cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 05/09/2013 19:52:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marie\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

15,89 Gb Total Physical Memory | 13,00 Gb Available Physical Memory | 81,79% Memory free
19,89 Gb Paging File | 16,84 Gb Available in Paging File | 84,68% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 605,28 Gb Free Space | 86,64% Space Free | Partition Type: NTFS

Computer Name: MARIE-PC | User Name: Marie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/09/05 19:51:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marie\Downloads\OTL.exe
PRC - [2013/08/30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/07/13 03:37:19 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/07/09 02:37:42 | 004,640,768 | ---- | M] (Spotify Ltd) -- C:\Users\Marie\AppData\Roaming\Spotify\spotify.exe
PRC - [2013/07/09 02:37:41 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/07/02 11:19:30 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/07/02 11:19:30 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/05/25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/05/20 18:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/05/15 09:27:22 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/05/15 09:27:16 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/05/15 09:27:02 | 000,165,144 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/05/09 17:33:38 | 004,728,320 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2011/02/18 15:57:30 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
PRC - [2009/12/25 09:00:24 | 001,750,528 | ---- | M] () -- C:\Program Files (x86)\Hotkey\LightShow.exe
PRC - [2009/10/01 17:45:29 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
PRC - [2009/10/01 17:45:27 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
PRC - [2009/08/14 18:29:04 | 000,515,480 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PopupMenu.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/08/24 19:49:53 | 000,410,576 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
MOD - [2013/08/24 19:49:52 | 013,594,064 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
MOD - [2013/08/24 19:49:51 | 004,053,456 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
MOD - [2013/08/24 19:49:01 | 000,709,584 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\libglesv2.dll
MOD - [2013/08/24 19:49:00 | 000,099,792 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\libegl.dll
MOD - [2013/08/24 19:48:58 | 001,604,560 | ---- | M] () -- C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\ffmpegsumo.dll
MOD - [2013/08/14 20:49:26 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 20:34:21 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/14 20:33:52 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/14 20:33:48 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 20:33:35 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 20:33:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/10 02:25:08 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/07/09 02:37:42 | 024,985,600 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2013/03/13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Marie\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/05/09 17:33:38 | 004,728,320 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/13 02:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/12/25 09:00:24 | 001,750,528 | ---- | M] () -- C:\Program Files (x86)\Hotkey\LightShow.exe
MOD - [2009/10/01 17:45:29 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
MOD - [2009/10/01 17:45:27 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
MOD - [2009/08/14 18:29:04 | 000,515,480 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PopupMenu.exe
MOD - [2009/07/17 14:33:27 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdrs.dll
MOD - [2009/07/17 14:32:35 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll
MOD - [2009/06/23 13:11:03 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epoemdll.dll
MOD - [2009/06/23 13:10:27 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll
MOD - [2009/06/23 13:09:07 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizres.dll
MOD - [2009/06/06 14:50:32 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Audiodll.dll
MOD - [2009/05/27 14:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll
MOD - [2009/04/28 09:56:28 | 000,024,064 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsmr.dll
MOD - [2009/04/07 21:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll
MOD - [2009/03/30 14:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizard.dll
MOD - [2009/03/30 14:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll
MOD - [2009/03/30 14:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epfunct.dll
MOD - [2009/03/30 14:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\eputil.dll
MOD - [2009/03/30 14:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\imagutil.dll
MOD - [2009/03/10 07:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll
MOD - [2009/03/02 16:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll
MOD - [2009/02/20 10:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsm.dll
MOD - [2006/12/11 02:10:26 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Hotkey\AudioControlDLL.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/08/30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2012/08/14 12:02:42 | 000,027,792 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:[b]64bit:[/b] - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2010/08/19 17:43:23 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:[b]64bit:[/b] - [2009/07/29 16:53:43 | 001,054,888 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)
SRV:[b]64bit:[/b] - [2009/07/29 16:53:37 | 000,033,960 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/07/02 11:19:30 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/06/21 17:57:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/31 18:02:00 | 001,258,856 | R--- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 09:27:22 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/05/15 09:27:16 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/05/15 09:27:02 | 000,165,144 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/02/18 15:57:30 | 000,035,328 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/29 16:53:37 | 000,033,960 | ---- | M] () [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2009/07/29 16:53:27 | 000,602,792 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxebcoms.exe -- (lxeb_device)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/08/30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/08/14 12:02:36 | 002,206,352 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2012/07/31 18:02:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012/05/20 18:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012/05/20 18:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012/05/20 18:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012/05/09 07:06:42 | 000,293,992 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2012/03/09 14:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/12/05 22:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2011/12/05 08:03:10 | 000,196,904 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2011/12/01 16:51:00 | 011,417,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2011/11/09 19:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE DF 3E 0F 1B 2F CE 01 [binary data]
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\..\SearchScopes\{61D577F3-E926-460C-AE05-DFA18074F411}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\..\SearchScopes\{9DE2B88C-9343-4FF8-B74D-C196F2AFA0C0}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3307695&CUI=UN24626455519821249&UM=3
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marie\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marie\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)


[2013/08/30 11:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\Extensions
[2013/08/30 11:48:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/09/04 19:46:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marie\AppData\Roaming\mozilla\Firefox\extensions
[2013/09/04 19:46:25 | 000,000,000 | ---D | M] (01NET.com V1) -- C:\Users\Marie\AppData\Roaming\mozilla\Firefox\extensions\{e4f7b179-a3f6-47d8-9832-cb7b2627312a}

