cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 07-04-2016 19:26:34 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\K7E\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

2,90 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 53,20% Memory free
5,80 Gb Paging File | 3,85 Gb Available in Paging File | 66,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,42 Gb Total Space | 160,99 Gb Free Space | 34,59% Space Free | Partition Type: NTFS
Drive E: | 8,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: K7E-PC | User Name: K7E | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2016-04-07 19:07:20 | 000,630,272 | ---- | M] (OldTimer Tools) -- C:\Users\K7E\Downloads\OTL.exe
PRC - [2016-03-31 20:20:30 | 000,038,396 | RHS- | M] () -- C:\Windows\System32\runouce.exe
PRC - [2014-11-27 10:24:04 | 042,164,448 | ---- | M] (Foxit Software Inc.) -- C:\Programas\Foxit Software\Foxit Reader\FoxitReader.exe
PRC - [2014-11-26 17:40:18 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Programas\Mozilla Firefox\firefox.exe
PRC - [2014-10-28 16:15:34 | 000,244,448 | ---- | M] (Foxit Software Inc.) -- C:\Programas\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2013-10-28 03:02:26 | 000,276,048 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2013-10-28 03:02:24 | 000,238,160 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010-09-07 21:05:34 | 000,524,288 | ---- | M] (IDT, Inc.) -- C:\Programas\IDT\WDM\sttray.exe
PRC - [2010-09-07 21:05:34 | 000,282,624 | ---- | M] (IDT, Inc.) -- C:\Programas\IDT\WDM\stacsv.exe
PRC - [2009-12-03 21:21:09 | 002,640,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-12-03 12:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Programas\LSI SoftModem\agrsmsvc.exe
PRC - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programas\Windows Media Player\wmpnetwk.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-07-14 02:14:38 | 001,201,152 | ---- | M] (Microsoft Corporation) -- C:\Programas\Windows Sidebar\sidebar.exe
PRC - [2009-07-14 02:14:15 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009-07-14 02:14:12 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009-03-01 21:43:08 | 000,110,592 | ---- | M] (Andrea Electronics Corporation) -- C:\Programas\IDT\WDM\AEstSrv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2016-03-31 20:20:30 | 000,038,396 | RHS- | M] () -- C:\Windows\System32\runouce.exe
MOD - [2014-11-26 17:40:45 | 003,758,192 | ---- | M] () -- C:\Programas\Mozilla Firefox\mozjs.dll
MOD - [2014-10-11 13:06:16 | 000,073,544 | ---- | M] () -- C:\Programas\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014-10-11 13:05:58 | 001,044,776 | ---- | M] () -- C:\Programas\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014-10-11 13:05:58 | 000,237,352 | ---- | M] () -- C:\Programas\Common Files\Apple\Apple Application Support\libxslt.dll
MOD - [2008-09-16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programas\WinRAR\RarExt.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2015-01-15 11:36:36 | 000,505,088 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Programas\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe -- (Lenovo EasyPlus Hotspot)
SRV - [2014-11-26 17:40:37 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-10-28 16:15:34 | 000,244,448 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- C:\Programas\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2013-10-28 03:02:26 | 000,276,048 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010-09-07 21:05:34 | 000,282,624 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programas\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009-12-03 12:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programas\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programas\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009-03-01 21:43:08 | 000,110,592 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programas\IDT\WDM\AEstSrv.exe -- (AESTFilters)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2015-02-26 00:00:00 | 000,129,720 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\ammntdrv.sys -- (ammntdrv)
DRV - [2015-02-26 00:00:00 | 000,026,424 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\ambakdrv.sys -- (ambakdrv)
DRV - [2015-02-26 00:00:00 | 000,014,392 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\amwrtdrv.sys -- (amwrtdrv)
DRV - [2013-03-05 20:49:30 | 000,527,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorA.sys -- (iaStorA)
DRV - [2013-03-05 20:49:28 | 000,026,096 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStorF.sys -- (iaStorF)
DRV - [2013-03-04 09:31:10 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2013-03-04 09:31:10 | 000,077,824 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013-03-04 09:31:10 | 000,070,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2013-03-04 09:31:10 | 000,027,776 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012-12-22 02:46:02 | 000,011,904 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2012-02-04 11:27:34 | 001,118,312 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010-12-07 08:46:52 | 001,763,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2010-09-07 21:05:34 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2010-03-15 16:44:46 | 000,127,488 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2010-01-26 09:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-09-09 10:23:38 | 000,042,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\flashud.sys -- (int0800)
DRV - [2009-07-14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009-07-14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009-07-14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009-07-14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3588510771-3446058613-640391472-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3588510771-3446058613-640391472-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3588510771-3446058613-640391472-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3588510771-3446058613-640391472-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2016-04-01 09:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\K7E\AppData\Roaming\mozilla\Extensions
[2016-04-02 19:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programas\Mozilla Firefox\extensions
[2016-04-02 19:13:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2016-04-01 09:17:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programas\Mozilla Firefox\browser\extensions
[2016-04-01 09:17:44 | 000,000,000 | ---D | M] (Default) -- C:\Programas\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Runonce] C:\Windows\System32\runouce.exe ()
O4 - HKLM..\Run: [SysTrayApp] C:\Programas\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-3588510771-3446058613-640391472-1000..\Run: [Mobile Partner] C:\Program Files\MobileWiFi\MobileWiFi.exe ()
O4 - HKU\S-1-5-21-3588510771-3446058613-640391472-1000..\Run: [uTorrent] C:\Users\K7E\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programas\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_31-windows-i586.cab (Java Plug-in 11.31.2)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.8.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{128E5F1B-574F-4DF2-9579-E6D55DA543B9}: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4B3048C-D663-4AB1-A3C8-09C26A25B58D}: DhcpNameServer = 192.168.8.1 192.168.8.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{07c174aa-fce1-11e5-8002-78e3b547c657}\Shell - "" = AutoRun
O33 - MountPoints2\{07c174aa-fce1-11e5-8002-78e3b547c657}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{07c174b5-fce1-11e5-8002-78e3b547c657}\Shell - "" = AutoRun
O33 - MountPoints2\{07c174b5-fce1-11e5-8002-78e3b547c657}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2016-04-07 19:17:00 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2016-04-07 19:17:00 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2016-04-07 19:17:00 | 000,381,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2016-04-07 19:17:00 | 000,316,544 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_wwanecm.sys
[2016-04-07 19:17:00 | 000,208,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2016-04-07 19:17:00 | 000,199,168 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2016-04-07 19:17:00 | 000,108,032 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_cdcacm.sys
[2016-04-07 19:17:00 | 000,101,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2016-04-07 19:17:00 | 000,095,232 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2016-04-07 19:17:00 | 000,077,824 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2016-04-07 19:17:00 | 000,070,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2016-04-07 19:17:00 | 000,027,776 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2016-04-07 19:17:00 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2016-04-07 19:17:00 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2016-04-07 19:17:00 | 000,011,904 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2016-04-07 18:54:24 | 000,019,576 | ---- | C] (solvusoft) -- C:\Windows\System32\roboot.exe
[2016-04-07 18:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
[2016-04-07 18:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinThruster
[2016-04-07 18:54:20 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Solvusoft
[2016-04-07 15:48:27 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Dev-Cpp
[2016-04-06 21:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\MobileWiFi
[2016-04-06 21:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2016-04-04 02:09:34 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Lenovo
[2016-04-04 02:08:46 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2016-04-04 02:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LENOVO
[2016-04-04 02:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
[2016-04-04 02:08:40 | 000,000,000 | ---D | C] -- C:\Program Files\Lenovo
[2016-04-03 14:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com
[2016-04-03 14:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com
[2016-04-03 14:40:04 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\vlc
[2016-04-03 14:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2016-04-03 14:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2016-04-02 19:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2016-04-02 19:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016-04-02 19:13:16 | 000,272,296 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2016-04-02 19:13:16 | 000,176,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2016-04-02 19:13:15 | 000,176,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2016-04-01 22:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2016-04-01 22:52:38 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Foxit Software
[2016-04-01 21:16:37 | 000,000,000 | -HSD | C] -- C:\found.000
[2016-04-01 09:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg
[2016-04-01 09:39:58 | 001,177,600 | ---- | C] (AD) -- C:\Windows\System32\SYNSOEMU.DLL
[2016-04-01 09:39:55 | 016,138,240 | ---- | C] (Steinberg Media Technologies) -- C:\HALionOne.dll
[2016-04-01 09:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
[2016-04-01 09:39:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steinberg
[2016-04-01 09:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\Legendas-3.1
[2016-04-01 09:22:12 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Nuendo 4
[2016-04-01 09:22:12 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Steinberg
[2016-04-01 09:22:12 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2016-04-01 09:17:56 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Mozilla
[2016-04-01 09:17:56 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Mozilla
[2016-04-01 09:17:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2016-04-01 09:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2016-04-01 09:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016-04-01 09:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD
[2016-04-01 09:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Youtube Downloader HD
[2016-03-31 21:43:46 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\uTorrent
[2016-03-31 21:40:23 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Apple Computer
[2016-03-31 21:40:21 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Apple Computer
[2016-03-31 21:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2016-03-31 21:39:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2016-03-31 21:38:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2016-03-31 21:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2016-03-31 21:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2016-03-31 21:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2016-03-31 21:37:15 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Apple
[2016-03-31 21:37:14 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2016-03-31 21:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2016-03-31 21:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2016-03-31 21:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2016-03-31 21:35:53 | 109,870,888 | ---- | C] (Apple Inc.) -- C:\Users\K7E\Documents\itunes-12-0-1-26-32-bits [1].exe
[2016-03-31 20:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\DaumBack
[2016-03-31 20:34:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2016-03-31 20:32:19 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Adobe
[2016-03-31 20:23:17 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Synaptics
[2016-03-31 20:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uTorrent
[2016-03-31 20:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Daum
[2016-03-31 20:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2016-03-31 20:09:36 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016-03-31 20:09:27 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\AIMP3
[2016-03-31 20:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2016-03-31 20:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP3
[2016-03-31 20:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2016-03-31 20:08:30 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Programs
[2016-03-31 20:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2016-03-31 20:08:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2016-03-31 20:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2016-03-31 19:58:01 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2016-03-31 19:57:53 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvbvm50.dll
[2016-03-31 19:57:53 | 001,177,088 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\libeay32.dll
[2016-03-31 19:57:53 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomctl.ocx
[2016-03-31 19:57:53 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL32.OCX
[2016-03-31 19:57:53 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2016-03-31 19:57:53 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2016-03-31 19:57:53 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll
[2016-03-31 19:57:53 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70u.dll
[2016-03-31 19:57:53 | 000,935,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vb40016.dll
[2016-03-31 19:57:53 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vb40032.dll
[2016-03-31 19:57:53 | 000,659,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomct2.ocx
[2016-03-31 19:57:53 | 000,614,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx
[2016-03-31 19:57:53 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCP70.DLL
[2016-03-31 19:57:53 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2016-03-31 19:57:53 | 000,443,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MShflxgd.ocx
[2016-03-31 19:57:53 | 000,415,552 | ---- | C] (Microsoft Corporation ) -- C:\Windows\System32\comct332.ocx
[2016-03-31 19:57:53 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vbrun300.dll
[2016-03-31 19:57:53 | 000,356,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbrun200.dll
[2016-03-31 19:57:53 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2016-03-31 19:57:53 | 000,278,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdatgrd.ocx
[2016-03-31 19:57:53 | 000,270,336 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\ssleay32.dll
[2016-03-31 19:57:53 | 000,270,336 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\libssl32.dll
[2016-03-31 19:57:53 | 000,258,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msflxgrd.ocx
[2016-03-31 19:57:53 | 000,252,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdatlst.ocx
[2016-03-31 19:57:53 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dblist32.ocx
[2016-03-31 19:57:53 | 000,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabctl32.ocx
[2016-03-31 19:57:53 | 000,218,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\richtx32.ocx
[2016-03-31 19:57:53 | 000,215,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mci32.ocx
[2016-03-31 19:57:53 | 000,178,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmask32.ocx
[2016-03-31 19:57:53 | 000,170,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comct232.ocx
[2016-03-31 19:57:53 | 000,155,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.ocx
[2016-03-31 19:57:53 | 000,136,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.ocx
[2016-03-31 19:57:53 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstdfmt.dll
[2016-03-31 19:57:53 | 000,126,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswinsck.ocx
[2016-03-31 19:57:53 | 000,119,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomm32.ocx
[2016-03-31 19:57:53 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2016-03-31 19:57:53 | 000,107,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSSTKPRP.DLL
[2016-03-31 19:57:53 | 000,100,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\picclp32.ocx
[2016-03-31 19:57:53 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2016-03-31 19:57:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl70.dll
[2016-03-31 19:57:53 | 000,080,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysinfo.ocx
[2016-03-31 19:57:53 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71DEU.DLL
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ITA.DLL
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71FRA.DLL
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ESP.DLL
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70ita.dll
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70fra.dll
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70esp.dll
[2016-03-31 19:57:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70deu.dll
[2016-03-31 19:57:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ENU.DLL
[2016-03-31 19:57:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70enu.dll
[2016-03-31 19:57:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvci70.dll
[2016-03-31 19:57:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71KOR.DLL
[2016-03-31 19:57:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71JPN.DLL
[2016-03-31 19:57:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70kor.dll
[2016-03-31 19:57:53 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70jpn.dll
[2016-03-31 19:57:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71CHT.DLL
[2016-03-31 19:57:53 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70cht.dll
[2016-03-31 19:57:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71CHS.DLL
[2016-03-31 19:57:53 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70chs.dll
[2016-03-31 19:57:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2016-03-31 19:57:38 | 000,778,928 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016-03-31 19:57:38 | 000,142,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016-03-31 19:57:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2016-03-31 19:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AomeiBR
[2016-03-31 19:56:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Backup
[2016-03-31 19:56:27 | 000,000,000 | ---D | C] -- C:\Program Files\SAM CoDeC Pack
[2016-03-31 19:55:15 | 001,118,312 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\Windows\System32\drivers\rtl8192se.sys
[2016-03-31 19:52:47 | 000,312,192 | ---- | C] (Sonix) -- C:\Windows\System32\vsnp2uvc.dll
[2016-03-31 19:49:39 | 000,208,896 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhsip32.dll
[2016-03-31 19:49:39 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhcp32.dll
[2016-03-31 19:49:11 | 004,931,384 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2016-03-31 19:46:41 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2016-03-31 19:45:02 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2016-03-31 19:43:56 | 000,122,168 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo10.dll
[2016-03-31 19:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2016-03-31 19:39:25 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2016-03-31 19:39:25 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2016-03-31 19:39:25 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2016-03-31 19:39:23 | 012,705,884 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2016-03-31 19:39:23 | 001,953,792 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2016-03-31 19:39:23 | 000,524,288 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2016-03-31 19:39:23 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2016-03-31 19:37:19 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\drivers\stwrt.sys
[2016-03-31 19:37:03 | 000,405,504 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stcplx.dll
[2016-03-31 19:37:00 | 000,934,912 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapo.dll
[2016-03-31 19:36:59 | 000,531,968 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stapi32.dll
[2016-03-31 19:36:58 | 000,179,712 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\staco.dll
[2016-03-31 19:36:33 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2016-03-31 19:36:27 | 000,127,488 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcHdmi.sys
[2016-03-31 19:36:17 | 000,000,000 | ---D | C] -- C:\Program Files\LSI SoftModem
[2016-03-31 19:36:02 | 001,163,328 | ---- | C] (LSI Corporation) -- C:\Windows\System32\drivers\AGRSM.sys
[2016-03-31 19:35:55 | 000,026,624 | ---- | C] (LSI Corporation) -- C:\Windows\System32\agrscoin.dll
[2016-03-31 19:35:50 | 000,064,000 | ---- | C] (LSI Corporation) -- C:\Windows\agrsmdel.exe
[2016-03-31 19:35:36 | 000,527,344 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorA.sys
[2016-03-31 19:35:36 | 000,026,096 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorF.sys
[2016-03-31 19:33:48 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll
[2016-03-31 19:33:48 | 000,076,872 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RtNicProp32.dll
[2016-03-31 19:32:28 | 000,042,496 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\flashud.sys
[2016-03-31 19:12:20 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\WinRAR
[2016-03-31 19:12:01 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016-03-31 19:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2016-03-31 19:11:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2016-03-31 19:09:38 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Microsoft Games
[2016-03-31 19:09:10 | 000,000,000 | R--D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2016-03-31 19:09:10 | 000,000,000 | R--D | C] -- C:\Users\K7E\Searches
[2016-03-31 19:09:10 | 000,000,000 | R--D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2016-03-31 19:09:10 | 000,000,000 | -H-D | C] -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2016-03-31 19:08:59 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Identities
[2016-03-31 19:08:56 | 000,000,000 | R--D | C] -- C:\Users\K7E\Contacts
[2016-03-31 19:08:49 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\VirtualStore
[2016-03-31 19:08:45 | 000,000,000 | --SD | C] -- C:\Users\K7E\AppData\Roaming\Microsoft
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Videos
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Saved Games
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Pictures
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Music
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Links
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Favorites
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Downloads
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Documents
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\Desktop
[2016-03-31 19:08:45 | 000,000,000 | R--D | C] -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\AppData\Local\Temporary Internet Files
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\SendTo
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Recent
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\PrintHood
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Documents\Os meus vídeos
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Os meus documentos
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\NetHood
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Modelos
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Menu Iniciar
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\AppData\Local\Histórico
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Definições locais
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Cookies
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Documents\As minhas imagens
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Application Data
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\AppData\Local\Application Data
[2016-03-31 19:08:45 | 000,000,000 | -HSD | C] -- C:\Users\K7E\Documents\A minha música
[2016-03-31 19:08:45 | 000,000,000 | -H-D | C] -- C:\Users\K7E\AppData
[2016-03-31 19:08:45 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Temp
[2016-03-31 19:08:45 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Local\Microsoft
[2016-03-31 19:08:45 | 000,000,000 | ---D | C] -- C:\Users\K7E\AppData\Roaming\Media Center Programs
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Os meus vídeos
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\Program Files\Ficheiros comuns
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\As minhas imagens
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ambiente de trabalho
[2016-03-31 19:08:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\A minha música
[2016-03-31 18:42:09 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2016-03-31 18:38:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2016-03-29 16:23:11 | 000,000,000 | ---D | C] -- C:\Users\K7E\Documents\Escola

