cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 9/10/2015 9:53:38 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.59 Gb Total Space | 160.31 Gb Free Space | 71.06% Space Free | Partition Type: NTFS
Drive H: | 7.29 Gb Total Space | 0.94 Gb Free Space | 12.87% Space Free | Partition Type: NTFS
Drive I: | 124.72 Mb Total Space | 81.11 Mb Free Space | 65.04% Space Free | Partition Type: FAT
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2015/08/07 03:46:05 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/06/25 14:09:34 | 000,327,296 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015/06/18 02:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/06/18 02:39:46 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2015/03/31 10:21:22 | 001,308,464 | ---- | M] (Bitdefender) [Auto] -- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe -- (VSSERV)
SRV - [2014/12/09 13:36:47 | 000,069,880 | ---- | M] (Bitdefender) [On_Demand] -- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe -- (BdDesktopParental)
SRV - [2014/12/03 02:31:24 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/10/27 14:59:19 | 000,054,424 | ---- | M] (Bitdefender) [Auto] -- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe -- (UPDATESRV)
SRV - [2014/08/07 10:52:54 | 002,216,752 | ---- | M] (Raxco Software, Inc.) [Auto] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV - [2014/08/07 10:52:50 | 002,246,448 | ---- | M] (Raxco Software, Inc.) [Auto] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV - [2013/12/18 19:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/07/08 10:52:34 | 000,081,704 | ---- | M] (Bitdefender) [Disabled] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV - [2011/02/01 02:29:14 | 000,081,920 | ---- | M] (Firebird Project) [Auto] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2011/02/01 02:29:08 | 002,764,800 | ---- | M] (Firebird Project) [On_Demand] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2008/01/18 17:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2015/09/10 12:54:41 | 000,098,520 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2015/06/18 02:41:50 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2015/06/18 02:41:36 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2015/03/31 10:22:08 | 000,172,936 | ---- | M] (BitDefender LLC) [File_System | Boot] -- C:\WINDOWS\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2015/02/24 12:00:36 | 000,077,632 | ---- | M] (BitDefender LLC) [Kernel | System] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV - [2015/02/24 12:00:29 | 000,066,832 | ---- | M] (BitDefender SRL) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\bdsandbox.sys -- (BDSandBox)
DRV - [2015/02/24 12:00:28 | 000,548,336 | ---- | M] (BitDefender) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\avckf.sys -- (avckf)
DRV - [2015/02/24 11:59:55 | 001,083,448 | ---- | M] (BitDefender) [File_System | Boot] -- C:\WINDOWS\System32\drivers\avc3.sys -- (avc3)
DRV - [2015/02/24 11:59:51 | 000,243,456 | ---- | M] (BitDefender) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\avchv.sys -- (avchv)
DRV - [2014/10/15 11:14:09 | 000,408,280 | ---- | M] (BitDefender S.R.L.) [File_System | Auto] -- C:\WINDOWS\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/09/05 13:22:51 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2013/07/26 05:53:51 | 000,135,600 | ---- | M] (BitDefender LLC) [Kernel | System] -- C:\Program Files\Bitdefender\Bitdefender 2015\bdselfpr.sys -- (bdselfpr)
DRV - [2012/09/21 15:09:06 | 004,261,224 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C525(UVC)
DRV - [2012/09/21 15:09:00 | 000,310,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2012/09/21 15:08:48 | 000,019,688 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2012/09/11 10:24:06 | 000,104,088 | ---- | M] (Raxco Software, Inc.) [File_System | Auto] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2012/08/23 12:56:24 | 000,069,016 | R--- | M] (Raxco Software, Inc.) [File_System | Auto] -- C:\WINDOWS\System32\drivers\PDFsFilter.sys -- (PDFSFilter)
DRV - [2012/04/17 09:40:22 | 000,072,704 | ---- | M] (BitDefender) [Kernel | System] -- C:\WINDOWS\System32\drivers\bdvedisk.sys -- (BDVEDISK)
DRV - [2012/02/07 12:41:38 | 000,131,432 | ---- | M] (BitDefender LLC) [Kernel | System] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys -- (bdftdif)
DRV - [2009/12/30 05:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2007/07/09 20:35:38 | 002,769,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/07/02 13:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/05/03 14:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\nicole_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\nicole_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.countryCode: "FR"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "FR"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "about:home"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32_18_0_0_203.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files\Nuance\Power PDF\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\nicole\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bdwteff@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff\ [2015/09/08 15:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015/01/12 10:08:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015/09/08 15:33:04 | 000,000,000 | ---D | M]

[2013/12/17 10:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nicole\AppData\Roaming\Mozilla\Extensions
[2015/09/04 14:50:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nicole\AppData\Roaming\Mozilla\Firefox\Profiles\fv4xupyx.default\extensions
File not found (No name found) --
[2015/01/12 10:08:15 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES\ADOBE\ACROBAT 11.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2015/03/04 09:29:52 | 000,000,000 | ---D | M] (Nuance PDF Convert) -- C:\PROGRAM FILES\NUANCE\POWER PDF\FIREFOX
() (No name found) -- C:\USERS\NICOLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FV4XUPYX.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
[2013/09/06 03:11:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

O1 HOSTS File: ([2013/12/27 01:43:08 | 000,000,089 | RHS- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Nuance PDF Toolbar Helper) - {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files\Nuance\Power PDF\bin\SZeonIEFavClient.dll (Zeon Corporation)
O2 - BHO: (PlusIEEventHelper Class) - {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files\Nuance\Power PDF\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Nuance PDF) - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files\Nuance\Power PDF\bin\SZeonIEFavClient.dll (Zeon Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\nicole_ON_C\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\nicole_ON_C..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe (Bitdefender)
O4 - HKU\nicole_ON_C..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\nicole_ON_C..\Run: [Facebook Update] C:\Users\nicole\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\nicole_ON_C\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\nicole_ON_C\Software\Policies\Microsoft\Internet Explorer\Feeds present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Feed Discovery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Feeds present
O8 - Extra context menu item: Ouvrir avec l'Assistant Convert - C:\Program Files\Nuance\Power PDF\cnvres_fre.dll (Nuance Communications, Inc.)
O8 - Extra context menu item: Ouvrir avec Power PDF - C:\Program Files\Nuance\Power PDF\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/03 12:47:48 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/05/17 23:22:20 | 000,000,000 | R-SD | M] - H:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
PhysicalDisk0 MBR saved to C:\Physical0MBR.bin

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]Acrobat Assistant 8.0[/b] - hkey= - key= - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]HP Health Check Scheduler[/b] - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: [b]hpsysdrv[/b] - hkey= - key= - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: [b]ISUSPM[/b] - hkey= - key= - C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.)
MsConfig - StartUpReg: [b]Nuance Power PDF Advanced-reminder[/b] - hkey= - key= - C:\Program Files\Nuance\Power PDF\Ereg\Ereg.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: [b]NuanPowerPdf1NPDFLM[/b] - hkey= - key= - C:\Program Files\Nuance\Power PDF\NPDFLM.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: [b]PowerPDF Registry Controller[/b] - hkey= - key= - C:\Program Files\Nuance\Power PDF\RegistryController.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: [b]PowerPDFInboxMonitor[/b] - hkey= - key= - C:\Program Files\Nuance\Power PDF\InboxMonitor.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: [b]SunJavaUpdateReg[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Windows Defender[/b] - hkey= - key= - File not found

