cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 24/04/2013 16:00:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stéphane\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19412)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,87 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 33,38% Memory free
5,94 Gb Paging File | 2,64 Gb Available in Paging File | 44,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,73 Gb Total Space | 123,33 Gb Free Space | 52,99% Space Free | Partition Type: NTFS
Drive E: | 231,57 Gb Total Space | 224,88 Gb Free Space | 97,11% Space Free | Partition Type: NTFS

Computer Name: PC-DE-STEPHANE | User Name: Stéphane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/04/23 23:14:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stéphane\Downloads\OTL.exe
PRC - [2013/04/20 06:50:14 | 004,555,776 | ---- | M] (Spotify Ltd) -- C:\Users\Stéphane\AppData\Roaming\Spotify\Spotify.exe
PRC - [2013/03/12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Stéphane\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/02/13 20:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/02/13 20:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2013/01/08 09:59:20 | 000,228,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2012/12/14 16:42:22 | 000,316,360 | ---- | M] (Azureus Software, Inc) -- C:\Program Files\Vuze\Azureus.exe
PRC - [2012/11/08 02:58:14 | 015,976,512 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~1\MICROS~2\Office14\OUTLOOK.EXE
PRC - [2012/10/07 21:30:58 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
PRC - [2012/10/07 21:30:57 | 000,079,048 | ---- | M] (RealNetworks, Inc.) -- c:\program files\real\realplayer\update\RealOneMessageCenter.exe
PRC - [2012/08/15 20:08:34 | 000,231,768 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012/05/29 16:50:04 | 000,115,032 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2012/01/20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011/11/28 20:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/07/19 18:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/24 13:03:12 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/04/08 15:14:50 | 006,037,504 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/04/20 06:50:10 | 024,985,600 | ---- | M] () -- C:\Users\Stéphane\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2013/04/18 12:49:57 | 000,474,112 | ---- | M] () -- C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll
MOD - [2013/04/18 12:49:53 | 000,016,896 | ---- | M] () -- C:\Program Files\Search Results Toolbar\Datamngr\mgrldr.dll
MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\Stéphane\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Users\Stéphane\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\Stéphane\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\Stéphane\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/03/10 17:17:10 | 017,357,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\0f4155c806e86a023b835d9070774f89\Kies.Theme.ni.dll
MOD - [2013/03/10 17:17:07 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\1b6f3c9a32cd1976fb79b2445e586939\DummyStorePlugin.ni.dll
MOD - [2013/03/10 17:17:05 | 000,615,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\5afdd6b1217fcb271881226a1e288567\DevicePodcast.ni.dll
MOD - [2013/03/10 17:17:02 | 000,299,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\0990965afc0db853d38d302fb30b99d5\DeviceVideo.ni.dll
MOD - [2013/03/10 17:17:00 | 000,353,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\cc31b394afc58c54cae2b7d0d8c33cf7\DevicePhoto.ni.dll
MOD - [2013/03/10 17:16:58 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\891deea73344519c23a915802265423e\DeviceMusic.ni.dll
MOD - [2013/03/10 17:16:55 | 000,473,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\0f2e104794d636e61f3d55852cfffea0\VideoManager.ni.dll
MOD - [2013/03/10 17:16:50 | 000,776,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\6297456e21a4d8a8a47d0e60194b8d9e\PhotoManager.ni.dll
MOD - [2013/03/10 17:16:43 | 001,929,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\9910e6c50760788df4ade3512a1dc75b\Phonebook.ni.dll
MOD - [2013/03/10 17:16:30 | 000,945,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\1ea0e7bc5e9ffb8973a555a41dedeb02\MusicManager.ni.dll
MOD - [2013/03/10 17:16:25 | 000,403,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\075f11a3e3c5d7466ef7d10419afb79e\BATPlugin.ni.dll
MOD - [2013/03/10 17:15:35 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\3c6667cbc29155082e58137643a1dff1\Kies.Common.StoreManager.ni.dll
MOD - [2013/03/10 17:15:29 | 000,516,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\3d0e95aadf1fd4315d1b18c58bab33c1\Kies.Common.MediaDB.ni.dll
MOD - [2013/03/10 17:14:40 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013/03/10 17:14:32 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\4ddf2ac626ac624a1c66d0809971b790\Kies.Common.AllShare.ni.dll
MOD - [2013/03/10 17:13:56 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\a099cf3222e6345348cc01ade70c4e6c\Kies.Common.DBManager.ni.dll
MOD - [2013/03/10 17:13:52 | 000,109,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\657f2c28fc2068324d9b0f1d9d596361\Kies.Common.CRMManager.ni.dll
MOD - [2013/03/10 17:13:43 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\b0aeee8058ad9ab5ecd5aa762d5a6bc8\Kies.Common.MainUI.ni.dll
MOD - [2013/03/10 17:13:37 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9e94c0940670be8f03fb392555ec10d4\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013/03/10 17:13:36 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9a1d52e92dab2e5f906e4edae93b8b8c\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013/03/10 17:13:30 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\fa06b799153f9c28c1866319b3db5580\Interop.DevFileServiceLib.ni.dll
MOD - [2013/03/10 17:13:29 | 000,572,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3e9bfbd5f2cf47b8d36c1c4a9a5699c8\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013/03/10 17:13:22 | 001,098,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\82eec106b67d4157992849bbceebeb9d\Kies.Common.DeviceService.ni.dll
MOD - [2013/03/10 17:13:15 | 001,138,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\ef627a7ca32c8920ad424bd2b8a943f4\Podcaster.ni.dll
MOD - [2013/03/10 17:13:09 | 000,732,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\ef5aedc86c6201d04b7995cfad101d83\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013/03/10 17:12:19 | 000,040,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d77da7b6668e27f63af7da941e221304\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013/03/10 17:12:17 | 000,926,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3ce743f82e40c5adc6bc730a9860e378\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013/03/10 17:12:01 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0969ff5a4924da7d8c6ebd3fca8f154b\ICSharpCode.SharpZipLib.ni.dll
MOD - [2013/03/10 17:12:01 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013/03/10 17:12:01 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013/03/10 17:12:00 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\29e8db641e3708219f13d2a3b7528278\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013/03/10 17:11:59 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013/03/10 17:11:54 | 002,209,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\47a3f099c846efd95dc77e747cec3352\Kies.Common.Multimedia.ni.dll
MOD - [2013/03/10 17:11:46 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0ec1f5148809454e7dd63148636a05b2\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013/03/10 17:11:45 | 000,628,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3b6f9e55f91ad125179632bf47619a22\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013/03/10 17:11:29 | 006,797,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\c62836fb7dc5cd7e4bd0548d6ac5b34c\DeviceHost.ni.dll
MOD - [2013/03/10 17:11:02 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013/03/10 17:11:00 | 000,281,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\2084ac4cdf9ded52ab71b038e5b39495\Kies.Common.Util.ni.dll
MOD - [2013/03/10 17:10:57 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013/03/10 17:10:56 | 001,599,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\5cf4d41e6de5af4c27e7b66b172f73df\Kies.Locale.ni.dll
MOD - [2013/03/10 17:10:53 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\48c087dd6e18fcbd057e0b1dd6cfa2fd\Kies.MVVM.ni.dll
MOD - [2013/03/10 17:10:50 | 001,928,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7e54989d439c94a9254051e9c17d5650\Kies.UI.ni.dll
MOD - [2013/03/10 17:10:43 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f69842a59a80267c673735eab7b0bcd3\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013/03/10 17:10:38 | 001,246,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\121e5c7e1639a49775b9d843694ba3aa\Kies.Interface.ni.dll
MOD - [2013/03/10 17:10:10 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013/03/10 17:09:38 | 000,770,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll
MOD - [2013/03/10 17:09:13 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013/03/10 17:09:05 | 002,114,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\17b7b598c879d6cb53a38b9e00d7a752\Kies.ni.exe
MOD - [2013/03/10 16:51:35 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013/03/10 16:50:29 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013/03/10 16:50:28 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013/03/10 16:50:18 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013/03/10 16:50:03 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013/03/10 16:49:47 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013/03/10 16:49:39 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013/03/10 16:49:24 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012/12/14 16:42:22 | 000,077,768 | ---- | M] () -- C:\Program Files\Vuze\plugins\azitunes\jacob-1.17-M2-x86.dll