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2016-04-07 19:18:00 | 000,670,084 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2016-04-07 19:18:00 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016-04-07 19:18:00 | 000,130,586 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2016-04-07 19:18:00 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016-04-07 19:17:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2016-04-07 19:17:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
[2016-04-07 19:17:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2016-04-07 19:17:22 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\MobileWiFi.lnk
[2016-04-07 19:17:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2016-04-07 18:54:33 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\WinThruster_DEFAULT.job
[2016-04-07 18:54:31 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\WinThruster_UPDATES.job
[2016-04-07 18:54:23 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\WinThruster.lnk
[2016-04-07 17:59:42 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016-04-07 17:59:42 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016-04-07 17:52:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016-04-07 17:52:03 | 2337,484,800 | -HS- | M] () -- C:\hiberfil.sys
[2016-04-07 15:58:31 | 000,002,115 | ---- | M] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2016-04-07 15:58:31 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2016-04-07 15:47:22 | 000,016,932 | ---- | M] () -- C:\Users\Public\Documents\K7E-PC.eml
[2016-04-04 02:25:34 | 000,016,932 | ---- | M] () -- C:\Users\K7E\Desktop\K7E-PC.eml
[2016-04-04 02:25:31 | 000,016,932 | ---- | M] () -- C:\Users\K7E\Documents\K7E-PC.eml
[2016-04-04 02:15:15 | 000,016,932 | ---- | M] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\K7E-PC.eml
[2016-04-04 02:15:14 | 000,016,932 | ---- | M] () -- C:\Users\K7E\AppData\Roaming\K7E-PC.eml
[2016-04-04 02:15:11 | 000,016,932 | ---- | M] () -- C:\Users\K7E\K7E-PC.eml
[2016-04-04 02:15:11 | 000,016,932 | ---- | M] () -- C:\Users\K7E\AppData\Local\K7E-PC.eml
[2016-04-04 02:08:41 | 000,001,940 | ---- | M] () -- C:\Users\Public\Desktop\SHAREit.lnk
[2016-04-03 14:40:45 | 000,002,316 | ---- | M] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\The Treasures Of Montezuma.lnk
[2016-04-03 14:40:44 | 000,002,292 | ---- | M] () -- C:\Users\K7E\Desktop\The Treasures Of Montezuma.lnk
[2016-04-03 14:40:44 | 000,002,131 | ---- | M] () -- C:\Users\K7E\Desktop\Play Online Games.lnk
[2016-04-03 14:40:44 | 000,002,096 | ---- | M] () -- C:\Users\K7E\Desktop\MyPlayCity Games.lnk
[2016-04-03 14:39:47 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2016-04-03 00:19:35 | 000,001,399 | ---- | M] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016-04-01 09:26:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2016-04-01 09:23:07 | 000,002,084 | ---- | M] () -- C:\Users\K7E\Desktop\Nuendo 4.lnk
[2016-04-01 09:17:47 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016-04-01 09:16:30 | 000,001,111 | ---- | M] () -- C:\Users\K7E\Desktop\Youtube Downloader HD.lnk
[2016-04-01 08:57:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2016-03-31 21:45:34 | 000,000,847 | ---- | M] () -- C:\Users\K7E\Desktop\µTorrent.lnk
[2016-03-31 21:45:34 | 000,000,827 | ---- | M] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016-03-31 21:40:20 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2016-03-31 20:20:30 | 000,038,396 | RHS- | M] () -- C:\Windows\System32\runouce.exe
[2016-03-31 20:09:41 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2016-03-31 20:08:51 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016-03-31 20:08:49 | 000,272,296 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2016-03-31 20:08:49 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2016-03-31 20:08:49 | 000,176,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2016-03-31 19:57:24 | 000,000,082 | ---- | M] () -- C:\Windows\System32\winsevr.dat
[2016-03-31 19:47:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2016-03-31 18:46:19 | 000,061,225 | ---- | M] () -- C:\Windows\System32\license.rtf
[2016-03-31 18:38:40 | 000,265,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2016-04-07 19:17:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2016-04-07 19:17:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
[2016-04-07 19:17:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2016-04-07 19:17:22 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\MobileWiFi.lnk
[2016-04-07 19:17:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2016-04-07 18:54:33 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\WinThruster_DEFAULT.job
[2016-04-07 18:54:31 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\WinThruster_UPDATES.job
[2016-04-07 18:54:23 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\WinThruster.lnk
[2016-04-04 02:15:22 | 000,016,932 | ---- | C] () -- C:\Users\K7E\Documents\K7E-PC.eml
[2016-04-04 02:15:17 | 000,016,932 | ---- | C] () -- C:\Users\K7E\Desktop\K7E-PC.eml
[2016-04-04 02:08:41 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\SHAREit.lnk
[2016-04-03 14:40:45 | 000,002,316 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\The Treasures Of Montezuma.lnk
[2016-04-03 14:40:44 | 000,002,292 | ---- | C] () -- C:\Users\K7E\Desktop\The Treasures Of Montezuma.lnk
[2016-04-03 14:40:44 | 000,002,131 | ---- | C] () -- C:\Users\K7E\Desktop\Play Online Games.lnk
[2016-04-03 14:40:44 | 000,002,096 | ---- | C] () -- C:\Users\K7E\Desktop\MyPlayCity Games.lnk
[2016-04-03 14:39:47 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2016-04-03 00:19:35 | 000,001,399 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2016-04-01 22:58:55 | 000,002,115 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
[2016-04-01 22:58:55 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2016-04-01 09:36:35 | 000,016,932 | ---- | C] () -- C:\Users\Public\Documents\K7E-PC.eml
[2016-04-01 09:26:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2016-04-01 09:23:07 | 000,002,084 | ---- | C] () -- C:\Users\K7E\Desktop\Nuendo 4.lnk
[2016-04-01 09:21:15 | 000,016,932 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\K7E-PC.eml
[2016-04-01 09:21:14 | 000,016,932 | ---- | C] () -- C:\Users\K7E\AppData\Roaming\K7E-PC.eml
[2016-04-01 09:21:08 | 000,016,932 | ---- | C] () -- C:\Users\K7E\K7E-PC.eml
[2016-04-01 09:21:08 | 000,016,932 | ---- | C] () -- C:\Users\K7E\AppData\Local\K7E-PC.eml
[2016-04-01 09:17:47 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016-04-01 09:17:47 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016-04-01 09:16:30 | 000,001,111 | ---- | C] () -- C:\Users\K7E\Desktop\Youtube Downloader HD.lnk
[2016-04-01 08:57:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2016-03-31 21:45:34 | 000,000,847 | ---- | C] () -- C:\Users\K7E\Desktop\µTorrent.lnk
[2016-03-31 21:45:34 | 000,000,827 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2016-03-31 21:40:20 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2016-03-31 21:37:15 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2016-03-31 20:09:41 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2016-03-31 19:57:53 | 000,271,264 | ---- | C] () -- C:\Windows\System32\vbrun100.dll
[2016-03-31 19:57:53 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2016-03-31 19:57:24 | 000,000,082 | ---- | C] () -- C:\Windows\System32\winsevr.dat
[2016-03-31 19:56:56 | 000,129,720 | ---- | C] () -- C:\Windows\System32\ammntdrv.sys
[2016-03-31 19:56:56 | 000,026,424 | ---- | C] () -- C:\Windows\System32\ambakdrv.sys
[2016-03-31 19:56:56 | 000,014,392 | ---- | C] () -- C:\Windows\System32\amwrtdrv.sys
[2016-03-31 19:53:49 | 000,013,021 | ---- | C] () -- C:\Windows\snp2uvc.src
[2016-03-31 19:53:21 | 001,763,968 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2016-03-31 19:53:13 | 000,033,280 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2016-03-31 19:52:43 | 000,255,360 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2016-03-31 19:52:32 | 000,211,840 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2016-03-31 19:52:26 | 000,025,984 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2016-03-31 19:52:17 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2016-03-31 19:50:51 | 000,051,684 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2016-03-31 19:50:50 | 000,060,254 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp
[2016-03-31 19:50:50 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2016-03-31 19:50:50 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2016-03-31 19:50:50 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2016-03-31 19:50:33 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2016-03-31 19:47:13 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2016-03-31 19:47:13 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2016-03-31 19:47:12 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2016-03-31 19:47:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2016-03-31 19:42:09 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2016-03-31 19:39:23 | 000,001,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2016-03-31 19:36:26 | 000,005,120 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2016-03-31 19:11:56 | 000,038,396 | RHS- | C] () -- C:\Windows\System32\runouce.exe
[2016-03-31 19:09:12 | 000,001,405 | ---- | C] () -- C:\Users\K7E\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2016-03-31 19:08:45 | 000,000,290 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2016-03-31 19:08:45 | 000,000,272 | ---- | C] () -- C:\Users\K7E\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2016-03-31 18:45:55 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2016-03-31 18:45:37 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009-07-14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2016-04-06 17:07:31 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\AIMP3
[2016-04-07 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Dev-Cpp
[2016-04-04 02:15:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Foxit Software
[2016-04-07 18:54:20 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Solvusoft
[2016-04-04 02:15:16 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Steinberg
[2016-04-01 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Synaptics
[2016-04-07 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\uTorrent