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3911CF56-9EF2-39BA-846A-C27BD3CD0685} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acmp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2015/09/10 06:20:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2015/09/10 06:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2015/09/09 14:02:20 | 000,000,000 | ---D | C] -- C:\Users\nicole\AppData\Roaming\Bitdefender
[2015/09/07 01:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner(52)
[2015/09/07 01:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner(4)
[2015/09/07 01:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro(53)
[2015/09/07 01:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group(44)
[2015/08/28 04:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(41)
[2015/08/24 01:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Skype(43)
[2015/08/14 02:04:17 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/08/14 02:04:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmmsp.dll
[2015/08/14 02:04:13 | 003,605,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/08/14 02:04:11 | 003,553,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/08/14 02:02:22 | 000,103,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015/08/13 03:19:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/08/13 03:19:10 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/08/13 03:19:10 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2015/08/13 03:19:10 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/08/13 03:19:10 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/08/13 03:19:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/08/13 03:19:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/08/13 03:19:07 | 000,718,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2015/08/13 03:19:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/08/13 03:19:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/08/13 03:19:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/08/13 03:19:00 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/08/13 03:18:59 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/08/13 03:18:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/08/13 03:18:57 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/08/13 02:27:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2015/08/13 02:24:07 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015/08/13 02:24:07 | 000,682,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2015/08/13 02:24:07 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2015/08/13 02:24:07 | 000,297,472 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015/08/13 02:24:07 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2015/08/13 02:24:07 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2015/08/13 02:24:07 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2015/08/13 02:24:07 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015/08/13 02:24:06 | 002,066,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/08/13 02:24:06 | 001,072,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/08/13 02:24:06 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2015/09/10 21:54:24 | 000,000,512 | ---- | M] () -- C:\Physical0MBR.bin
[2015/09/10 12:54:41 | 000,098,520 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2015/09/10 12:54:30 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/09/10 12:54:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/09/10 12:54:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/09/10 12:54:16 | 3219,628,032 | -HS- | M] () -- C:\hiberfil.sys
[2015/09/10 06:20:19 | 000,001,954 | ---- | M] () -- C:\Users\nicole\Desktop\Tweaking.com - Windows Repair.lnk
[2015/09/10 06:20:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2015/09/10 06:16:12 | 000,707,680 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2015/09/10 06:16:12 | 000,629,712 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/09/10 06:16:12 | 000,141,096 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2015/09/10 06:16:12 | 000,115,278 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/09/09 13:43:51 | 000,000,739 | ---- | M] () -- C:\Users\nicole\Desktop\ZHPCleaner.lnk
[2015/09/09 13:38:24 | 001,951,232 | ---- | M] () -- C:\Users\nicole\Desktop\ZHPCleaner.exe
[2015/09/08 15:34:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2015/09/08 15:33:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2015/09/08 15:33:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015/09/08 15:33:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
[2015/09/08 13:51:08 | 000,067,562 | ---- | M] () -- C:\Users\nicole\Documents\Picture 113.jpg
[2015/09/08 09:40:55 | 000,001,356 | ---- | M] () -- C:\Users\nicole\AppData\Local\d3d9caps.dat
[2015/09/08 08:53:21 | 000,093,461 | ---- | M] () -- C:\Users\nicole\Documents\DSC01137.JPG
[2015/09/08 08:49:10 | 000,082,615 | ---- | M] () -- C:\Users\nicole\Documents\DSC01140.JPG
[2015/09/08 08:47:42 | 000,068,246 | ---- | M] () -- C:\Users\nicole\Documents\DSC01143.JPG
[2015/09/08 03:01:20 | 000,908,807 | ---- | M] () -- C:\Users\nicole\Documents\DSC01142.JPG
[2015/09/08 01:56:43 | 000,260,901 | ---- | M] () -- C:\ProgramData\1441691381.bdinstall.bin
[2015/09/07 10:41:30 | 001,083,357 | ---- | M] () -- C:\Users\nicole\Documents\DSC01141.JPG
[2015/09/07 10:41:14 | 000,965,965 | ---- | M] () -- C:\Users\nicole\Documents\DSC01139.JPG
[2015/09/07 10:41:02 | 000,983,774 | ---- | M] () -- C:\Users\nicole\Documents\DSC01138.JPG
[2015/09/07 10:02:51 | 000,090,051 | ---- | M] () -- C:\Users\nicole\Desktop\11921706_10153213827733022_964206540390830343_n.jpg
[2015/09/07 01:49:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner(52)
[2015/09/07 01:35:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro(53)
[2015/09/04 11:41:49 | 016,477,820 | ---- | M] () -- C:\Users\nicole\Desktop\Trynnipendant.pdf
[2015/09/04 11:41:01 | 017,987,431 | ---- | M] () -- C:\Users\nicole\Desktop\Dannependant.pdf
[2015/09/03 08:03:02 | 014,911,634 | ---- | M] () -- C:\Users\nicole\Desktop\Denicapendant.pdf
[2015/09/03 05:01:55 | 000,048,145 | ---- | M] () -- C:\Users\nicole\Documents\DSC01134.JPG
[2015/09/03 05:00:47 | 000,062,205 | ---- | M] () -- C:\Users\nicole\Documents\DSC01136.JPG
[2015/09/03 04:59:21 | 000,056,387 | ---- | M] () -- C:\Users\nicole\Documents\DSC01129.JPG
[2015/09/03 04:57:47 | 000,053,162 | ---- | M] () -- C:\Users\nicole\Documents\DSC01130.JPG
[2015/09/03 04:53:34 | 000,058,701 | ---- | M] () -- C:\Users\nicole\Documents\DSC01131.JPG
[2015/09/03 04:52:42 | 000,073,538 | ---- | M] () -- C:\Users\nicole\Documents\DSC01132.JPG
[2015/09/03 04:51:22 | 000,045,596 | ---- | M] () -- C:\Users\nicole\Documents\DSC01128.JPG
[2015/09/03 04:49:39 | 000,067,181 | ---- | M] () -- C:\Users\nicole\Documents\DSC01124.JPG
[2015/09/03 04:48:36 | 000,068,922 | ---- | M] () -- C:\Users\nicole\Documents\DSC01125.JPG
[2015/09/03 04:47:40 | 000,069,129 | ---- | M] () -- C:\Users\nicole\Documents\DSC01126.JPG
[2015/09/03 04:46:47 | 000,062,475 | ---- | M] () -- C:\Users\nicole\Documents\DSC01127.JPG
[2015/09/03 04:45:18 | 000,102,354 | ---- | M] () -- C:\Users\nicole\Documents\DSC01121.JPG
[2015/09/03 04:43:34 | 000,075,326 | ---- | M] () -- C:\Users\nicole\Documents\DSC01118.JPG
[2015/09/03 04:42:29 | 000,069,368 | ---- | M] () -- C:\Users\nicole\Documents\DSC01120.JPG
[2015/09/03 04:41:12 | 000,094,914 | ---- | M] () -- C:\Users\nicole\Documents\DSC01116.JPG
[2015/09/03 04:39:37 | 000,070,857 | ---- | M] () -- C:\Users\nicole\Documents\DSC01112.JPG
[2015/09/03 04:37:57 | 000,082,928 | ---- | M] () -- C:\Users\nicole\Documents\DSC01109.JPG
[2015/09/03 04:35:22 | 000,097,862 | ---- | M] () -- C:\Users\nicole\Documents\DSC01107.JPG
[2015/09/03 04:33:52 | 000,114,757 | ---- | M] () -- C:\Users\nicole\Documents\DSC01102.JPG
[2015/09/03 04:33:37 | 000,116,778 | ---- | M] () -- C:\Users\nicole\Documents\DSC01103.JPG
[2015/09/03 03:00:58 | 000,848,276 | ---- | M] () -- C:\Users\nicole\Documents\DSC01104.JPG
[2015/09/03 02:45:19 | 000,013,458 | ---- | M] () -- C:\Users\nicole\Desktop\tracteur.png
[2015/09/02 15:41:53 | 001,864,371 | ---- | M] () -- C:\Users\nicole\Desktop\zita - jenni e cordi.pdf
[2015/09/02 15:28:03 | 000,080,062 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150902_18_57_18_Pro.jpg
[2015/09/02 12:57:14 | 002,456,728 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150902_18_57_14_Pro.jpg
[2015/09/02 12:57:09 | 002,366,521 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150902_18_57_09_Pro.jpg
[2015/09/02 12:56:54 | 002,340,771 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150902_18_56_54_Pro.jpg
[2015/08/27 23:17:32 | 000,517,168 | ---- | M] () -- C:\Users\nicole\Desktop\Certificate.pdf
[2015/08/27 23:17:32 | 000,059,697 | ---- | M] () -- C:\Users\nicole\Desktop\attestation925FR.pdf
[2015/08/27 23:17:32 | 000,044,035 | ---- | M] () -- C:\Users\nicole\Desktop\attestation Gold Filled.pdf
[2015/08/27 23:17:32 | 000,002,535 | ---- | M] () -- C:\Users\nicole\Desktop\ATT00001
[2015/08/27 15:15:19 | 002,455,248 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150827_21_15_18_Pro.jpg
[2015/08/27 15:15:01 | 002,425,482 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150827_21_15_01_Pro.jpg
[2015/08/27 15:14:52 | 002,169,789 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150827_21_14_52_Pro.jpg
[2015/08/27 03:23:17 | 001,251,822 | ---- | M] () -- C:\Users\nicole\Desktop\Emmas_Bangle_english.pdf
[2015/08/27 03:23:17 | 001,212,991 | ---- | M] () -- C:\Users\nicole\Desktop\Frankfurter_Perlenspitze_englisch.pdf
[2015/08/27 03:23:16 | 001,089,359 | ---- | M] () -- C:\Users\nicole\Desktop\TinyButtonsenglish.pdf
[2015/08/27 03:23:15 | 000,948,506 | ---- | M] () -- C:\Users\nicole\Desktop\New_Romance_englisch.pdf
[2015/08/27 03:23:12 | 000,742,607 | ---- | M] () -- C:\Users\nicole\Desktop\Mingles_english.pdf
[2015/08/26 16:26:26 | 003,330,929 | ---- | M] () -- C:\Users\nicole\Desktop\Déco Egyptian de Colleen Ewart.pdf
[2015/08/26 16:26:24 | 002,571,697 | ---- | M] () -- C:\Users\nicole\Desktop\quadra weave d'Olga Haserodt.pdf
[2015/08/26 16:25:15 | 000,981,091 | ---- | M] () -- C:\Users\nicole\Desktop\Sabine_Lippert-_Daisies (1).pdf
[2015/08/26 08:39:06 | 003,064,931 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_14_39_05_Pro.jpg
[2015/08/26 07:06:56 | 002,909,893 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_13_06_56_Pro.jpg
[2015/08/26 07:05:42 | 002,782,018 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_13_05_42_Pro.jpg
[2015/08/26 07:03:07 | 002,534,289 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_13_03_07_Pro.jpg
[2015/08/26 07:02:10 | 002,591,840 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_13_02_10_Pro.jpg
[2015/08/26 07:01:38 | 002,508,633 | ---- | M] () -- C:\Users\nicole\Documents\WP_20150826_13_01_38_Pro.jpg
[2015/08/23 13:12:14 | 000,387,788 | ---- | M] () -- C:\Users\nicole\Desktop\collier julietta.pdf
[2015/08/23 05:53:52 | 000,774,942 | ---- | M] () -- C:\Users\nicole\Documents\SUZANNE COOPER - MINIATURE PURSES 2.pdf
[2015/08/23 05:53:24 | 002,191,559 | ---- | M] () -- C:\Users\nicole\Documents\sac.pdf
[2015/08/23 05:52:10 | 001,236,964 | ---- | M] () -- C:\Users\nicole\Documents\coeur serre livre happyland BL219_IT Segnalibro.pdf
[2015/08/21 18:16:30 | 001,849,498 | ---- | M] () -- C:\Users\nicole\Desktop\025 - PENDENTIF TYPHANIE-73555-1440158538.pdf
[2015/08/21 18:16:30 | 000,950,494 | ---- | M] () -- C:\Users\nicole\Desktop\049 - BRACELET & PENDENTIF CELENA (Français)-73555-1440158580.pdf
[2015/08/20 05:52:47 | 000,094,068 | ---- | M] () -- C:\Users\nicole\Documents\DSC01096.JPG
[2015/08/19 11:56:34 | 004,975,866 | ---- | M] () -- C:\Users\nicole\Desktop\Mikki Ferrugiaro - Lothlorien Necklace and Earrings.pdf
[2015/08/17 12:39:48 | 000,013,824 | ---- | M] () -- C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/08/17 09:34:11 | 000,063,803 | ---- | M] () -- C:\Users\nicole\Documents\DSC01090.JPG
[2015/08/17 09:27:04 | 000,098,346 | ---- | M] () -- C:\Users\nicole\Documents\DSC01085.JPG
[2015/08/17 09:24:38 | 000,109,640 | ---- | M] () -- C:\Users\nicole\Documents\DSC01086.JPG
[2015/08/17 09:23:28 | 000,092,847 | ---- | M] () -- C:\Users\nicole\Documents\DSC01087.JPG
[2015/08/17 09:19:39 | 000,059,777 | ---- | M] () -- C:\Users\nicole\Documents\DSC01094.JPG
[2015/08/16 06:12:18 | 000,001,341 | ---- | M] () -- C:\Users\nicole\Desktop\Sans titre 2.png
[2015/08/14 14:05:24 | 016,913,151 | ---- | M] () -- C:\Users\nicole\Desktop\A Perlen im Duett superduos Petra Tismann u Susanne Engels.pdf
[2015/08/14 02:04:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/08/13 05:09:24 | 000,464,809 | ---- | M] () -- C:\Users\nicole\Desktop\gratuit-boite-cadeau-c3a0-imprimer1.jpg
[2015/08/13 02:46:29 | 000,461,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/08/12 10:08:00 | 000,017,628 | ---- | M] () -- C:\Users\nicole\Desktop\boite bracelet.JPG

