OTL logfile created on: 12/03/2017 17:14:22 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18537) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,96 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,68% Memory free 7,93 Gb Paging File | 5,78 Gb Available in Paging File | 72,91% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 292,87 Gb Total Space | 210,63 Gb Free Space | 71,92% Space Free | Partition Type: NTFS Drive D: | 172,79 Gb Total Space | 172,40 Gb Free Space | 99,77% Space Free | Partition Type: NTFS Drive E: | 366,56 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: PC-PC | User Name: Pc | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2017/03/12 17:09:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\OTL.exe PRC - [2017/02/04 14:34:00 | 000,390,848 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pc\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe PRC - [2017/02/04 11:52:35 | 002,143,936 | ---- | M] (BitTorrent Inc.) -- C:\Users\Pc\AppData\Roaming\uTorrent\uTorrent.exe PRC - [2017/02/01 10:01:18 | 000,945,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2017/01/15 18:00:04 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe PRC - [2017/01/15 17:57:06 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2017/01/07 17:17:34 | 000,218,496 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2017/01/01 23:52:46 | 000,326,616 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe PRC - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2016/12/13 15:38:48 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2016/08/26 12:26:34 | 000,339,968 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\Updater.exe PRC - [2015/11/20 18:43:29 | 000,144,008 | ---- | M] (© 2015 Microsoft Corporation) -- C:\Users\Pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe PRC - [2013/06/20 21:30:20 | 000,687,336 | ---- | M] (Zbshareware Lab) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe PRC - [2013/05/14 19:39:42 | 000,505,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe PRC - [2013/05/14 19:37:24 | 001,448,960 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe PRC - [2013/01/18 11:01:12 | 002,009,088 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe PRC - [2012/12/27 14:26:20 | 004,522,496 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe PRC - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2017/02/01 10:01:24 | 001,870,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll MOD - [2017/02/01 10:01:24 | 000,085,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll MOD - [2017/01/15 17:57:08 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2017/01/15 17:57:06 | 000,482,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll MOD - [2017/01/15 17:57:06 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll MOD - [2017/01/15 17:57:06 | 000,169,064 | ---- | M] () -- C:\PROGRA~1\AVASTS~1\Avast\JsonRpcServer.dll MOD - [2013/06/25 13:04:42 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\USB Disk Security\locales\french.dll MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2017/01/15 17:57:06 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2016/11/12 20:08:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2016/08/22 17:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:[b]64bit:[/b] - [2014/11/21 03:12:40 | 000,244,736 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2017/02/25 13:06:19 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2017/01/16 08:22:44 | 000,317,400 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2017/01/07 17:17:34 | 000,218,496 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2016/12/19 22:38:14 | 000,082,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2016/12/13 15:38:48 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2016/11/29 22:34:16 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2016/08/26 12:26:34 | 000,339,968 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\Updater.exe -- (Update service) SRV - [2015/10/14 09:22:18 | 000,243,968 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost) SRV - [2014/12/17 02:16:13 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2012/10/26 10:40:10 | 000,282,112 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2017/02/21 22:18:31 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy) DRV:[b]64bit:[/b] - [2017/01/15 20:09:40 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:[b]64bit:[/b] - [2017/01/15 17:58:46 | 000,293,352 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswvmm.sys -- (aswVmm) DRV:[b]64bit:[/b] - [2017/01/15 17:58:43 | 000,513,632 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP) DRV:[b]64bit:[/b] - [2017/01/15 17:58:40 | 000,969,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2017/01/15 17:57:08 | 000,163,416 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:[b]64bit:[/b] - [2017/01/15 17:57:08 | 000,108,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2017/01/15 17:57:08 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2017/01/15 17:57:08 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:[b]64bit:[/b] - [2017/01/15 17:57:08 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:[b]64bit:[/b] - [2016/03/24 17:37:25 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus) DRV:[b]64bit:[/b] - [2016/03/01 04:55:36 | 000,104,976 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2015/06/11 18:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2015/01/15 12:42:24 | 000,977,624 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2014/11/21 03:40:00 | 018,959,360 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2014/11/21 03:08:54 | 000,589,312 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2016/06/15 19:01:02 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Disabled | Stopped] -- C:\Windows\SysWow64\drivers\SECDRV.SYS -- (secdrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q= IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q= IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q= IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.avira.net/#web/result?source=art&q= IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://search.avira.net/#web/result?source=art&q= IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://search.avira.net/#web/result?source=art&q= IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q= IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 68 18 5E E4 BC 6D D2 01 [binary data] IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error. IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 IE - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.isUS: false FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2017/01/15 17:57:09 | 000,000,000 | ---D | M] 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2017/01/15 17:57:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017/01/15 17:57:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2017/01/15 17:57:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2017/01/13 15:09:53 | 000,000,000 | ---D | M] [2015/10/17 12:11:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\mozilla\Extensions [2016/11/04 11:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2015/10/17 12:09:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [color=#E56717]========== Chrome ==========[/color] CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_0\ O1 HOSTS File: ([2016/07/12 09:35:38 | 000,002,024 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com O1 - Hosts: 0.0.0.0 media.opencandy.com O1 - Hosts: 0.0.0.0 cdn.opencandy.com O1 - Hosts: 0.0.0.0 tracking.opencandy.com O1 - Hosts: 0.0.0.0 api.opencandy.com O1 - Hosts: 0.0.0.0 api.recommendedsw.com O1 - Hosts: 0.0.0.0 installer.betterinstaller.com O1 - Hosts: 0.0.0.0 installer.filebulldog.com O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net O1 - Hosts: 0.0.0.0 inno.bisrv.com O1 - Hosts: 0.0.0.0 nsis.bisrv.com O1 - Hosts: 0.0.0.0 cdn.file2desktop.com O1 - Hosts: 0.0.0.0 cdn.goateastcach.us O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us O1 - Hosts: 0.0.0.0 cdn.montiera.com O1 - Hosts: 0.0.0.0 cdn.msdwnld.com O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com O1 - Hosts: 0.0.0.0 cdn.ppdownload.com O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us O1 - Hosts: 0.0.0.0 cdn.shyapotato.us O1 - Hosts: 11 more lines... O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe () O4 - HKLM..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000..\Run: [BingSvc] C:\Users\Pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation) O4 - HKU\S-1-5-21-4230350224-2592694478-3465487610-1000..\Run: [uTorrent] C:\Users\Pc\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.105.86.80 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D6FBACB-DF50-4A23-ACA6-204ED36BCD56}: DhcpNameServer = 46.105.86.80 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D6FBACB-DF50-4A23-ACA6-204ED36BCD56}: NameServer = 8.8.8.8,8.8.4.4 O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2017/01/09 13:28:02 | 000,000,045 | R--- | M] () - E:\AUTORUN.INF -- [ UDF ] O33 - MountPoints2\{c5f315fb-5884-11e6-98c5-94de8048da77}\Shell - "" = AutoRun O33 - MountPoints2\{c5f315fb-5884-11e6-98c5-94de8048da77}\Shell\AutoRun\command - "" = J:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 O33 - MountPoints2\{cb6b5548-74ba-11e5-bd0a-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{cb6b5548-74ba-11e5-bd0a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\intro-3AS.exe -- [2017/01/09 13:28:02 | 005,650,743 | R--- | M] (Adobe Systems, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] TBS - Service SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: TBS - Service SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TBS - Service SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TBS - Service SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:[b]64bit:[/b] {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework ActiveX:[b]64bit:[/b] {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:[b]64bit:[/b] {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:[b]64bit:[/b] {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:[b]64bit:[/b] {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:[b]64bit:[/b] {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} - C:\Windows\System32\ie4uinit.exe -EnableTLS ActiveX:[b]64bit:[/b] {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:[b]64bit:[/b] {7D715857-A67C-4C2F-A929-038448584D63} - C:\Windows\System32\ie4uinit.exe -DisableSSL3 ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig ActiveX:[b]64bit:[/b] {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:[b]64bit:[/b] {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework ActiveX:[b]64bit:[/b] {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:[b]64bit:[/b] {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:[b]64bit:[/b] {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:[b]64bit:[/b] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {26784146-6E05-3FF9-9335-786C7C0FB5BE} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings ActiveX: {BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3} - .NET Framework ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/02/16 09:49:44 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft [2017/02/13 21:27:34 | 000,308,224 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/03/12 17:17:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/03/12 17:02:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2017/03/12 10:08:23 | 000,030,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2017/03/12 10:08:23 | 000,030,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2017/03/12 09:59:47 | 001,668,256 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2017/03/12 09:59:47 | 000,747,320 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2017/03/12 09:59:47 