OTL logfile created on: 22/06/2013 10:46:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christian\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,75 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 66,82% Memory free 7,49 Gb Paging File | 5,91 Gb Available in Paging File | 78,89% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,44 Gb Total Space | 369,53 Gb Free Space | 82,04% Space Free | Partition Type: NTFS Drive E: | 14,91 Gb Total Space | 14,83 Gb Free Space | 99,49% Space Free | Partition Type: FAT32 Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/06/22 10:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe PRC - [2013/06/13 13:08:24 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009/11/20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009/08/28 02:12:54 | 001,218,056 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/25 23:28:27 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe PRC - [2009/08/25 22:06:20 | 000,077,824 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2009/11/20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009/08/12 02:29:42 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService) SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV:[b]64bit:[/b] - [2006/12/11 18:12:22 | 000,566,192 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxcrcoms.exe -- (lxcr_device) SRV:[b]64bit:[/b] - [2006/08/05 10:48:30 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService) SRV - [2013/06/13 13:08:26 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/08/28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/08/25 22:06:20 | 000,077,824 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2006/12/11 18:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxcrcoms.exe -- (lxcr_device) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2013/05/09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2013/05/09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2013/05/09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2013/03/07 01:33:20 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2012/09/19 11:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:[b]64bit:[/b] - [2012/09/19 11:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/07/30 07:51:52 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:[b]64bit:[/b] - [2010/06/24 15:00:14 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) DRV:[b]64bit:[/b] - [2010/04/27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 006,204,928 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 000,142,848 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2009/10/02 21:46:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:[b]64bit:[/b] - [2009/09/21 21:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009/09/18 06:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009/09/02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009/07/21 07:13:12 | 000,006,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim) DRV:[b]64bit:[/b] - [2009/07/21 07:13:10 | 000,025,088 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric) DRV:[b]64bit:[/b] - [2009/07/18 00:00:12 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009/07/18 00:00:12 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/25 04:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009/06/15 13:45:35 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2009/06/15 13:45:35 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:[b]64bit:[/b] - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/06/05 03:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:[b]64bit:[/b] - [2009/05/31 11:43:44 | 000,305,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:[b]64bit:[/b] - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:[b]64bit:[/b] - [2007/09/17 15:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2006/10/19 04:33:34 | 001,513,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV) DRV:[b]64bit:[/b] - [2006/10/19 04:31:12 | 000,296,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL) DRV:[b]64bit:[/b] - [2006/10/19 04:30:10 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf) DRV:[b]64bit:[/b] - [2006/08/05 10:42:48 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) DRV:[b]64bit:[/b] - [2006/06/20 07:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2010/06/24 15:00:14 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009/09/02 19:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008/09/30 19:42:20 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_8530&r=273607107806l04d8z1m5t45l1d660 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{34BB2D5A-9BC5-5491-B45D-7F1CD778BCE4}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0FyCyB0B0C0Bzz0A0DzztDzzyD0D0F0CtN0D0Tzu0CyEzyyBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1051383879&ir= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_8530&r=273607107806l04d8z1m5t45l1d660 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{263D34D3-2A1E-6FC6-F15F-4D1C65E1CA4C}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0FyCyB0B0C0Bzz0A0DzztDzzyD0D0F0CtN0D0Tzu0CyEzyyBtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu2Z2Y1N2Y1H1B1Q&cr=1051383879&ir= IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://reductions.economiser.com IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_fr IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://reductions.economiser.com IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-18\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_fr IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_8530&r=273607107806l04d8z1m5t45l1d660 IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes,DefaultScope = {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{0CADDC37-FD78-4C23-8065-30C5FCBBD8F3}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=fr_FR&apn_ptnrs=U3&apn_dtid=OSJ000YYFR&apn_uid=23914599-DC6D-4DB6-9487-18601270F538&apn_sauid=9CD89F45-AEAC-435F-890A-6754CD1EC8E4& IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{34BB2D5A-9BC5-5491-B45D-7F1CD778BCE4}: "URL" = http://www2.delta-search.com/?q={searchTerms}&affID=120519&tt=gc_050513_d9119_gc_&babsrc=SP_ss&mntrId=AC2BF67BCB8AD808 IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=880F425001CB50C2001C2F98&install_time=2010-09-10T08:30:35Z&src_id=11451&camp_id=1226&tb_version=2.5.15000.521 IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_fr IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_fr_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ee31a72c74fc47b5a4a3732c2eb5051e_39_1006_20130421_FR_ie_ds_&query={searchTerms} IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.offerbox.com [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll File not found FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\autolyrics@man-soft.net: C:\Program Files (x86)\AutoLyrics\FF\ [2013/03/03 13:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_fr_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ee31a72c74fc47b5a4a3732c2eb5051e_39_1006_20130421_FR_cr_sp_ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Software Update (Enabled) = C:\Program Files (x86)\Software\Update\1.2.201.0\npSoftwareOneClick8.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Documents Google = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google\u00A0Drive = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Recherche Google = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: MySearchDial = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\8.0.1_0\ CHR - Extension: Gmail = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {cea9033b-1d9b-415f-aff2-a5bd70e29094} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (no name) - {8b9a9482-c727-4e6c-a186-41e43c230d3a} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-1844552988-1330755165-207100344-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{923BC229-EEF7-45D3-97B3-28E627BB6AD9}: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0cb72b04-442b-11e0-bcfa-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{0cb72b04-442b-11e0-bcfa-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{2fe6222a-2bbc-11e0-9bd6-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{2fe6222a-2bbc-11e0-9bd6-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{48213013-4fbb-11e0-83c0-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{48213013-4fbb-11e0-83c0-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{4d108e71-1e92-11e0-be59-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{4d108e71-1e92-11e0-be59-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{cf447d97-441c-11e0-a1da-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{cf447d97-441c-11e0-a1da-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{cf447dd3-441c-11e0-a1da-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{cf447dd3-441c-11e0-a1da-00262d90d46d}\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O33 - MountPoints2\{e7189e07-aadc-11e0-881d-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{e7189e07-aadc-11e0-881d-00262d90d46d}\Shell\AutoRun\command - "" = E:\ICM_Manager.exe O33 - MountPoints2\{e7189e09-aadc-11e0-881d-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{e7189e09-aadc-11e0-881d-00262d90d46d}\Shell\AutoRun\command - "" = E:\ICM_Manager.exe O33 - MountPoints2\{ebdd3d3f-4059-11e2-ad6f-00262d90d46d}\Shell - "" = AutoRun O33 - MountPoints2\{ebdd3d3f-4059-11e2-ad6f-00262d90d46d}\Shell\AutoRun\command - "" = E:\ICM_Manager.