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2015/09/10 21:54:24 | 000,000,512 | ---- | C] () -- C:\Physical0MBR.bin
[2015/09/10 06:21:19 | 3219,628,032 | -HS- | C] () -- C:\hiberfil.sys
[2015/09/10 06:20:19 | 000,001,954 | ---- | C] () -- C:\Users\nicole\Desktop\Tweaking.com - Windows Repair.lnk
[2015/09/09 13:43:51 | 000,000,739 | ---- | C] () -- C:\Users\nicole\Desktop\ZHPCleaner.lnk
[2015/09/09 13:43:39 | 001,951,232 | ---- | C] () -- C:\Users\nicole\Desktop\ZHPCleaner.exe
[2015/09/08 13:49:07 | 000,067,562 | ---- | C] () -- C:\Users\nicole\Documents\Picture 113.jpg
[2015/09/08 08:45:13 | 001,083,357 | ---- | C] () -- C:\Users\nicole\Documents\DSC01141.JPG
[2015/09/08 08:45:13 | 000,983,774 | ---- | C] () -- C:\Users\nicole\Documents\DSC01138.JPG
[2015/09/08 08:45:13 | 000,965,965 | ---- | C] () -- C:\Users\nicole\Documents\DSC01139.JPG
[2015/09/08 08:45:13 | 000,908,807 | ---- | C] () -- C:\Users\nicole\Documents\DSC01142.JPG
[2015/09/08 08:45:13 | 000,082,615 | ---- | C] () -- C:\Users\nicole\Documents\DSC01140.JPG
[2015/09/08 08:45:12 | 000,093,461 | ---- | C] () -- C:\Users\nicole\Documents\DSC01137.JPG
[2015/09/08 08:45:12 | 000,068,246 | ---- | C] () -- C:\Users\nicole\Documents\DSC01143.JPG
[2015/09/08 01:56:43 | 000,260,901 | ---- | C] () -- C:\ProgramData\1441691381.bdinstall.bin
[2015/09/07 10:02:51 | 000,090,051 | ---- | C] () -- C:\Users\nicole\Desktop\11921706_10153213827733022_964206540390830343_n.jpg
[2015/09/05 15:16:49 | 005,634,819 | ---- | C] () -- C:\Users\nicole\Documents\Little Bead boxes.pdf
[2015/09/05 14:57:04 | 000,073,804 | ---- | C] () -- C:\Users\nicole\Documents\kokechi.jpg
[2015/09/04 11:41:45 | 016,477,820 | ---- | C] () -- C:\Users\nicole\Desktop\Trynnipendant.pdf
[2015/09/04 11:40:55 | 017,987,431 | ---- | C] () -- C:\Users\nicole\Desktop\Dannependant.pdf
[2015/09/03 08:03:02 | 014,911,634 | ---- | C] () -- C:\Users\nicole\Desktop\Denicapendant.pdf
[2015/09/03 04:30:45 | 000,102,354 | ---- | C] () -- C:\Users\nicole\Documents\DSC01121.JPG
[2015/09/03 04:30:45 | 000,069,368 | ---- | C] () -- C:\Users\nicole\Documents\DSC01120.JPG
[2015/09/03 04:30:45 | 000,069,129 | ---- | C] () -- C:\Users\nicole\Documents\DSC01126.JPG
[2015/09/03 04:30:45 | 000,068,922 | ---- | C] () -- C:\Users\nicole\Documents\DSC01125.JPG
[2015/09/03 04:30:45 | 000,067,181 | ---- | C] () -- C:\Users\nicole\Documents\DSC01124.JPG
[2015/09/03 04:30:45 | 000,062,475 | ---- | C] () -- C:\Users\nicole\Documents\DSC01127.JPG
[2015/09/03 04:30:45 | 000,056,387 | ---- | C] () -- C:\Users\nicole\Documents\DSC01129.JPG
[2015/09/03 04:30:45 | 000,045,596 | ---- | C] () -- C:\Users\nicole\Documents\DSC01128.JPG
[2015/09/03 04:30:44 | 000,094,914 | ---- | C] () -- C:\Users\nicole\Documents\DSC01116.JPG
[2015/09/03 04:30:44 | 000,075,326 | ---- | C] () -- C:\Users\nicole\Documents\DSC01118.JPG
[2015/09/03 04:30:44 | 000,070,857 | ---- | C] () -- C:\Users\nicole\Documents\DSC01112.JPG
[2015/09/03 04:30:43 | 000,848,276 | ---- | C] () -- C:\Users\nicole\Documents\DSC01104.JPG
[2015/09/03 04:30:43 | 000,116,778 | ---- | C] () -- C:\Users\nicole\Documents\DSC01103.JPG
[2015/09/03 04:30:43 | 000,114,757 | ---- | C] () -- C:\Users\nicole\Documents\DSC01102.JPG
[2015/09/03 04:30:43 | 000,097,862 | ---- | C] () -- C:\Users\nicole\Documents\DSC01107.JPG
[2015/09/03 04:30:43 | 000,082,928 | ---- | C] () -- C:\Users\nicole\Documents\DSC01109.JPG
[2015/09/03 04:30:43 | 000,073,538 | ---- | C] () -- C:\Users\nicole\Documents\DSC01132.JPG
[2015/09/03 04:30:43 | 000,062,205 | ---- | C] () -- C:\Users\nicole\Documents\DSC01136.JPG
[2015/09/03 04:30:43 | 000,058,701 | ---- | C] () -- C:\Users\nicole\Documents\DSC01131.JPG
[2015/09/03 04:30:43 | 000,053,162 | ---- | C] () -- C:\Users\nicole\Documents\DSC01130.JPG
[2015/09/03 04:30:43 | 000,048,145 | ---- | C] () -- C:\Users\nicole\Documents\DSC01134.JPG
[2015/09/03 02:41:00 | 000,013,458 | ---- | C] () -- C:\Users\nicole\Desktop\tracteur.png
[2015/09/02 15:41:34 | 001,864,371 | ---- | C] () -- C:\Users\nicole\Desktop\zita - jenni e cordi.pdf
[2015/09/02 15:25:27 | 002,456,728 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150902_18_57_14_Pro.jpg
[2015/09/02 15:25:25 | 002,366,521 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150902_18_57_09_Pro.jpg
[2015/09/02 15:25:24 | 002,340,771 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150902_18_56_54_Pro.jpg
[2015/09/02 15:25:21 | 002,455,248 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150827_21_15_18_Pro.jpg
[2015/09/02 15:25:20 | 002,425,482 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150827_21_15_01_Pro.jpg
[2015/09/02 15:25:18 | 002,169,789 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150827_21_14_52_Pro.jpg
[2015/09/02 15:25:16 | 003,064,931 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_14_39_05_Pro.jpg
[2015/09/02 15:25:14 | 002,909,893 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_13_06_56_Pro.jpg
[2015/09/02 15:25:12 | 002,782,018 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_13_05_42_Pro.jpg
[2015/09/02 15:25:10 | 002,534,289 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_13_03_07_Pro.jpg
[2015/09/02 15:25:08 | 002,591,840 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_13_02_10_Pro.jpg
[2015/09/02 15:25:06 | 002,508,633 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150826_13_01_38_Pro.jpg
[2015/09/02 15:25:05 | 000,080,062 | ---- | C] () -- C:\Users\nicole\Documents\WP_20150902_18_57_18_Pro.jpg
[2015/08/28 08:49:37 | 013,102,985 | ---- | C] () -- C:\Users\nicole\Documents\CRISTALIGNE 6.pdf
[2015/08/28 08:49:36 | 005,560,630 | ---- | C] () -- C:\Users\nicole\Documents\CRISTALIGNE 4.pdf
[2015/08/28 08:49:35 | 009,605,924 | ---- | C] () -- C:\Users\nicole\Documents\B&B Crystal Brilliance.pdf
[2015/08/28 08:49:34 | 004,635,500 | ---- | C] () -- C:\Users\nicole\Documents\CRISTALIGNE_7.pdf
[2015/08/28 08:19:06 | 000,517,168 | ---- | C] () -- C:\Users\nicole\Desktop\Certificate.pdf
[2015/08/28 08:19:06 | 000,059,697 | ---- | C] () -- C:\Users\nicole\Desktop\attestation925FR.pdf
[2015/08/28 08:19:06 | 000,044,035 | ---- | C] () -- C:\Users\nicole\Desktop\attestation Gold Filled.pdf
[2015/08/28 08:19:06 | 000,002,535 | ---- | C] () -- C:\Users\nicole\Desktop\ATT00001
[2015/08/27 03:23:05 | 001,089,359 | ---- | C] () -- C:\Users\nicole\Desktop\TinyButtonsenglish.pdf
[2015/08/27 03:23:02 | 000,742,607 | ---- | C] () -- C:\Users\nicole\Desktop\Mingles_english.pdf
[2015/08/27 03:23:00 | 001,212,991 | ---- | C] () -- C:\Users\nicole\Desktop\Frankfurter_Perlenspitze_englisch.pdf
[2015/08/27 03:22:57 | 001,251,822 | ---- | C] () -- C:\Users\nicole\Desktop\Emmas_Bangle_english.pdf
[2015/08/27 03:22:52 | 000,948,506 | ---- | C] () -- C:\Users\nicole\Desktop\New_Romance_englisch.pdf
[2015/08/26 16:26:04 | 003,330,929 | ---- | C] () -- C:\Users\nicole\Desktop\Déco Egyptian de Colleen Ewart.pdf
[2015/08/26 16:26:02 | 002,571,697 | ---- | C] () -- C:\Users\nicole\Desktop\quadra weave d'Olga Haserodt.pdf
[2015/08/26 16:25:00 | 000,981,091 | ---- | C] () -- C:\Users\nicole\Desktop\Sabine_Lippert-_Daisies (1).pdf
[2015/08/23 05:53:52 | 000,774,942 | ---- | C] () -- C:\Users\nicole\Documents\SUZANNE COOPER - MINIATURE PURSES 2.pdf
[2015/08/23 05:52:10 | 001,236,964 | ---- | C] () -- C:\Users\nicole\Documents\coeur serre livre happyland BL219_IT Segnalibro.pdf
[2015/08/23 05:49:52 | 006,679,641 | ---- | C] () -- C:\Users\nicole\Documents\petronella.pdf
[2015/08/23 05:47:36 | 013,948,181 | ---- | C] () -- C:\Users\nicole\Documents\Tortue agathe.pdf
[2015/08/23 05:42:27 | 005,309,111 | ---- | C] () -- C:\Users\nicole\Documents\Paddy_Bär.pdf
[2015/08/23 05:31:16 | 006,282,078 | ---- | C] () -- C:\Users\nicole\Documents\- SEA LILY-les poissons de Cordi et Jenni.pdf
[2015/08/23 05:30:31 | 000,713,425 | ---- | C] () -- C:\Users\nicole\Documents\Fish_Pendant_Instructions.pdf
[2015/08/23 05:29:12 | 002,191,559 | ---- | C] () -- C:\Users\nicole\Documents\sac.pdf
[2015/08/22 03:18:21 | 001,849,498 | ---- | C] () -- C:\Users\nicole\Desktop\025 - PENDENTIF TYPHANIE-73555-1440158538.pdf
[2015/08/22 03:18:21 | 000,950,494 | ---- | C] () -- C:\Users\nicole\Desktop\049 - BRACELET & PENDENTIF CELENA (Français)-73555-1440158580.pdf
[2015/08/20 05:50:30 | 000,094,068 | ---- | C] () -- C:\Users\nicole\Documents\DSC01096.JPG
[2015/08/19 11:56:31 | 004,975,866 | ---- | C] () -- C:\Users\nicole\Desktop\Mikki Ferrugiaro - Lothlorien Necklace and Earrings.pdf
[2015/08/19 11:12:15 | 000,387,788 | ---- | C] () -- C:\Users\nicole\Desktop\collier julietta.pdf
[2015/08/17 12:39:58 | 000,123,005 | ---- | C] () -- C:\Users\nicole\Documents\DSC01652.JPG
[2015/08/17 09:14:42 | 000,109,640 | ---- | C] () -- C:\Users\nicole\Documents\DSC01086.JPG
[2015/08/17 09:14:42 | 000,098,346 | ---- | C] () -- C:\Users\nicole\Documents\DSC01085.JPG
[2015/08/17 09:14:42 | 000,092,847 | ---- | C] () -- C:\Users\nicole\Documents\DSC01087.JPG
[2015/08/17 09:14:42 | 000,063,803 | ---- | C] () -- C:\Users\nicole\Documents\DSC01090.JPG
[2015/08/17 09:14:42 | 000,059,777 | ---- | C] () -- C:\Users\nicole\Documents\DSC01094.JPG
[2015/08/16 06:12:16 | 000,001,341 | ---- | C] () -- C:\Users\nicole\Desktop\Sans titre 2.png
[2015/08/14 14:03:44 | 016,913,151 | ---- | C] () -- C:\Users\nicole\Desktop\A Perlen im Duett superduos Petra Tismann u Susanne Engels.pdf
[2015/08/13 05:01:42 | 000,464,809 | ---- | C] () -- C:\Users\nicole\Desktop\gratuit-boite-cadeau-c3a0-imprimer1.jpg
[2015/08/12 10:07:56 | 000,017,628 | ---- | C] () -- C:\Users\nicole\Desktop\boite bracelet.JPG
[2015/03/04 09:24:45 | 000,010,964 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-18-dmpu
[2015/03/04 09:24:45 | 000,010,950 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\nuanreg-dm2
[2015/03/04 09:24:45 | 000,010,700 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\nuanreg
[2015/03/04 09:24:45 | 000,002,070 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-18
[2015/03/04 09:24:45 | 000,000,176 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\nuanreg-dmpu
[2015/03/04 09:24:44 | 000,013,180 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-21-3600269913-2463591278-2161397152-1000
[2015/03/04 09:24:44 | 000,011,030 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-21-3600269913-2463591278-2161397152-1000-dm2
[2015/03/04 09:24:44 | 000,000,256 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-21-3600269913-2463591278-2161397152-1000-dmpu
[2015/03/04 09:24:44 | 000,000,180 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-20-dmpu
[2015/03/04 09:24:44 | 000,000,180 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-19-dmpu
[2015/03/04 09:24:44 | 000,000,170 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-20-dm2
[2015/03/04 09:24:44 | 000,000,170 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\S-1-5-19-dm2
[2015/03/04 09:24:43 | 000,010,964 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\.DEFAULT-dmpu
[2015/03/04 09:24:43 | 000,002,070 | ---- | C] () -- C:\Users\nicole\AppData\Roaming\.DEFAULT
[2015/01/23 01:15:31 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-PC-DE-NICOLE-Microsoft®-Windows-Vista"!-Édition-Familiale-Premium-(32-bit).dat
[2014/11/04 09:29:18 | 000,000,024 | -HS- | C] () -- C:\Users\nicole\AppData\Roaming\System5908ConfigCollection.dat
[2014/04/24 00:12:19 | 000,001,356 | ---- | C] () -- C:\Users\nicole\AppData\Local\d3d9caps.dat
[2013/09/26 00:24:34 | 000,000,385 | ---- | C] () -- C:\Users\nicole\AppData\Roaminguser_gensett.xml
[2013/09/10 10:05:34 | 000,013,824 | ---- | C] () -- C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/05 15:12:59 | 000,000,024 | -HS- | C] () -- C:\Users\nicole\AppData\Roaming\Win4665 Config DB.dlx
[2013/09/05 15:12:59 | 000,000,024 | -HS- | C] () -- C:\Users\nicole\AppData\Roaming\System3192SettingsDB.dat
[2013/09/05 12:56:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/09/05 12:56:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/09/05 12:56:04 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/09/21 15:08:36 | 010,919,784 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/09/21 15:08:36 | 000,338,136 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/09/21 15:08:36 | 000,103,272 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/09/21 14:48:30 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/08/03 21:53:24 | 000,707,680 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2007/08/03 21:53:24 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2007/08/03 21:53:24 | 000,141,096 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2007/08/03 21:53:24 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2007/08/03 12:37:59 | 000,115,382 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/03 12:31:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/08/03 12:31:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/08/03 12:31:40 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/08/03 12:31:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2007/08/03 12:31:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007/08/03 12:26:37 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/08/03 12:23:56 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/08/03 12:23:56 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/07/19 11:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/13 17:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/13 17:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,461,504 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,629,712 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,115,278 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2015/09/08 15:33:09 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\AIMP3
[2015/08/05 10:26:43 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\BeadTool
[2015/09/09 14:02:20 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Bitdefender
[2015/08/05 09:01:19 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Cache
[2015/09/08 15:33:09 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\EssentialPIM Pro
[2015/01/19 16:39:36 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\FileZilla
[2013/09/06 10:00:53 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Leadertech
[2014/09/14 15:47:16 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Notepad++
[2015/03/04 09:31:06 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Nuance
[2013/09/30 08:46:29 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\OpenOffice
[2015/09/08 15:33:13 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\PhotoFiltre Studio X
[2013/09/05 15:24:28 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\QuickScan
[2014/05/17 11:44:03 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\SolidDocuments
[2015/03/04 09:32:14 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\Zeon
[2015/09/09 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\nicole\AppData\Roaming\ZHP
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2015/01/05 07:23:48 | 000,000,000 | ---D | M] -- C:\ProgramData\bdch
[2015/09/08 15:33:07 | 000,000,000 | ---D | M] -- C:\ProgramData\BDLogging
[2015/09/08 15:38:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Bitdefender
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2015/03/04 09:31:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Licenses
[2015/04/03 01:38:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Logs
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2013/09/05 11:02:57 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2007/08/03 12:47:30 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2015/03/04 09:31:06 | 000,000,000 | ---D | M] -- C:\ProgramData\Nuance
[2015/09/08 15:33:07 | 000,000,000 | ---D | M] -- C:\ProgramData\OO Software
[2014/10/16 00:41:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2007/08/03 12:53:32 | 000,000,000 | ---D | M] -- C:\ProgramData\PC-Doctor
[2013/09/06 08:14:39 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2015/08/19 16:33:50 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2015/01/12 10:39:11 | 000,000,000 | ---D | M] -- C:\ProgramData\VS Revo Group
[2013/09/05 17:14:28 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2015/01/12 09:31:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Zeon
[2015/09/10 12:44:54 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemroot%\system32\*.ini >[/color]
[2006/11/02 08:56:07 | 000,000,082 | -HS- | M] () -- C:\Windows\system32\desktop.ini
[2012/09/21 14:48:30 | 000,028,418 | ---- | M] () -- C:\Windows\system32\lvcoinst.ini
[2006/09/18 17:37:10 | 000,013,750 | ---- | M] () -- C:\Windows\system32\pacerprf.ini
[2015/09/10 06:16:11 | 001,614,504 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2007/07/19 11:07:52 | 000,000,000 | ---- | M] () -- C:\Windows\system32\px.ini
[2008/01/04 21:23:30 | 000,060,124 | ---- | M] () -- C:\Windows\system32\tcpmon.ini