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN56013101023910432&ctid=CT3307695&UM=3
CHR - default_search_provider: suggest_url = http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN56013101023910432&UM=3
CHR - homepage: http://search.conduit.com/?ctid=CT3307695&SearchSource=48&CUI=UN56013101023910432&UM=3
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marie\AppData\Local\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Marie\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Documents Google = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google\u00A0Drive = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Recherche Google = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/04/17 23:17:54 | 000,000,763 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [lxebmon.exe] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000..\Run: [Spotify] C:\Users\Marie\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000..\Run: [Spotify Web Helper] C:\Users\Marie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3175689593-1757370015-2507592337-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92AE4232-9FF9-490C-80FC-4ED055758BC4}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DC787ED-29BB-4BEE-BA41-1698EA2268E4}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:[b]64bit:[/b] {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/09/04 23:54:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/04 21:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/09/04 21:25:58 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013/09/04 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/09/04 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/09/04 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/09/04 21:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/09/04 21:19:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013/09/04 19:48:06 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\TeamViewer
[2013/08/30 11:51:58 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\Downloaded Installations
[2013/08/30 11:48:31 | 000,000,000 | ---D | C] -- C:\Users\Marie\Documents\TomTom
[2013/08/30 11:48:05 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\TomTom
[2013/08/30 11:48:05 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Local\TomTom
[2013/08/30 11:48:05 | 000,000,000 | ---D | C] -- C:\Users\Marie\AppData\Roaming\Mozilla
[2013/08/30 11:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2013/08/30 11:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2013/08/30 11:47:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom HOME 2
[2013/08/14 08:37:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/14 08:37:11 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/14 08:37:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 08:37:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 08:37:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 08:37:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 08:37:10 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 08:37:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 08:37:10 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/14 08:37:10 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/14 08:37:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 08:37:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 08:37:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/14 08:37:09 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 08:37:08 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 08:34:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/14 06:00:41 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/14 06:00:41 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/14 06:00:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/14 06:00:32 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/14 06:00:32 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/14 06:00:31 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/14 06:00:28 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/14 06:00:27 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/14 06:00:27 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/14 06:00:27 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/14 06:00:26 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/14 06:00:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/14 06:00:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/14 06:00:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/14 06:00:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/14 06:00:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/06 22:32:50 | 000,000,000 | ---D | C] -- C:\Users\Marie\Desktop\Appart Belgique
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/09/05 19:54:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/09/05 19:42:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/05 19:06:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3175689593-1757370015-2507592337-1000UA.job
[2013/09/05 19:00:48 | 001,557,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/05 19:00:48 | 000,707,236 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013/09/05 19:00:48 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/05 19:00:48 | 000,131,632 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013/09/05 19:00:48 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/05 18:56:06 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/05 18:55:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/05 18:55:45 | 4208,803,838 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/05 00:23:57 | 000,010,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/05 00:23:57 | 000,010,336 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 21:25:59 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/09/04 17:17:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/08/30 16:06:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3175689593-1757370015-2507592337-1000Core.job
[2013/08/30 10:10:47 | 000,002,332 | ---- | M] () -- C:\Users\Marie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/30 09:48:10 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/08/30 09:48:10 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/08/30 09:48:10 | 000,204,880 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/08/30 09:48:10 | 000,072,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/08/30 09:48:10 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/08/30 09:48:10 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/08/30 09:48:09 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/08/30 09:48:09 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/08/30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/08/30 09:47:14 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/09/05 19:54:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/09/04 21:25:59 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/24 11:36:29 | 000,008,704 | ---- | C] () -- C:\Users\Marie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/05/07 22:31:51 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEBinst.dll
[2013/05/07 22:31:50 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebinpa.dll
[2013/05/07 22:31:50 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxebcomx.dll
[2013/05/07 22:31:50 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebiesc.dll
[2013/05/07 22:31:50 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxebinsr.dll
[2013/05/07 22:31:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxebjswr.dll
[2013/05/07 22:31:50 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxebcur.dll
[2013/05/07 22:31:48 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebpmui.dll
[2013/05/07 22:31:47 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebusb1.dll
[2013/05/07 22:31:47 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxebins.dll
[2013/05/07 22:31:47 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxebinsb.dll
[2013/05/07 22:31:47 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxebcu.dll
[2013/05/07 22:31:47 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxebcub.dll
[2013/05/07 22:31:46 | 001,056,768 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebserv.dll
[2013/05/07 22:31:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebhbn3.dll
[2013/05/07 22:31:45 | 000,581,632 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeblmpm.dll
[2013/05/07 22:31:45 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebih.exe
[2013/05/07 22:31:44 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomc.dll
[2013/05/07 22:31:44 | 000,602,792 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcoms.exe
[2013/05/07 22:31:44 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomm.dll
[2013/05/07 22:31:43 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcfg.exe
[2013/05/07 22:28:51 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXEBsmr.dll
[2013/05/07 22:28:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEBsm.dll
[2013/05/03 13:48:10 | 001,578,010 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/04/06 03:20:39 | 000,000,413 | ---- | C] () -- C:\Users\Marie\AppData\Roaming\ceccam11.ini
[2013/04/01 23:05:32 | 000,755,572 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2013/04/01 23:05:32 | 000,559,972 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/04/20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013/09/05 18:56:34 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Dropbox
[2013/05/07 14:19:14 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\PhotoFiltre Studio X
[2013/09/05 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\Spotify
[2013/09/04 19:51:53 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\TeamViewer
[2013/08/30 11:48:05 | 000,000,000 | ---D | M] -- C:\Users\Marie\AppData\Roaming\TomTom

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2013/04/01 19:51:21 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/09/05 18:55:45 | 4208,803,838 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/05 18:55:47 | 4294,967,295 | -HS- | M] () -- C:\pagefile.sys
[2013/09/05 19:54:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/08 03:01:59 | 000,000,086 | ---- | M] () -- C:\setup.log

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

[color=#A23BEC]< %PROGRAMFILES%\*. >[/color]
[2013/05/07 22:33:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
[2013/04/07 20:22:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2013/04/01 23:38:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2013/04/17 17:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2013/05/05 14:43:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2013/07/08 17:36:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cheat Engine 6.1
[2013/07/04 21:36:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/04/17 17:38:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cyberlink
[2013/04/02 19:59:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Eidos
[2013/07/31 00:43:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2013/04/16 20:25:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hotkey
[2013/04/17 17:39:12 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/04/16 20:14:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2013/08/14 20:32:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2013/09/04 21:25:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2013/05/07 22:42:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Pro200-S500 Series
[2013/05/07 22:32:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Toolbar
[2013/04/05 20:21:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2013/04/05 20:21:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/04/05 20:18:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/04/05 20:21:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2013/04/05 20:20:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2013/04/05 20:21:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2013/05/13 17:24:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2013/04/01 23:38:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/05/07 14:15:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoFiltre Studio X
[2013/07/11 21:15:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2013/04/16 20:05:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2013/04/02 18:46:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reverie World Studios
[2013/07/14 16:57:47 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2013/04/01 22:56:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2013/08/30 11:52:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TomTom HOME 2
[2013/08/30 11:47:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TomTom International B.V
[2009/07/14 06:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2013/04/16 20:16:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VIA
[2013/04/01 23:50:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2013/07/10 02:21:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2013/04/03 13:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/04/03 13:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 07:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2013/04/03 13:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2013/04/03 13:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2013/04/03 13:26:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color]
[2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\SysNative\appmgmts.dll
[2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\winsxs\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_ddc3da0b75baa7e0\appmgmts.dll
[2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\SysWOW64\appmgmts.dll
[2009/07/14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\winsxs\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_e818845daa1b69db\appmgmts.dll

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color]
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2010/03/12 23:47:22 | 000,006,440 | ---- | M] () MD5=ACD301711FC165ED77A8D364D407BAF9 -- C:\Program Files\CyberLink\PowerDirector10\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

[color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color]
[2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\SysWOW64\hidserv.dll
[2009/07/14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hidserv.dll
[2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\SysNative\hidserv.dll
[2009/07/14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hidserv.dll