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< *crack* /s >[/color]
[2006-08-11 14:52:46 | 000,068,698 | R--- | M] () -- \Program Files\Steinberg\Nuendo 4\Track Presets\Audio\Nutcracker Synth Brass.trackpreset
[2006-08-03 13:42:44 | 000,000,799 | R--- | M] () -- \Program Files\Steinberg\Nuendo 4\VST3 Presets\Steinberg Media Technologies\Grungelizer\Vinyl Crackles.vstpreset
[2006-08-03 13:49:42 | 000,003,755 | R--- | M] () -- \Program Files\Steinberg\Nuendo 4\VST3 Presets\Steinberg Media Technologies\StudioChorus\Chipmunks On Crack.vstpreset
[2006-08-11 14:52:46 | 000,068,698 | R--- | M] () -- \Programas\Steinberg\Nuendo 4\Track Presets\Audio\Nutcracker Synth Brass.trackpreset
[2006-08-03 13:42:44 | 000,000,799 | R--- | M] () -- \Programas\Steinberg\Nuendo 4\VST3 Presets\Steinberg Media Technologies\Grungelizer\Vinyl Crackles.vstpreset
[2006-08-03 13:49:42 | 000,003,755 | R--- | M] () -- \Programas\Steinberg\Nuendo 4\VST3 Presets\Steinberg Media Technologies\StudioChorus\Chipmunks On Crack.vstpreset
[2008-03-11 12:05:30 | 002,822,617 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Beat Tape\BEATS\Instrumental Fat Joe Ft. Lil WayneThe Crack House-RGF.mp3
[2016-01-17 09:10:31 | 007,851,030 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\R&B, Soul, Pop, Slow & Alternative\SZA\See.SZA.Run\05 - Crack Dreams [Prod by Brandun Deshay].mp3
[2015-01-03 21:25:32 | 007,924,291 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\2 Chainz\Based On A T.R.U. Story\02 - Crack.mp3
[2011-09-15 13:35:56 | 004,235,751 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Curren$y\Verde Terrace\10 - Crack BC ft Young Roddy.mp3
[2015-11-17 15:58:16 | 007,481,689 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle Ft. Dr. Dre 50 Cen 1.mp3
[2015-11-17 15:58:02 | 006,555,456 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle ft.50 cent Dr.Dre.mp3
[2015-04-02 11:31:00 | 012,803,273 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Eminem\Relapse\18 Eminem - Crack A Bottle [Feat. Dr. Dre And 50 Cent].mp3
[2015-09-25 06:33:32 | 004,106,318 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\French Montana\Coke Boys\11 - Crack Da Top Ft Cheese.mp3
[2015-09-27 21:40:06 | 006,461,377 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Jay-Z\Studio\In My Lifetime Vol.1\12 - Rap Game - Crack Game.mp3
[2016-01-01 12:03:31 | 006,857,929 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Kanye West\Late Orchestration\03 Crack Music.mp3
[2016-01-01 13:08:51 | 010,903,584 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Kanye West\Late Registration\08 Crack Music.mp3
[2015-05-07 06:47:17 | 008,827,191 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Lil Wayne\07 . Other Albums\Blow\22 Make That Crack.mp3
[2015-10-05 08:34:48 | 008,240,031 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\The Notorious B.I.G\Life After Death\Life After Death Disc 2\5. Ten Crack Commandments.mp3
[2015-09-29 03:10:56 | 007,904,300 | ---- | M] () -- \Users\K7E\Documents\A minha música\Americana\Rap Americano\Tyga\187\01 - Fuckn Crack.mp3
[2015-04-20 15:28:27 | 000,315,178 | ---- | M] () -- \Users\K7E\Documents\CRACK\ADBE_CRACK - 32bit.rar
[2015-04-20 15:31:31 | 000,377,747 | ---- | M] () -- \Users\K7E\Documents\CRACK\ADBE_CRACK - 64bit.rar
[2015-04-20 15:28:27 | 000,001,126 | ---- | M] () -- \Users\K7E\Documents\CRACK\APCS5 - Crack Read Me.txt
[2015-09-12 01:40:11 | 001,368,008 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic close.wav
[2015-09-12 01:40:11 | 001,368,010 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic medium.wav
[2015-09-12 01:40:00 | 001,404,467 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic close.wav
[2015-09-12 01:40:01 | 001,404,469 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic medium.wav
[2015-09-12 02:22:44 | 007,794,673 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic close.wav
[2015-09-12 00:58:25 | 007,794,675 | ---- | M] () -- \Users\K7E\Documents\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic medium.wav
[2008-03-11 12:05:30 | 002,822,617 | ---- | M] () -- \Users\K7E\Music\Americana\Beat Tape\BEATS\Instrumental Fat Joe Ft. Lil WayneThe Crack House-RGF.mp3
[2016-01-17 09:10:31 | 007,851,030 | ---- | M] () -- \Users\K7E\Music\Americana\R&B, Soul, Pop, Slow & Alternative\SZA\See.SZA.Run\05 - Crack Dreams [Prod by Brandun Deshay].mp3
[2015-01-03 21:25:32 | 007,924,291 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\2 Chainz\Based On A T.R.U. Story\02 - Crack.mp3
[2011-09-15 13:35:56 | 004,235,751 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Curren$y\Verde Terrace\10 - Crack BC ft Young Roddy.mp3
[2015-11-17 15:58:16 | 007,481,689 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle Ft. Dr. Dre 50 Cen 1.mp3
[2015-11-17 15:58:02 | 006,555,456 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle ft.50 cent Dr.Dre.mp3
[2015-04-02 11:31:00 | 012,803,273 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Eminem\Relapse\18 Eminem - Crack A Bottle [Feat. Dr. Dre And 50 Cent].mp3
[2015-09-25 06:33:32 | 004,106,318 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\French Montana\Coke Boys\11 - Crack Da Top Ft Cheese.mp3
[2015-09-27 21:40:06 | 006,461,377 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Jay-Z\Studio\In My Lifetime Vol.1\12 - Rap Game - Crack Game.mp3
[2016-01-01 12:03:31 | 006,857,929 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Kanye West\Late Orchestration\03 Crack Music.mp3
[2016-01-01 13:08:51 | 010,903,584 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Kanye West\Late Registration\08 Crack Music.mp3
[2015-05-07 06:47:17 | 008,827,191 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Lil Wayne\07 . Other Albums\Blow\22 Make That Crack.mp3
[2015-10-05 08:34:48 | 008,240,031 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\The Notorious B.I.G\Life After Death\Life After Death Disc 2\5. Ten Crack Commandments.mp3
[2015-09-29 03:10:56 | 007,904,300 | ---- | M] () -- \Users\K7E\Music\Americana\Rap Americano\Tyga\187\01 - Fuckn Crack.mp3
[2008-03-11 12:05:30 | 002,822,617 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Beat Tape\BEATS\Instrumental Fat Joe Ft. Lil WayneThe Crack House-RGF.mp3
[2016-01-17 09:10:31 | 007,851,030 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\R&B, Soul, Pop, Slow & Alternative\SZA\See.SZA.Run\05 - Crack Dreams [Prod by Brandun Deshay].mp3
[2015-01-03 21:25:32 | 007,924,291 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\2 Chainz\Based On A T.R.U. Story\02 - Crack.mp3
[2011-09-15 13:35:56 | 004,235,751 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Curren$y\Verde Terrace\10 - Crack BC ft Young Roddy.mp3
[2015-11-17 15:58:16 | 007,481,689 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle Ft. Dr. Dre 50 Cen 1.mp3
[2015-11-17 15:58:02 | 006,555,456 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Eminem\Before The Relapse\Crack A Bottle ft.50 cent Dr.Dre.mp3
[2015-04-02 11:31:00 | 012,803,273 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Eminem\Relapse\18 Eminem - Crack A Bottle [Feat. Dr. Dre And 50 Cent].mp3
[2015-09-25 06:33:32 | 004,106,318 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\French Montana\Coke Boys\11 - Crack Da Top Ft Cheese.mp3
[2015-09-27 21:40:06 | 006,461,377 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Jay-Z\Studio\In My Lifetime Vol.1\12 - Rap Game - Crack Game.mp3
[2016-01-01 12:03:31 | 006,857,929 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Kanye West\Late Orchestration\03 Crack Music.mp3
[2016-01-01 13:08:51 | 010,903,584 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Kanye West\Late Registration\08 Crack Music.mp3
[2015-05-07 06:47:17 | 008,827,191 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Lil Wayne\07 . Other Albums\Blow\22 Make That Crack.mp3
[2015-10-05 08:34:48 | 008,240,031 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\The Notorious B.I.G\Life After Death\Life After Death Disc 2\5. Ten Crack Commandments.mp3
[2015-09-29 03:10:56 | 007,904,300 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Americana\Rap Americano\Tyga\187\01 - Fuckn Crack.mp3
[2015-04-20 15:28:27 | 000,315,178 | ---- | M] () -- \Users\K7E\Os meus documentos\CRACK\ADBE_CRACK - 32bit.rar
[2015-04-20 15:31:31 | 000,377,747 | ---- | M] () -- \Users\K7E\Os meus documentos\CRACK\ADBE_CRACK - 64bit.rar
[2015-04-20 15:28:27 | 000,001,126 | ---- | M] () -- \Users\K7E\Os meus documentos\CRACK\APCS5 - Crack Read Me.txt
[2015-09-12 01:40:11 | 001,368,008 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic close.wav
[2015-09-12 01:40:11 | 001,368,010 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic medium.wav
[2015-09-12 01:40:00 | 001,404,467 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic close.wav
[2015-09-12 01:40:01 | 001,404,469 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic medium.wav
[2015-09-12 02:22:44 | 007,794,673 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic close.wav
[2015-09-12 00:58:25 | 007,794,675 | ---- | M] () -- \Users\K7E\Os meus documentos\Os meus vídeos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic medium.wav
[2015-09-12 01:40:11 | 001,368,008 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic close.wav
[2015-09-12 01:40:11 | 001,368,010 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing a - office - mic medium.wav
[2015-09-12 01:40:00 | 001,404,467 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic close.wav
[2015-09-12 01:40:01 | 001,404,469 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing b - office - mic medium.wav
[2015-09-12 02:22:44 | 007,794,673 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic close.wav
[2015-09-12 00:58:25 | 007,794,675 | ---- | M] () -- \Users\K7E\Videos\recente\Nuendo 4\Additional Content\Steinberg Office Sound Library\Steinberg Office Sound\hole puncher large - creaking, crackle-ing c - office - mic medium.wav
[2009-07-14 05:53:46 | 000,006,866 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009-07-14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2016-04-07 18:54:31 | 000,000,266 | ---- | C] () -- C:\Windows\Tasks\WinThruster_UPDATES.job
[2016-04-07 18:54:33 | 000,000,258 | ---- | C] () -- C:\Windows\Tasks\WinThruster_DEFAULT.job