MOD - [2012/12/14 16:42:22 | 000,053,160 | ---- | M] () -- C:\Program Files\Vuze\aereg.dll
MOD - [2012/12/14 16:42:22 | 000,019,368 | ---- | M] () -- C:\Program Files\Vuze\plugins\azitunes\libProcessAccess.dll
MOD - [2011/11/20 23:35:54 | 000,028,160 | ---- | M] () -- C:\Users\Stéphane\AppData\Roaming\Azureus\plugins\azutp\win32\utp.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010/12/21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2013/04/18 12:49:51 | 003,019,264 | ---- | M] (Bandoo Media Inc.) [Auto | Unknown] -- C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator)
SRV - [2013/04/03 10:11:46 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Unknown] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/13 10:00:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Unknown] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Unknown] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013/01/09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Unknown] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012/12/18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Unknown] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/12 11:34:10 | 000,028,632 | ---- | M] (SFR) [Auto | Unknown] -- C:\Program Files\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe -- (SFR.DashBoard.Service)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/11/28 20:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/11/16 18:33:38 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Unknown] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Disabled | Unknown] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/08/25 09:58:20 | 000,077,824 | ---- | M] (Toshiba) [Disabled | Unknown] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Disabled | Unknown] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/24 10:21:56 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Disabled | Unknown] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008/04/17 00:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Disabled | Unknown] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 15:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Disabled | Unknown] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [Disabled | Unknown] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/02/06 14:12:56 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Disabled | Unknown] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2008/01/21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/01/17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Disabled | Unknown] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/11/21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Disabled | Unknown] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/10/05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Disabled | Unknown] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Disabled | Unknown] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/06/01 23:15:16 | 000,035,080 | ---- | M] (AnchorFree Inc.) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\hssdrv6.sys -- (HssDRV6)
DRV - [2012/05/16 03:10:14 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/12/08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/12/08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/12/08 06:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/12/08 06:22:26 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/12/08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/11/28 19:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 19:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 19:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 19:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 19:52:07 | 000,055,128 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/11/28 19:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/07/27 20:48:16 | 000,006,656 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Unknown] -- C:\Windows\System32\drivers\iPodDrv.sys -- (iPodDrv)
DRV - [2010/03/30 13:09:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ZTEusbvoice.sys -- (ZTEusbvoice)
DRV - [2010/03/30 13:09:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/03/30 13:09:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/03/30 13:09:42 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/11/16 18:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/09/10 16:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/07/29 06:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/18 18:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/04/28 16:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Unknown] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/15 10:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/11/09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/11/28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 14:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.accentice.com
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{906E5B59-D10C-4C54-9F17-369CEB37D3F5}: "URL" = http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=151&systemid=406&apn_uid=4340135035514205&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com/access/allinone.asp
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406?appid=151
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes,DefaultScope = {906E5B59-D10C-4C54-9F17-369CEB37D3F5}
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{03CF7BD7-9E3D-4CA4-A81C-748BD9C358B4}: "URL" = http://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14197&src=crm&q={searchTerms}&locale=&apn_ptnrs=FN&apn_dtid=TES002YYFR&apn_uid=9ab29a16-1f9f-476d-b936-db667c5e1202&apn_sauid=68B45B91-3190-422E-852E-4D80B197226A
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=fPmEX11US8QeuiMTG6xU19MWAJw?q={searchTerms}
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{906E5B59-D10C-4C54-9F17-369CEB37D3F5}: "URL" = http://www.google.fr/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_frFR346
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=151&systemid=406&apn_uid=4340135035514205&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = http://search.conduit.com/?SearchSource=10&ctid=CT2456781
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=151&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=4340135035514205&o=APN10645&q="
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406?appid=151"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Stéphane\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Stéphane\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.659.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/12/18 23:47:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/07 21:32:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013/01/21 11:53:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/03 10:11:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/03 10:11:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/03 10:11:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/03 10:11:24 | 000,000,000 | ---D | M]

[2013/04/23 11:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Extensions
[2011/06/15 09:17:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/08/23 12:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Extensions\50
[2013/04/23 11:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Firefox\Profiles\xy1fyc3c.default\extensions
[2013/04/23 11:49:29 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Firefox\Profiles\xy1fyc3c.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
[2013/01/21 12:25:58 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Users\Stéphane\AppData\Roaming\mozilla\Firefox\Profiles\xy1fyc3c.default\extensions\50fd0fa8d29e6@50fd0fa8d2a1f.com
[2013/04/23 11:49:11 | 000,002,646 | ---- | M] () -- C:\Users\Stéphane\AppData\Roaming\mozilla\firefox\profiles\xy1fyc3c.default\searchplugins\Search_Results.xml
[2013/04/23 11:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/04/03 10:11:47 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/10/07 21:31:20 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2013/01/21 20:05:37 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/11/29 11:08:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/29 11:08:14 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2013/04/03 10:11:42 | 000,001,472 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/04/06 10:42:39 | 000,000,227 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Jeux.frober5073776.src
[2013/04/23 11:49:11 | 000,002,646 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013/01/21 20:05:37 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/11/29 11:08:14 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.fr/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\St\u00E9phane\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\St\u00E9phane\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\St\u00E9phane\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: avast! WebRep = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Charlotte Ronson = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen\3_0\
CHR - Extension: avast! WebRep = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Charlotte Ronson = C:\Users\Stéphane\AppData\Local\Google\Chrome\User Data\Default\Extensions\obakimnhgahiedhcjlcnohielmendpen\3_0\

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~2.EXE (Bandoo Media Inc.)