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRunCardDetector.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]ArcadeDeluxeAgent[/b] - hkey= - key= - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: [b]Boxore Client[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]combroadcaster[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]Exetender[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]EzPrint[/b] - hkey= - key= - C:\Program Files (x86)\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.) MsConfig:64bit - StartUpReg: [b]Iminent[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]IminentMessenger[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]KiesPDLR[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () MsConfig:64bit - StartUpReg: [b]KiesPreload[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) MsConfig:64bit - StartUpReg: [b]KiesTrayAgent[/b] - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) MsConfig:64bit - StartUpReg: [b]LXCRCATS[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]lxcrmon.exe[/b] - hkey= - key= - C:\Program Files (x86)\Lexmark 2400 Series\lxcrmon.exe () MsConfig:64bit - StartUpReg: [b]mwlDaemon[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]offerbox[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]PlayMovie[/b] - hkey= - key= - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) MsConfig:64bit - StartUpReg: [b]swg[/b] - hkey= - key= - File not found MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] mcmscsvc - Service SafeBootMin:[b]64bit:[/b] MCODS - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: mcmscsvc - Service SafeBootMin: MCODS - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] mcmscsvc - Service SafeBootNet:[b]64bit:[/b] MCODS - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] MpfService - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: mcmscsvc - Service SafeBootNet: MCODS - Service SafeBootNet: Messenger - Service SafeBootNet: MpfService - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/06/22 10:42:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe [2013/06/18 20:20:37 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes [2013/06/18 20:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/06/13 13:05:09 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/06/13 13:05:09 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/06/13 13:04:48 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/06/13 13:04:44 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/06/13 13:04:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/06/13 13:04:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/06/13 13:04:43 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/06/13 13:04:43 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/06/13 13:04:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/06/13 13:04:35 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013/06/13 13:04:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013/06/13 13:04:29 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/06/13 13:04:22 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013/06/13 13:04:21 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013/06/13 13:04:20 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013/06/13 13:04:19 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013/06/13 13:04:19 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013/06/13 13:04:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013/06/13 13:03:51 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/06/13 13:03:51 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/06/12 10:52:55 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\{D96651BB-8DD4-4090-B16E-67EE50BC16BB} [2013/06/08 10:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013/06/08 10:38:07 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2013/06/08 10:38:07 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2013/06/08 10:38:07 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013/05/25 11:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2009/11/03 21:42:43 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/06/22 10:49:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2013/06/22 10:45:39 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/22 10:45:39 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/22 10:42:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe [2013/06/22 10:37:45 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/06/22 10:36:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/22 10:34:41 | 3018,559,488 | -HS- | M] () -- C:\hiberfil.sys [2013/06/22 10:31:56 | 000,648,201 | ---- | M] () -- C:\Users\Christian\Desktop\adwcleaner.exe [2013/06/22 10:27:17 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/22 10:27:14 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/06/21 09:48:15 | 000,001,463 | ---- | M] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk [2013/06/19 09:11:37 | 001,579,154 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/06/19 09:11:37 | 000,707,256 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2013/06/19 09:11:37 | 000,618,536 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/06/19 09:11:37 | 000,132,062 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2013/06/19 09:11:37 | 000,107,580 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/06/13 13:08:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/06/13 13:08:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/06/12 10:16:32 | 000,001,028 | ---- | M] () -- C:\Windows\wininit.ini [2013/06/11 17:25:55 | 000,000,330 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\wklnhst.dat [2013/06/11 16:44:07 | 001,392,036 | ---- | M] () -- C:\Users\Christian\Documents\414.JPG [2013/06/01 10:00:14 | 002,132,706 | ---- | M] () -- C:\Users\Christian\Desktop\polo6.jpg [2013/06/01 09:59:45 | 000,400,153 | ---- | M] () -- C:\Users\Christian\Desktop\polo2.jpg [2013/06/01 09:49:56 | 000,520,196 | ---- | M] () -- C:\Users\Christian\Desktop\polo3.jpg [2013/06/01 09:49:26 | 002,048,688 | ---- | M] () -- C:\Users\Christian\Desktop\polo4.jpg [2013/05/28 12:32:03 | 000,002,283 | ---- | M] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/05/25 10:58:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/06/22 10:49:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2013/06/21 10:29:27 | 000,648,201 | ---- | C] () -- C:\Users\Christian\Desktop\adwcleaner.exe [2013/06/21 09:48:15 | 000,001,463 | ---- | C] () -- C:\Users\Christian\Desktop\Internet Explorer.lnk [2013/06/01 10:00:09 | 002,132,706 | ---- | C] () -- C:\Users\Christian\Desktop\polo6.jpg [2013/06/01 09:49:52 | 000,520,196 | ---- | C] () -- C:\Users\Christian\Desktop\polo3.jpg [2013/06/01 09:49:22 | 002,048,688 | ---- | C] () -- C:\Users\Christian\Desktop\polo4.jpg [2013/05/25 11:11:38 | 000,002,283 | ---- | C] () -- C:\Users\Christian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/05/06 16:22:36 | 001,653,938 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/03/30 17:35:12 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2011/09/17 16:12:21 | 000,000,000 | ---- | C] () -- C:\Users\Christian\AppData\Local\{72AF5A46-975B-4FE9-AB13-C11C3CEA95B0} [2011/07/10 14:15:12 | 000,015,872 | ---- | C] () -- C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/05/06 22:03:40 | 000,000,330 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\wklnhst.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013/04/16 10:23:23 | 000,000,000 | -HSD | M] -- C:\Users\Christian\AppData\Roaming\.