[color=#A23BEC]< *keygen* /s >[/color]
[2014-09-17 14:56:44 | 018,875,009 | ---- | M] () -- \Users\K7E\Documents\cap set\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen (2).zip
[2014-09-17 14:56:44 | 018,875,009 | ---- | M] () -- \Users\K7E\Documents\cap set\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen.zip
[2014-09-17 14:55:04 | 012,523,866 | ---- | M] () -- \Users\K7E\Documents\cap set\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.zip
[2011-09-09 09:43:04 | 000,087,544 | ---- | M] () -- \Users\K7E\Documents\cap set\Autotune v5.08\Autotune v5.08\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen-AiR [h33t][MAMBO04]\keygen.exe
[2006-10-16 00:48:26 | 000,253,432 | ---- | M] () -- \Users\K7E\Documents\cap set\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR\keygen.exe
[2015-07-09 11:30:40 | 018,875,009 | ---- | M] () -- \Users\K7E\Documents\nur\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen (2).zip
[2014-09-17 14:56:44 | 018,875,009 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen (2).zip
[2014-09-17 14:56:44 | 018,875,009 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen.zip
[2014-09-17 14:55:04 | 012,523,866 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR.zip
[2011-09-09 09:43:04 | 000,087,544 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\Autotune v5.08\Autotune v5.08\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen-AiR [h33t][MAMBO04]\keygen.exe
[2006-10-16 00:48:26 | 000,253,432 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\Tone2.Firebird.VSTi.v1.2.1.incl.Keygen-AiR\keygen.exe
[2015-07-09 11:30:40 | 018,875,009 | ---- | M] () -- \Users\K7E\Os meus documentos\nur\IZotope.Ozone.VST.DX.RTAS.HTDM.v4.01.Incl.Keygen (2).zip