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

[color=#A23BEC]< MD5 for: IMM32.DLL >[/color]
[2009/07/14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=0DE3069D6E09BA262856EF31C941BEFE -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_c29fba0fc87cc5a4\imm32.dll
[2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\SysWOW64\imm32.dll
[2010/11/20 14:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll
[2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\SysNative\imm32.dll
[2009/07/14 03:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll

[color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color]
[2012/10/04 19:41:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DC3504CA4C57900F1557E9A3F01D272 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
[2012/10/04 19:32:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DDCACAB8DA5399E5521051923016B18 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll
[2013/07/08 07:05:01 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=2997A7BC59E3EEFE8E86D1B0F3A3D748 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_fc86373dba95bd39\kernel32.dll
[2013/01/04 06:51:08 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=385BE92E3106491BBB542F8F1C06C606 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_fa5ee836a41ba799\kernel32.dll
[2013/07/08 07:14:41 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=38E54D419A2962E24D35D868E4724AE7 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22379_none_f2318ceb8634fb3e\kernel32.dll
[2013/01/04 07:30:34 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=43DB3433F141F01E53D1C5AA0F434098 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17206_none_f00a3de46fbae59e\kernel32.dll
[2009/07/14 03:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=5B4B379AD10DEDA4EDA01B8C6961B193 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll
[2012/10/04 18:36:32 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5FA395364EE727E4BEE6B1406C207F98 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
[2009/07/14 03:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) MD5=606ECB76A424CC535407E7A24E2A34BC -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll
[2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\SysNative\kernel32.dll
[2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[2012/10/04 19:29:16 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6EED0D77C20137948979EA47360A890B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll
[2010/11/20 15:26:42 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=7A6326D96D53048FDEC542DF23D875A0 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[2013/01/04 06:52:09 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=7E55988F5CB3BA67E2732370E8D71BBB -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll
[2012/11/30 06:57:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9CC2571E3646B9A24296AD7ADCC71682 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[2013/01/04 16:14:42 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=9DD828EFBD17246275E8A74D58E836AC -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_f0890ca988e09e80\kernel32.dll
[2012/10/04 18:54:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A6778FC49011313995A4D718F624CC74 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll
[2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\SysWOW64\kernel32.dll
[2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[2012/11/30 07:52:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B3BEA6420D482356E53B7C728E05C637 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[2012/11/30 07:38:48 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B6B1AB98BA656BA1D8E0CA03F59DED51 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll
[2013/01/04 07:36:09 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=B844114B247D8EF1E5E4E93A282D2E6F -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll
[2012/11/30 07:06:48 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C95793F4BE3471AEED92F5BF367BE69E -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll
[2012/10/04 18:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D4F3176082566CEFA633B4945802D4C4 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
[2012/10/04 18:56:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=DE7A37CB1F48526A78A2D42786411578 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll
[2012/11/30 07:43:53 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=E3BC37881D92EB59EE0BA3B854A54D1E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll
[2012/11/30 06:51:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=E747ADB6223DBBE1BB138F08A09ADAD6 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll
[2010/11/20 14:08:56 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=E80758CF485DB142FCA1EE03A34EAD05 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
[2012/10/04 19:37:46 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=F3C594D0DA3ACFA6C7B781A490AB4282 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
[2013/01/04 06:51:07 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F9F6CD9EF1F6C896A56B5259B81027D9 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21416_none_faddb6fbbd41607b\kernel32.dll

[color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color]
[2009/07/14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 15:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\SysNative\mswsock.dll
[2010/11/20 15:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2010/11/20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\SysWOW64\mswsock.dll
[2010/11/20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2009/07/14 03:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2012/08/22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

[color=#A23BEC]< MD5 for: NTFS.SYS >[/color]
[2010/11/20 15:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[2012/08/31 20:02:20 | 001,656,688 | ---- | M] (Microsoft Corporation) MD5=184C189D4FC416978550FC599BB4EDDA -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17119_none_02b5b16c36606152\ntfs.sys
[2009/07/14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
[2011/03/11 08:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys
[2011/03/11 08:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys
[2011/03/11 08:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[2013/04/12 16:36:57 | 001,679,208 | ---- | M] (Microsoft Corporation) MD5=91127EC56F7BA2182EA1340DC00F98E5 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21499_none_02e8d2a34fbedaf2\ntfs.sys
[2013/04/12 16:36:37 | 001,653,096 | ---- | M] (Microsoft Corporation) MD5=9A6089B056EA1B83B36424FC9D0A300E -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17281_none_0262018e36a05758\ntfs.sys
[2013/03/02 07:21:45 | 001,686,376 | ---- | M] (Microsoft Corporation) MD5=9A77052C2F5F408CB8402D992360BC07 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22272_none_04ddcd7b4cdb5d9b\ntfs.sys
[2011/03/11 08:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[2013/04/12 16:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys
[2013/03/02 07:52:57 | 001,652,568 | ---- | M] (Microsoft Corporation) MD5=A7368ED1B924FA49283F1A83776F8A02 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17267_none_027da322368ab780\ntfs.sys
[2013/03/02 07:51:35 | 001,679,192 | ---- | M] (Microsoft Corporation) MD5=B147ABE91034179A87E5CE7D8CDCFAD1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21483_none_02eda0d34fbc26f7\ntfs.sys
[2012/08/31 19:57:17 | 001,687,408 | ---- | M] (Microsoft Corporation) MD5=B2746D84DDF68D09B41B72DF745CCBA6 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22104_none_052b7b9d4ca0cf8b\ntfs.sys
[2013/03/02 08:04:53 | 001,655,656 | ---- | M] (Microsoft Corporation) MD5=B8965FB53551B5455630A4B804D0791F -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18106_none_04a3e14c33815f96\ntfs.sys
[2013/04/12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\SysNative\drivers\ntfs.sys
[2013/04/12 16:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys
[2012/08/31 20:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) MD5=E453ACF4E7D44E5530B5D5F2B9CA8563 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17945_none_0477c74a33a2859a\ntfs.sys
[2012/08/31 20:19:30 | 001,680,240 | ---- | M] (Microsoft Corporation) MD5=FDC7C8346B6D8274631951F1469F95D7 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21316_none_033c4f3f4f80b23e\ntfs.sys

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

[color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color]
[2009/07/14 03:39:28 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=19117589BA265AAF89BEBE1E9040000C -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_83bbe97eac162e90\proquota.exe
[2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\SysWOW64\proquota.exe
[2010/11/20 14:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_29ce61c2f0a740f4\proquota.exe
[2009/07/14 03:14:29 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=8CDF71E78469BE54C29C1AD2FC8DE611 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_279d4dfaf3b8bd5a\proquota.exe
[2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\SysNative\proquota.exe
[2010/11/20 15:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_85ecfd46a904b22a\proquota.exe