# [2013/04/19 11:15:52 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Canon [2013/05/12 08:24:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FIXIO PC Utilities [2010/09/21 10:08:57 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FUJIFILM [2010/08/02 13:02:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GameConsole [2012/04/15 20:57:13 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Icones [2010/10/29 14:32:09 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OtakuSoftware [2010/10/01 09:48:23 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PC Suite [2013/05/06 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\player [2010/08/03 13:32:04 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PowerCinema [2011/07/10 14:00:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Samsung [2013/06/19 09:40:44 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Shareaza [2011/11/30 12:36:45 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\SoftDMA [2013/06/18 11:32:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Systweak [2010/08/26 14:22:35 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TeamViewer [2012/09/27 18:45:19 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Template [2010/10/29 12:24:22 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Windows Live Writer [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2013/06/22 10:33:30 | 000,033,831 | ---- | M] () -- C:\AdwCleaner[S1].txt [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2009/07/27 22:40:53 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013/06/22 10:34:41 | 3018,559,488 | -HS- | M] () -- C:\hiberfil.sys [2013/06/22 10:34:51 | 4024,745,984 | -HS- | M] () -- C:\pagefile.sys [2010/03/04 12:33:14 | 000,003,468 | RHS- | M] () -- C:\Patch.rev [2013/06/22 10:49:05 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2010/07/29 20:20:22 | 000,000,186 | RHS- | M] () -- C:\Preload.rev [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2010/08/03 13:18:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint [2010/07/29 20:31:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer [2010/07/29 20:41:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Arcade Deluxe [2009/11/03 21:49:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer GameZone [2009/11/03 06:56:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Acer Inc [2013/03/18 20:37:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2013/06/19 09:37:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon [2010/07/29 20:26:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD [2010/07/29 20:25:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies [2011/03/16 12:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CardDetector [2013/06/22 10:33:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2010/07/29 20:39:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink [2010/10/31 21:45:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DeskSpace [2013/06/22 10:28:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Economiser [2013/06/19 23:41:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2012/09/18 17:56:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GUM8129.tmp [2013/03/30 17:35:01 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2013/06/19 09:14:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2013/06/08 10:38:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java [2010/07/29 20:29:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Launch Manager [2010/08/03 13:20:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 2400 Series [2011/03/31 10:55:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Fax Solutions [2010/08/03 13:18:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Toolbar [2011/07/10 13:28:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny [2011/03/01 18:31:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAnyContentSAFER [2010/07/30 04:26:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2013/03/14 11:57:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight [2010/11/01 11:57:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework [2010/07/29 20:57:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012/10/11 19:40:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works [2010/11/23 14:57:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2013/03/03 13:59:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2010/10/05 10:57:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache [2010/07/29 20:49:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0 [2011/07/10 14:26:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MyFree Codec [2013/05/12 08:18:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MyPC Backup [2009/11/03 06:47:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NewTech Infosystems [2010/07/29 20:28:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nuvoton Technology Corporation [2011/05/26 10:21:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Orange [2011/07/15 11:20:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Connectivity Solution [2010/07/29 20:30:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek [2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2011/07/10 13:33:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung [2013/03/03 14:00:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SoftwareUpdater [2010/07/29 20:27:59 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp [2013/05/06 16:24:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tuguu SL [2009/07/14 06:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2013/03/03 13:59:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vittalia [2010/07/30 06:03:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2013/04/21 09:36:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live [2011/07/25 17:08:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2011/07/25 17:08:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2011/07/25 17:08:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2011/07/25 17:08:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2011/07/25 17:08:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color] [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\winsxs\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_ddc3da0b75baa7e0\appmgmts.dll [2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\winsxs\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_e818845daa1b69db\appmgmts.dll [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe [2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe [2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe [2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe [2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe [2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010/07/30 05:51:03 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2010/07/30 05:51:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2010/07/30 05:51:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2010/07/30 05:51:03 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\SysWOW64\hidserv.dll [2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hidserv.dll [2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\SysNative\hidserv.dll [2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hidserv.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=0DE3069D6E09BA262856EF31C941BEFE -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_c29fba0fc87cc5a4\imm32.dll [2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\SysWOW64\imm32.dll [2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\SysNative\imm32.dll [2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2011/07/16 07:21:15 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=06835B46D9676BEDD80AF25ACF6845FD -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_f083035588e611da\kernel32.dll [2011/05/14 09:20:00 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=0E1B2E16235AA7F89F064EE75DFC905E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll [2011/05/14 08:22:22 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=166116134C58DC36400DE59ACD64FB39 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll [2012/08/20 21:02:39 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=1BDA5DB0C493B390C2DFD09139140DE1 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_f093daaf88d88568\kernel32.dll [2012/10/04 19:41:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DC3504CA4C57900F1557E9A3F01D272 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll [2012/10/04 19:32:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DDCACAB8DA5399E5521051923016B18 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll [2011/07/16 06:21:33 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=2113248DB2D1AF9CA790B09F3E6C6E85 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21010_none_fad7ada7bd46d3d5\kernel32.dll [2011/07/16 07:28:00 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=27AC02D8EE4C02E7648C41CB880151DA -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll [2012/08/20 19:31:14 