[color=#A23BEC]< *serial* /s >[/color]
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009-07-14 18:58:22 | 000,094,208 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\pt-PT\System.RunTime.Serialization.Resources.dll
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009-07-14 09:30:32 | 000,094,208 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\pt-PT\System.RunTime.Serialization.Resources.dll
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Programas\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009-07-14 09:30:32 | 000,094,208 | ---- | M] () -- \Programas\Reference Assemblies\Microsoft\Framework\v3.0\pt-PT\System.RunTime.Serialization.Resources.dll
[2016-03-31 21:39:16 | 000,003,994 | ---- | M] () -- \Users\K7E\AppData\Roaming\Microsoft\Windows\Recent\Office2007Serial.lnk
[2016-03-31 21:39:16 | 000,003,994 | ---- | M] () -- \Users\K7E\Application Data\Microsoft\Windows\Recent\Office2007Serial.lnk
[2015-04-09 11:08:03 | 005,879,445 | ---- | M] () -- \Users\K7E\Documents\A minha música\Rap Luso\Madkutz\Radio V5\17. Serial Skillers - Pior Que Tu (Prod. Beat'einstein) - www.madkutz.com.mp3
[2015-10-11 20:00:46 | 013,239,392 | ---- | M] () -- \Users\K7E\Documents\A minha música\Rock\Enter Shikari\A Flash Flood Of Colour\13. Sssnakepit (Serial Killaz Remix).mp3
[2010-10-15 11:17:44 | 000,000,350 | ---- | M] () -- \Users\K7E\Documents\cap set\stefany\stefany\PSP - Stereopack v1.6 (serial).nfo
[2015-04-09 11:08:03 | 005,879,445 | ---- | M] () -- \Users\K7E\Music\Rap Luso\Madkutz\Radio V5\17. Serial Skillers - Pior Que Tu (Prod. Beat'einstein) - www.madkutz.com.mp3
[2015-10-11 20:00:46 | 013,239,392 | ---- | M] () -- \Users\K7E\Music\Rock\Enter Shikari\A Flash Flood Of Colour\13. Sssnakepit (Serial Killaz Remix).mp3
[2015-04-09 11:08:03 | 005,879,445 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Rap Luso\Madkutz\Radio V5\17. Serial Skillers - Pior Que Tu (Prod. Beat'einstein) - www.madkutz.com.mp3
[2015-10-11 20:00:46 | 013,239,392 | ---- | M] () -- \Users\K7E\Os meus documentos\A minha música\Rock\Enter Shikari\A Flash Flood Of Colour\13. Sssnakepit (Serial Killaz Remix).mp3
[2010-10-15 11:17:44 | 000,000,350 | ---- | M] () -- \Users\K7E\Os meus documentos\cap set\stefany\stefany\PSP - Stereopack v1.6 (serial).nfo
[2016-03-31 21:39:16 | 000,003,994 | ---- | M] () -- \Users\K7E\Recent\Office2007Serial.lnk
[2009-07-14 09:30:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_pt_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-06-10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009-07-14 09:30:32 | 000,094,208 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_pt_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009-07-14 05:43:53 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\39e53f507d9cbc5c10a2f47c4b0d09dd\System.Runtime.Serialization.ni.dll
[2009-07-14 05:43:05 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d57d865568209a71d63739fa448ed6df\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2009-06-10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009-07-14 09:30:20 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\pt-PT\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-06-10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2009-07-14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009-07-14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009-07-14 09:30:27 | 000,011,264 | ---- | M] () -- \Windows\System32\drivers\pt-PT\serial.sys.mui
[2009-07-13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009-07-14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009-07-13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009-07-14 09:30:22 | 000,005,632 | ---- | M] () -- \Windows\System32\pt-PT\serialui.dll.mui
[2014-04-11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014-04-11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2014-04-11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014-04-11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014-04-11 23:48:40 | 001,051,888 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014-04-11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2014-04-11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014-04-11 23:48:40 | 001,051,888 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Runtime.Serialization.dll
[2014-04-11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Runtime.Serialization.Formatters.Soap.dll
[2014-04-11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Runtime.Serialization.Json.dll
[2014-04-11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Runtime.Serialization.Primitives.dll
[2014-04-11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Runtime.Serialization.Xml.dll
[2014-04-11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Xml.Serialization.dll
[2014-04-11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework\v4\System.Xml.XmlSerializer.dll
[2014-04-11 23:48:40 | 001,051,888 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Runtime.Serialization.dll
[2014-04-11 23:48:40 | 000,133,432 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Runtime.Serialization.Formatters.Soap.dll
[2014-04-11 22:08:06 | 000,029,472 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Runtime.Serialization.Json.dll
[2014-04-11 22:08:06 | 000,029,512 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Runtime.Serialization.Primitives.dll
[2014-04-11 22:08:06 | 000,029,976 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Runtime.Serialization.Xml.dll
[2014-04-11 22:08:06 | 000,045,800 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Xml.Serialization.dll
[2014-04-11 22:08:06 | 000,029,928 | ---- | M] () -- \Windows\Temp\NET\4.5\Windows\Microsoft.NET\Framework64\v4\System.Xml.XmlSerializer.dll
[2009-07-14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009-07-14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009-07-14 09:30:45 | 000,005,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_94158901981c23c6_serialui.dll.mui_7d29d2a3
[2009-07-14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009-07-14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2009-07-14 09:29:53 | 000,001,632 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_pt-pt_8304243308cc095f.manifest
[2009-07-14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2009-07-14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009-07-14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009-07-14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2009-06-10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009-07-14 09:30:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_pt-pt_24721e135eb121f3\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-06-10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2009-07-14 09:30:32 | 000,094,208 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_pt-pt_8304243308cc095f\System.RunTime.Serialization.Resources.dll
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2009-07-13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009-07-14 09:30:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_05d712635fc77268\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009-07-14 09:30:22 | 000,005,632 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_94158901981c23c6\serialui.dll.mui
[2009-07-14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009-07-14 09:30:32 | 000,094,208 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_a31eba0106f038a5\System.RunTime.Serialization.Resources.dll
[2009-07-14 09:30:27 | 000,011,264 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_0a60c9f600adc36f\serial.sys.mui
[2009-07-14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009-07-13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009-06-10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll

[color=#A23BEC]< *AutoKMS* /s >[/color]

[color=#A23BEC]< *loader* /s >[/color]
[2014-11-21 16:52:26 | 002,649,280 | ---- | M] () -- \Program Files (x86)\Foxit Software\Foxit Reader\plugins\PlgDynLoader.fpi
[2011-06-20 06:27:16 | 000,000,406 | ---- | M] () -- \Program Files (x86)\V9\PcDoctor\data\html\ksafe_tools\script\sys_tool\js_loader.js
[2014-10-11 13:06:14 | 000,060,712 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2014-10-11 13:06:14 | 000,060,712 | ---- | M] () -- \Program Files\Ficheiros comuns\Apple\Apple Application Support\YSLoader.exe
[2014-11-21 15:52:26 | 002,649,280 | ---- | M] () -- \Program Files\Foxit Software\Foxit Reader\plugins\PlgDynLoader.fpi
[2008-06-20 19:13:32 | 000,080,380 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012-05-03 23:03:14 | 000,370,070 | ---- | M] () -- \Program Files\Youtube Downloader HD\downloader-hd.ico
[2014-12-10 12:20:06 | 028,095,488 | ---- | M] () -- \Program Files\Youtube Downloader HD\YouTubeDownloaderHD.exe
[2016-04-01 09:16:30 | 000,000,061 | ---- | M] () -- \Program Files\Youtube Downloader HD\YoutubeDownloaderHD.url
[2014-10-11 13:06:14 | 000,060,712 | ---- | M] () -- \Programas\Common Files\Apple\Apple Application Support\YSLoader.exe
[2014-10-11 13:06:14 | 000,060,712 | ---- | M] () -- \Programas\Ficheiros comuns\Apple\Apple Application Support\YSLoader.exe
[2014-11-21 15:52:26 | 002,649,280 | ---- | M] () -- \Programas\Foxit Software\Foxit Reader\plugins\PlgDynLoader.fpi
[2008-06-20 19:13:32 | 000,080,380 | ---- | M] () -- \Programas\WinRAR\RarExtLoader.exe
[2012-05-03 23:03:14 | 000,370,070 | ---- | M] () -- \Programas\Youtube Downloader HD\downloader-hd.ico
[2014-12-10 12:20:06 | 028,095,488 | ---- | M] () -- \Programas\Youtube Downloader HD\YouTubeDownloaderHD.exe
[2016-04-01 09:16:30 | 000,000,061 | ---- | M] () -- \Programas\Youtube Downloader HD\YoutubeDownloaderHD.url
[2016-04-01 09:16:30 | 000,001,129 | ---- | M] () -- \ProgramData\Menu Iniciar\Programas\Youtube Downloader HD\Youtube Downloader HD.lnk
[2016-04-01 09:16:30 | 000,001,129 | ---- | M] () -- \ProgramData\Menu Iniciar\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2016-04-01 09:16:30 | 000,001,129 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programas\Youtube Downloader HD\Youtube Downloader HD.lnk
[2016-04-01 09:16:30 | 000,001,129 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD\Youtube Downloader HD.lnk
[2016-04-01 09:16:30 | 000,001,111 | ---- | M] () -- \Users\K7E\Desktop\Youtube Downloader HD.lnk
[2014-12-20 07:48:26 | 012,816,560 | ---- | M] () -- \Users\K7E\Documents\setup_allvideodownloader.exe
[2014-12-31 12:35:26 | 000,414,024 | ---- | M] () -- \Users\K7E\Documents\SoftonicDownloader_para_fl-studio.exe
[2014-01-17 07:22:57 | 020,654,784 | ---- | M] () -- \Users\K7E\Documents\Mobile Applications\iDownloader 1.3.ipa
[2014-01-17 07:23:02 | 008,863,381 | ---- | M] () -- \Users\K7E\Documents\Mobile Applications\iDownloaderFree 2.2.ipa
[2014-12-17 23:15:02 | 000,290,176 | ---- | M] () -- \Users\K7E\Documents\Setups\VDownloader4OC.exe
[2014-12-17 23:22:59 | 017,503,422 | ---- | M] () -- \Users\K7E\Documents\Setups\VDownloaderSetup.exe
[2014-12-17 22:21:16 | 010,136,261 | ---- | M] () -- \Users\K7E\Documents\Setups\youtube_downloader_hd_setup.exe
[2009-07-14 03:26:00 | 000,223,744 | ---- | M] () -- \Users\K7E\Documents\W7\sources\upgloader.dll
[2009-07-14 03:26:00 | 000,025,600 | ---- | M] () -- \Users\K7E\Documents\W7\sources\pt-pt\upgloader.dll.mui
[2013-08-01 12:00:00 | 000,058,854 | ---- | M] () -- \Users\K7E\Documents\wintoflash-40463\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2013-08-01 12:00:00 | 000,058,854 | ---- | M] () -- \Users\K7E\Documents\wintoflash-40463\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2014-12-08 11:46:42 | 000,016,581 | ---- | M] () -- \Users\K7E\Downloads\DRP_15.4_Full\Tools\modules\online_downloader.js
[2014-06-20 17:13:30 | 000,016,139 | ---- | M] () -- \Users\K7E\Downloads\DRP_15.4_Full\Tools\modules\program_downloader.js
[2015-05-05 18:03:30 | 010,136,277 | ---- | M] () -- \Users\K7E\Downloads\Nova pasta\youtube-downloader-hd-2-9-9-21-32-bits [1].exe
[2015-05-05 18:02:26 | 000,736,848 | ---- | M] () -- \Users\K7E\Downloads\Nova pasta\youtube-downloader-hd-2-9-9-21-32-bits.exe
[2014-12-20 07:48:26 | 012,816,560 | ---- | M] () -- \Users\K7E\Os meus documentos\setup_allvideodownloader.exe
[2014-12-31 12:35:26 | 000,414,024 | ---- | M] () -- \Users\K7E\Os meus documentos\SoftonicDownloader_para_fl-studio.exe
[2014-01-17 07:22:57 | 020,654,784 | ---- | M] () -- \Users\K7E\Os meus documentos\Mobile Applications\iDownloader 1.3.ipa
[2014-01-17 07:23:02 | 008,863,381 | ---- | M] () -- \Users\K7E\Os meus documentos\Mobile Applications\iDownloaderFree 2.2.ipa
[2014-12-17 23:15:02 | 000,290,176 | ---- | M] () -- \Users\K7E\Os meus documentos\Setups\VDownloader4OC.exe
[2014-12-17 23:22:59 | 017,503,422 | ---- | M] () -- \Users\K7E\Os meus documentos\Setups\VDownloaderSetup.exe
[2014-12-17 22:21:16 | 010,136,261 | ---- | M] () -- \Users\K7E\Os meus documentos\Setups\youtube_downloader_hd_setup.exe
[2009-07-14 03:26:00 | 000,223,744 | ---- | M] () -- \Users\K7E\Os meus documentos\W7\sources\upgloader.dll
[2009-07-14 03:26:00 | 000,025,600 | ---- | M] () -- \Users\K7E\Os meus documentos\W7\sources\pt-pt\upgloader.dll.mui
[2013-08-01 12:00:00 | 000,058,854 | ---- | M] () -- \Users\K7E\Os meus documentos\wintoflash-40463\Skins\Default\images\Main window - Windows XP emergency bootloader - Loader logo.bmp
[2013-08-01 12:00:00 | 000,058,854 | ---- | M] () -- \Users\K7E\Os meus documentos\wintoflash-40463\Skins\Default\images\Main window - Windows XP recovery console - Loader logo.bmp
[2009-07-14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009-07-14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015-02-05 09:51:10 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2009-07-14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009-07-14 09:30:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f.manifest
[2009-07-14 09:30:45 | 000,035,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f_winload.exe.mui_3bc5b827
[2009-07-14 09:30:45 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f_winresume.exe.mui_ff8b5358
[2009-12-03 21:21:14 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009-12-03 21:21:14 | 000,507,568 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winload.exe_75835076
[2009-12-03 21:21:14 | 000,442,920 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed_winresume.exe_85cd1215
[2009-07-14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009-07-14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009-07-14 09:29:35 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_pt-pt_78ed1619b17ad95f.manifest
[2009-07-14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009-12-03 21:21:01 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009-12-03 21:21:01 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2009-07-14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009-07-14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009-07-14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