[color=#A23BEC]< %systemroot%\Tasks\*.* >[/color]
[2015/09/10 12:54:25 | 000,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2015/09/10 12:44:54 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#A23BEC]< %systemroot%\system32\Tasks\*.* >[/color]
[2015/07/09 04:43:10 | 000,002,800 | ---- | M] () -- C:\Windows\system32\Tasks\CCleanerSkipUAC
[2013/09/13 03:28:03 | 000,003,568 | ---- | M] () -- C:\Windows\system32\Tasks\HP Health Check
[2007/08/03 13:12:15 | 000,003,334 | ---- | M] () -- C:\Windows\system32\Tasks\JavaUpdateAdministrator
[2013/09/05 11:12:51 | 000,003,300 | ---- | M] () -- C:\Windows\system32\Tasks\JavaUpdatenicole
[2013/09/05 11:12:12 | 000,003,926 | ---- | M] () -- C:\Windows\system32\Tasks\RecoveryCD
[2015/02/09 10:26:57 | 000,003,090 | ---- | M] () -- C:\Windows\system32\Tasks\{AAFA5FA2-3DEE-4232-91BF-60C7EF1FB7A4}
[2015/02/09 09:40:58 | 000,003,066 | ---- | M] () -- C:\Windows\system32\Tasks\{D1F5D793-4CB5-4793-AD84-1BFD1ED26E41}
[2015/02/09 10:26:13 | 000,003,110 | ---- | M] () -- C:\Windows\system32\Tasks\{DEB54CF4-56CE-4FE0-9920-FBB92F805741}