[color=#A23BEC]< MD5 for: QMGR.DLL >[/color]
[2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 15:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/14 03:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2012/02/11 08:29:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=567977DC43CC13C4C35ED7084C0B84D5 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe
[2012/02/11 08:26:04 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=807B5B0E287027F72AC37B0CDA9512DA -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe
[2010/08/20 07:38:12 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=8547491BE7086EE317163365D83A37D2 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_32ca3745f45762fc\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe
[2012/02/11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe
[2009/07/14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
[2010/11/20 15:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[2012/02/11 08:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe
[2010/08/21 08:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) MD5=F8E1FA03CB70D54A9892AC88B91D1E7B -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_3252392adb2d25f4\spoolsv.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

[color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color]
[2009/07/14 03:41:55 | 000,706,560 | ---- | M] (Microsoft Corporation) MD5=0F05EC2887BFE197AD82A13287D2F404 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll
[2010/11/20 15:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\SysNative\termsrv.dll
[2010/11/20 15:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2012/09/06 22:08:56 | 000,296,304 | ---- | M] (Microsoft Corporation) MD5=523E3C704BEE5326A502BA235D0938D6 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.21320_none_72710b5b2eb7975f\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[2012/09/06 19:38:18 | 000,295,792 | ---- | M] (Microsoft Corporation) MD5=9E425AC5C9A5A973273D169F43B4F5E1 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.17122_none_71e96d3e15982d1c\volsnap.sys

[color=#A23BEC]< MD5 for: WININET.DLL >[/color]
[2013/04/02 00:08:26 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=03728C624D05C2F157BBD46F6B7F6EA0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16470_none_1a318655bc42d5b9\wininet.dll
[2013/06/12 07:12:14 | 002,248,704 | ---- | M] (Microsoft Corporation) MD5=09BF0D9701F9D846BBC5ABED003851CB -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_68e1306a2bfc938f\wininet.dll
[2009/07/14 03:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) MD5=0D874F3BC751CC2198AF2E6783FB8B35 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll
[2013/05/17 02:59:03 | 002,241,024 | ---- | M] (Microsoft Corporation) MD5=12716D987D475B051F35895659159705 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_7fb67884124fff26\wininet.dll
[2010/12/21 07:29:12 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=1B3DD46BC6396143A205EAAF05F38039 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll
[2010/12/21 08:09:07 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=1D3466E7E9D63F8B2B84A8AD5E833C29 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_79346fb94b962189\wininet.dll
[2013/04/05 07:19:01 | 001,775,616 | ---- | M] (Microsoft Corporation) MD5=1D48B7F4618EE77430ACECCA1BCA88E1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_0cd17cc273935223\wininet.dll
[2013/05/17 03:25:57 | 001,767,936 | ---- | M] (Microsoft Corporation) MD5=2473CA6595A2659D7039A4A89FECA269 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_2397dd0059f28df0\wininet.dll
[2013/06/12 06:19:11 | 001,777,664 | ---- | M] (Microsoft Corporation) MD5=24AE444B165D11835EF3D38CF3CC7FA4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_0cc294e6739f2259\wininet.dll
[2013/04/05 08:52:14 | 002,242,048 | ---- | M] (Microsoft Corporation) MD5=27A9000C534AA9BADC9EE74940F50C6D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_7fc71c9c1242ae81\wininet.dll
[2013/02/28 18:34:37 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=2CB9A124659320621A9A0B134ADF9D43 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17256_none_78b983bc326cf308\wininet.dll
[2013/02/25 01:21:50 | 002,247,168 | ---- | M] (Microsoft Corporation) MD5=32D39C8BA5940DA0EB6E7993F3190F92 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_68ebd2c62bf4aae0\wininet.dll
[2013/05/17 03:42:58 | 001,777,664 | ---- | M] (Microsoft Corporation) MD5=425A20F1C6855222944BFD4FA9BE61A5 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_0cbef49073a289bb\wininet.dll
[2010/11/20 14:21:36 | 000,980,992 | ---- | M] (Microsoft Corporation) MD5=44214C94911C7CFB1D52CB64D5E8368D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
[2013/04/05 07:28:24 | 001,767,424 | ---- | M] (Microsoft Corporation) MD5=5ABB3F36AF17007F33FA275E96A2C95E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_23a8811859e53d4b\wininet.dll
[2013/07/26 06:00:11 | 002,248,704 | ---- | M] (Microsoft Corporation) MD5=5C49F5A791B944AD8247473ABD35602D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_68e2a84e2bfb6003\wininet.dll
[2013/04/05 07:12:39 | 002,247,168 | ---- | M] (Microsoft Corporation) MD5=61962C7A2D6E32827F089E6F0A03E533 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_68f018462bf0c359\wininet.dll
[2013/04/05 17:04:32 | 002,240,512 | ---- | M] (Microsoft Corporation) MD5=69F1D418B4C4EC23033D598E4CBC6B73 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_7fc28d121246afa9\wininet.dll
[2013/02/28 15:56:54 | 001,189,888 | ---- | M] (Microsoft Corporation) MD5=734A1387945DA9215102A782E83C460E -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22258_none_7b2b800748af2e93\wininet.dll
[2013/02/21 12:15:07 | 002,240,512 | ---- | M] (Microsoft Corporation) MD5=753C0848AE7872A3F59663078A517293 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_7fc4a46e1244c8b6\wininet.dll
[2010/12/21 07:38:22 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=78B9ADA2BC8946AF7B17678E0D07A773 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll
[2013/05/17 03:34:23 | 002,248,704 | ---- | M] (Microsoft Corporation) MD5=7E43B93C0E9C138AC1008F646B06E919 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_68dd90142bfffaf1\wininet.dll
[2013/02/28 15:57:26 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=7EA5274E1688339A72C152438F5BBE80 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18094_none_7a72a07e2fb59c0a\wininet.dll
[2013/02/28 17:59:19 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=84DFC6513C2472230E2940B7B12FB21D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22258_none_1f0ce4839051bd5d\wininet.dll
[2013/02/28 15:37:29 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=989937C1C1333EE55CC2982340CB1DBA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18094_none_1e5404fa77582ad4\wininet.dll
[2013/06/12 01:43:37 | 001,767,936 | ---- | M] (Microsoft Corporation) MD5=9BF7C7654EFD098EE3A27B49492A382A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_2399c6cc59f0da3f\wininet.dll
[2013/07/26 07:13:37 | 002,241,024 | ---- | M] (Microsoft Corporation) MD5=AC155DD9BD1E6D3B740826A4D1C68AAE -- C:\Windows\SysNative\wininet.dll
[2013/07/26 07:13:37 | 002,241,024 | ---- | M] (Microsoft Corporation) MD5=AC155DD9BD1E6D3B740826A4D1C68AAE -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_7fbbd516124b1755\wininet.dll
[2009/07/14 03:41:56 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=B1037F0131C9A010D611F6914E03CD92 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll
[2013/02/25 01:26:06 | 001,775,616 | ---- | M] (Microsoft Corporation) MD5=B9A72493B83C77E78FE6213F4B01DB5D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20644_none_0ccd3742739739aa\wininet.dll
[2013/04/05 17:04:32 | 001,766,912 | ---- | M] (Microsoft Corporation) MD5=BA15504FA59A8DC304F1CBAEBA6252A1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16521_none_23a3f18e59e93e73\wininet.dll
[2013/02/28 18:16:46 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=CC60CC36EF22880D349988211965C892 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.17256_none_1c9ae8387a0f81d2\wininet.dll
[2013/02/21 12:30:16 | 001,766,912 | ---- | M] (Microsoft Corporation) MD5=CFE0CEE587F9CEA4C29DEEC6D85FC91C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_23a608ea59e75780\wininet.dll
[2013/02/28 19:21:19 | 000,982,528 | ---- | M] (Microsoft Corporation) MD5=D7E39ACC14994BDD3E10E0F2D7C72ED2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21471_none_1d09e59f9341d7f2\wininet.dll
[2013/07/26 05:13:24 | 001,767,936 | ---- | M] (Microsoft Corporation) MD5=DAA3903F06116AE9EE7AC1D1B93684A4 -- C:\Windows\SysWOW64\wininet.dll
[2013/07/26 05:13:24 | 001,767,936 | ---- | M] (Microsoft Corporation) MD5=DAA3903F06116AE9EE7AC1D1B93684A4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_239d399259eda61f\wininet.dll
[2013/07/26 05:10:53 | 001,777,664 | ---- | M] (Microsoft Corporation) MD5=DE581A5E0E70BB63898F8776EB274428 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_0cc40cca739deecd\wininet.dll
[2010/12/21 08:16:14 | 001,197,056 | ---- | M] (Microsoft Corporation) MD5=E71DB117DBDA6B33646F37936C17D226 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_78d712e832572b52\wininet.dll
[2013/02/28 19:29:13 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=F694EF252671B85B7CA964BD6153F871 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21471_none_792881234b9f4928\wininet.dll
[2010/11/20 15:27:28 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=F6C5302E1F4813D552F41A0AC82455E5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[2013/04/02 00:08:25 | 001,392,128 | ---- | M] (Microsoft Corporation) MD5=FA274190682AA41A46B285208ED46A74 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16470_none_765021d974a046ef\wininet.dll
[2013/06/12 01:26:20 | 002,241,024 | ---- | M] (Microsoft Corporation) MD5=FAF6EC2460AD5FBBD38D8E1AE28B0D77 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_7fb86250124e4b75\wininet.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/20 15:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr entControlSet\Control\Session Manager\SubSystems /s >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\FirewallAPI.dll
[2013/07/26 05:11:59 | 013,761,024 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\ *.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\* .sav >[/color]