[color=#A23BEC]< %APPDATA%\Local\*. >[/color]

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2016-03-31 21:45:34 | 001,761,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\K7E\AppData\Roaming\uTorrent\uTorrent.exe
[2016-03-31 21:45:34 | 001,761,864 | ---- | M] (BitTorrent Inc.) -- C:\Users\K7E\AppData\Roaming\uTorrent\updates\3.4.2_36318.exe

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2016-04-01 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Adobe
[2016-04-06 17:07:31 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\AIMP3
[2016-04-01 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Apple Computer
[2016-04-07 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Dev-Cpp
[2016-04-04 02:15:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Foxit Software
[2016-04-01 09:21:14 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Identities
[2016-04-01 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Media Center Programs
[2016-04-01 09:23:04 | 000,000,000 | --SD | M] -- C:\Users\K7E\AppData\Roaming\Microsoft
[2016-04-01 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Mozilla
[2016-04-07 18:54:20 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Solvusoft
[2016-04-04 02:15:16 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Steinberg
[2016-04-01 09:21:15 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\Synaptics
[2016-04-07 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\uTorrent
[2016-04-07 16:14:25 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\vlc
[2016-04-01 09:21:16 | 000,000,000 | ---D | M] -- C:\Users\K7E\AppData\Roaming\WinRAR

[color=#A23BEC]< %USERPROFILE%\AppData\Local\*.* >[/color]
[2016-03-31 21:43:53 | 000,057,560 | ---- | M] () -- C:\Users\K7E\AppData\Local\GDIPFONTCACHEV1.DAT
[2016-04-07 16:17:06 | 003,009,883 | -H-- | M] () -- C:\Users\K7E\AppData\Local\IconCache.db
[2016-04-04 02:15:11 | 000,016,932 | ---- | M] () -- C:\Users\K7E\AppData\Local\K7E-PC.eml

[color=#A23BEC]< %USERPROFILE%\AppData\Roaming\*.* >[/color]
[2016-04-04 02:15:14 | 000,016,932 | ---- | M] () -- C:\Users\K7E\AppData\Roaming\K7E-PC.eml

[color=#A23BEC]< %systemroot%\assembly\tmp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\temp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC\*.* /S /MD5 >[/color]
[2008-03-10 13:19:22 | 000,053,248 | ---- | M] () MD5=75933586AFD94EA24C5ACD3DBC89A272 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
[2016-03-31 19:56:05 | 000,000,227 | ---- | M] () MD5=7AAE800F9E2A8099F551F3A2668F0E98 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,012,800 | ---- | M] () MD5=C0843F0F45EDEEF233B1E581AE75E3BB -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
[2016-03-31 19:56:05 | 000,000,220 | ---- | M] () MD5=766C30E83EEA591873365DF3DD93448F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,473,600 | ---- | M] () MD5=7AD4D9FABD109432EED91B359CEAE430 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
[2016-03-31 19:56:05 | 000,000,217 | ---- | M] () MD5=F3C7141B19BD0F1E36B13BECA9C376A7 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:14 | 002,676,224 | ---- | M] () MD5=A73E7421449CCA62B0561BAD4C8EF23D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=C4EF0F9452E2806F726186E61B5BA57A -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:16 | 002,846,720 | ---- | M] () MD5=5E2B8B8A5ED016468716B9FF82A1806F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=BC00F323CC3CAFE094A821CCDEC53CDF -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:16 | 000,563,712 | ---- | M] () MD5=D3F1922325BE8E7E1C72BFD8179454CE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=77B8177EE0BC282A033CAE537A3E1600 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:16 | 000,567,296 | ---- | M] () MD5=FB3BC0754921873A65F5FBDCA845E6EE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=EDA61612C5A105C21F2C21C4B7F63850 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:18 | 000,576,000 | ---- | M] () MD5=AFCF5F50C632F3A5598ABC28F196D77C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=A7FCE21E32967D5325B1DEE73C75819E -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:18 | 000,577,024 | ---- | M] () MD5=CCD53738DF4FA27849B6BB05DD67D10D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=89B0BE5AFD14B4C4824781F96E9E4D84 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:18 | 000,577,536 | ---- | M] () MD5=43C280C3B15CEB2472AB560D09629664 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=03CA6E0C9312EB4D809AB11654222135 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:18 | 000,577,536 | ---- | M] () MD5=490807C150B7D8BE44BDE871F4DF8C56 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=13F94D680CDBE21E189F73DA1A9A7DA7 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:20 | 000,578,560 | ---- | M] () MD5=933085360527DE1B4947289CA468184E -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=BC052932B636D5373F4609794F7F2109 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,578,560 | ---- | M] () MD5=25C76C1E29D3E8E7398F0901F558A629 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2016-03-31 19:56:05 | 000,000,218 | ---- | M] () MD5=78157DC8909A8709BE707E6E0C8826CC -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,145,920 | ---- | M] () MD5=D9824A9DD107E598575112B4FF897292 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
[2016-03-31 19:56:05 | 000,000,219 | ---- | M] () MD5=49F259003AF25A16B2C7E43615919BB9 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,159,232 | ---- | M] () MD5=CEBD995DDEAB2C525A5C4E95789BC961 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
[2016-03-31 19:56:05 | 000,000,220 | ---- | M] () MD5=9A69194B7D9BFB32D77D6D5A52DD077B -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,364,544 | ---- | M] () MD5=46F26E2BAFD44960E7F13B2EF80AA0BC -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
[2016-03-31 19:56:05 | 000,000,219 | ---- | M] () MD5=B3135D60A5E7DCFD9A65A34D9F2F538B -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,178,176 | ---- | M] () MD5=D035348EC8968861AF585B7132FE4C7B -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
[2016-03-31 19:56:05 | 000,000,220 | ---- | M] () MD5=DA0CCBE33546018E66D96AE788A07115 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2008-03-10 13:19:22 | 000,223,232 | ---- | M] () MD5=0C453970E89DB1C1EB9DE087E6EAB5BA -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
[2016-03-31 19:56:05 | 000,000,208 | ---- | M] () MD5=60B65154A383C16F86512C0F009E1BC5 -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009-07-14 05:42:34 | 000,356,352 | ---- | M] () MD5=DD2EB5E64619613C4C108CFB192F4950 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009-07-14 05:42:34 | 000,000,325 | ---- | M] () MD5=3A74C27634435F509DC024FEEBE670E5 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009-07-14 05:42:34 | 000,516,096 | ---- | M] () MD5=A02EE61542CAAE25F8A44C9428D30247 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll
[2009-07-14 05:42:34 | 000,000,328 | ---- | M] () MD5=FAF707724A740277714E33A65F4995BF -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini