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=305681B4B695D4A888B941965FFC2C17 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_fc688f63baad32ee\kernel32.dll [2012/08/18 13:17:55 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=33616DACC75C9E105DAE944120DB4274 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_fa5fe69aa41ac3c9\kernel32.dll [2013/01/04 06:51:08 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=385BE92E3106491BBB542F8F1C06C606 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_fa5ee836a41ba799\kernel32.dll [2011/05/14 08:32:33 | 000,837,120 | ---- | M] (Microsoft Corporation) MD5=40EACEE0B6432CBE2459A11B298E9D88 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_fa543a76a42398d3\kernel32.dll [2013/01/04 07:30:34 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=43DB3433F141F01E53D1C5AA0F434098 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_f00a3de46fbae59e\kernel32.dll [2011/07/16 06:30:27 | 001,048,576 | ---- | M] (Microsoft Corporation) MD5=4EA99F1644627B1EBAD99D0B93CDEE1C -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_fa22f90aa449708d\kernel32.dll [2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=5B4B379AD10DEDA4EDA01B8C6961B193 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll [2012/10/04 18:36:32 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5FA395364EE727E4BEE6B1406C207F98 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll [2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) MD5=606ECB76A424CC535407E7A24E2A34BC -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll [2012/08/20 20:24:09 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=624B34180C79D67C470C155DB81FFB8E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22091_none_f213e511864c70f3\kernel32.dll [2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\SysNative\kernel32.dll [2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll [2011/05/14 09:11:10 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=6743E8705A96FCBF71279B5AE2CCFDBC -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll [2011/06/03 07:58:27 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=6EB2AEE15C20681E323E9A3E334FE6CF -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_fa9ef84dbd7012f1\kernel32.dll [2012/10/04 19:29:16 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6EED0D77C20137948979EA47360A890B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll [2010/11/20 15:26:42 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=7A6326D96D53048FDEC542DF23D875A0 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll [2013/01/04 06:52:09 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=7E55988F5CB3BA67E2732370E8D71BBB -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll [2011/06/03 08:54:47 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=8225958BAC83EAFCDB6BAB6EE5EDF6E6 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.20978_none_f04a4dfb890f50f6\kernel32.dll [2012/08/20 19:51:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=85660067ECD49B6E302347EFCC2F72A5 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21306_none_fae88501bd394763\kernel32.dll [2012/08/18 17:37:49 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=8E7F88A62E1AA28F15C0D6784E4C78B6 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17107_none_f00b3c486fba01ce\kernel32.dll [2011/05/14 09:36:24 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=98DA1B7572DAD6BA10296E0DF0950B37 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16816_none_efff90246fc2d6d8\kernel32.dll [2011/07/16 06:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=99C3F8E9CC59D95666EB8D8A8B4C2BEB -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll [2012/08/20 19:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9B98D47916EAD4F69EF51B56B0C2323C -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_fc20fc2ea15dceba\kernel32.dll [2012/11/30 06:57:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9CC2571E3646B9A24296AD7ADCC71682 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll [2013/01/04 16:14:42 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=9DD828EFBD17246275E8A74D58E836AC -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_f0890ca988e09e80\kernel32.dll [2012/10/04 18:54:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A6778FC49011313995A4D718F624CC74 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll [2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\SysWOW64\kernel32.dll [2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll [2012/11/30 07:52:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B3BEA6420D482356E53B7C728E05C637 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll [2012/11/30 07:38:48 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B6B1AB98BA656BA1D8E0CA03F59DED51 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll [2013/01/04 07:36:09 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=B844114B247D8EF1E5E4E93A282D2E6F -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll [2011/07/16 07:37:12 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B9B42A302325537D7B9DC52D47F33A73 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll [2012/11/30 07:06:48 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C95793F4BE3471AEED92F5BF367BE69E -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll [2011/05/14 09:33:36 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=CC5CBC069944E7EA70D8674478A70A37 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll [2011/07/16 06:49:33 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D3CB12854171DF61D117D7C2BF22C675 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll [2012/10/04 18:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D4F3176082566CEFA633B4945802D4C4 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll [2011/07/16 07:21:32 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=DDBD24DC04DA5FD0EDF45CF72B7C01E2 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16850_none_efce4eb86fe8ae92\kernel32.dll [2012/10/04 18:56:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=DE7A37CB1F48526A78A2D42786411578 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll [2012/11/30 07:43:53 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=E3BC37881D92EB59EE0BA3B854A54D1E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll [2012/11/30 06:51:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=E747ADB6223DBBE1BB138F08A09ADAD6 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll [2010/11/20 14:08:56 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=E80758CF485DB142FCA1EE03A34EAD05 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll [2012/08/20 20:48:35 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=EAF41CFBA5281834CBC383C710AC7965 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17932_none_f1cc51dc6cfd0cbf\kernel32.dll [2012/10/04 19:37:46 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=F3C594D0DA3ACFA6C7B781A490AB4282 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll [2013/01/04 06:51:07 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F9F6CD9EF1F6C896A56B5259B81027D9 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_faddb6fbbd41607b\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2009/07/14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll [2010/11/20 15:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll [2010/11/20 15:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll [2010/11/20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll [2010/11/20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll [2009/07/14 03:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2010/11/20 15:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys [2012/08/31 20:02:20 | 001,656,688 | ---- | M] (Microsoft Corporation) MD5=184C189D4FC416978550FC599BB4EDDA -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17119_none_02b5b16c36606152\ntfs.sys [2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys [2011/03/11 08:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys [2011/03/11 08:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys [2011/03/11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys [2013/04/12 16:36:57 | 001,679,208 | ---- | M] (Microsoft Corporation) MD5=91127EC56F7BA2182EA1340DC00F98E5 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21499_none_02e8d2a34fbedaf2\ntfs.sys [2013/04/12 16:36:37 | 001,653,096 | ---- | M] (Microsoft Corporation) MD5=9A6089B056EA1B83B36424FC9D0A300E -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17281_none_0262018e36a05758\ntfs.sys [2011/03/11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys [2013/04/12 16:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys [2012/08/31 