[color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color]
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I08CFES.JPG
[2013/09/04 21:16:19 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I0CQFKV.jpg
[2013/08/02 04:56:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I0HZC5O.JPG
[2013/08/06 22:48:24 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I0NQY0F.JPG
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I0ZLS1Z.JPG
[2013/08/16 10:02:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I1IRHI0.JPG
[2013/08/03 16:43:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I1MY3K8
[2013/08/06 22:28:07 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I1XQALV.MOV
[2013/08/02 04:58:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I2C13JY.JPG
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3227QM.JPG
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3NTIKG.JPG
[2013/08/13 18:41:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3RJVHV.JPG
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3SJ5MH.JPG
[2013/09/04 21:08:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3ULWY2.exe
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I3UM1IA.JPG
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I459R8Y.JPG
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I45RCIA.JPG
[2013/08/13 18:42:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I4BONOP.JPG
[2013/08/06 22:29:41 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I4HIQ9F.MOV
[2013/08/13 18:41:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I4L6WNS.JPG
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I4TA32W.JPG
[2013/08/13 18:39:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I53T3L3.avi
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I57IF01.PNG
[2013/08/02 05:30:17 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I581XIN
[2013/08/13 18:43:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I5JUFLX.JPG
[2013/08/06 22:25:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I5L7UWI.MOV
[2013/08/02 05:30:07 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I5Y5PDM.MOV
[2013/08/06 22:32:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I5YKP1W.MOV
[2013/08/06 22:23:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I690ID8.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6AGIGQ.docx
[2013/08/02 05:26:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6AILQZ.pdf
[2013/08/06 23:01:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6DV0QK.MOV
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6G5OGK.JPG
[2013/08/02 05:28:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6TA6U1.jpg
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I6URFN8.docx
[2013/08/02 05:04:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7BHZI8.JPG
[2013/09/04 21:17:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7CSSDY.htm
[2013/08/02 05:27:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7KVGS0.jpg
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7L5M5L.jpeg
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7OOR29.docx
[2013/09/04 21:16:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7U7N0F.png
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I7WB7Y0.JPG
[2013/08/13 18:41:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I83CDV7.JPG
[2013/08/06 22:30:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I914ZDY.JPG
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I9GMBQU.zip
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I9JO3FB.docx
[2013/08/02 04:56:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I9OTTMM.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$I9XJNG5.docx
[2013/08/02 04:55:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IA3L2QL.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IAC5WB5.docx
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IAELINX.JPG
[2013/08/02 04:56:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IAEWDCF.JPG
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IAYUE78.PNG
[2013/08/13 18:39:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IAZ897A.avi
[2013/08/02 05:27:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBDQBOY.docx
[2013/08/02 04:55:53 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBGYSLC.JPG
[2013/08/06 22:59:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBJ1SC4.MOV
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBPZVKO.JPG
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBSM47B.JPG
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBVO1EF.JPG
[2013/08/02 05:27:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IBXI757.jpg
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IC034F0.zip
[2013/09/04 21:08:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IC9SNBH.exe
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ICQC7ZF.docx
[2013/08/06 22:35:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ICSU87W.JPG
[2013/08/13 18:45:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IDEKTW7.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IDN46GJ.pdf
[2013/08/06 22:23:44 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IDQSN3X.JPG
[2013/08/02 05:27:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IDRU7IM.jpg
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IET3036.doc
[2013/08/13 18:41:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IEU0OKY.JPG
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IEYLPI7.JPG
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IF0HE4C.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IF2Z1WY.exe
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IFOKJ72.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IFRF87Q.docx
[2013/08/06 23:02:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IFRWDMU.MOV
[2013/08/06 22:32:12 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IG85JY1.JPG
[2013/09/04 21:16:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IGSVJ3I
[2013/08/06 22:24:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IGWEP27.JPG
[2013/08/06 22:29:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IH759G2.MOV
[2013/09/04 21:08:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IHK1IRG.exe
[2013/09/04 21:16:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$II0O848.docx
[2013/08/02 05:27:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$II49NHV.doc
[2013/08/06 22:28:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IIMKP2R.MOV
[2013/08/06 23:11:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IINJI4L.JPG
[2013/08/06 22:36:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IJ2CAMX.JPG
[2013/09/04 21:08:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IJ3WO2U.exe
[2013/08/06 22:49:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IJHWB0J.JPG
[2013/08/02 04:56:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IJZ4QH9.JPG
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IK0WFDD.JPG
[2013/08/02 05:27:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IKGUC1T.zip
[2013/08/02 04:58:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IKK529S.JPG
[2013/08/06 22:36:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IL5ZJRW.JPG
[2013/09/04 21:16:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IL8I2IO.lnk
[2013/08/14 05:31:46 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ILDYLLZ.JPG
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ILMF2R1.JPG
[2013/08/06 22:35:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ILQMJET.JPG
[2013/08/02 04:55:43 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ILYUMT5.JPG
[2013/08/06 22:30:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ILZBF8O.MOV
[2013/08/02 04:53:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IM2OGG2
[2013/08/13 18:41:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IM399KQ.JPG