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s File not found
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [Neuf Media Center] "C:\Program Files\SFR\Media Center\MediaCenter.exe" File not found
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [Spotify] C:\Users\Stéphane\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [Spotify Web Helper] C:\Users\Stéphane\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Stéphane\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d écran et lancement.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 File not found
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..Trusted Domains: localhost ([]http in Intranet local)
O15 - HKU\S-1-5-21-2313495416-4091907384-1742407767-1000\..Trusted Ranges: GD ([http] in Intranet local)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PC-de-Stephane
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6149880F-0E6E-44E9-B3B5-5DC8972B84B7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Wincert\WIN32C~1.DLL) - C:\ProgramData\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll) - C:\PROGRA~1\SEARCH~1\Datamngr\mgrldr.dll ()
O20 - AppInit_DLLs: (c:\progra~1\google\google~2\goec62~1.dll) - c:\progra~1\google\google~2\goec62~1.dll (Google)
O20 - AppInit_DLLs: (c:\progra~1\saveby~1\sprote~1.dll) - c:\progra~1\saveby~1\sprote~1.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]00TCrdMain[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]AutoStartNPSAgent[/b] - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: [b]Camera Assistant Software[/b] - hkey= - key= - C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
MsConfig - StartUpReg: [b]cfFncEnabler.exe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]DivXUpdate[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]eCarteBleue-LP-P1[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Google Desktop Search[/b] - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: [b]HSON[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]jswtrayutil[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]MDS_Menu[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]NDSTray.exe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]SmoothView[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]swg[/b] - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: [b]topi[/b] - hkey= - key= - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
MsConfig - StartUpReg: [b]Toshiba Registration[/b] - hkey= - key= - C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
MsConfig - StartUpReg: [b]Toshiba TEMPO[/b] - hkey= - key= - C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.dvacm - C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
Unable to save MBR. Invalid drive designation: 0

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/04/23 14:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2013/04/23 11:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
[2013/04/23 11:48:54 | 000,000,000 | ---D | C] -- C:\Program Files\Search Results Toolbar
[2013/04/23 11:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
[2013/04/23 11:48:23 | 000,000,000 | ---D | C] -- C:\Users\Stéphane\AppData\Local\iLivid
[2013/04/20 00:08:41 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/04/20 00:08:22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/04/20 00:08:22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/04/20 00:08:22 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/04/13 13:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/04/13 13:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/04/13 13:08:33 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/04/11 06:55:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/04/10 08:01:21 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/04/10 08:01:20 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/04/10 08:01:20 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013/04/10 08:01:09 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/04/10 08:01:08 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/04/10 08:01:08 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013/04/10 08:01:07 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/04/10 08:01:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/04/10 08:01:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/04/10 08:01:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/04/10 08:01:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/04/10 08:01:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/04/10 08:01:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/04/10 08:01:05 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/04/10 08:01:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/04/10 08:01:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/04/10 08:01:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/04/10 08:01:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/04/10 08:01:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/04/10 08:01:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/04/10 08:01:04 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/04/10 08:01:01 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013/04/10 08:01:00 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/04/09 16:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd
[2013/04/03 10:11:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/03/26 17:06:40 | 000,000,000 | ---D | C] -- C:\Users\Stéphane\dwhelper\Documents\RIB commun
[2013/03/25 22:39:46 | 004,546,560 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2011/03/18 19:54:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Stéphane\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/04/24 16:11:36 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{689BC3EB-DC48-40BF-BECA-559067D1214D}.job
[2013/04/24 15:59:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/24 15:34:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/24 15:32:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313495416-4091907384-1742407767-1000UA.job
[2013/04/24 14:38:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/24 14:38:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/24 08:38:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/23 23:32:27 | 000,053,248 | ---- | M] () -- C:\Users\Stéphane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/23 18:26:39 | 000,045,566 | ---- | M] () -- C:\Users\Stéphane\AppData\Roaming\wklnhst.dat
[2013/04/23 18:23:19 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\OfferBoxUpdate.job
[2013/04/23 08:37:07 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\{776A9E25-0D7F-4933-8602-107CC0FE6A15}.job
[2013/04/22 07:34:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/22 07:32:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2313495416-4091907384-1742407767-1000Core.job
[2013/04/21 22:23:40 | 000,525,743 | ---- | M] () -- C:\Users\Stéphane\Desktop\BoardingPassDisplay - Ryanair.pdf
[2013/04/20 06:55:34 | 000,679,214 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/04/20 06:55:34 | 000,596,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/20 06:55:34 | 000,126,798 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/04/20 06:55:34 | 000,104,242 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/20 00:08:12 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/04/20 00:08:10 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/04/20 00:08:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/04/20 00:08:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/04/20 00:08:09 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013/04/20 00:08:08 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013/04/14 00:28:09 | 000,164,267 | ---- | M] () -- C:\Users\Stéphane\Desktop\RyanairBoardingPass.pdf
[2013/04/14 00:20:06 | 000,597,277 | ---- | M] () -- C:\Users\Stéphane\Desktop\Itinerary - Ryanair.pdf
[2013/04/13 13:08:35 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/04/11 03:30:56 | 000,435,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/10 13:33:41 | 000,002,123 | ---- | M] () -- C:\Users\Stéphane\Desktop\Google Chrome.lnk
[2013/04/09 16:03:08 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Seasons.lnk
[2013/04/08 18:25:35 | 004,061,753 | ---- | M] () -- C:\Users\Stéphane\Desktop\oral d'anglais M1.mp3
[2013/04/06 18:40:11 | 000,002,255 | ---- | M] () -- C:\Users\Stéphane\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2013/03/28 00:35:24 | 000,001,020 | ---- | M] () -- C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/28 00:35:11 | 000,000,994 | ---- | M] () -- C:\Users\Stéphane\Desktop\Dropbox.lnk
[2013/03/25 22:39:46 | 004,546,560 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/04/23 11:51:36 | 000,000,914 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013/04/21 22:23:37 | 000,525,743 | ---- | C] () -- C:\Users\Stéphane\Desktop\BoardingPassDisplay - Ryanair.pdf
[2013/04/14 00:28:08 | 000,164,267 | ---- | C] () -- C:\Users\Stéphane\Desktop\RyanairBoardingPass.pdf
[2013/04/14 00:20:01 | 000,597,277 | ---- | C] () -- C:\Users\Stéphane\Desktop\Itinerary - Ryanair.pdf
[2013/04/13 13:08:35 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/04/09 16:03:08 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Seasons.lnk
[2013/04/08 18:24:53 | 004,061,753 | ---- | C] () -- C:\Users\Stéphane\Desktop\oral d'anglais M1.mp3
[2012/10/13 17:18:39 | 000,024,206 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\UserTile.png
[2012/07/20 13:37:43 | 000,000,018 | ---- | C] () -- C:\Windows\gfact.ini
[2011/12/23 21:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/12/23 21:58:24 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/12/23 21:58:24 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/12/23 21:58:24 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/12/23 21:58:24 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/11/15 17:21:08 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/18 19:54:54 | 000,087,608 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\inst.exe
[2011/03/18 19:54:54 | 000,007,887 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\pcouffin.cat
[2011/03/18 19:54:54 | 000,001,144 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\pcouffin.inf
[2010/04/08 22:13:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/21 22:29:55 | 000,000,379 | ---- | C] () -- C:\Users\Stéphane\Documents - Raccourci.lnk
[2009/09/25 20:52:11 | 000,053,248 | ---- | C] () -- C:\Users\Stéphane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/23 22:38:58 | 000,045,566 | ---- | C] () -- C:\Users\Stéphane\AppData\Roaming\wklnhst.dat
[2009/09/23 00:26:29 | 000,000,680 | ---- | C] () -- C:\Users\Stéphane\AppData\Local\d3d9caps.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010/02/02 17:17:15 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\2020 Fusion
[2011/10/28 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Amazon
[2013/04/24 16:18:46 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Azureus
[2009/11/21 14:55:20 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1
[2010/08/23 12:06:54 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Belin
[2011/04/20 22:39:12 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Canneverbe Limited
[2011/05/01 09:12:29 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1