19:57:17 | 001,687,408 | ---- | M] (Microsoft Corporation) MD5=B2746D84DDF68D09B41B72DF745CCBA6 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22104_none_052b7b9d4ca0cf8b\ntfs.sys [2013/04/12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\SysNative\drivers\ntfs.sys [2013/04/12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys [2012/08/31 20:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17945_none_0477c74a33a2859a\ntfs.sys [2012/08/31 20:19:30 | 001,680,240 | ---- | M] (Microsoft Corporation) MD5=FDC7C8346B6D8274631951F1469F95D7 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21316_none_033c4f3f4f80b23e\ntfs.sys [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2009/07/14 03:39:28 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=19117589BA265AAF89BEBE1E9040000C -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_83bbe97eac162e90\proquota.exe [2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\SysWOW64\proquota.exe [2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_29ce61c2f0a740f4\proquota.exe [2009/07/14 03:14:29 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=8CDF71E78469BE54C29C1AD2FC8DE611 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_279d4dfaf3b8bd5a\proquota.exe [2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\SysNative\proquota.exe [2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_85ecfd46a904b22a\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll [2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll [2009/07/14 03:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2012/02/11 08:29:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=567977DC43CC13C4C35ED7084C0B84D5 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe [2012/02/11 08:26:04 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=807B5B0E287027F72AC37B0CDA9512DA -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe [2010/08/20 07:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe [2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe [2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe [2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe [2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe [2012/02/11 08:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe [2010/08/21 08:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2009/07/14 03:41:55 | 000,706,560 | ---- | M] (Microsoft Corporation) MD5=0F05EC2887BFE197AD82A13287D2F404 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll [2010/11/20 15:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\SysNative\termsrv.dll [2010/11/20 15:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys [2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2010/12/18 07:31:01 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=025031C16D3A486F6AFE1C9B2FB1ADE0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll [2012/02/28 08:27:38 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=05ED629EB0A11CAFB87EFB7847943312 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_7b3a41eb48a517c0\wininet.dll [2012/02/28 08:35:54 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=063FB03BDCD3431E87550C7E7F0913EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_78b0d87632731417\wininet.dll [2013/03/02 06:28:05 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=073488F3805ADC63DFFDDC6247DD9F4E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22272_none_1ef142ef90675d35\wininet.dll [2010/09/08 07:36:17 | 001,192,960 | ---- | M] (Microsoft Corporation) MD5=09E42C1CE2199E0442E3531A599983A8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_789f00d232818732\wininet.dll [2012/10/27 07:36:37 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=0D5335A61B9D69A61C683A6AB440E3A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17153_none_78b680f8326fa9dc\wininet.dll [2012/08/24 18:58:13 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=0D5ADA91A4176674D12DC990DD022E84 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22099_none_1ee2a15190714c2a\wininet.dll [2009/07/14 03:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) MD5=0D874F3BC751CC2198AF2E6783FB8B35 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll [2013/03/04 06:48:19 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=109DD2D8F7A7A013C1A93CBA3138E532 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21484_none_1d02169193473fe8\wininet.dll [2012/10/27 06:56:29 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=16E1C86531C6DDA240D2A64603D99F99 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21355_none_1d2384b9932e0845\wininet.dll [2013/04/10 07:15:16 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=17C56679D382A022500E1ACE21BB4EF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22296_none_1edfa43f9073fa73\wininet.dll [2011/11/05 06:31:42 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=1903228FE0C7D402B26A217F8D7713FD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_1f0a05d1905446a1\wininet.dll [2011/11/05 06:35:00 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=19714FA7D7204D9BEE1EE12791DA9010 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_1e9bd7587722d451\wininet.dll [2011/06/21 08:20:53 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=1A36497983C867FB85FF1DCD4933015F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_7ab7a35a2f812f09\wininet.dll [2010/12/21 07:29:12 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=1B3DD46BC6396143A205EAAF05F38039 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll [2010/12/21 08:09:07 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=1D3466E7E9D63F8B2B84A8AD5E833C29 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_79346fb94b962189\wininet.dll [2011/08/20 06:38:10 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=1DBC7303366C0C9B80E51C4B4BECB7ED -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll [2011/02/24 07:32:44 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=214605C48AE416BC067C39D227CFCC57 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll [2012/12/20 16:01:55 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=2369627A789B29866825BD9504F7B237 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22199_none_7b013ebb48ceba87\wininet.dll [2012/10/27 07:54:52 | 001,198,592 | ---- | M] (Microsoft Corporation) MD5=245F82821B1E47ED7EA1D1B03DB666EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21355_none_7942203d4b8b797b\wininet.dll [2010/06/30 08:25:31 | 000,978,432 | ---- | M] (Microsoft Corporation) MD5=250267CE6217C1AB4517F22FB7EA13E8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll [2010/09/08 07:29:57 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=25B069DDF6206EF3C968179F98D351C7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_7916feed4babc43a\wininet.dll [2012/05/15 05:03:54 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=2606B35DDADCA19BEA9A08033C621B97 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_1e8839fa77313c08\wininet.dll [2011/04/22 21:31:50 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=27CDAF355CCE3762C7F13719E814418B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_1ccb184479ec335c\wininet.dll [2013/05/16 13:46:30 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=28A4FE5EAE1156CBBEEFBBCDE47E16F5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22326_none_1f2b5599903b3403\wininet.dll [2011/08/20 07:26:06 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=2B4973A8A9D0336EEF6E10DBD6E5B87D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_7afd5fbf48d22a74\wininet.dll [2011/04/22 21:10:01 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=2CA020EACDC6DDB2BEA89FEA02C90945 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_1eb275947711b89f\wininet.dll [2013/02/28 18:34:37 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=2CB9A124659320621A9A0B134ADF9D43 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17256_none_78b983bc326cf308\wininet.dll [2011/04/23 00:08:29 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=2DCA688631F71722B0B5E57F526BB2EB -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_7ad111182f6f29d5\wininet.dll [2012/02/28 08:51:34 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=2F6A29DAE9BAC86BE14CD2FF1261FDD5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_79451d4f4b88cb32\wininet.dll [2012/08/24 20:19:37 | 001,198,592 | ---- | M] (Microsoft Corporation) MD5=37ABD0F9CB119F50E5C33C6B9A356D54 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21313_none_796b5f594b6cd709\wininet.dll [2013/03/04 07:41:39 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=3BD77CF56FF4B03BA390379F67259258 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21484_none_7920b2154ba4b11e\wininet.dll [2010/09/08 