[2013/08/06 22:20:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IM9V7UB.JPG
[2013/08/13 18:43:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IMAC2JA.JPG
[2013/08/13 18:42:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IMAYH2H.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IN2PJ3F.zip
[2013/09/04 21:16:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IN61QIA.docx
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$INNVOWH.JPG
[2013/08/06 22:35:58 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$INZAFBM.JPG
[2013/09/04 21:26:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IO196J5.exe
[2013/08/06 22:48:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IOBS04G.JPG
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IODK8Y3.JPG
[2013/08/13 18:39:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IOGLQH4.avi
[2013/08/02 04:58:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IOKF0U1.JPG
[2013/09/04 21:17:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IP3CCKD.docx
[2013/09/04 21:16:32 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IPSLUCJ.JPG
[2013/08/06 22:30:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IQ1AQVK.MOV
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IQDVZEY.JPG
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IQHQ2CR.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IQV045E.pdf
[2013/08/06 22:30:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IR4EX11.MOV
[2013/08/02 05:26:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IRSYB9G.pdf
[2013/08/06 22:48:18 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IS6YUJZ.JPG
[2013/08/06 22:49:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IS9AUP9.JPG
[2013/08/07 00:55:51 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IS9VGNW
[2013/08/06 22:49:13 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ISFEQ3K.JPG
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ISTJ68F.docx
[2013/08/06 22:29:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IT7R3IU.MOV
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IT9DMTA.pdf
[2013/09/04 21:17:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IT9SXP1
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ITBEPNY.docx
[2013/08/06 22:36:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ITMWWHM.JPG
[2013/08/06 22:36:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ITO24FT.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ITZDQBW.docx
[2013/08/02 05:27:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IUFG9GP.pdf
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IV1JJ20.docm
[2013/08/13 18:45:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IVKZ9Z1.JPG
[2013/08/02 05:27:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IVWFZRT.zip
[2013/08/02 05:27:33 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IWAV146.docx
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IWDVX77.JPG
[2013/09/04 21:16:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IWF7O7X.jpeg
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IWG6YF9.pdf
[2013/08/13 18:45:07 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IWPBKKQ.JPG
[2013/08/02 04:55:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IX1P5M8.JPG
[2013/08/06 22:48:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IXI7XOC.JPG
[2013/09/04 19:38:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IXYG1GR.exe
[2013/08/02 05:26:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IY28ATJ.zip
[2013/08/06 22:23:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IYAE7AC.JPG
[2013/08/02 04:55:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IYZ23S2.JPG
[2013/08/06 22:23:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IZ05MVL.JPG
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IZ6082X.pptx
[2013/08/02 05:27:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IZA2NXK.zip
[2013/08/14 05:31:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IZIFDW8.docx
[2013/08/13 18:42:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$IZR49PS.JPG
[2013/08/13 05:38:07 | 000,044,465 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R08CFES.JPG
[2013/08/14 03:48:49 | 000,021,066 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R0CQFKV.jpg
[2012/07/25 14:48:56 | 003,442,006 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R0HZC5O.JPG
[2013/08/09 19:51:47 | 000,081,349 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R0NQY0F.JPG
[2013/08/15 08:15:46 | 000,069,306 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R0ZLS1Z.JPG
[2013/08/16 22:33:21 | 000,069,417 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R1IRHI0.JPG
[2013/08/12 02:44:16 | 329,739,459 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R1XQALV.MOV
[2012/07/31 14:07:54 | 003,186,127 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R2C13JY.JPG
[2013/08/06 22:21:03 | 001,082,158 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3227QM.JPG
[2012/07/25 14:19:54 | 003,293,637 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3NTIKG.JPG
[2013/08/11 06:23:34 | 003,438,674 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3RJVHV.JPG
[2012/07/25 14:20:08 | 003,320,951 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3SJ5MH.JPG
[2013/09/04 21:06:07 | 000,640,192 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3ULWY2.exe
[2013/08/15 20:42:13 | 000,086,098 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R3UM1IA.JPG
[2013/08/15 08:15:48 | 000,077,913 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R459R8Y.JPG
[2013/08/06 22:21:15 | 001,047,630 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R45RCIA.JPG
[2013/08/13 05:37:55 | 000,045,683 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R4BONOP.JPG
[2013/08/12 04:05:21 | 002,345,776 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R4HIQ9F.MOV
[2013/08/11 06:23:06 | 003,433,011 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R4L6WNS.JPG
[2013/08/12 15:19:30 | 000,071,060 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R4TA32W.JPG
[2013/08/13 09:22:24 | 736,309,248 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R53T3L3.avi
[2013/08/12 20:51:08 | 000,050,718 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R57IF01.PNG
[2013/08/13 00:48:06 | 002,601,898 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R5JUFLX.JPG
[2013/07/28 19:48:03 | 018,156,185 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R5L7UWI.MOV
[2012/07/29 12:39:18 | 002,117,462 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R5Y5PDM.MOV
[2013/08/12 08:05:30 | 071,336,302 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R5YKP1W.MOV
[2013/08/12 04:02:23 | 000,847,751 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R690ID8.JPG
[2013/06/05 11:31:17 | 000,014,874 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6AGIGQ.docx
[2013/06/04 19:03:21 | 000,121,744 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6AILQZ.pdf
[2013/08/12 01:22:41 | 001,500,187 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6DV0QK.MOV
[2013/08/16 22:33:33 | 000,076,051 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6G5OGK.JPG
[2013/07/26 06:11:52 | 000,098,628 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6TA6U1.jpg
[2013/05/31 20:25:25 | 000,096,221 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R6URFN8.docx
[2012/07/31 13:41:02 | 003,562,293 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7BHZI8.JPG
[2013/07/07 12:30:47 | 000,066,744 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7CSSDY.htm
[2013/07/04 11:13:33 | 000,126,384 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7KVGS0.jpg
[2013/07/04 01:39:30 | 000,343,976 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7L5M5L.jpeg
[2013/05/27 20:31:07 | 000,228,656 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7OOR29.docx
[2013/08/09 23:00:07 | 000,832,783 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7U7N0F.png