[2013/04/22 13:01:48 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Dropbox
[2010/04/06 10:43:20 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\EscapeTheMuseum2
[2010/04/24 21:07:21 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Free Sound Recorder
[2011/04/06 22:13:26 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Frogwares
[2010/11/03 18:08:45 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Gestionnaire de Téléchargements Qobuz
[2012/06/25 17:41:53 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\GetRightToGo
[2012/01/22 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\m4ng
[2009/09/23 07:29:54 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\myphotobook
[2011/11/15 17:25:40 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\OfferBox
[2010/05/22 15:52:58 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\PC Suite
[2013/02/03 15:02:54 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\PDF Architect
[2013/01/21 11:52:29 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\pdfforge
[2010/11/09 13:02:02 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Raptr
[2012/01/29 15:56:54 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Rovio
[2013/04/11 06:55:26 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Samsung
[2012/12/08 11:58:54 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\SFR
[2010/04/06 16:08:02 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\SPIL Games
[2013/04/24 16:16:17 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Spotify
[2009/10/16 18:50:34 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Template
[2011/06/15 09:17:17 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Thunderbird
[2009/10/22 21:43:06 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Toshiba
[2009/10/22 21:40:07 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Ulead Systems
[2011/10/18 17:02:14 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Uniblue
[2011/04/28 15:36:01 | 000,000,000 | ---D | M] -- C:\Users\Stéphane\AppData\Roaming\Vso

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2006/09/18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/08/13 08:17:13 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013/02/27 20:29:30 | 000,000,000 | ---- | M] () -- C:\END
[2010/09/15 18:07:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/09/15 18:07:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/04/20 06:46:51 | 3396,407,296 | -HS- | M] () -- C:\pagefile.sys
[2009/09/18 21:20:36 | 000,000,651 | ---- | M] () -- C:\RHDSetup.log
[2009/02/09 11:07:23 | 000,000,229 | -H-- | M] () -- C:\SWSTAMP.TXT

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2008/01/21 04:57:01 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2011/02/26 09:47:44 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2008/08/13 10:05:38 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2011/06/19 20:00:32 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/08/26 13:49:19 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/10/28 22:33:30 | 000,000,000 | ---D | M] -- C:\Program Files\Amazon
[2012/11/14 13:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/09/18 21:26:14 | 000,000,000 | ---D | M] -- C:\Program Files\Atheros
[2010/05/14 08:02:03 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2012/01/22 22:51:24 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2012/01/22 22:53:26 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2012/12/09 13:37:49 | 000,000,000 | ---D | M] -- C:\Program Files\Bayam 3-7
[2010/07/17 18:34:58 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/04/06 23:15:59 | 000,000,000 | ---D | M] -- C:\Program Files\BoontyGames
[2009/09/18 22:36:04 | 000,000,000 | ---D | M] -- C:\Program Files\Camera Assistant Software for Toshiba
[2012/08/03 11:45:38 | 000,000,000 | ---D | M] -- C:\Program Files\CardRecoveryPro
[2011/08/23 00:54:22 | 000,000,000 | ---D | M] -- C:\Program Files\CDBurnerXP
[2011/04/17 09:15:18 | 000,000,000 | ---D | M] -- C:\Program Files\CDROM POB 6
[2009/09/18 21:26:00 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco
[2013/04/13 13:08:34 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2009/10/12 22:46:46 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2010/09/26 08:37:53 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2011/09/18 22:24:03 | 000,000,000 | ---D | M] -- C:\Program Files\Deezer
[2011/03/19 09:26:54 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/10/18 17:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2012/01/31 23:08:48 | 000,000,000 | ---D | M] -- C:\Program Files\doubleTwist 2.0
[2012/07/20 13:30:07 | 000,000,000 | ---D | M] -- C:\Program Files\Drawing for Children
[2013/01/10 08:17:20 | 000,000,000 | ---D | M] -- C:\Program Files\Dropbox
[2010/06/28 07:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\DsNET Corp
[2011/02/13 11:00:25 | 000,000,000 | ---D | M] -- C:\Program Files\Feedback Tool
[2009/09/18 22:29:05 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs
[2009/11/26 08:30:38 | 000,000,000 | ---D | M] -- C:\Program Files\FlashFXP
[2012/11/18 12:57:35 | 000,000,000 | ---D | M] -- C:\Program Files\FormaliteFacile
[2010/02/06 11:09:21 | 000,000,000 | ---D | M] -- C:\Program Files\FreeTime
[2013/03/24 22:22:22 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012/06/24 21:40:59 | 000,000,000 | ---D | M] -- C:\Program Files\ImmobilierLoyer
[2012/01/31 23:44:27 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/09/18 21:19:37 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2013/04/11 03:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2008/08/13 09:40:33 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2010/08/22 19:23:20 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/09/26 08:41:35 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2012/07/20 13:11:20 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/04/06 11:48:28 | 000,000,000 | ---D | M] -- C:\Program Files\Jeux.fr
[2009/09/18 22:37:49 | 000,000,000 | ---D | M] -- C:\Program Files\Jumpstart
[2009/09/18 21:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2011/11/15 17:15:13 | 000,000,000 | ---D | M] -- C:\Program Files\m4ng_v3
[2010/05/22 15:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\MarkAny
[2010/05/22 15:50:10 | 000,000,000 | ---D | M] -- C:\Program Files\MarkAnyContentSAFER
[2010/11/02 15:48:35 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2011/06/16 20:47:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2006/11/02 14:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/06/16 20:53:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/06/16 20:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/06/16 20:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Sync Framework
[2011/06/16 20:53:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2011/06/16 20:50:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2012/10/11 03:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2011/06/16 20:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 09:07:42 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2013/04/03 10:11:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2012/11/15 21:01:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox 3.6 Beta 2
[2013/04/11 03:29:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2011/11/15 19:26:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2011/06/16 20:54:58 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/08/13 08:41:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2013/03/10 17:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\MyFree Codec
[2008/08/13 09:58:26 | 000,000,000 | ---D | M] -- C:\Program Files\myphotobook
[2012/01/22 23:04:21 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2010/06/28 08:04:59 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2012/07/20 13:13:13 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2011/09/17 15:34:06 | 000,000,000 | ---D | M] -- C:\Program Files\Pando Networks
[2010/05/22 15:36:06 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2013/01/21 11:54:07 | 000,000,000 | ---D | M] -- C:\Program Files\PDF Architect
[2013/01/21 11:55:45 | 000,000,000 | ---D | M] -- C:\Program Files\PDFCreator
[2013/04/10 14:17:59 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2
[2012/11/14 14:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/11/09 13:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\Raptr
[2012/05/21 22:42:26 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/09/18 21:20:16 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 14:35:51 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2013/04/09 16:01:57 | 000,000,000 | ---D | M] -- C:\Program Files\Rovio
[2010/06/13 18:45:12 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2012/01/31 23:49:13 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2013/01/21 11:55:10 | 000,000,000 | ---D | M] -- C:\Program Files\SaveByClick
[2013/04/23 11:50:05 | 000,000,000 | ---D | M] -- C:\Program Files\Search Results Toolbar
[2011/10/09 15:35:58 | 000,000,000 | ---D | M] -- C:\Program Files\SFR
[2013/04/13 13:08:35 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2012/10/30 16:27:17 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
[2008/08/13 09:20:42 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2009/09/18 22:37:04 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
[2008/08/13 09:57:49 | 000,000,000 | ---D | M] -- C:\Program Files\Toshiba TEMPRO
[2011/05/01 18:09:05 | 000,000,000 | ---D | M] -- C:\Program Files\TubeMaster++
[2011/01/03 12:42:13 | 000,000,000 | ---D | M] -- C:\Program Files\TuneUpMedia
[2008/08/13 09:36:19 | 000,000,000 | ---D | M] -- C:\Program Files\Ulead Systems
[2006/11/02 14:58:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/12/14 09:18:23 | 000,000,000 | ---D | M] -- C:\Program Files\URUSoft
[2012/10/26 08:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2011/04/28 11:59:03 | 000,000,000 | ---D | M] -- C:\Program Files\VirtualDub
[2013/02/27 20:32:12 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2009/11/06 09:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/11/06 09:04:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/11/06 09:04:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011/03/31 15:59:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012/04/17 13:09:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2008/08/13 09:39:59 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Components
[2010/11/03 11:18:53 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/09/18 22:29:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/11/06 09:04:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/18 09:21:00 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/11/06 09:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/06/28 07:17:51 | 000,000,000 | ---D | M] -- C:\Program Files\WinPcap

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008/03/25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008/03/25 05:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008/03/26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008/03/26 05:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008/03/12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008/03/12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008/01/21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008/01/21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/21 04:33:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll
[2009/04/11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll
[2006/11/02 11:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2008/04/15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008/04/15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2008/01/21 04:34:05 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll
[2009/04/11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2009/02/13 10:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[2011/04/12 16:53:05 | 000,890,368 | ---- | M] (Microsoft Corporation) MD5=306835D4E74E49A5D10F0FCA0B422EB1 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[2011/04/12 16:30:37 | 000,892,928 | ---- | M] (Microsoft Corporation) MD5=497A2DA8181560B3E2F8FFE0092FD1E6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[2011/04/12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) MD5=574B473FACAA0E91702B86578440B525 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[2011/04/12 17:08:23 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=7062DEB220FA1CCB1B65FC40D6E7D807 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[2012/09/28 16:53:03 | 000,893,440 | ---- | M] (Microsoft Corporation) MD5=A9204E65A74AF0E801EA46F5A92C87A2 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[2009/02/13 09:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[2009/02/13 09:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[2009/04/11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[2009/02/13 10:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[2008/01/21 04:33:52 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[2012/09/28 18:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll
[2012/09/28 18:11:03 | 000,892,928 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll
[2009/04/11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/21 04:33:36 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:33:22 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2013/03/03 21:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\System32\drivers\ntfs.sys
[2013/03/03 21:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys
[2009/04/11 08:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[2008/01/21 04:33:23 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[2013/03/03 21:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys

[color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color]
[2008/01/21 04:35:18 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe
[2006/11/02 11:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2008/01/21 04:34:49 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll
[2009/04/11 08:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 04:34:33 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\System32\termsrv.dll
[2009/04/11 08:28:24 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[2008/01/21 04:33:51 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2006/11/02 11:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 08:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2012/08/21 13:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\drivers\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 13:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 04:32:47 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2012/06/28 13:37:42 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=03B4167CC1B30AC22DF413788AFADE97 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19298_none_e478a801b7e23da4\wininet.dll
[2011/02/22 08:21:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=047CDEFF94B63F0A4791372B47427B60 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19048_none_e4aeb3d1b7b9b7a1\wininet.dll
[2009/11/21 17:03:43 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=0B603B1B76FF6CA2D88B658A9ECC40E8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22956_none_e52ba614d0e11045\wininet.dll
[2011/10/01 01:06:24 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=18F17E90657528C232B1944DEB4EC160 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19154_none_e49fe4a3b7c56b5d\wininet.dll
[2010/01/02 16:56:17 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=1DC5E46312CBA5C1614B3D3359DB09C5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22973_none_e513055ed0f3fc22\wininet.dll
[2012/05/15 10:56:04 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=1FDE47149D9B08C0CEBEE731FDB39E0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23359_none_e52e84c6d0de8701\wininet.dll
[2010/02/23 17:06:06 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=24427C9C96556887A2F161800F00B2DE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22995_none_e4ff661ad10266b2\wininet.dll
[2009/08/27 16:02:34 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=2BD22AA29893876347BA1BE62487748A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll
[2011/12/15 09:35:21 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=2F56B044E8ED4FAA812A19A8DF2115EE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23286_none_e50b123ed0f991a8\wininet.dll
[2013/01/05 13:59:52 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=3652AA7B2FC078FACEE1B90523753A48 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19400_none_e4d1f8c9b7a071c1\wininet.dll
[2009/07/18 13:47:51 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=387B0601FCA64AF5117C321E46C4C4E2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll
[2013/03/01 15:27:48 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=3A70B683D1503444B4C805E1199054D4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23480_none_e505144ed0fef3ec\wininet.dll
[2011/11/03 09:31:40 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=406EEBC1B3FE188DE9D6B3AFB3834E84 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23266_none_e520b216d0e959c6\wininet.dll
[2009/07/18 13:35:05 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=408A0A6E83333F98D564D95CDBB6D3C6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll
[2008/04/25 06:35:23 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=44FD3968AD885026D94450832A78DE8A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[2008/01/21 04:34:21 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[2008/02/22 07:01:41 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=482BCCBF1FCBB3378100FF97081438C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[2011/11/03 08:22:04 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=4E45F092670EEE0563AA9E1A7C8A1217 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19170_none_e48643a3b7d93de3\wininet.dll
[2008/02/22 06:52:21 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=4E962B645608E6EDB7D31B75921D07FA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[2010/09/08 08:01:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=545264F1F3AC5BD57B159EBBDC4FDC58 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18975_none_e48b6b0db7d48c2d\wininet.dll
[2010/11/02 08:01:54 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=5681261BF2572F8776E1344DCB090C0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18999_none_e479cc5db7e1296b\wininet.dll
[2009/08/27 14:56:34 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=5E382486BCCCF4C50A810E2DF18C8CDB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll
[2009/08/27 15:32:41 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=604E16194F1E60084B948ACAE8334E0F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll
[2012/08/25 13:50:39 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=69D83FEF59F46E9EBF06E805547DB534 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19328_none_e4c4595bb7a97734\wininet.dll
[2009/03/08 13:34:57 | 000,914,944 | ---- | M] (Microsoft Corporation) MD5=6CE32F7778061CCC5814D5E0F282D369 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
[2010/09/08 08:25:04 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=6D4B5C39BB00A8BD98462664E73AC403 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23067_none_e521ae94d0e878cf\wininet.dll
[2010/12/18 08:27:04 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=74BCC23D622F32DA0450D164735ACAB1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19019_none_e4d023dfb7a07d25\wininet.dll
[2010/06/26 08:05:49 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=78D42E00B5AB233F34116C0EF07F1BC9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18943_none_e4a9da3db7be05ac\wininet.dll
[2013/03/01 14:23:51 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=7904A81F674CBEBB9CCDE1C13EBE967E -- C:\Windows\System32\wininet.dll
[2013/03/01 14:23:51 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=7904A81F674CBEBB9CCDE1C13EBE967E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19412_none_e4c92971b7a6c060\wininet.dll
[2010/12/18 09:18:09 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=7D6AACE6BF60B5A1D572E082DEC9F0F0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23111_none_e551be5ad0c55237\wininet.dll
[2009/07/18 13:56:28 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=7FCA93009963EE8A7AF1740661412F1E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll
[2011/07/23 13:04:29 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=8419DAE7205374F2CAA4C9CDBD0999E6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19120_none_e4bc533fb7b0b22e\wininet.dll
[2009/04/11 08:28:25 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[2009/07/18 14:17:15 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=87D84C48693EB949350FA938D63512D8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll
[2013/02/02 11:18:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=8E2EBCD935EA8D60E4CBCE07F20824E4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19401_none_e4d2f913b79f8b18\wininet.dll
[2008/04/25 06:23:11 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=9191790BF02A8D759EC2B4E4FA868407 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[2010/01/02 08:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=91B8712BDC74295DA14A08F519B70D65 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18882_none_e47d985db7df5ef2\wininet.dll
[2012/02/28 20:07:57 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=9503972A61EA647A72C326EEB51265C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23318_none_e558c42cd0befde6\wininet.dll
[2010/05/04 08:31:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=9DF755B063C647A1CAEB17F3E2FDDE1D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23019_none_e559bec4d0be1fc8\wininet.dll
[2008/04/25 06:22:01 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=A86218059C228E7691A13E4CB63C4CDF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[2012/06/28 15:01:34 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=A9FF16A7FBE708D936AF46AFF1B2579B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23385_none_e50a13dad0fa7578\wininet.dll
[2012/02/28 13:30:48 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=AA8B3560AED18F5290F80C82C9B75ACC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19222_none_e4be55b9b7aee203\wininet.dll
[2011/02/22 09:18:35 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=B3A938D522F085171387FEF112AEECF5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23143_none_e5334f2ad0dbd8b8\wininet.dll
[2012/11/09 12:42:46 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=C1E1FE2224CA46F112C2D65A4EA3BF25 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19393_none_e473a875b7e6bc18\wininet.dll