06:30:04 | 000,978,432 | ---- | M] (Microsoft Corporation) MD5=3D6AA6DD4D0F3BB41B804747EB489831 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_1c80654e7a2415fc\wininet.dll [2010/06/30 09:13:46 | 001,192,960 | ---- | M] (Microsoft Corporation) MD5=3DEB428ACD3D4DECD1619C24E4628DD2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_78d91196325560d9\wininet.dll [2012/05/15 04:51:09 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=3E5195AB78F4DCE48E04CC6979D9B428 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_1edec8079074b38c\wininet.dll [2010/05/21 07:59:29 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=40643F8400F5C05770EE8F1373BBE3EA -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_796e7e974b69fe09\wininet.dll [2012/10/27 08:26:55 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=42C671E0525618E23371D0E68282F37C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17984_none_1e5efcc4774fdba1\wininet.dll [2012/08/24 19:10:47 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=4408FA39C6DCF639C6CC34059E201D16 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17115_none_1cc525b879effb90\wininet.dll [2010/11/20 14:21:36 | 000,980,992 | ---- | M] (Microsoft Corporation) MD5=44214C94911C7CFB1D52CB64D5E8368D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll [2012/08/24 20:05:06 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=443D30EB805EEEE1E31C91ADCC82AB89 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17940_none_7aa4d6d02f9077b7\wininet.dll [2011/06/21 08:20:48 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=463302B41295A7FCAAC655CCB5DE79F8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_78d2469e3259dc74\wininet.dll [2010/11/04 08:41:11 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=480E62DF24AD9019824344612CD7CF16 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_7953df334b7eb45f\wininet.dll [2011/02/24 08:29:15 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=4DAEEEE0248F5D85751B05D9C6DA28CC -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_78aed4163274e71b\wininet.dll [2011/11/05 07:41:43 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=4EFC156290537BB9706D3A7A1A4B8733 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17720_none_7aba72dc2f804587\wininet.dll [2012/08/24 18:57:48 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=4F4E2103C7F8A2AB6679071855549C93 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17940_none_1e863b4c77330681\wininet.dll [2012/05/15 05:57:07 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=507FBE142C77A32C1AE56CA35B6A7307 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21995_none_7afd638b48d224c2\wininet.dll [2012/06/27 07:49:12 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=54D506A1F7D9E1AF6439F7A06CC6488A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22032_none_1f1c7ed39046f323\wininet.dll [2012/06/27 08:03:21 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=552D000E5D6CD1310D8510515B305FFE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17051_none_1c95e2fa7a1408d1\wininet.dll [2013/05/16 20:21:48 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=55D1EA2300BD451612C8B1ABEFA65DEA -- C:\Windows\SysWOW64\wininet.dll [2013/05/16 20:21:48 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=55D1EA2300BD451612C8B1ABEFA65DEA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18156_none_1e8147247735eae5\wininet.dll [2012/06/27 09:03:25 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=569593095FF5260DFE1D23E3F426369F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17051_none_78b47e7e32717a07\wininet.dll [2012/06/27 07:53:07 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=58CFAE82CC4092C5988555B73CD557B8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17874_none_1e69caca7747c289\wininet.dll [2011/02/24 08:27:32 | 001,198,592 | ---- | M] (Microsoft Corporation) MD5=5A33324B358D9B7E39424505EE242377 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_797b52e34b600f14\wininet.dll [2012/10/27 06:50:37 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=5CD2659F5F1728C7A71D4A15AA4A7D53 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22145_none_1f14b1ab904c5840\wininet.dll [2011/12/16 10:41:15 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=5DCD862869A5E06F5A7E03EE22DDD738 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_797b2ceb4b603f7d\wininet.dll [2010/05/21 07:09:57 | 000,980,480 | ---- | M] (Microsoft Corporation) MD5=5FF3118C688D43ED77DEADC6F4895EF9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\wininet.dll [2013/04/10 07:51:43 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=628A8940176C87C3D51E808365A3BA2D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18126_none_7ac0526c2f7b0848\wininet.dll [2012/08/24 19:47:53 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=635D10865A99EA8E7E532C84D952D769 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22099_none_7b013cd548cebd60\wininet.dll [2011/12/16 10:02:26 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=653109C31F7F190072C9E4DF31154225 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_1caaaa667a048456\wininet.dll [2012/12/20 14:53:51 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=6554DA6A01F14B3F017161879C8DB9BC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18035_none_1e95e4cc77269c85\wininet.dll [2011/06/21 08:13:56 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=66DD24C471324CB2EA747087846C122E -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_791401db4bae7283\wininet.dll [2012/06/27 08:47:59 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=69449A3D42AC7000ACF5055172618632 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22032_none_7b3b1a5748a46459\wininet.dll [2013/03/02 07:06:05 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=6A02CB2EDC24630845D11B507952141A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17267_none_1c9118967a16b71a\wininet.dll [2012/02/28 07:25:01 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=6A5778483A8023B4DB9C5A509D382392 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21931_none_1f1ba6679047a68a\wininet.dll [2011/04/22 22:18:28 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=6A977E22D6D9077F2C9E617D89236297 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_78e9b3c83249a492\wininet.dll [2011/06/21 08:17:27 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=6ABD901E178675DFE86CCE75F2FAC9A5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_7b279f2548b2a159\wininet.dll [2012/10/27 07:39:15 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=6C11E0E42D91728C8283917A8F57A72E -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22145_none_7b334d2f48a9c976\wininet.dll [2012/02/28 07:44:19 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=6D57EAE6BC922EC56DBD9EF4AD9986BD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21158_none_1d2681cb932b59fc\wininet.dll [2011/06/21 07:26:35 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=6DC5A5F57FACFF20149F04440BB4523C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_1cf566579351014d\wininet.dll [2013/03/02 07:19:12 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=6E8A768CEA17C6542E3031812745AC3F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22272_none_7b0fde7348c4ce6b\wininet.dll [2012/12/20 14:59:24 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=6EE6F7BFF92590051ACFA519AEE8ACE5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17197_none_1c70a6ec7a2f0dc6\wininet.dll [2012/12/20 15:25:08 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=6F5EF9687B17FACD529C8EEC61791A01 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21406_none_1d5a96859304930e\wininet.dll [2012/10/27 07:00:40 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=703CD7A8E6F8A233118E8070B5FB7C1F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17153_none_1c97e5747a1238a6\wininet.dll [2013/02/28 15:56:54 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=734A1387945DA9215102A782E83C460E -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22258_none_7b2b800748af2e93\wininet.dll [2011/06/21 07:28:33 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=748FD4CAB1AFFD90A9556EB7D5AA1FEB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_1e9907d67723bdd3\wininet.dll [2010/11/04 07:53:56 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=749A4DDB8915066566E2BB38C2618048 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_1d3543af93214329\wininet.dll [2011/08/20 07:53:02 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=7570FA3FC82E08FB637E32D2D95DB41D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll [2011/12/16 10:39:23 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=7710ECF9F1355F986463D4351562439E -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_7b16025b48bf3bbe\wininet.dll [2010/12/21 07:38:22 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=78B9ADA2BC8946AF7B17678E0D07A773 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll [2011/08/20 06:35:24 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=79FFA6C81F9F5B2244C5668D08387EA6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll [2011/04/22 21:51:33 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=7A11DB452989040AD8570A3DCE2E9DE2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_1f30422990385b03\wininet.dll [2012/12/20 16:07:05 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0C153254450192EAD602B992009F72 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17197_none_788f4270328c7efc\wininet.dll [2012/06/27 08:08:59 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=7BD5EBE065E3F8632504BE397B5C640F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21245_none_1d2e52bf9325ef2d\wininet.dll [2012/02/28 07:38:52 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=7CCA8574A3B9BB41A4150739E21F1B23 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_1e5ff942774efaaa\wininet.dll [2012/10/27 07:51:21 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=7E04D13661FB771CA4FDBB836AD0BA49 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17984_none_7a7d98482fad4cd7\wininet.dll [2013/02/28 15:57:26 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=7EA5274E1688339A72C152438F5BBE80 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18094_none_7a72a07e2fb59c0a\wininet.dll [2010/12/18 08:09:39 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7EC667385C0D726C9D91D966886B7CFD -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_79336f6f4b970832\wininet.dll [2011/11/05 06:35:50 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=7F5B51FACA193430346970283C50769F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_1cc24ad279f27f22\wininet.dll [2011/12/16 11:00:03 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=808C0CE9D4DBC0A6F72761294EB10FB2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21878_none_1ef766d79061ca88\wininet.dll [2012/12/20 15:59:36 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=81101547092783DC117D800D3573EBD4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18035_none_7ab480502f840dbb\wininet.dll [2010/12/18 08:15:38 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=8178D4C37F236BF810B2178415FE4949 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_78d6129e325811fb\wininet.dll [2010/09/08 06:34:55 | 000,980,480 | ---- | M] (Microsoft Corporation) MD5=84795F28EB2E942951138827B8704819 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_1cf86369934e5304\wininet.dll [2013/02/28 17:59:19 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=84DFC6513C2472230E2940B7B12FB21D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22258_none_1f0ce4839051bd5d\wininet.dll [2013/03/02 07:49:19 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=8523338F749AC8C5300C125BC4B08275 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17267_none_78afb41a32742850\wininet.dll [2012/05/15 05:56:59 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=8D3BC4F666B994382CE1B02E1BFEE0F6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_78d7ef2032567239\wininet.dll [2012/05/15 05:59:23 | 001,198,592 | ---- | M] (Microsoft Corporation) MD5=8DE6FAB55DFDA754CA952B654D1C5784 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_796d5e074b6b0c90\wininet.dll [2011/12/16 09:51:05 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=8DFDD881CEF74ED749BA968E060418CA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21108_none_1d5c91679302ce47\wininet.dll [2011/11/05 07:37:32 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=8F2CC83B92626A3B7E1DF360720FAD30 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21855_none_7b28a15548b1b7d7\wininet.dll [2012/08/24 20:05:27 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=9156C3499C3794BC680FCCAA39DFA126 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17115_none_78e3c13c324d6cc6\wininet.dll [2010/06/30 08:18:57 | 000,980,480 | ---- | M] (Microsoft Corporation) MD5=91A9CCAD9829A89C840899932B9EC2DF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll [2011/03/07 08:20:10 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=93679DC9407BFC602D7E6BFC027455E0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_7b13fdfb48c10ec2\wininet.dll [2013/02/28 15:37:29 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=989937C1C1333EE55CC2982340CB1DBA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18094_none_1e5404fa77582ad4\wininet.dll [2012/05/15 05:08:48 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=9B086D98370BA0219F6805675D38DDA7 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17024_none_1cb9539c79f90103\wininet.dll [2013/05/17 08:14:05 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=9D8C9D7D55A60951E4BE5E226C17867F -- C:\Windows\SysNative\wininet.dll [2013/05/17 08:14:05 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=9D8C9D7D55A60951E4BE5E226C17867F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18156_none_7a9fe2a82f935c1b\wininet.dll [2013/03/02 07:56:00 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=9E7687984107C81B859200C9BD570AFF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18106_none_7ad5f2442f6ad066\wininet.dll [2013/04/10 07:08:12 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=A0E8F3E4AA79509A6B043B10EB6DB2AD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18126_none_1ea1b6e8771d9712\wininet.dll [2011/12/16 10:45:22 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=A283F0C807968F45D50B9B8AC10BA438 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16930_none_78c945ea3261f58c\wininet.dll [2011/11/05 07:32:19 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=A35680AEE7E4BEF4B2ADC1A380B8E31F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_7921aac74ba3d5d9\wininet.dll [2011/03/07 07:33:13 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=A5B19B240901CAB0C8E7767D2873613E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll [2010/11/04 07:52:17 | 000,978,944 | ---- | M] (Microsoft Corporation) MD5=A7360A3B20B38F1D6A09402FB6E9E2C3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_1ccb165e79ec3635\wininet.dll [2011/03/07 08:31:44 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=AB026A724960570803E90DC370893BD0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_7a8760522fa622f3\wininet.dll [2010/05/21 07:18:06 | 000,977,920 | ---- | M] (Microsoft Corporation) MD5=ABE73A2F762A74B6AD2C9BE636915595 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\wininet.dll [2012/06/27 09:06:53 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=ADC0BAC148C957CF51B1F6F658A4FCA6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17874_none_7a88664e2fa533bf\wininet.dll [2009/07/14 03:41:56 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=B1037F0131C9A010D611F6914E03CD92 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll [2013/04/10 07:21:29 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=B214F357D62B8AC9AE9CA70DDA30E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22296_none_7afe3fc348d16ba9\wininet.dll [2012/05/15 05:08:11 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=BBC4EE1EC1B484B710499FA74639DABA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21215_none_1d4ec283930d9b5a\wininet.dll [2011/04/22 21:51:18 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=BC661E59AE2BC840C6D8165F170DE7DE -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_7b4eddad4895cc39\wininet.dll [2011/12/16 09:54:22 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=BDB7450CC556F238FD973C9DA300FEB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_1e8a38a8772f718f\wininet.dll [2012/06/27 09:03:40 | 001,198,592 | ---- | M] (Microsoft Corporation) MD5=C1DA026AA80BF160486BD74347FCF0AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21245_none_794cee434b836063\wininet.dll [2012/08/24 19:06:08 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=C37D28AF883DD7A461D7C4A1E61AA42D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21313_none_1d4cc3d5930f65d3\wininet.dll [2013/03/02 06:58:26 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=C3D43E21FA49657BC1645E9D745656C6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18106_none_1eb756c0770d5f30\wininet.dll [2011/04/22 22:17:28 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=C57E3F0ED76CB54D7D355A6E089561FA -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_7951137d4b7f982f\wininet.dll [2011/08/20 07:45:20 