[color=#A23BEC]< %systemroot%\assembly\GAC_32\*.* /S /MD5 >[/color]
[2009-07-14 02:19:59 | 000,004,608 | ---- | M] () MD5=2CBEAFED3233C20DF11B88DF909CD74F -- C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll
[2009-07-14 02:25:34 | 000,238,080 | ---- | M] () MD5=CA14B4670046CA499087F36070E187D6 -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
[2009-06-10 22:22:50 | 000,069,120 | ---- | M] () MD5=A7C018EA06C5E8F73BB2BBEF072BFBAC -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2009-06-10 22:22:57 | 000,072,192 | ---- | M] () MD5=BBE45F61F5A170FC518F283E872D6F20 -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2009-07-14 02:20:04 | 000,134,656 | ---- | M] () MD5=BFE7E37D0E47FAD0FCB0C959AC566DE5 -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
[2009-07-14 02:22:17 | 000,213,504 | ---- | M] () MD5=E4AD23C1ED2DB7727295D92E8B9225DB -- C:\Windows\assembly\GAC_32\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe
[2009-07-14 02:20:56 | 000,121,856 | ---- | M] () MD5=15483F90F8D22ECE512F3224F69FD5C8 -- C:\Windows\assembly\GAC_32\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll
[2009-07-14 09:30:35 | 000,090,112 | ---- | M] () MD5=BDB988DC21A6824B5E2DB0DE957CE4C1 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_pt_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
[2009-07-14 02:21:26 | 000,189,952 | ---- | M] () MD5=1ABB50BC0EC02F4D16C6300CDAD04EDB -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll
[2009-07-14 02:24:07 | 000,146,432 | ---- | M] () MD5=82FBA2151ACAD6329BF79E845B9C1038 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll
[2009-07-14 02:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009-07-14 02:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2009-07-14 02:22:02 | 000,280,576 | ---- | M] () MD5=607117D7C810DBFA696BAC25BB5EC234 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
[2009-07-14 02:25:23 | 000,129,536 | ---- | M] () MD5=097A68781F1682677E875CAB06969C2D -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll
[2009-07-14 02:22:38 | 000,053,248 | ---- | M] () MD5=965CF066D3FDBA1AF5B53E58F1500529 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll
[2009-12-03 21:21:09 | 000,139,264 | ---- | M] () MD5=F46DB1085E90346C2D191F5D233B6E6B -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll
[2009-07-14 02:23:17 | 000,307,712 | ---- | M] () MD5=2C66DB2944AE9A10CA1E51B7D083742B -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll
[2009-07-14 02:23:55 | 000,008,192 | ---- | M] () MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C -- C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll
[2009-06-10 22:14:03 | 000,163,840 | ---- | M] () MD5=4EF239C0475CE7B45993255D5E474AF7 -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2009-07-14 02:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
[2009-07-14 02:23:22 | 000,019,968 | ---- | M] () MD5=3A353975A7EC8BB4918E8E93BB7F9143 -- C:\Windows\assembly\GAC_32\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
[2009-06-10 22:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
[2009-06-10 22:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
[2009-06-10 22:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2009-06-10 22:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2009-06-10 22:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2009-06-10 22:23:06 | 004,550,656 | ---- | M] () MD5=D262AD9B4F49FA064039D467CCD1B2DD -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2009-06-10 22:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2009-06-10 22:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2009-06-10 22:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2009-06-10 22:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2009-06-10 22:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2009-06-10 22:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2009-06-10 22:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2009-06-10 22:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2009-06-10 22:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2009-06-10 22:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2009-07-14 02:22:14 | 000,046,080 | ---- | M] () MD5=276A2AEC6AB593A5F01544A25B34BE9C -- C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2009-07-14 02:22:23 | 000,107,008 | ---- | M] () MD5=7102A6961F0A526A790704946902B23A -- C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2009-07-13 23:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
[2009-07-14 02:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
[2009-06-10 22:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2009-07-14 02:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2009-06-10 22:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2009-07-14 02:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2009-07-13 23:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
[2009-07-14 02:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
[2009-07-13 23:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
[2009-07-14 02:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
[2009-06-10 22:14:43 | 004,214,784 | ---- | M] () MD5=4D87C59972B6E539FC8942CFC4969B2D -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2009-06-10 22:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2009-06-10 22:14:52 | 001,736,536 | ---- | M] () MD5=56099A6F865EA7771CBB88674545DB44 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2009-06-10 22:23:17 | 000,486,400 | ---- | M] () MD5=12777E85B175899C02C645D839C83506 -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2009-06-10 22:23:17 | 002,933,248 | ---- | M] () MD5=CE24654E99CB7FB24903F8A1826FF343 -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2009-06-10 22:23:18 | 000,258,048 | ---- | M] () MD5=C18C30BFFDF790463B4F5B2311652208 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2009-07-13 21:46:36 | 000,113,664 | ---- | M] () MD5=D16E07E806ABA236B604B92693CE35E0 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2009-06-10 22:14:45 | 000,368,640 | ---- | M] () MD5=B1301F1FF435D9995903A853C0477BE4 -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009-06-10 22:23:19 | 000,261,632 | ---- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2009-06-10 22:23:19 | 005,242,880 | ---- | M] () MD5=F8E8CB1DE71593BF6DA450B2C9E1484E -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

[color=#A23BEC]< %systemroot%\assembly\GAC_64\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >[/color]
[2016-04-07 19:10:39 | 000,066,036 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\MpCmdRun.log
[2016-04-03 23:30:38 | 000,000,684 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog00.sqm
[2016-04-03 23:40:38 | 000,000,260 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog01.sqm
[2016-04-04 23:30:43 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog02.sqm
[2016-04-04 23:40:43 | 000,000,260 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog03.sqm

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes >[/color]
"DefaultScope" = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes >[/color]
"DefaultScope" = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
"DownloadUpdates" = 0
"Version" = 2
"UpgradeTime" = 58 D0 F3 80 36 8D D1 01 [binary data]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009-07-14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009-07-14 02:14:20 | 002,640,896 | ---- | M] (Microsoft Corporation) MD5=1E8100E9998C70AE0CC4BC12FFC886B4 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009-12-03 21:21:09 | 002,640,896 | ---- | M] (Microsoft Corporation) MD5=9C486AF4B497E9449A67709B679EC3BB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009-12-03 21:21:09 | 002,640,896 | ---- | M] (Microsoft Corporation) MD5=FFAA1FE1C79DA8F88B1295D04AB93CE1 -- C:\Windows\explorer.exe
[2009-12-03 21:21:09 | 002,640,896 | ---- | M] (Microsoft Corporation) MD5=FFAA1FE1C79DA8F88B1295D04AB93CE1 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009-07-14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009-07-14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

[color=#A23BEC]< MD5 for: UNINST.EXE >[/color]
[2016-02-10 19:16:52 | 000,185,691 | ---- | M] (V9 PC Doctor) MD5=267F77556E53270EC52DE6C9FE7CB497 -- C:\Program Files (x86)\V9\PcDoctor\uninst.exe
[2016-04-07 19:17:15 | 000,113,400 | ---- | M] () MD5=B176CC3EBDBF8C758AE404826A98E376 -- C:\Program Files\MobileWiFi\uninst.exe
[2016-04-07 19:17:15 | 000,113,400 | ---- | M] () MD5=B176CC3EBDBF8C758AE404826A98E376 -- C:\Programas\MobileWiFi\uninst.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2009-07-14 02:14:43 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=3AC16241CAA9F2097C7B551F2501360F -- C:\Windows\System32\userinit.exe
[2009-07-14 02:14:43 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=3AC16241CAA9F2097C7B551F2501360F -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009-07-14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-07-14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009-07-14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[color=#A23BEC]< regedit /e c:\registrybackup.reg /c >[/color]

[color=#A23BEC]< type c:\boot.ini >> test.txt /c >[/color]