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009/04/10 17:28:20 | 000,142,336 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\fontext.dll
[2015/07/11 11:56:09 | 011,587,584 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\shell32.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s >[/color]
"auditbaseobjects" = 0
"auditbasedirectories" = 0
"crashonauditfail" = 0
"fullprivilegeauditing" = [binary data]
"Bounds" = 0 [binary data]
"LimitBlankPasswordUse" = 1
"LmCompatibilityLevel" = 3
"NoLmHash" = 1
"Notification Packages" = scecli [binary data] -- [2009/04/10 17:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation)
"Security Packages" = kerberosmsv1_0schannelwdigesttspkg [binary data]
"Authentication Packages" = msv1_0 [binary data] -- [2015/06/27 12:02:55 | 000,218,112 | ---- | M] (Microsoft Corporation)
"LsaPid" = 772
"SecureBoot" = 1
"ProductType" = 3
"disabledomaincreds" = 0
"everyoneincludesanonymous" = 0
"forceguest" = 0
"restrictanonymous" = 0
"restrictanonymoussam" = 1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders]
"ProviderOrder" = Windows NT Access Provider [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath" = %SystemRoot%\system32\ntmarta.dll -- [2009/04/10 17:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\AuditPolicy]
"AuditPolicySD" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit\PerUserAuditing\System]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Credssp]
"DebugLogLevel" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data]
"Pattern" = 90 36 8D 14 4A 13 17 69 F3 1E 0E D4 72 EA 6D 7C [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\FipsAlgorithmPolicy]
"Enabled" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG]
"GrafBlumGroup" = 6A A4 ED 03 BB CA E9 11 3A [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD]
"Lookup" = E8 E3 54 1C 4F 8F [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\HostToRealm]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos\Parameters]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0]
"Auth132" = IISSUBA
"NtlmMinClientSec" = 0
"NtlmMinServerSec" = 0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1]
"SkewMatrix" = 3F 1E 31 6B 19 A4 77 2E 70 40 6F AC D3 34 10 BD [binary data]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO\Passport1.4]
"SSOURL" = http://www.passport.com
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon >[/color]
"ReportBootOk" = 1
"Shell" = explorer.exe -- [2009/04/10 17:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation)
"Userinit" = C:\Windows\System32\userinit.exe,
"VmApplet" = rundll32 shell32,Control_RunDLL "sysdm.cpl"
"AutoRestartShell" = 1
"LegalNoticeCaption" =
"LegalNoticeText" =
"PowerdownAfterShutdown" = 0
"ShutdownWithoutLogon" = 0
"cachedlogonscount" = 10
"forceunlocklogon" = 0
"passwordexpirywarning" = 14
"Background" = 0 0 0
"DebugServerCommand" = no
"WinStationsDisabled" = 0
"DisableCAD" = 1
"scremoveoption" = 0
"ShutdownFlags" = 36

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/18 17:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/18 17:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/18 17:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/18 17:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2008/01/18 17:33:02 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\WINDOWS\System32\alg.exe
[2008/01/18 17:33:02 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\WINDOWS\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe
[2006/11/02 05:44:49 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=E69FB0E3112C40FDC0EF7D21A52DC951 -- C:\WINDOWS\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6000.16386_none_a6b290245e337868\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/10 17:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\drivers\atapi.sys
[2009/04/10 17:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/10 17:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/18 17:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/18 17:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008/01/18 15:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/18 15:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/10 15:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\System32\drivers\cdrom.sys
[2009/04/10 15:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/10 15:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\WINDOWS\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 04:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\WINDOWS\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2006/11/02 05:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=117B7C8A8B026A5DCE5E3180ED05E823 -- C:\WINDOWS\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6000.16386_none_56ad21dbe72a9d78\csrss.exe
[2008/01/18 17:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\WINDOWS\System32\csrss.exe
[2008/01/18 17:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\WINDOWS\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009/04/10 17:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/10 17:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/18 17:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/18 17:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/18 17:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\WINDOWS\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: IESETUP.DLL >[/color]
[2007/08/03 22:06:49 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=287739A122CBE640DE45EE1C66113B40 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16448_none_c3c73552616bf8ab\iesetup.dll
[2008/01/18 17:34:32 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6001.18000_none_c5d0b5245e79496e\iesetup.dll
[2008/01/18 17:34:32 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=4546EAA7EBE7C035FED0FD9519C69A11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll
[2007/08/03 22:10:31 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4AB333BBB3C4225451DB1BB44A2A65C4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16473_none_c3a1c41c6188cdcb\iesetup.dll
[2006/11/02 05:46:05 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=721ADD0FD018BD50896A778AC9222BD3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16386_none_c399f328618e389a\iesetup.dll
[2013/09/05 23:56:15 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=802B0229D904E28C1EA9A5274AB457FC -- C:\WINDOWS\System32\iesetup.dll
[2013/09/05 23:56:15 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=802B0229D904E28C1EA9A5274AB457FC -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_9.1.8112.16421_none_85c3f0149c5d8f80\iesetup.dll
[2007/08/03 22:06:49 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=982B062DFF318ABE41DF081E311E8895 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20547_none_c44fd1d37a8a7f1e\iesetup.dll
[2007/08/03 22:10:32 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=E6F758C0B7EB1BBA3DC29CDAB9D4233C -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20583_none_c42090fb7aae8986\iesetup.dll

[color=#A23BEC]< MD5 for: INSENG.DLL >[/color]
[2008/01/18 17:34:36 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=4023E0174BE81A68D64F4E8F0B280849 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6001.18000_none_993f5ba647c84d3e\inseng.dll
[2013/09/05 23:56:15 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=60B4F624BB87A3B21D3EC68F38DA6B61 -- C:\WINDOWS\System32\inseng.dll
[2013/09/05 23:56:15 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=60B4F624BB87A3B21D3EC68F38DA6B61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_9.1.8112.16421_none_5932969685ac9350\inseng.dll
[2006/11/02 05:46:05 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=95745070BE84D4571B3B7D7D314F9BB5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_6.0.6000.16386_none_970899aa4add3c6a\inseng.dll

[color=#A23BEC]< MD5 for: LOCATOR.EXE >[/color]
[2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\WINDOWS\System32\Locator.exe
[2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=5123F83CBC4349D065534EEB6BBDC42B -- C:\WINDOWS\winsxs\x86_microsoft-windows-rpc-locator_31bf3856ad364e35_6.0.6000.16386_none_ccfdd130eface46c\Locator.exe