[2013/08/06 22:21:13 | 001,157,255 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R7WB7Y0.JPG
[2013/08/11 06:23:02 | 003,475,993 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R83CDV7.JPG
[2013/08/12 07:41:14 | 000,081,549 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R914ZDY.JPG
[2013/07/21 03:13:52 | 000,024,670 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R9GMBQU.zip
[2013/06/04 18:22:42 | 000,033,966 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R9JO3FB.docx
[2012/07/25 14:26:38 | 003,307,804 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R9OTTMM.JPG
[2013/05/28 18:10:48 | 000,014,245 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$R9XJNG5.docx
[2012/07/25 14:23:12 | 003,373,605 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RA3L2QL.JPG
[2013/05/27 20:00:19 | 000,115,857 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RAC5WB5.docx
[2013/08/16 22:33:29 | 000,077,074 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RAELINX.JPG
[2012/07/25 14:46:54 | 003,125,466 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RAEWDCF.JPG
[2013/08/12 20:51:13 | 000,833,471 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RAYUE78.PNG
[2010/12/19 14:45:20 | 930,501,494 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RAZ897A.avi
[2013/06/03 17:06:35 | 000,017,101 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBDQBOY.docx
[2012/07/25 14:23:26 | 003,481,990 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBGYSLC.JPG
[2013/08/12 00:37:44 | 024,273,450 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBJ1SC4.MOV
[2013/08/16 21:08:27 | 000,080,576 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBPZVKO.JPG
[2013/08/06 22:21:09 | 000,999,989 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBSM47B.JPG
[2013/08/06 22:21:18 | 001,777,708 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBVO1EF.JPG
[2013/07/04 11:15:14 | 000,113,050 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RBXI757.jpg
[2013/07/21 06:02:38 | 000,040,711 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RC034F0.zip
[2013/09/04 19:36:37 | 001,101,224 | ---- | M] (Conduit) -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RC9SNBH.exe
[2013/06/05 14:11:43 | 000,032,660 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RCQC7ZF.docx
[2013/08/04 08:14:31 | 000,084,002 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RCSU87W.JPG
[2012/08/11 15:16:30 | 003,481,174 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RDEKTW7.JPG
[2013/07/09 23:41:44 | 000,297,537 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RDN46GJ.pdf
[2013/08/12 01:35:22 | 001,437,567 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RDQSN3X.JPG
[2013/07/26 05:20:46 | 000,107,147 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RDRU7IM.jpg
[2013/06/05 01:50:35 | 000,183,296 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RET3036.doc
[2012/08/11 15:16:46 | 003,400,020 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$REU0OKY.JPG
[2013/08/06 22:21:11 | 001,005,101 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$REYLPI7.JPG
[2013/08/16 22:33:23 | 000,065,762 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RF0HE4C.JPG
[2013/07/04 21:35:05 | 030,646,376 | ---- | M] (Skype Technologies S.A.) -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RF2Z1WY.exe
[2013/08/15 08:15:50 | 000,085,530 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RFOKJ72.JPG
[2013/06/04 17:57:51 | 000,014,874 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RFRF87Q.docx
[2013/08/12 01:23:12 | 002,350,688 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RFRWDMU.MOV
[2013/08/12 07:41:07 | 000,058,770 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RG85JY1.JPG
[2013/08/12 04:07:30 | 001,544,424 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RGWEP27.JPG
[2013/08/12 04:06:19 | 001,845,110 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RH759G2.MOV
[2013/09/04 19:46:10 | 005,832,144 | ---- | M] (TeamViewer GmbH) -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RHK1IRG.exe
[2013/06/03 20:05:03 | 000,016,724 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RI0O848.docx
[2013/05/29 15:52:09 | 000,066,048 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RI49NHV.doc
[2013/08/12 04:01:57 | 013,900,686 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RIMKP2R.MOV
[2013/08/06 22:21:05 | 001,020,137 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RINJI4L.JPG
[2013/08/07 01:42:34 | 000,030,538 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RJ2CAMX.JPG
[2013/09/04 19:41:59 | 001,101,224 | ---- | M] (Conduit) -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RJ3WO2U.exe
[2013/08/11 23:02:51 | 000,059,546 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RJHWB0J.JPG
[2012/07/25 14:44:32 | 003,432,762 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RJZ4QH9.JPG
[2012/07/25 14:20:32 | 003,469,253 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RK0WFDD.JPG
[2013/05/31 12:02:31 | 003,429,445 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RKGUC1T.zip
[2012/07/31 14:07:10 | 003,378,383 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RKK529S.JPG
[2013/08/07 16:38:28 | 000,083,203 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RL5ZJRW.JPG
[2013/09/02 18:32:57 | 000,001,966 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RL8I2IO.lnk
[2013/08/13 18:09:39 | 000,130,220 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RLDYLLZ.JPG
[2013/08/15 23:42:53 | 000,072,441 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RLMF2R1.JPG
[2013/07/31 14:36:51 | 000,055,741 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RLQMJET.JPG
[2012/07/25 13:54:34 | 003,246,404 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RLYUMT5.JPG
[2013/08/12 04:43:26 | 005,728,862 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RLZBF8O.MOV
[2013/08/11 06:23:38 | 003,577,766 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM399KQ.JPG
[2012/08/06 15:19:24 | 003,412,610 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM9V7UB.JPG
[2013/08/12 23:40:06 | 000,057,524 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RMAC2JA.JPG
[2013/08/16 22:18:17 | 000,094,469 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RMAYH2H.JPG
[2013/06/01 00:02:58 | 000,036,709 | R--- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RN2PJ3F.zip
[2013/06/04 18:22:32 | 000,026,146 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RN61QIA.docx
[2013/08/15 08:15:52 | 000,053,591 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RNNVOWH.JPG
[2013/07/31 22:15:33 | 000,048,280 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RNZAFBM.JPG
[2013/09/04 21:22:49 | 000,640,192 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RO196J5.exe
[2013/08/08 18:16:38 | 000,069,469 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ROBS04G.JPG
[2013/08/15 20:42:06 | 000,073,528 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RODK8Y3.JPG
[2010/12/19 14:46:34 | 733,729,166 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ROGLQH4.avi
[2012/07/31 13:56:40 | 003,211,685 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$ROKF0U1.JPG
[2013/06/03 16:42:31 | 000,016,200 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RP3CCKD.docx
[2013/08/14 06:27:41 | 000,110,447 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RPSLUCJ.JPG
[2013/08/12 04:43:18 | 004,934,430 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RQ1AQVK.MOV
[2013/08/15 08:15:51 | 000,080,159 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RQDVZEY.JPG
[2012/07/25 14:20:26 | 003,425,254 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RQHQ2CR.JPG
[2013/05/27 20:36:13 | 000,590,122 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RQV045E.pdf
