -- C:\Users\Admin\Desktop\FB/ 9EJB DD5AQ 'D+QH1J.docx
[2015/10/11 20:35:48 | 000,017,307 | ---- | C] ()(C:\Users\Admin\Desktop\??? ???? ????? ???????.docx) -- C:\Users\Admin\Desktop\FB/ 9EJB DD5AQ 'D+QH1J.docx
[2015/09/24 19:32:46 | 000,014,102 | ---- | M] ()(C:\Users\Admin\Desktop\??? ?????Aid.docx) -- C:\Users\Admin\Desktop\C(4 'D9J/Aid.docx
[2015/09/24 17:25:20 | 000,014,102 | ---- | C] ()(C:\Users\Admin\Desktop\??? ?????Aid.docx) -- C:\Users\Admin\Desktop\C(4 'D9J/Aid.docx
[2015/06/15 18:28:18 | 000,057,030 | ---- | M] ()(C:\Users\Admin\Desktop\??????.docx) -- C:\Users\Admin\Desktop\'D'HDI.docx
[2015/06/15 18:28:17 | 000,057,030 | ---- | C] ()(C:\Users\Admin\Desktop\??????.docx) -- C:\Users\Admin\Desktop\'D'HDI.docx
[2015/05/24 22:36:12 | 000,013,860 | ---- | M] ()(C:\Users\Admin\Desktop\?????.docx) -- C:\Users\Admin\Desktop\%D'GJ.docx
[2015/05/24 21:51:13 | 000,013,860 | ---- | C] ()(C:\Users\Admin\Desktop\?????.docx) -- C:\Users\Admin\Desktop\%D'GJ.docx
[2015/04/24 19:44:39 | 000,027,648 | ---- | C] ()(C:\Users\Admin\Desktop\????-???-?????-.doc) -- C:\Users\Admin\Desktop\HDQJ-2EF-'DA1--.doc
[2015/04/24 13:25:35 | 000,015,046 | ---- | M] ()(C:\Users\Admin\Desktop\?? ???? ??? ????? ?? ????.docx) -- C:\Users\Admin\Desktop\B/ HDQJ 2EF 'DA1- J' ,/QJ.docx
[2015/04/24 13:25:34 | 000,015,046 | ---- | C] ()(C:\Users\Admin\Desktop\?? ???? ??? ????? ?? ????.docx) -- C:\Users\Admin\Desktop\B/ HDQJ 2EF 'DA1- J' ,/QJ.docx
[2012/11/10 15:32:50 | 000,019,456 | ---- | M] ()(C:\Users\Admin\Documents\?????.doc) -- C:\Users\Admin\Documents\*HCJD.doc
[2012/11/10 15:32:40 | 000,019,456 | ---- | C] ()(C:\Users\Admin\Documents\?????.doc) -- C:\Users\Admin\Documents\*HCJD.doc
[2011/12/16 22:10:51 | 000,019,456 | ---- | M] ()(C:\Users\Admin\Documents\????? ????? ? ???????? ????? ???? ? 26 ???? ???? 11 ????? ???? ? 51 ????.doc) -- C:\Users\Admin\Documents\'D5JF EDJ'1 H +D'+E'&) EDJHF 3'CF H 26 H2J1 *HF3 11 EDJHF 3'CF H 51 H2J1.doc
[2011/12/16 22:10:49 | 000,019,456 | ---- | C] ()(C:\Users\Admin\Documents\????? ????? ? ???????? ????? ???? ? 26 ???? ???? 11 ????? ???? ? 51 ????.doc) -- C:\Users\Admin\Documents\'D5JF EDJ'1 H +D'+E'&) EDJHF 3'CF H 26 H2J1 *HF3 11 EDJHF 3'CF H 51 H2J1.doc

< End of report >

Publicité


Signaler le contenu de ce document

Publicité