[2009/08/27 15:17:42 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=C628812EA5016B1C3E13E082940D5AF6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll
[2009/08/27 15:29:46 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=D0DD9439DB3C927209CFFE095AA1F097 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\wininet.dll
[2009/07/18 14:16:25 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=D1E1447C4E2077BDFFDD547972FEBDEB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll
[2011/07/23 13:41:23 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D2BA28C2B3CB7F2DBB5A5F92851B3F3F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23216_none_e556c1b2d0c0ce11\wininet.dll
[2010/11/02 09:12:02 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=D364DEB34DB229A4C1EFB1BC68F505C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23091_none_e4fb3d14d1063498\wininet.dll
[2009/08/27 15:40:40 | 000,840,704 | ---- | M] (Microsoft Corporation) MD5=D5709010F06FEC697CCB2831D0821E0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll
[2009/08/27 14:40:58 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=D88D19604AACE2101B13260322FB4A3A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll
[2011/10/01 01:47:25 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=DA000DE8EB63D54DCC206AA0699B9A52 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23250_none_e5258046d0e6a5cb\wininet.dll
[2011/12/15 08:22:01 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=DA7C58952F082AECABF775C83F913C6F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19190_none_e470a3cbb7e975c5\wininet.dll
[2008/02/21 06:43:42 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=DAEED2799D4D19F955C3E90B22A1E91E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[2009/11/21 08:40:20 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DCB9E422810877D7C4115BACE54B084C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18865_none_e4963913b7cc7315\wininet.dll
[2012/08/25 15:55:33 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=DDC718A719B351415455920F71EC4570 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23415_none_e555c534d0c1af08\wininet.dll
[2011/05/28 08:08:58 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=DE4685DE5130039FA63DA66C0F72F787 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19088_none_e4837421b7da2765\wininet.dll
[2012/05/15 08:37:49 | 000,916,992 | ---- | M] (Microsoft Corporation) MD5=DEAF5B0677A6B864B8F4F41C127695DB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.19272_none_e488461db7d76db8\wininet.dll
[2013/01/05 15:05:37 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=E0BC00FCA83D33BB862AB9AEF8174445 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23468_none_e522b676d0e786c2\wininet.dll
[2012/11/09 14:22:23 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=E0F382C955AE33D20D463746E5B6FB50 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23461_none_e51bb470d0edd561\wininet.dll
[2011/05/28 09:12:07 | 000,919,552 | ---- | M] (Microsoft Corporation) MD5=E1E66EB05099B9DDCA178A9A00FCFF74 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23181_none_e5060ee6d0fe15ce\wininet.dll
[2009/08/27 07:22:28 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=E3AB6EBE520E1898663B011D2FC0DF11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\wininet.dll
[2010/02/23 08:39:13 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=EC3B3E6071E3FCD4290BFD42676EE064 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18904_none_e4d61a37b79caf3f\wininet.dll
[2010/05/04 07:59:21 | 000,916,480 | ---- | M] (Microsoft Corporation) MD5=F317362AEB06140E7FB1B29331FDC038 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18928_none_e4c47b87b7a94c7d\wininet.dll
[2013/02/28 21:02:05 | 000,920,064 | ---- | M] (Microsoft Corporation) MD5=F3F7034A822920EDB3FB91F65D67D759 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23471_none_e510e484d0f5f152\wininet.dll
[2008/04/25 06:09:57 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F40594128A6BFDA6C3F0900796895078 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[2010/06/26 08:51:32 | 000,919,040 | ---- | M] (Microsoft Corporation) MD5=F60F99762FABCD7F4B53A4A0EBAE3505 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.23040_none_e5304c66d0de8f8c\wininet.dll
[2008/02/22 06:52:15 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F7FF1E0D443788D6AE4CBCA593530099 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[2009/07/18 18:06:20 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=FCB4E3234667317905333B6A4CDF85FC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:33:13 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll
[2008/01/21 04:34:36 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color]
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll
[2008/01/21 04:34:35 | 000,403,968 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\FirewallAPI.dll
[2013/03/01 14:17:40 | 000,184,320 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\iepeers.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[2013/04/24 15:59:00 | 000,001,002 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/04/22 07:34:00 | 000,001,056 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/24 16:34:00 | 000,001,060 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/04/23 18:23:19 | 000,000,254 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\Tasks\OfferBoxUpdate.job
[2013/04/23 08:37:07 | 000,000,394 | -H-- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\Tasks\{776A9E25-0D7F-4933-8602-107CC0FE6A15}.job

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2013/02/05 00:08:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I080V14.pdf
[2013/03/10 10:42:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0D2UM4.MP4
[2013/02/05 00:06:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0MTN7C.pdf
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0NLTR7.avi
[2013/03/10 21:25:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0OWYW6.avi
[2013/04/20 07:11:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0R70A2.xls
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0VUH5U.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I0WPQWP.jpg
[2013/04/11 16:28:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I1EILKC.xls
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I1KDR3G.JPG
[2013/02/13 08:45:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I1PR4LN
[2013/03/22 04:34:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I2RS6NL.pdf
[2013/03/22 04:00:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I2Y9PD3.doc
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I37HY8D.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I38AJ0H.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I3CV24J.jpg
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I3ROS92.JPG
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I45AFR9.jpg
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I47L9AQ.avi
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I48YPBW.mp4
[2013/03/22 04:35:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4C72DX.docx
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4FB8NC.jpg
[2013/04/23 12:58:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4JBWLM.txt
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4MI3Z6.txt
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4MOJSN.avi
[2013/03/10 21:23:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I4XI43W.avi
[2013/01/19 19:39:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I5HO0ST.JPG
[2013/03/13 08:05:44 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I5ILEKE.docx
[2013/02/26 13:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I5MKHMM.torrent
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I5U0YQU.JPG
[2013/03/10 11:36:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I5WBLZW.MP4
[2013/02/26 13:51:45 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I6JWEUE.mp4
[2013/02/05 00:06:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I6KSP34.pdf
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I6SVAXF.avi
[2013/03/22 04:34:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I7JI5D0.pdf
[2013/04/23 12:58:21 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I7PVO95.avi
[2013/03/22 04:19:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I80QJP7.doc
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I85HVLG.avi
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I8GI95K.avi
[2013/03/10 17:19:57 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I8RIZBE.avi
[2013/03/10 18:31:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$I9CNV3A.pdf
[2013/03/10 21:22:46 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IA7EJGM.MP4
[2013/03/10 18:31:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IAA6R5B.pdf
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IAF4FJP.jpg
[2013/02/26 18:58:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IAP0ED9.pdf
[2013/04/23 12:58:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IB84TBS.torrent
[2013/03/10 18:31:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IBJP9L0.pdf
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IBLGD0K.avi
[2013/03/22 04:00:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IBNI2YQ.docx
[2013/02/05 00:07:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IBXLXKS.pdf
[2013/02/22 08:54:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICDJYIV.zip
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICEM2IF.avi
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICNKFEF.avi
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICOO5EJ.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICRMM5Q.jpg
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICV8SQ2.mp4
[2013/03/22 04:00:28 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICV9RAT.docx
[2013/03/22 04:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICVCYHY.doc
[2013/03/10 21:23:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICWT69N.avi
[2013/02/26 13:51:45 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ICZ14HT.torrent
[2013/03/10 11:36:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ID1WU9P.avi
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ID33NGT.jpg
[2013/03/20 09:01:05 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IDYWNSD.msg
[2013/03/10 21:22:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IE6GSZO.avi
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IEOEVK3.jpg
[2013/02/22 08:54:24 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IFKFWYQ
[2013/03/10 10:41:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IFMFAL7
[2013/03/13 08:08:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IG0CO2G.doc
[2013/03/10 21:23:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IG1BRM5.MP4
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IG93DFK.jpg
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IG9A9VR.JPG
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IGIWK1M.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IGSP7SN.jpg
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IGZDCTZ.jpg
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IH0M7ON.avi
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IILFQT5.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IINFLQD.jpg