[color=#A23BEC]< MD5 for: LSASS.EXE >[/color]
[2009/06/15 08:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2015/06/27 10:20:12 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2DCDD1B84875C0D5404173EC3B00E454 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23737_none_a8a1260573213258\lsass.exe
[2009/06/15 08:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2015/04/30 10:19:51 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=474FDD99DB6012E21405AAEE8DA61546 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23683_none_a867135b734d5b8a\lsass.exe
[2012/06/01 18:37:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=613DEB66A91820F0A41915B40BB8833F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009/06/15 09:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2014/10/10 19:21:41 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=86C519D59C70327434641E862A70B52B -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_a8a5f069731e840f\lsass.exe
[2015/01/15 01:17:50 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A28A5386D01A5C6B085838624955EF3C -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23594_none_a85d41d3735493ab\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\System32\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_a82a209c59f61a0b\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19284_none_a7de71285a2edda2\lsass.exe
[2011/11/16 10:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A3E186B4B935905B829219502557314E -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19431_none_a81183b25a090036\lsass.exe
[2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2015/03/05 22:16:32 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=ACAC4085ECDA9A35ED621936D67DB9D4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23640_none_a88f522d732f9fc1\lsass.exe
[2009/06/15 08:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2014/12/02 20:23:58 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=C4AA089041242987308AE2A7B30E910A -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_a88981cd73333d3e\lsass.exe
[2009/06/15 09:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2008/01/18 17:33:16 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/18 17:33:16 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2011/11/16 09:57:04 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=EBFAEB786C46B407930811F94F08877D -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe

[color=#A23BEC]< MD5 for: MSDTC.EXE >[/color]
[2006/11/02 05:45:26 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=BC64A92D821EFEA8BAB8E8CAF1B668BC -- C:\WINDOWS\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6000.16386_none_171c40e96317eaae\msdtc.exe
[2008/01/18 17:33:18 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\WINDOWS\System32\msdtc.exe
[2008/01/18 17:33:18 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=FD7520CC3A80C5FC8C48852BB24C6DED -- C:\WINDOWS\winsxs\x86_microsoft-windows-com-dtc-runtime_31bf3856ad364e35_6.0.6001.18000_none_195302e56002fb82\msdtc.exe

[color=#A23BEC]< MD5 for: MSHTML.DLL >[/color]
[2007/08/03 21:57:03 | 003,580,416 | ---- | M] (Microsoft Corporation) MD5=070B5BE00CCC851F7C8B39CD1609B009 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16397_none_110280fe25459f90\mshtml.dll
[2014/04/29 05:49:44 | 012,348,416 | ---- | M] (Microsoft Corporation) MD5=07501A7E7D9DF1FAB910164D31ED069C -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20657_none_d3a57e35793e49fc\mshtml.dll
[2014/05/28 12:49:34 | 012,357,120 | ---- | M] (Microsoft Corporation) MD5=0A05BABD0424A3A5882DFA016931A007 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_d399adff79474c96\mshtml.dll
[2014/05/05 19:32:27 | 012,347,392 | ---- | M] (Microsoft Corporation) MD5=0E468A0C51460D8DA3DF9B782275F1DB -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_d317e042602444d6\mshtml.dll
[2014/10/27 15:44:37 | 012,367,360 | ---- | M] (Microsoft Corporation) MD5=0EE89DC5D4C7A29C03B83F9E42643EEA -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_d3dc90017914d4c5\mshtml.dll
[2015/03/09 19:06:19 | 012,377,600 | ---- | M] (Microsoft Corporation) MD5=1035970885DD6ABA0EBCB3C02006A8E9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16636_none_d33082de60115620\mshtml.dll
[2014/03/07 19:51:01 | 012,347,904 | ---- | M] (Microsoft Corporation) MD5=10D0FA4F2A6ADBEEA0FFF10583CC5407 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16545_none_d324b0c2601a5b93\mshtml.dll
[2007/08/03 22:10:35 | 003,583,488 | ---- | M] (Microsoft Corporation) MD5=1F8EBB4387471DF7E7160F981BDEAFB7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16481_none_110751142542e8bc\mshtml.dll
[2007/08/03 22:10:36 | 003,584,000 | ---- | M] (Microsoft Corporation) MD5=24C5786C3A9ED534409D5DA0B56504D6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20591_none_11861df33e68a477\mshtml.dll
[2006/11/02 05:46:07 | 003,580,416 | ---- | M] (Microsoft Corporation) MD5=2D972F487EACEBBB2B3A02F290C3511A -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16386_none_110c50a0253e6a48\mshtml.dll
[2015/04/10 11:30:01 | 012,379,136 | ---- | M] (Microsoft Corporation) MD5=32AEC023256F682A02549764F81F811B -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16644_none_d323b25e601b3f63\mshtml.dll
[2014/09/19 18:53:39 | 012,364,288 | ---- | M] (Microsoft Corporation) MD5=3E7834CD2A543D58443BBE38FD74E8EB -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_d2f870c8603bb200\mshtml.dll
[2013/09/22 07:57:02 | 012,336,640 | ---- | M] (Microsoft Corporation) MD5=41DAD6EDAE3F02B7D527FA9B4B4EA022 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20625_none_d3c3ed657927c37b\mshtml.dll
[2015/02/21 13:32:34 | 012,376,064 | ---- | M] (Microsoft Corporation) MD5=466763B6CF4A3BCB72852F84C8D8DB6B -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20747_none_d3b0500779362b32\mshtml.dll
[2008/01/18 17:35:00 | 003,578,368 | ---- | M] (Microsoft Corporation) MD5=48E05FD07045BB2E5CFC43C970CAF1E7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
[2014/02/23 01:50:22 | 012,347,904 | ---- | M] (Microsoft Corporation) MD5=4F23BB46E26DC87F01563B8A96526075 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16540_none_d31faf50601edce0\mshtml.dll
[2015/01/13 22:52:09 | 012,371,968 | ---- | M] (Microsoft Corporation) MD5=550BF2A3717675EBE755A6D6C708AC6E -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20725_none_d3c3ef4b7927c0a2\mshtml.dll
[2014/10/27 15:10:22 | 012,366,848 | ---- | M] (Microsoft Corporation) MD5=5BDCC7129C2F0A25F8A8FF6A3BDD9896 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_d2eba04860459b43\mshtml.dll
[2014/09/19 17:41:34 | 012,364,800 | ---- | M] (Microsoft Corporation) MD5=5E91ECBE5541206D2C31A2B5BB38D97F -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_d3d48db1791c0a0d\mshtml.dll
[2014/07/24 14:07:38 | 012,356,608 | ---- | M] (Microsoft Corporation) MD5=601FCEB3AB6B81F48CCF1E22FFA5E6D4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_d30d1056602c60c7\mshtml.dll
[2014/02/05 05:54:38 | 012,345,344 | ---- | M] (Microsoft Corporation) MD5=620E595C1024D1D8DDBADF13C30FEB39 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20644_none_d3ad4d437938e206\mshtml.dll
[2014/06/06 18:27:44 | 012,352,512 | ---- | M] (Microsoft Corporation) MD5=6D5EC036CE03EE1EBB2972200A8856EE -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_d38adceb7953032b\mshtml.dll
[2013/07/31 06:30:56 | 012,335,104 | ---- | M] (Microsoft Corporation) MD5=6DB41C70A74B420A0ADC55A9862DDAD9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16506_none_d350f0bc5ff90526\mshtml.dll
[2013/09/05 23:56:15 | 012,334,080 | ---- | M] (Microsoft Corporation) MD5=7161E761E81356C8EF6383CB1AE41B8D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16502_none_d34cef945ffc9fca\mshtml.dll
[2015/07/22 16:47:58 | 012,386,816 | ---- | M] (Microsoft Corporation) MD5=760E61FD2533D7615A3D83407BBFBF90 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20799_none_d37c40ff795ce995\mshtml.dll
[2007/08/03 22:06:48 | 003,581,952 | ---- | M] (Microsoft Corporation) MD5=7B57E7A3307D38C3441076E6B6CAD866 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16448_none_113992ca251c2a59\mshtml.dll
[2007/08/03 21:57:02 | 003,580,416 | ---- | M] (Microsoft Corporation) MD5=7D22E0D46A572614D6BE2DE7B4529076 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20491_none_11861c0d3e68a750\mshtml.dll
[2014/08/15 10:51:40 | 012,363,776 | ---- | M] (Microsoft Corporation) MD5=7EBA54A72C5B0FF522003FBEBB9994CB -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_d3743cc9796421b6\mshtml.dll
[2013/11/14 19:16:30 | 012,345,344 | ---- | M] (Microsoft Corporation) MD5=845028B4ED05A9DF76A03897E5C98FF5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20637_none_d3bb1e0d792e121a\mshtml.dll
[2007/08/03 22:06:49 | 003,582,976 | ---- | M] (Microsoft Corporation) MD5=88BAE1EF672DCB0E3191EB106A677D4A -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20547_none_11c22f4b3e3ab0cc\mshtml.dll
[2015/01/13 21:51:42 | 012,371,456 | ---- | M] (Microsoft Corporation) MD5=88DFFFE4A1C25C256A74629599292A2D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16609_none_d353f3805ff64e52\mshtml.dll
[2015/06/17 14:09:30 | 012,386,304 | ---- | M] (Microsoft Corporation) MD5=8A0FA608C0737DAEA6F6DF10063F0616 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20784_none_d3820f7979594ef1\mshtml.dll
[2014/02/05 04:58:27 | 012,345,344 | ---- | M] (Microsoft Corporation) MD5=8CD5CA15064C3E47B4F246F98558E2DD -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16533_none_d32d801a60140cf4\mshtml.dll
[2015/04/09 20:38:10 | 012,380,160 | ---- | M] (Microsoft Corporation) MD5=8F8DDED51235079E5B71F1A63F9CFE3E -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20758_none_d3a68065793d607a\mshtml.dll
[2015/07/03 01:31:21 | 012,386,304 | ---- | M] (Microsoft Corporation) MD5=908B2C5317DFA001D77845A54007A189 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16672_none_d301420660356088\mshtml.dll
[2014/11/24 16:41:46 | 012,369,920 | ---- | M] (Microsoft Corporation) MD5=91F488C0ED1D8B1FDC112F95A4965CC6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_d2f2a24e603f4ca4\mshtml.dll
[2014/05/05 18:14:43 | 012,347,904 | ---- | M] (Microsoft Corporation) MD5=978376F3B5B6265463E6C9059ED373CA -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_d397ad6b794919e8\mshtml.dll
[2015/05/30 20:03:39 | 012,385,280 | ---- | M] (Microsoft Corporation) MD5=A12176CC20E80738E813E0A54B23D6B7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16659_none_d31de3e4601eda07\mshtml.dll
[2014/07/24 13:39:49 | 012,357,632 | ---- | M] (Microsoft Corporation) MD5=A1326470C9DC5E8D81C0F9F0FCCDB158 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_d38cdd7f795135d9\mshtml.dll
[2009/04/10 17:28:22 | 003,596,288 | ---- | M] (Microsoft Corporation) MD5=A4D04D404AFC1D30EDA01EE50D27AA51 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[2013/10/13 06:42:12 | 012,344,832 | ---- | M] (Microsoft Corporation) MD5=AC986A1AD35CDBF07B0E5D1AC9D527B5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16520_none_d3354f28600ea4fe\mshtml.dll
[2014/05/28 12:48:31 | 012,356,608 | ---- | M] (Microsoft Corporation) MD5=B7363143940197BD9F16FD957B4F8131 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_d319e0d660227784\mshtml.dll
[2014/08/15 10:51:34 | 012,363,264 | ---- | M] (Microsoft Corporation) MD5=B7E3AF84D1CF6CAA39EA69EF2734B517 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_d30440fe6032af66\mshtml.dll
[2014/06/06 20:05:40 | 012,353,024 | ---- | M] (Microsoft Corporation) MD5=BEFE2A3B0FD950E895A623DF4238247E -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_d30b0fc2602e2e19\mshtml.dll
[2014/02/23 02:21:20 | 012,347,904 | ---- | M] (Microsoft Corporation) MD5=C532BB3C2167824BB26EF465481E27AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20651_none_d39f7c797943b1f2\mshtml.dll
[2013/11/14 19:13:33 | 012,344,320 | ---- | M] (Microsoft Corporation) MD5=C89906FA43A58FD4CFC7EA06D885A597 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16526_none_d33b50e460093d08\mshtml.dll
[2015/05/30 20:04:21 | 012,385,280 | ---- | M] (Microsoft Corporation) MD5=D48F69EA6F1BE39DB1C5120C2AE66C64 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20774_none_d38cdf6579513300\mshtml.dll
[2014/11/24 17:48:24 | 012,371,456 | ---- | M] (Microsoft Corporation) MD5=D86631F4E180273746A79101322394E6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_d3cebf37791fa4b1\mshtml.dll
[2014/04/29 06:28:42 | 012,347,392 | ---- | M] (Microsoft Corporation) MD5=DCAA40C2C9F8EE14BAEA773576C26766 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16546_none_d325b10c601974ea\mshtml.dll
[2013/07/31 06:03:03 | 012,335,616 | ---- | M] (Microsoft Corporation) MD5=DCC51F3466767C3B418E23F5A467D6E5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20617_none_d3d0bde5791dda38\mshtml.dll
[2014/03/07 18:46:56 | 012,347,904 | ---- | M] (Microsoft Corporation) MD5=DDFC3CFB3C63820B4464F8545E867BC5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20656_none_d3a47deb793f30a5\mshtml.dll
[2015/02/21 13:37:50 | 012,375,040 | ---- | M] (Microsoft Corporation) MD5=E118F7CFD80C1346BDC37B64E1270DD6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16633_none_d32d820060140a1b\mshtml.dll
[2015/03/09 19:59:55 | 012,378,624 | ---- | M] (Microsoft Corporation) MD5=E74D944976D80E0BE3E2BCA8E5568E5E -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20750_none_d39e7e15794495c2\mshtml.dll
[2013/10/13 05:37:13 | 012,344,832 | ---- | M] (Microsoft Corporation) MD5=F111B63E90F9A36B8CF4894B43EFC641 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20631_none_d3b51c5179337a10\mshtml.dll
[2015/07/03 01:31:05 | 012,386,816 | ---- | M] (Microsoft Corporation) MD5=F146AD893A1EDB21666191D6B42B3E00 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20787_none_d385105779569af6\mshtml.dll
[2013/09/22 06:29:45 | 012,336,128 | ---- | M] (Microsoft Corporation) MD5=F46A58EC9183CB2B24326A41CDDE1FAE -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16514_none_d344203c6002ee69\mshtml.dll
[2015/06/16 21:15:46 | 012,386,816 | ---- | M] (Microsoft Corporation) MD5=F75507877D6DED54E94D014E9264FAC7 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16669_none_d31313f86026f5f8\mshtml.dll
[2015/07/22 16:54:00 | 012,386,816 | ---- | M] (Microsoft Corporation) MD5=FDF36C5B3EA4204E5BF6C8BDA24DAC6D -- C:\WINDOWS\System32\mshtml.dll
[2015/07/22 16:54:00 | 012,386,816 | ---- | M] (Microsoft Corporation) MD5=FDF36C5B3EA4204E5BF6C8BDA24DAC6D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16684_none_d2f872ae603baf27\mshtml.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/04/10 17:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\WINDOWS\System32\drivers\ndis.sys
[2009/04/10 17:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006/11/02 05:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008/01/18 17:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/10 17:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\System32\netlogon.dll
[2009/04/10 17:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/18 17:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/18 17:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/18 17:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\WINDOWS\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: NVSTOR32.SYS >[/color]
[2007/07/02 13:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\hp\DRIVERS\NVIDIA_Serial_ATA\nvstor32.sys
[2007/07/02 13:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\WINDOWS\System32\drivers\nvstor32.sys
[2007/07/02 13:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\WINDOWS\System32\DriverStore\FileRepository\nvstor32.inf_6b03e392\nvstor32.sys