[2013/08/12 04:07:17 | 002,727,471 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RR4EX11.MOV
[2013/06/04 19:01:24 | 000,067,467 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RRSYB9G.pdf
[2013/08/08 14:42:29 | 000,068,576 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RS6YUJZ.JPG
[2013/08/11 23:02:45 | 000,068,971 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RS9AUP9.JPG
[2013/08/11 16:36:58 | 000,077,221 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RSFEQ3K.JPG
[2013/06/04 16:34:39 | 000,013,833 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RSTJ68F.docx
[2013/08/12 04:06:13 | 002,106,602 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT7R3IU.MOV
[2013/06/03 13:57:54 | 000,071,026 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9DMTA.pdf
[2013/05/31 16:40:51 | 000,016,147 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RTBEPNY.docx
[2013/08/07 16:38:38 | 000,049,883 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RTMWWHM.JPG
[2013/08/07 16:38:45 | 000,063,135 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RTO24FT.JPG
[2013/05/27 20:28:38 | 000,230,550 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RTZDQBW.docx
[2013/07/09 23:47:17 | 000,262,601 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RUFG9GP.pdf
[2013/06/05 01:49:42 | 000,121,858 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RV1JJ20.docm
[2012/08/12 23:01:18 | 003,587,520 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RVKZ9Z1.JPG
[2013/07/21 05:58:07 | 000,049,126 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RVWFZRT.zip
[2013/06/03 16:42:15 | 000,016,202 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RWAV146.docx
[2012/07/25 14:20:40 | 003,314,904 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RWDVX77.JPG
[2013/07/04 00:32:04 | 000,343,976 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RWF7O7X.jpeg
[2013/06/01 17:17:36 | 000,590,122 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RWG6YF9.pdf
[2012/08/12 23:01:08 | 003,547,031 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RWPBKKQ.JPG
[2012/07/25 14:20:00 | 003,286,071 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RX1P5M8.JPG
[2013/08/11 01:07:17 | 000,030,098 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RXI7XOC.JPG
[2013/09/04 19:32:10 | 000,640,192 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RXYG1GR.exe
[2013/07/09 23:45:26 | 000,341,428 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RY28ATJ.zip
[2013/08/12 03:12:18 | 001,591,499 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RYAE7AC.JPG
[2012/07/25 12:37:10 | 003,554,914 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RYZ23S2.JPG
[2013/08/12 04:02:21 | 000,872,452 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RZ05MVL.JPG
[2013/05/31 12:25:00 | 000,341,658 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RZ6082X.pptx
[2013/06/01 00:08:54 | 000,038,029 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RZA2NXK.zip
[2013/05/18 23:50:55 | 000,011,095 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RZIFDW8.docx
[2013/08/14 00:49:57 | 000,059,185 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RZR49PS.JPG
[2013/04/01 20:05:20 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\desktop.ini
[2012/07/25 12:31:54 | 003,290,343 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0307.JPG
[2012/07/25 12:34:12 | 003,574,854 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0312.JPG
[2012/07/25 12:35:20 | 003,412,408 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0314.JPG
[2012/07/25 12:35:46 | 003,431,626 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0316.JPG
[2012/07/25 12:35:54 | 003,531,637 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0317.JPG
[2012/07/25 12:36:44 | 003,223,087 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0319.JPG
[2012/07/25 12:44:36 | 003,556,241 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0324.JPG
[2012/07/25 12:57:16 | 003,514,773 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0328.JPG
[2012/07/25 13:06:18 | 003,550,669 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0329.JPG
[2012/07/25 13:06:28 | 003,485,549 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0330.JPG
[2013/07/26 04:07:35 | 003,490,350 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0332.JPG
[2012/07/25 13:43:04 | 003,734,398 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0335.JPG
[2012/07/25 13:54:02 | 003,569,844 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0338.JPG
[2012/07/25 13:54:10 | 003,577,359 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0339.JPG
[2012/07/25 13:54:28 | 003,212,889 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0340.JPG
[2012/07/25 14:02:28 | 003,423,928 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0344.JPG
[2012/07/25 14:44:42 | 003,453,912 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0362.JPG
[2013/07/26 04:09:05 | 003,340,901 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0364.JPG
[2012/07/26 14:15:56 | 003,498,085 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\DSCN0369.JPG
[2013/07/24 01:22:57 | 001,183,984 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\IMG_1482.PNG
[2013/07/24 01:23:14 | 001,058,831 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\IMG_1484.PNG
[2013/07/24 01:23:19 | 001,427,454 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\IMG_1485.PNG
[2013/07/25 04:29:06 | 001,973,935 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RM2OGG2\IMG_1487.JPG
[2013/07/07 12:30:46 | 000,026,985 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\antiquus(1).css
[2013/07/07 12:30:46 | 000,026,985 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\antiquus.css
[2013/07/07 12:30:46 | 000,000,000 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\cssstyles.css
[2013/07/07 12:30:47 | 000,002,064 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\griserBouton.js
[2013/07/07 12:30:47 | 000,000,043 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\hit.xiti
[2013/07/07 12:30:47 | 000,012,250 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\infosbulle.js
[2013/07/07 12:30:47 | 000,055,777 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\jquery.js
[2013/07/07 12:30:47 | 000,001,255 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\logo2.gif
[2013/07/07 12:30:47 | 000,014,834 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\outils.js
[2013/07/07 12:30:47 | 000,000,892 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\prisesFWK.js
[2013/07/07 12:30:47 | 000,002,812 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\stb.css
[2013/07/07 12:30:47 | 000,085,779 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\styles(1).css
[2013/07/07 12:30:47 | 000,014,993 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\styles-mod(1).css
[2013/07/07 12:30:47 | 000,014,979 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\styles-mod.css
[2013/07/07 12:30:46 | 000,085,221 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\styles.css
[2013/07/07 12:30:47 | 000,006,643 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\swfobject.js
[2013/07/07 12:30:47 | 000,003,162 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3175689593-1757370015-2507592337-1000\$RT9SXP1\wai.js
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,594 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/04/01 23:09:44 | 000,001,026 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3175689593-1757370015-2507592337-1000Core.job
[2013/04/01 23:09:45 | 000,001,078 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3175689593-1757370015-2507592337-1000UA.job
[2013/05/23 20:21:17 | 000,001,062 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/23 20:21:18 | 000,001,066 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< End of report >

Publicité


Signaler le contenu de ce document

Publicité