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJ5LEX9.avi
[2013/03/10 18:31:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJC05EF.docx
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJEVOBM.jpg
[2013/03/22 04:34:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJFAQ2X.pdf
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJRX0O8.JPG
[2013/03/10 10:45:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IJSIN0W.MP4
[2013/02/05 00:08:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IKMK6JS.pdf
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IKN5PDX.JPG
[2013/02/26 18:58:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IKNAT5I.zip
[2013/03/13 08:07:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IL11JLJ.xls
[2013/02/26 13:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IL79KQ2.mp4
[2013/03/22 04:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILDWQ35.pdf
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILI3PUW.JPG
[2013/02/26 18:53:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILNFCXO.JPG
[2013/02/03 13:24:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILOIAUD.pdf
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILSR2MP.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ILTR0F6.jpg
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IM7TY22.jpg
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IMH25TD.avi
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IMWMODP.avi
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$INOLBB3.jpg
[2013/03/20 08:52:13 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$INSJWLN.msg
[2013/01/18 13:33:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IOA6W73.doc
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IOEHRGR.mp4
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IOU1MN4.mp4
[2013/03/10 10:41:45 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IPC1XID.MP4
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IPD7GY0.JPG
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IPNGF6R.mp4
[2013/02/26 18:58:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IPNV2HX
[2013/02/05 00:07:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQ4PHU8.pdf
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQ893ZV.jpg
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQI4RVG.mp4
[2013/03/10 21:23:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQQ4FEC.MP4
[2013/03/22 04:00:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQXGISV.doc
[2013/03/10 21:23:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IQZ6TGP.MP4
[2013/03/22 04:19:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IR8I8H0.doc
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IRFF8A8.jpg
[2013/03/22 04:34:19 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IRN76XO.docx
[2013/02/06 10:27:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IRZQDDI.avi
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IRZRR6G.avi
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IS0EAYK.JPG
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ISC73DF.jpg
[2013/03/22 04:36:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ISCHCI1.docx
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ISL60B3.jpg
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ISOGCUD.JPG
[2013/02/26 13:20:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ITDFFDM.avi
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ITO6FMO.JPG
[2013/02/26 13:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ITR59RS.mp4
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IUO4BW1.avi
[2013/02/26 13:20:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IV81RIK.avi
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IVEC956.jpg
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IVKM2UH.jpg
[2013/03/10 18:32:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IVM5U4A.jpg
[2013/01/19 19:38:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IVYIOQN.jpg
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IW3IPJC.jpg
[2013/02/26 13:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IWCSZ1N.avi
[2013/03/10 21:23:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IWIO79V.MP4
[2013/03/20 08:58:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IWPRA5U.msg
[2013/03/10 21:23:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IWQ3VV6.MP4
[2013/02/26 13:20:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IWTKSWA.mp4
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IX4UUR4.jpg
[2013/03/13 08:05:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IXCO8L6.doc
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IXIZ82O.jpg
[2013/03/13 08:04:39 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IXNWJ1X.docx
[2013/01/19 19:32:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IXPEM3R.jpg
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IXZAPB0.JPG
[2013/02/22 08:54:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IY6H131
[2013/03/10 18:32:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IY9N6R4.jpg
[2013/03/10 21:23:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IYAFAU9.MP4
[2013/01/19 19:38:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IYFTV4M.jpg
[2013/01/18 13:35:18 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IYQTXXI.doc
[2013/03/10 18:15:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IYVIM6U.JPG
[2013/03/10 18:31:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IYVP7N0.pdf
[2013/04/24 00:24:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IZAYY99.lnk
[2013/01/16 10:36:25 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IZDE3OB.docx
[2013/02/22 08:53:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$IZUUX21.zip
[2012/10/31 06:18:43 | 000,119,637 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R080V14.pdf
[2013/03/06 14:42:02 | 016,613,376 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0D2UM4.MP4
[2012/12/15 14:03:36 | 000,151,499 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0MTN7C.pdf
[2013/02/26 12:03:34 | 072,731,202 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0NLTR7.avi
[2013/03/10 11:44:15 | 027,777,810 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0OWYW6.avi
[2013/03/15 09:18:07 | 000,282,624 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0R70A2.xls
[2013/01/19 13:37:16 | 001,203,873 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0VUH5U.jpg
[2013/03/04 23:07:40 | 001,286,171 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0WPQWP.jpg
[2013/04/11 10:08:33 | 000,026,624 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R1EILKC.xls
[2013/03/03 13:31:16 | 000,693,089 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R1KDR3G.JPG
[2013/02/13 08:44:31 | 000,010,309 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R1PR4LN
[2012/07/05 15:57:27 | 000,002,578 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R2RS6NL.pdf
[2013/02/07 11:56:38 | 000,177,664 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R2Y9PD3.doc
[2012/12/30 15:31:06 | 001,774,088 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R37HY8D.jpg
[2013/01/19 17:36:52 | 001,370,311 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R38AJ0H.jpg
[2012/12/29 14:58:10 | 001,248,109 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R3CV24J.jpg
[2013/03/04 13:01:16 | 000,717,814 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R3ROS92.JPG
[2013/01/19 17:36:32 | 000,829,222 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R45AFR9.jpg
[2011/11/21 19:11:42 | 000,026,877 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4C72DX.docx
[2012/12/29 15:58:10 | 001,248,580 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4FB8NC.jpg
[2013/04/23 12:57:32 | 000,007,681 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4JBWLM.txt
[2013/02/26 12:03:34 | 000,000,274 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4MI3Z6.txt
[2013/03/10 17:54:07 | 027,777,810 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4XI43W.avi
[2013/01/19 19:34:00 | 001,856,174 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R5HO0ST.JPG
[2012/09/12 14:57:26 | 000,018,196 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R5ILEKE.docx
[2013/02/26 12:03:31 | 000,593,134 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R5MKHMM.torrent
[2013/03/08 18:16:46 | 000,690,208 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R5U0YQU.JPG
[2013/03/06 14:44:40 | 063,078,400 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R5WBLZW.MP4
[2013/01/09 20:03:34 | 000,015,764 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R6KSP34.pdf
[2010/07/09 08:40:41 | 000,001,892 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R7JI5D0.pdf
[2013/04/23 12:58:21 | 729,656,768 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R7PVO95.avi
[2013/02/07 11:59:04 | 000,055,808 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R80QJP7.doc
[2013/03/10 11:47:57 | 018,567,620 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R8RIZBE.avi
[2013/02/14 22:59:12 | 000,290,847 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R9CNV3A.pdf
[2013/03/03 12:20:02 | 035,438,592 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RA7EJGM.MP4
[2013/01/20 22:36:38 | 000,839,290 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RAA6R5B.pdf
[2013/01/19 13:37:16 | 001,203,873 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RAF4FJP.jpg
[2013/02/07 11:59:54 | 000,131,334 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RAP0ED9.pdf
[2013/04/23 12:57:31 | 000,015,141 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RB84TBS.torrent
[2013/01/02 20:36:15 | 000,455,643 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RBJP9L0.pdf
[2013/03/10 10:35:23 | 000,034,552 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RBNI2YQ.docx
[2012/12/03 00:13:05 | 000,013,140 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RBXLXKS.pdf
[2013/02/22 08:50:59 | 000,013,472 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCDJYIV.zip
[2013/02/26 12:03:34 | 002,822,980 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCEM2IF.avi
[2013/01/19 17:37:36 | 001,510,695 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCOO5EJ.jpg
[2013/03/04 23:07:20 | 001,183,741 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCRMM5Q.jpg
[2012/11/25 18:13:12 | 001,337,851 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCV8SQ2.mp4
[2013/02/28 18:45:16 | 000,019,189 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCV9RAT.docx
[2012/12/16 22:41:49 | 000,023,040 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCVCYHY.doc
[2013/03/10 12:23:56 | 003,824,818 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCWT69N.avi
[2013/02/26 13:20:43 | 000,013,958 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCZ14HT.torrent
[2013/03/10 10:59:14 | 032,281,862 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RD1WU9P.avi
[2012/12/21 09:26:04 | 000,783,463 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RD33NGT.jpg
[2013/03/13 00:09:48 | 000,227,840 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RDYWNSD.msg
[2013/03/10 11:48:39 | 018,722,900 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RE6GSZO.avi
[2012/12/29 15:58:10 | 001,248,580 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$REOEVK3.jpg
[2012/10/15 11:14:57 | 000,022,528 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RG0CO2G.doc