[color=#A23BEC]< MD5 for: PNGFILT.DLL >[/color]
[2013/09/05 23:56:15 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=04A8B2F67825380BC0C7C46D56776133 -- C:\WINDOWS\System32\pngfilt.dll
[2013/09/05 23:56:15 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=04A8B2F67825380BC0C7C46D56776133 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_9.1.8112.16421_none_adb9aa19514dba01\pngfilt.dll
[2008/01/18 17:36:08 | 000,045,056 | ---- | M] (Microsoft Corporation) MD5=B8D3BF818DEFE1DA9A754F214E528221 -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6001.18000_none_edc66f29136973ef\pngfilt.dll
[2006/11/02 05:46:12 | 000,044,544 | ---- | M] (Microsoft Corporation) MD5=F0C0C3AA9872E49C2B37C865A9E9A55E -- C:\WINDOWS\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16386_none_eb8fad2d167e631b\pngfilt.dll

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/18 17:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/10 17:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\System32\scecli.dll
[2009/04/10 17:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SNMPTRAP.EXE >[/color]
[2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\WINDOWS\System32\snmptrap.exe
[2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\WINDOWS\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6000.16386_none_cd543ce1427cc9b4\snmptrap.exe
[2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=2A146A055B4401C16EE62D18B8E2A032 -- C:\WINDOWS\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/10 17:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/18 17:33:34 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\WINDOWS\System32\spoolsv.exe
[2010/08/17 10:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 10:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2006/11/02 05:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) MD5=DA612EF2556776DF2630B68BF2D48935 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
[2010/08/17 09:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: TASKENG.EXE >[/color]
[2010/11/05 09:43:51 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=110B5E5AFA79DD8A45A2F6ED738469B9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.22791_none_e5d5a65bd84010db\taskeng.exe
[2006/11/02 05:45:48 | 000,166,400 | ---- | M] (Microsoft Corporation) MD5=1226E9FAE5B8508801EC974E3C9D9C14 -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6000.16386_none_e3758b32c1ef5c83\taskeng.exe
[2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\WINDOWS\System32\taskeng.exe
[2010/11/04 12:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=3D50C4B10352367D5CB20ED1F50F8DA2 -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18342_none_e7698b5ebc1f53d7\taskeng.exe
[2008/01/18 17:33:34 | 000,169,472 | ---- | M] (Microsoft Corporation) MD5=5F109032CE46B7184ED9E50F9FE8489E -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18000_none_e5ac4d2ebeda6d57\taskeng.exe
[2010/11/04 18:15:29 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=9AF3E523E39FD8C10EDFA3ABA702DC9B -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.22519_none_e81a9bd9d51e4e56\taskeng.exe
[2009/04/10 17:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) MD5=E5BBFC283D6F5D69B41E464676361020 -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6002.18005_none_e797c63abbfc38a3\taskeng.exe
[2010/11/04 20:53:47 | 000,171,520 | ---- | M] (Microsoft Corporation) MD5=EAFB5897AC9CD84890171AC38862320F -- C:\WINDOWS\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.0.6001.18551_none_e577475abf020426\taskeng.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2009/04/10 17:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009/08/15 17:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 13:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 07:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 10:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 10:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010/02/18 10:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 08:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/08/14 12:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2013/07/04 23:20:37 | 000,914,880 | ---- | M] (Microsoft Corporation) MD5=6D0D344F643E28B31262AC2682109A3C -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[2009/08/14 13:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 13:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2014/04/04 23:23:10 | 000,915,392 | ---- | M] (Microsoft Corporation) MD5=A4196D394207369E1431E8681B373312 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[2014/04/04 22:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\WINDOWS\System32\drivers\tcpip.sys
[2014/04/04 22:42:27 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=C7B0746FCD576D7EEBA6A2530B0B2966 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[2013/07/05 00:53:33 | 000,905,664 | ---- | M] (Microsoft Corporation) MD5=D18D53974FD715D50FC76F9FFE1C830D -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[2006/11/02 04:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010/02/18 10:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008/01/18 17:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 12:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