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=CB8E57622E5966A87D4D9859D4F12D8D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_78b1d6da32723047\wininet.dll [2013/02/28 18:16:46 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=CC60CC36EF22880D349988211965C892 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17256_none_1c9ae8387a0f81d2\wininet.dll [2010/05/21 07:52:30 | 001,192,960 | ---- | M] (Microsoft Corporation) MD5=CE40A889CB71A292E2947DBC630F47DF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_788e6086328d40a0\wininet.dll [2012/05/15 06:01:31 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=CE5BFBD9685EE37DB942211450AAEA8F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17842_none_7aa6d57e2f8ead3e\wininet.dll [2011/06/21 08:49:27 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=D1E7C4FA045B34C32D12BFBB415EBE1B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_1f0903a190553023\wininet.dll [2012/12/20 16:06:15 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=D37C305E7EBBD9A4529791168421816A -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21406_none_797932094b620444\wininet.dll [2013/02/28 19:21:19 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=D7E39ACC14994BDD3E10E0F2D7C72ED2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21471_none_1d09e59f9341d7f2\wininet.dll [2011/02/24 07:46:10 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=DA2950BAD7306006EBA77DD93CC42690 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll [2011/08/20 07:37:58 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=DB33A1489C1DA1F37AC2D84CB9756DD1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_7a8561a42fa7ed6c\wininet.dll [2010/06/30 09:31:01 | 001,196,544 | ---- | M] (Microsoft Corporation) MD5=DBC6EC40DDEDF875C0576CF2C0CAF9C3 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_794d0e894b833885\wininet.dll [2011/08/20 06:31:05 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=DBF24E87CB605A4F6E7424DD86F7A62C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll [2012/02/28 08:39:37 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=DE03C917EDED2A999C942A4F943D3068 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17785_none_7a7e94c62fac6be0\wininet.dll [2011/04/22 21:13:53 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=E391DB6E8CA3638B9772A990E6D280FF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_1d3277f9932226f9\wininet.dll [2011/11/05 06:37:37 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=E49448ACD38A375E4FBCCB87056E1467 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21085_none_1d030f43934664a3\wininet.dll [2010/11/04 08:35:53 | 001,194,496 | ---- | M] (Microsoft Corporation) MD5=E521F850ADDCEBDBF755819FA608D1FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_78e9b1e23249a76b\wininet.dll [2010/12/21 08:16:14 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=E71DB117DBDA6B33646F37936C17D226 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_78d712e832572b52\wininet.dll [2012/12/20 15:08:01 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=ED5F1E888F7D75EE5C8590A155423720 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22199_none_1ee2a33790714951\wininet.dll [2011/03/07 07:22:07 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=EDEB2904636B657782F824D8FF97D0B8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll [2011/06/21 07:36:36 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=EE0D7471EBF9CE40CC4A203B1F90F028 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_1cb3ab1a79fc6b3e\wininet.dll [2010/12/18 07:32:22 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=F019FCA21F609E34B79AE130681D08F7 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll [2011/08/20 07:41:29 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=F0822436F58BE708D33AB0B95E524812 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_7955b9cf4b7d1776\wininet.dll [2012/02/28 07:40:21 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=F09F1A921CB0F1B708D23CC58F8EB21E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16968_none_1c923cf27a15a2e1\wininet.dll [2011/11/05 07:26:29 | 001,197,568 | ---- | M] (Microsoft Corporation) MD5=F12CB8EFB15813723575EE94C6A76E8B -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16912_none_78e0e656324ff058\wininet.dll [2013/02/28 19:29:13 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=F694EF252671B85B7CA964BD6153F871 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21471_none_792881234b9f4928\wininet.dll [2011/12/16 10:47:38 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=F6C45D1D448B38A3298505917710F047 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17744_none_7aa8d42c2f8ce2c5\wininet.dll [2010/11/20 15:27:28 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=F6C5302E1F4813D552F41A0AC82455E5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll [2013/05/16 14:04:19 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=FA4F6D4FAA4E8E3EBE2DD2759C389507 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22326_none_7b49f11d4898a539\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WININIT.INI >[/color] [2013/06/12 10:16:32 | 000,001,028 | ---- | M] () MD5=91AF848A14368BC7E0EEF8B582860914 -- C:\Windows\wininit.ini [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe [2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll [2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll [2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll [2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll [2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll [2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color] "Debug" = "" = mnmsrvc "Kmode" = \SystemRoot\System32\win32k.sys "Optional" = Posix [binary data] "Posix" = %SystemRoot%\system32\psxss.exe "Required" = DebugWindows [binary data] "Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2010/10/01 10:21:39 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-20\desktop.ini [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I0ICLO5.lnk [2010/09/21 13:45:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I0PRWYC.lnk [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I3OTR4N.jpg [2010/10/20 17:51:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I4LVBWN.lnk [2010/10/20 17:52:18 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I5U6DI5.jpg [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I6LF98E.JPG [2013/06/20 20:26:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I79M6D4.lnk [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I93DTEH.jpg [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$I9JCPPI [2010/10/20 17:53:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IBJADGU.jpg [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IDJD1XX.jpg [2010/12/06 17:53:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IFLSVFN [2010/11/26 12:45:45 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IHYU0E4 [2010/12/06 17:52:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IILHJ55 [2010/12/06 19:07:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IJ2YIH2 [2010/12/06 18:35:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IJDS46B.lnk [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IK5R1WU.JPG [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IMGMEUI.JPG [2010/12/06 19:06:41 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IQ1HHAI [2010/12/06 17:53:44 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IS154A2 [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IU4LQWT [2010/10/19 14:40:46 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IV2OV6W [2010/12/06 19:07:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IW1X5W3 [2010/12/06 18:05:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IX0YH19.lnk [2010/12/06 19:07:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$IX2JDOS [2010/12/06 17:08:46 | 000,001,433 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\$R79M6D4.lnk [2010/07/29 20:20:46 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1844552988-1330755165-207100344-1000\desktop.ini [2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009/07/14 07:08:49 | 000,032,482 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/03/06 13:10:25 | 000,001,070 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011/03/06 13:10:26 | 000,001,074 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012/10/28 09:43:19 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 16 bytes -> C:\Users\Christian\Downloads:Shareaza.GUID @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4D066AD2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:0B9176C0 @Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E3C56885 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE < End of report >