[2013/03/04 18:38:04 | 054,018,048 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RG1BRM5.MP4
[2013/01/19 13:36:42 | 001,159,574 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RG93DFK.jpg
[2013/03/04 13:06:02 | 000,676,533 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RG9A9VR.JPG
[2012/12/21 18:35:24 | 000,875,472 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RGIWK1M.jpg
[2013/01/25 19:12:52 | 001,033,001 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RGSP7SN.jpg
[2012/12/21 17:35:24 | 000,875,633 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RGZDCTZ.jpg
[2013/02/22 23:55:52 | 001,180,980 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RILFQT5.jpg
[2013/01/19 17:39:30 | 000,928,861 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RINFLQD.jpg
[2013/02/14 21:53:17 | 000,014,900 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJC05EF.docx
[2012/12/21 08:26:04 | 000,783,463 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJEVOBM.jpg
[2010/06/01 10:48:34 | 000,068,363 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJFAQ2X.pdf
[2013/03/07 19:07:38 | 000,733,123 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJRX0O8.JPG
[2013/03/06 18:25:30 | 025,477,120 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJSIN0W.MP4
[2012/11/02 11:33:58 | 000,137,771 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RKMK6JS.pdf
[2013/03/02 20:02:26 | 000,631,489 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RKN5PDX.JPG
[2013/02/16 21:09:57 | 000,000,022 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RKNAT5I.zip
[2012/10/15 16:15:50 | 000,014,848 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RL11JLJ.xls
[2013/02/28 16:53:02 | 000,280,168 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLDWQ35.pdf
[2013/03/04 14:21:48 | 000,698,785 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLI3PUW.JPG
[2013/02/24 16:11:36 | 001,474,556 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLNFCXO.JPG
[2013/02/03 13:24:05 | 000,117,559 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLOIAUD.pdf
[2013/01/19 17:38:34 | 000,890,575 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLSR2MP.jpg
[2013/01/19 17:40:18 | 001,376,165 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLTR0F6.jpg
[2012/12/21 18:35:24 | 000,875,472 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RM7TY22.jpg
[2012/12/21 09:27:06 | 000,850,347 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RNOLBB3.jpg
[2013/03/13 00:09:48 | 000,111,616 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RNSJWLN.msg
[2013/01/18 13:16:13 | 000,035,328 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ROA6W73.doc
[2012/11/22 19:40:00 | 013,989,504 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ROEHRGR.mp4
[2013/03/06 14:09:38 | 005,996,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RPC1XID.MP4
[2013/03/07 19:06:44 | 000,705,963 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RPD7GY0.JPG
[2012/11/22 19:41:40 | 003,019,037 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RPNGF6R.mp4
[2012/10/31 06:18:18 | 000,092,964 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RQ4PHU8.pdf
[2012/12/30 15:31:06 | 001,774,088 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RQ893ZV.jpg
[2013/03/04 18:30:32 | 034,783,232 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RQQ4FEC.MP4
[2013/02/07 11:56:43 | 000,455,680 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RQXGISV.doc
[2013/03/08 18:11:20 | 034,078,720 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RQZ6TGP.MP4
[2012/11/09 11:52:24 | 000,029,184 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RR8I8H0.doc
[2012/12/18 20:48:26 | 000,820,931 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RRFF8A8.jpg
[2013/03/21 21:56:50 | 000,015,376 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RRN76XO.docx
[2013/03/08 18:16:40 | 000,690,519 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RS0EAYK.JPG
[2012/12/21 09:26:04 | 000,783,463 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RSC73DF.jpg
[2010/06/01 10:45:11 | 000,012,156 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RSCHCI1.docx
[2013/01/19 17:37:06 | 001,865,162 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RSL60B3.jpg
[2013/03/07 19:18:46 | 000,652,679 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RSOGCUD.JPG
[2013/03/07 19:17:00 | 000,687,047 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RTO6FMO.JPG
[2013/01/19 12:37:16 | 001,203,443 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVEC956.jpg
[2012/12/21 09:27:06 | 000,850,347 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVKM2UH.jpg
[2012/12/21 08:27:06 | 000,850,347 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVM5U4A.jpg
[2013/01/19 18:38:16 | 000,919,442 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVYIOQN.jpg
[2013/01/19 17:38:16 | 000,919,442 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RW3IPJC.jpg
[2013/03/04 13:11:42 | 007,536,640 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RWIO79V.MP4
[2013/03/13 00:09:48 | 000,532,480 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RWPRA5U.msg
[2013/03/06 18:26:28 | 026,099,712 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RWQ3VV6.MP4
[2013/01/19 17:38:52 | 001,169,016 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RX4UUR4.jpg
[2012/10/12 16:23:35 | 000,031,744 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXCO8L6.doc
[2013/01/19 12:36:42 | 001,159,204 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXIZ82O.jpg
[2012/06/14 17:52:15 | 000,146,110 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXNWJ1X.docx
[2012/12/18 20:48:26 | 000,820,931 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXPEM3R.jpg
[2013/03/04 18:43:58 | 000,670,099 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXZAPB0.JPG
[2012/12/30 14:31:06 | 001,772,832 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RY9N6R4.jpg
[2013/03/08 18:05:18 | 067,567,616 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RYAFAU9.MP4
[2013/01/19 13:36:42 | 001,159,574 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RYFTV4M.jpg
[2013/01/18 13:29:32 | 000,136,704 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RYQTXXI.doc
[2013/03/04 18:32:14 | 000,686,214 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RYVIM6U.JPG
[2013/03/01 22:00:56 | 000,430,135 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RYVP7N0.pdf
[2013/04/23 11:51:36 | 000,000,906 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RZAYY99.lnk
[2010/09/23 09:10:29 | 000,010,654 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RZDE3OB.docx
[2013/02/22 08:51:12 | 000,012,536 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RZUUX21.zip
[2009/09/18 22:38:16 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\desktop.ini
[2013/02/22 08:52:39 | 000,036,259 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RFKFWYQ\how.i.met.your.mother.s05e01.720p.hdtv.x264-ctu.srt
[2013/02/19 15:27:16 | 000,073,450 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RPNV2HX\RIB Anne.pdf
[2006/11/02 14:58:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 14:58:10 | 000,032,578 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/02 22:13:54 | 000,001,056 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009/10/02 22:13:55 | 000,001,060 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011/03/19 14:07:49 | 000,000,408 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{689BC3EB-DC48-40BF-BECA-559067D1214D}.job
[2011/05/12 18:26:55 | 000,001,038 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313495416-4091907384-1742407767-1000Core.job
[2011/05/12 18:26:55 | 000,001,090 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2313495416-4091907384-1742407767-1000UA.job
[2011/11/15 17:21:01 | 000,000,254 | ---- | C] () -- C:\Windows\Tasks\OfferBoxUpdate.job
[2012/05/11 08:21:53 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/01/21 11:55:19 | 000,000,394 | -H-- | C] () -- C:\Windows\Tasks\{776A9E25-0D7F-4933-8602-107CC0FE6A15}.job

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RE6GSZO.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RD1WU9P.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCWT69N.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R4XI43W.avi:TOC.WMV
@Alternate Data Stream - 56375 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SVXWV4PTSVVVFFNYTF1RVDNVCLLB4MG5HWLT4RXPB4RJ9PTLP3NXVVVVVVVVVVVVV
@Alternate Data Stream - 461 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RW3IPJC.jpg:com.dropbox.attributes
@Alternate Data Stream - 460 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RX4UUR4.jpg:com.dropbox.attributes
@Alternate Data Stream - 460 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVM5U4A.jpg:com.dropbox.attributes
@Alternate Data Stream - 460 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RSL60B3.jpg:com.dropbox.attributes
@Alternate Data Stream - 460 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RGZDCTZ.jpg:com.dropbox.attributes
@Alternate Data Stream - 460 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCOO5EJ.jpg:com.dropbox.attributes
@Alternate Data Stream - 459 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RXIZ82O.jpg:com.dropbox.attributes
@Alternate Data Stream - 459 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLTR0F6.jpg:com.dropbox.attributes
@Alternate Data Stream - 459 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R45AFR9.jpg:com.dropbox.attributes
@Alternate Data Stream - 459 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R38AJ0H.jpg:com.dropbox.attributes
@Alternate Data Stream - 458 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RY9N6R4.jpg:com.dropbox.attributes
@Alternate Data Stream - 458 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RJEVOBM.jpg:com.dropbox.attributes
@Alternate Data Stream - 457 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0WPQWP.jpg:com.dropbox.attributes
@Alternate Data Stream - 456 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RLSR2MP.jpg:com.dropbox.attributes
@Alternate Data Stream - 456 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RINFLQD.jpg:com.dropbox.attributes
@Alternate Data Stream - 456 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R3CV24J.jpg:com.dropbox.attributes
@Alternate Data Stream - 455 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCRMM5Q.jpg:com.dropbox.attributes
@Alternate Data Stream - 454 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RGSP7SN.jpg:com.dropbox.attributes
@Alternate Data Stream - 452 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RVEC956.jpg:com.dropbox.attributes
@Alternate Data Stream - 451 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RILFQT5.jpg:com.dropbox.attributes
@Alternate Data Stream - 433 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$ROEHRGR.mp4:com.dropbox.attributes
@Alternate Data Stream - 432 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RCV8SQ2.mp4:com.dropbox.attributes
@Alternate Data Stream - 430 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$RPNGF6R.mp4:com.dropbox.attributes
@Alternate Data Stream - 161 bytes -> c:\$recycle.bin\S-1-5-21-2313495416-4091907384-1742407767-1000\$R0OWYW6.avi:com.dropbox.attributes
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:68C4BECC

< End of report >

Publicité


Signaler le contenu de ce document

Publicité