[color=#A23BEC]< MD5 for: UI0DETECT.EXE >[/color]
[2006/11/02 05:45:50 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=24A333F4F14DCFB6FF6D5A1B9E5D79DD -- C:\WINDOWS\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6000.16386_none_dfb0260649c2ed9e\UI0Detect.exe
[2008/01/18 17:33:34 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\WINDOWS\System32\UI0Detect.exe
[2008/01/18 17:33:34 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=ECEF404F62863755951E09C802C94AD5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\UI0Detect.exe

[color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color]
[2006/11/02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\WINDOWS\System32\drivers\usbprint.sys
[2006/11/02 05:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/18 16:14:42 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\WINDOWS\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/18 16:14:42 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\WINDOWS\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys

[color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color]
[2013/07/02 21:58:11 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=08402232432EC2B3C8E8925E2F8A82D2 -- C:\WINDOWS\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.23150_none_5c18bf69f733328c\usbscan.sys
[2013/07/02 22:33:45 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=1D714B8497CD68307806D5D3F60A5169 -- C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys
[2013/07/02 22:33:45 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=1D714B8497CD68307806D5D3F60A5169 -- C:\WINDOWS\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18878_none_5b81ab0ede1e64f3\usbscan.sys
[2008/01/18 16:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_0bb72b9f\usbscan.sys
[2008/01/18 16:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/18 16:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\WINDOWS\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/18 16:14:10 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\WINDOWS\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 05:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/18 17:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/18 17:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

[color=#A23BEC]< MD5 for: VDS.EXE >[/color]
[2008/01/18 17:33:34 | 000,382,976 | ---- | M] (Microsoft Corporation) MD5=B13BC395B9D6116628F5AF47E0802AC4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6001.18000_none_6aead29ffaae9c39\vds.exe
[2006/11/02 05:45:50 | 000,392,704 | ---- | M] (Microsoft Corporation) MD5=C9D0BAFEE0D0A2681F048CA61BC0DA96 -- C:\WINDOWS\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6000.16386_none_68b410a3fdc38b65\vds.exe
[2009/04/10 17:28:10 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\WINDOWS\System32\vds.exe
[2009/04/10 17:28:10 | 000,385,536 | ---- | M] (Microsoft Corporation) MD5=CD88D1B7776DC17A119049742EC07EB4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color]
[2006/11/02 05:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/10 17:32:56 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/10 17:32:56 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2012/08/21 07:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys
[2012/08/21 07:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\System32\drivers\volsnap.sys
[2012/08/21 07:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys
[2012/08/21 07:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys
[2008/01/18 17:42:50 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/18 17:42:50 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\WINDOWS\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

[color=#A23BEC]< MD5 for: VSSVC.EXE >[/color]
[2008/01/18 17:33:36 | 001,054,720 | ---- | M] (Microsoft Corporation) MD5=D5FB73D19C46ADE183F968E13F186B23 -- C:\WINDOWS\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6001.18000_none_5accce7717d773c7\VSSVC.exe
[2009/04/10 17:28:12 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\WINDOWS\System32\VSSVC.exe
[2009/04/10 17:28:12 | 001,055,232 | ---- | M] (Microsoft Corporation) MD5=DB3D19F850C6EB32BDCB9BC0836ACDDB -- C:\WINDOWS\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6002.18005_none_5cb8478314f93f13\VSSVC.exe
[2006/11/02 05:45:51 | 000,924,160 | ---- | M] (Microsoft Corporation) MD5=E0E29D9EF2524ABD11749C7C2FD7F607 -- C:\WINDOWS\winsxs\x86_microsoft-windows-vssservice_31bf3856ad364e35_6.0.6000.16386_none_58960c7b1aec62f3\VSSVC.exe

[color=#A23BEC]< MD5 for: WEBCHECK.DLL >[/color]
[2008/01/18 17:36:54 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=4F4889A9D680714BE11B31BD01A0411A -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_612be2f851b99095\webcheck.dll
[2006/11/02 05:46:13 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=4FD45F2A2C445359482CA3F34EAB1A4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6000.16386_none_5ef520fc54ce7fc1\webcheck.dll
[2013/09/05 23:56:15 | 000,203,776 | ---- | M] (Microsoft Corporation) MD5=5193DE33F3284C447E0D31DAFBF92570 -- C:\WINDOWS\System32\webcheck.dll
[2013/09/05 23:56:15 | 000,203,776 | ---- | M] (Microsoft Corporation) MD5=5193DE33F3284C447E0D31DAFBF92570 -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_9.1.8112.16421_none_211f1de88f9dd6a7\webcheck.dll
[2009/04/10 17:28:26 | 000,233,984 | ---- | M] (Microsoft Corporation) MD5=8208E4895BA625884FF3699CCA1D9E3D -- C:\WINDOWS\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_63175c044edb5be1\webcheck.dll

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/18 17:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\System32\wininit.exe
[2008/01/18 17:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 05:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\WINDOWS\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2015/06/18 02:39:28 | 000,893,752 | ---- | M] (MalwareBytes) MD5=0692C8163852AB5674E2EB3B36131EF3 -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2009/04/10 17:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/10 17:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/18 17:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< MD5 for: WINSRV.DLL >[/color]
[2013/03/07 22:49:28 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=1AAD055950BD7EC7699BC78F579D99B8 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.23075_none_b8a7e457b2cd80d2\winsrv.dll
[2009/04/10 17:28:26 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=40864DA48A14EBC68A0D6BFD08BA21EB -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18005_none_b86a0fae997700f7\winsrv.dll
[2011/04/20 11:55:29 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=5DF01708D214FDC0075AD197F1889557 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18456_none_b83507f4999e9a9f\winsrv.dll
[2011/04/20 11:13:57 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=60B351541547DE0A483926AA825D1D1D -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.22628_none_b8e116fdb2a2166b\winsrv.dll
[2008/01/18 17:36:58 | 000,375,296 | ---- | M] (Microsoft Corporation) MD5=8B05FAF8603E6FDE90C5B103761CC3F6 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18000_none_b67e96a29c5535ab\winsrv.dll
[2013/03/07 23:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=A508314231C49AEE86987CEA3EAECAD1 -- C:\WINDOWS\System32\winsrv.dll
[2013/03/07 23:53:50 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=A508314231C49AEE86987CEA3EAECAD1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6002.18804_none_b8691e949977d0d8\winsrv.dll
[2011/04/20 10:37:24 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=D1DE6323ADB727E9E9BFC0C4315A93E1 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.22904_none_b70c43c5b56f2409\winsrv.dll
[2006/11/02 05:46:14 | 000,374,784 | ---- | M] (Microsoft Corporation) MD5=D2E032FC47D59D704B1A49D159C318E5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6000.16386_none_b447d4a69f6a24d7\winsrv.dll
[2007/08/03 22:05:11 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=D8336F4B38FE370D996AC913ED334B1D -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6000.20544_none_b4fab273b8691f56\winsrv.dll
[2007/08/03 22:05:11 | 000,376,320 | ---- | M] (Microsoft Corporation) MD5=E3F137ADC0A9D7F3A2E4F557272FE6B3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6000.16445_none_b47215f29f4a98e3\winsrv.dll
[2011/04/20 10:47:25 | 000,375,808 | ---- | M] (Microsoft Corporation) MD5=F42F8855CB5C22E203C6672B124F17FD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winsrv_31bf3856ad364e35_6.0.6001.18638_none_b66634929c664320\winsrv.dll

[color=#A23BEC]< MD5 for: WMIAPSRV.EXE >[/color]
[2009/04/10 17:28:16 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\WINDOWS\System32\wbem\WmiApSrv.exe
[2009/04/10 17:28:16 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=43BE3875207DCB62A85C8C49970B66CC -- C:\WINDOWS\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApSrv.exe
[2006/11/02 05:45:59 | 000,137,216 | ---- | M] (Microsoft Corporation) MD5=A279323BEE5FFFAFDA222910BCE92132 -- C:\WINDOWS\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6000.16386_none_b71d411922ad8f1f\WmiApSrv.exe
[2008/01/18 17:33:40 | 000,137,728 | ---- | M] (Microsoft Corporation) MD5=ABA4CF9F856D9A3A25F4DDD7690A6E9D -- C:\WINDOWS\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6001.18000_none_b95403151f989ff3\WmiApSrv.exe

[color=#A23BEC]< MD5 for: WMPNETWK.EXE >[/color]
[2008/01/18 17:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/01/18 17:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) MD5=3978704576A121A9204F8CC49A301A9B -- C:\WINDOWS\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6001.18000_none_0386cbd2ce93a16e\wmpnetwk.exe
[2006/11/02 08:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) MD5=ACB2E63D50157E3EA7140F29D9E76A48 -- C:\WINDOWS\winsxs\x86_microsoft-windows-wmpnss-service_31bf3856ad364e35_6.0.6000.16386_none_015009d6d1a8909a\wmpnetwk.exe

[color=#A23BEC]< CREATERESTOREPOINT >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 985 bytes -> C:\Users\nicole\Documents\Dominique Le Ber, Your BeadTool Registration Info.eml:OECustomProperty
@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:F9CFE070
< End of report >

Publicité

Signaler le contenu de ce document

Publicité