[color=#A23BEC]< %systemroot%\system32\tasks\*.* /s /64 >[/color]
[2016-04-07 18:54:27 | 000,003,094 | ---- | M] () -- C:\Windows\system32\tasks\WinThruster
[2016-04-07 18:54:33 | 000,002,844 | ---- | M] () -- C:\Windows\system32\tasks\WinThruster_DEFAULT
[2016-04-07 18:54:31 | 000,003,000 | ---- | M] () -- C:\Windows\system32\tasks\WinThruster_UPDATES
[2016-03-31 21:37:16 | 000,003,374 | ---- | M] () -- C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate
[2016-04-04 02:08:54 | 000,003,848 | ---- | M] () -- C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35
[2016-04-07 18:00:39 | 000,003,856 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan
[2009-07-14 05:41:15 | 000,004,472 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
[2009-07-14 05:41:15 | 000,003,854 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
[2009-07-14 05:42:10 | 000,002,900 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter
[2009-07-14 05:42:10 | 000,003,790 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
[2009-07-14 05:41:45 | 000,003,458 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent
[2009-07-14 05:41:45 | 000,003,614 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
[2009-07-14 05:37:26 | 000,003,026 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy
[2009-07-14 05:42:29 | 000,001,862 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask
[2009-07-14 05:41:10 | 000,004,130 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
[2009-07-14 05:41:10 | 000,003,868 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask
[2009-07-14 05:53:58 | 000,003,134 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
[2009-07-14 05:42:29 | 000,002,934 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
[2009-07-14 05:41:20 | 000,003,946 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask
[2009-07-14 05:41:47 | 000,003,598 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
[2009-07-14 05:46:36 | 000,003,886 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag
[2009-07-14 05:42:30 | 000,004,018 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Diagnosis\Scheduled
[2016-03-31 18:45:28 | 000,003,758 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
[2016-03-31 18:45:29 | 000,002,538 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
[2009-07-14 05:42:31 | 000,003,554 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications
[2016-04-02 08:33:10 | 000,004,036 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Maintenance\WinSAT
[2016-03-31 18:45:48 | 000,002,420 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
[2016-03-31 18:45:43 | 000,002,448 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
[2016-03-31 18:45:49 | 000,002,592 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
[2016-03-31 18:45:41 | 000,002,400 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit
[2016-03-31 18:45:45 | 000,002,546 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady
[2016-03-31 18:46:00 | 000,002,790 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate
[2016-03-31 18:46:04 | 000,002,954 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask
[2016-03-31 18:46:02 | 000,002,958 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
[2016-03-31 18:45:40 | 000,002,380 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate
[2016-03-31 18:45:38 | 000,002,400 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery
[2016-03-31 18:45:39 | 000,002,384 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery
[2016-03-31 18:45:53 | 000,003,226 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
[2016-03-31 18:45:54 | 000,003,228 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
[2016-03-31 18:45:35 | 000,003,822 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
[2016-03-31 18:46:01 | 000,002,926 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
[2016-03-31 18:46:03 | 000,002,918 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask
[2016-03-31 18:45:52 | 000,003,078 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart
[2016-03-31 18:45:44 | 000,002,408 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch
[2016-03-31 18:45:47 | 000,002,432 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot
[2016-03-31 18:46:02 | 000,002,942 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask
[2016-03-31 18:45:42 | 000,002,736 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath
[2009-07-14 05:41:20 | 000,003,304 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
[2009-07-14 05:41:20 | 000,003,510 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
[2016-03-31 18:45:50 | 000,003,576 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MobilePC\HotStart
[2009-07-14 05:41:56 | 000,003,168 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove
[2009-07-14 05:42:30 | 000,002,602 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Multimedia\SystemSoundsService
[2009-07-14 05:42:09 | 000,002,044 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
[2016-03-31 19:07:13 | 000,004,202 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Offline Files\Background Synchronization
[2016-03-31 18:45:26 | 000,003,058 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Offline Files\Logon Synchronization
[2009-07-14 05:42:28 | 000,002,832 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor
[2009-07-14 05:41:30 | 000,003,752 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
[2009-07-14 05:42:30 | 000,004,370 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\RAC\RacTask
[2009-07-14 05:37:40 | 000,003,052 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Ras\MobilityManager
[2009-07-14 05:42:07 | 000,003,956 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Registry\RegIdleBackup
[2009-07-14 05:42:29 | 000,004,596 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
[2009-07-14 05:42:30 | 000,003,616 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControls
[2009-07-14 05:54:03 | 000,003,912 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
[2016-03-31 18:45:32 | 000,003,784 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\AutoWake
[2016-03-31 18:45:34 | 000,003,612 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\GadgetManager
[2016-03-31 19:09:03 | 000,003,698 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\SessionAgent
[2016-03-31 19:09:18 | 000,003,792 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SideShow\SystemDataProviders
[2009-07-14 05:37:20 | 000,003,942 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
[2009-07-14 05:46:35 | 000,003,506 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR
[2009-07-14 05:41:33 | 000,002,614 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Task Manager\Interactive
[2009-07-14 05:41:09 | 000,003,950 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
[2009-07-14 05:41:09 | 000,004,066 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
[2009-07-14 05:41:29 | 000,002,978 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
[2009-07-14 05:37:51 | 000,003,388 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
[2009-07-14 05:37:30 | 000,001,730 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig
[2009-07-14 05:41:23 | 000,003,420 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
[2009-07-14 05:37:28 | 000,002,682 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WDI\ResolutionHost
[2009-07-14 05:37:20 | 000,003,048 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
[2009-07-14 05:37:44 | 000,003,290 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange
[2009-07-14 05:46:36 | 000,003,304 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
[2016-03-31 18:46:32 | 000,004,370 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
[2009-07-14 05:54:01 | 000,003,532 | ---- | M] () -- C:\Windows\system32\tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016-04-01 21:20:57 | 000,004,468 | ---- | M] () -- C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-3588510771-3446058613-640391472-1000

[color=#A23BEC]< %systemroot%\system32\Tasks\*.* /s >[/color]
[2016-04-07 18:54:27 | 000,003,094 | ---- | M] () -- C:\Windows\system32\Tasks\WinThruster
[2016-04-07 18:54:33 | 000,002,844 | ---- | M] () -- C:\Windows\system32\Tasks\WinThruster_DEFAULT
[2016-04-07 18:54:31 | 000,003,000 | ---- | M] () -- C:\Windows\system32\Tasks\WinThruster_UPDATES
[2016-03-31 21:37:16 | 000,003,374 | ---- | M] () -- C:\Windows\system32\Tasks\Apple\AppleSoftwareUpdate
[2016-04-04 02:08:54 | 000,003,848 | ---- | M] () -- C:\Windows\system32\Tasks\Lenovo\Lenovo Customer Feedback Program 35
[2016-04-07 18:00:39 | 000,003,856 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan
[2009-07-14 05:41:15 | 000,004,472 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
[2009-07-14 05:41:15 | 000,003,854 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
[2009-07-14 05:42:10 | 000,002,900 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\AppID\PolicyConverter
[2009-07-14 05:42:10 | 000,003,790 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
[2009-07-14 05:41:45 | 000,003,458 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\AitAgent
[2009-07-14 05:41:45 | 000,003,614 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
[2009-07-14 05:37:26 | 000,003,026 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Autochk\Proxy
[2009-07-14 05:42:29 | 000,001,862 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask
[2009-07-14 05:41:10 | 000,004,130 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask
[2009-07-14 05:41:10 | 000,003,868 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask
[2009-07-14 05:53:58 | 000,003,134 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam
[2009-07-14 05:42:29 | 000,002,934 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
[2009-07-14 05:41:20 | 000,003,946 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask
[2009-07-14 05:41:47 | 000,003,598 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip
[2009-07-14 05:46:36 | 000,003,886 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag
[2009-07-14 05:42:30 | 000,004,018 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Diagnosis\Scheduled
[2016-03-31 18:45:28 | 000,003,758 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
[2016-03-31 18:45:29 | 000,002,538 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
[2009-07-14 05:42:31 | 000,003,554 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Location\Notifications
[2016-04-02 08:33:10 | 000,004,036 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Maintenance\WinSAT
[2016-03-31 18:45:48 | 000,002,420 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch
[2016-03-31 18:45:43 | 000,002,448 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService
[2016-03-31 18:45:49 | 000,002,592 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
[2016-03-31 18:45:41 | 000,002,400 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ehDRMInit
[2016-03-31 18:45:45 | 000,002,546 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady
[2016-03-31 18:46:00 | 000,002,790 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\mcupdate
[2016-03-31 18:46:04 | 000,002,954 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask
[2016-03-31 18:46:02 | 000,002,958 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
[2016-03-31 18:45:40 | 000,002,380 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\OCURActivate
[2016-03-31 18:45:38 | 000,002,400 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery
[2016-03-31 18:45:39 | 000,002,384 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery
[2016-03-31 18:45:53 | 000,003,226 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1
[2016-03-31 18:45:54 | 000,003,228 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2
[2016-03-31 18:45:35 | 000,003,822 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry
[2016-03-31 18:46:01 | 000,002,926 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask
[2016-03-31 18:46:03 | 000,002,918 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask
[2016-03-31 18:45:52 | 000,003,078 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\RecordingRestart
[2016-03-31 18:45:44 | 000,002,408 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\RegisterSearch
[2016-03-31 18:45:47 | 000,002,432 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot
[2016-03-31 18:46:02 | 000,002,942 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask
[2016-03-31 18:45:42 | 000,002,736 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath
[2009-07-14 05:41:20 | 000,003,304 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
[2009-07-14 05:41:20 | 000,003,510 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
[2016-03-31 18:45:50 | 000,003,576 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MobilePC\HotStart
[2009-07-14 05:41:56 | 000,003,168 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\MUI\LPRemove
[2009-07-14 05:42:30 | 000,002,602 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService
[2009-07-14 05:42:09 | 000,002,044 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo
[2016-03-31 19:07:13 | 000,004,202 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization
[2016-03-31 18:45:26 | 000,003,058 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization
[2009-07-14 05:42:28 | 000,002,832 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor
[2009-07-14 05:41:30 | 000,003,752 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
[2009-07-14 05:42:30 | 000,004,370 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\RAC\RacTask
[2009-07-14 05:37:40 | 000,003,052 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Ras\MobilityManager
[2009-07-14 05:42:07 | 000,003,956 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Registry\RegIdleBackup
[2009-07-14 05:42:29 | 000,004,596 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
[2009-07-14 05:42:30 | 000,003,616 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls
[2009-07-14 05:54:03 | 000,003,912 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration
[2016-03-31 18:45:32 | 000,003,784 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\AutoWake
[2016-03-31 18:45:34 | 000,003,612 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\GadgetManager
[2016-03-31 19:09:03 | 000,003,698 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\SessionAgent
[2016-03-31 19:09:18 | 000,003,792 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders
[2009-07-14 05:37:20 | 000,003,942 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
[2009-07-14 05:46:35 | 000,003,506 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\SystemRestore\SR
[2009-07-14 05:41:33 | 000,002,614 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Task Manager\Interactive
[2009-07-14 05:41:09 | 000,003,950 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1
[2009-07-14 05:41:09 | 000,004,066 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2
[2009-07-14 05:41:29 | 000,002,978 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor
[2009-07-14 05:37:51 | 000,003,388 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime
[2009-07-14 05:37:30 | 000,001,730 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig
[2009-07-14 05:41:23 | 000,003,420 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\User Profile Service\HiveUploadTask
[2009-07-14 05:37:28 | 000,002,682 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WDI\ResolutionHost
[2009-07-14 05:37:20 | 000,003,048 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting
[2009-07-14 05:37:44 | 000,003,290 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange
[2009-07-14 05:46:36 | 000,003,304 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary
[2016-03-31 18:46:32 | 000,004,370 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification
[2009-07-14 05:54:01 | 000,003,532 | ---- | M] () -- C:\Windows\system32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016-04-01 21:20:57 | 000,004,468 | ---- | M] () -- C:\Windows\system32\Tasks\WPD\SqmUpload_S-1-5-21-3588510771-3446058613-640391472-1000

[color=#A23BEC]< %windir%\tasks\*.* /s >[/color]
[2016-04-07 17:52:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009-07-14 05:53:46 | 000,006,866 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
[2016-04-07 18:54:33 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\WinThruster_DEFAULT.job
[2016-04-07 18:54:31 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\WinThruster_UPDATES.job

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 565 bytes -> C:\Users\Public\Documents\K7E-PC.eml:OECustomProperty
@Alternate Data Stream - 565 bytes -> C:\Users\K7E\Documents\K7E-PC.eml:OECustomProperty
@Alternate Data Stream - 565 bytes -> C:\Users\K7E\Desktop\K7E-PC.eml:OECustomProperty

< End of report >

Publicité


Signaler le contenu de ce document

Publicité