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2017/03/12 09:59:47 | 000,149,844 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2017/03/12 09:59:47 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2017/03/12 09:55:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2017/03/12 09:55:05 | 3192,684,544 | -HS- | M] () -- C:\hiberfil.sys [2017/02/25 13:06:19 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2017/02/25 13:06:19 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2017/02/21 22:18:31 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2017/02/21 22:06:59 | 000,002,691 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2017/02/21 22:06:59 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Brother Creative Center.lnk [2017/02/21 22:06:59 | 000,001,769 | ---- | M] () -- C:\Users\Public\Desktop\qksee.lnk [2017/02/21 22:06:59 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2017/02/21 22:06:59 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\USB Disk Security.lnk [2017/02/21 22:06:59 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2017/02/21 22:06:58 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk [2017/02/21 22:06:58 | 000,001,249 | ---- | M] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk [2017/02/21 22:06:58 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone Browser.lnk [2017/02/21 22:06:45 | 000,002,735 | ---- | M] () -- C:\Users\Pc\Desktop\Microsoft Office Word 2007.lnk [2017/02/21 22:06:45 | 000,002,693 | ---- | M] () -- C:\Users\Pc\Desktop\Microsoft Office Excel 2007.lnk [2017/02/21 22:06:45 | 000,002,568 | ---- | M] () -- C:\Users\Pc\Desktop\µTorrent.lnk [2017/02/21 22:06:45 | 000,002,293 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2017/02/21 22:06:45 | 000,002,281 | ---- | M] () -- C:\Users\Pc\Desktop\Google Chrome.lnk [2017/02/21 22:06:45 | 000,002,047 | ---- | M] () -- C:\Users\Pc\Desktop\Acrobat Reader DC.lnk [2017/02/21 22:06:45 | 000,001,865 | ---- | M] () -- C:\Users\Pc\Desktop\Mozilla Firefox.lnk [2017/02/21 22:06:45 | 000,001,427 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2017/02/21 22:06:45 | 000,001,403 | ---- | M] () -- C:\Users\Pc\Desktop\Internet Explorer.lnk [2017/02/21 22:06:45 | 000,001,224 | ---- | M] () -- C:\Users\Pc\Desktop\Paint.lnk [2017/02/21 22:06:45 | 000,001,107 | ---- | M] () -- C:\Users\Pc\Desktop\Avira.lnk [2017/02/21 22:06:45 | 000,001,076 | ---- | M] () -- C:\Users\Pc\Desktop\Counter-Strike 1.6.lnk [2017/02/21 22:06:45 | 000,000,355 | ---- | M] () -- C:\Users\Pc\Desktop\Réseau - Raccourci.lnk [2017/02/21 22:06:45 | 000,000,290 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2017/02/21 22:06:45 | 000,000,272 | ---- | M] () -- C:\Users\Pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/03/12 17:17:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2017/02/13 21:27:45 | 000,001,249 | ---- | C] () -- C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk [2017/01/21 09:57:21 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini [2017/01/17 10:36:18 | 000,000,017 | ---- | C] () -- C:\Users\Pc\AppData\Local\resmon.resmoncfg [2016/08/29 21:33:46 | 003,498,280 | ---- | C] () -- C:\Users\Pc\video-1472416335.mp4 [2016/07/26 16:16:36 | 000,000,881 | ---- | C] () -- C:\Users\Pc\Galaxy S4 - Raccourci.lnk [2016/06/12 18:46:54 | 000,218,496 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2016/06/12 18:46:38 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2016/03/04 12:05:30 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2016/01/30 08:10:00 | 000,022,544 | ---- | C] () -- C:\Users\Pc\AppData\Roaming\UserTile.png [2016/01/15 17:02:29 | 000,007,889 | ---- | C] () -- C:\Windows\BRRBCOM.INI [2016/01/15 17:02:29 | 000,007,818 | ---- | C] () -- C:\Windows\BROPJ172W.INI [2016/01/15 17:00:46 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2016/01/15 17:00:45 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2015/10/22 11:38:45 | 001,642,388 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2015/10/17 12:00:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2015/10/17 11:57:59 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2015/10/17 11:57:59 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2015/10/17 11:57:59 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2015/10/17 11:57:34 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2015/10/17 11:57:34 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2016/08/29 16:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 16:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2016/12/06 19:36:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\AMD [2017/01/15 18:00:14 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\AVAST Software [2016/05/29 15:40:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Azureus [2016/10/28 19:59:34 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ControlCenter4 [2016/03/24 17:37:08 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\DAEMON Tools Lite [2016/05/28 20:20:40 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\eCyber [2016/12/02 18:05:52 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\InterTrust [2016/05/26 17:04:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\library_dir [2016/05/26 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PlaysTV [2016/12/06 19:29:21 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ProtectDISC [2016/08/06 10:42:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Raptr [2016/08/26 19:28:47 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Steam [2017/03/12 17:23:24 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\uTorrent [2015/10/18 15:45:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zbshareware Lab [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2016/05/29 22:09:31 | 000,001,776 | ---- | M] () -- C:\Google Chrome.lnk [2017/03/12 09:55:05 | 3192,684,544 | -HS- | M] () -- C:\hiberfil.sys [2017/01/19 20:53:36 | 000,000,000 | ---- | M] () -- C:\History [2015/11/18 12:27:22 | 000,029,842 | ---- | M] () -- C:\License.rtf [2017/03/12 09:55:08 | 4256,915,456 | -HS- | M] () -- C:\pagefile.sys [2017/03/12 17:17:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2016/06/01 13:51:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\68im27mv [2016/06/01 15:53:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\8wmds6r2 [2017/01/21 10:35:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision [2016/12/02 18:05:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe [2016/06/12 18:46:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies [2016/09/12 11:08:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira [2017/01/16 18:51:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Beta Software [2017/02/07 17:48:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Black_Box [2016/03/05 19:23:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother [2016/03/05 19:23:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browny02 [2017/02/03 17:42:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files [2016/03/05 19:23:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ControlCenter4 [2016/12/06 19:36:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Counter-Strike 1.6 [2016/06/16 15:08:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\dldhjyz0 [2017/01/21 09:50:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\EA GAMES [2017/01/21 09:51:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GameSpy Arcade [2016/03/07 08:47:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google [2017/01/21 10:36:04 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information [2017/01/13 15:09:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer [2017/01/15 18:48:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes Anti-Malware [2016/08/06 10:42:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft [2015/10/17 12:04:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office [2015/10/17 12:04:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio [2015/10/17 12:03:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2015/10/17 12:05:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works [2015/10/19 19:28:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET [2016/12/02 18:05:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox [2015/10/17 12:09:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service [2015/10/17 12:04:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild [2016/06/01 11:48:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ow2mpu7k [2017/02/21 22:05:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Personal Computer Defender [2016/11/03 13:19:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Popcorn Time [2016/09/17 20:48:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QQBrowser [2016/05/26 17:04:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Raptr Inc [2016/12/06 19:21:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reef Entertainment [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies [2016/08/26 20:54:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Resident Evil Revelations 2 [2017/02/03 17:42:14 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype [2016/09/12 13:05:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Soldier of Fortune 2 Double Helix [2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information [2016/09/11 15:45:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000000 [2016/09/11 15:45:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000001 [2016/09/11 15:45:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000002 [2016/09/11 15:46:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000003 [2016/09/11 15:46:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000004 [2016/09/11 15:46:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000005 [2016/09/11 15:46:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000006 [2016/09/11 15:46:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000007 [2016/09/11 15:46:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000008 [2016/08/14 14:22:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000009 [2016/09/11 15:46:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000A [2016/09/11 15:47:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000B [2016/09/11 15:47:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000C [2016/09/11 15:47:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000D [2016/09/11 15:47:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000E [2016/09/11 15:47:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_0000000F [2016/09/11 15:47:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000010 [2016/09/11 15:47:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\unkbackup7z_00000011 [2015/10/17 12:06:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\USB Disk Security [2016/12/07 12:01:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VALVe [2015/10/22 11:18:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender [2015/10/20 17:42:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail [2016/10/14 19:19:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player [2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT [2015/10/20 17:42:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer [2015/10/20 17:42:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices [2015/10/20 17:43:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar [2016/06/03 11:36:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\wz5zrnvi [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color] [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\SysNative\appmgmts.dll [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) MD5=4ABA3E75A76195A3E38ED2766C962899 -- C:\Windows\winsxs\amd64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_ddc3da0b75baa7e0\appmgmts.dll [2009/07/14 02:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\SysWOW64\appmgmts.dll [2009/07/14 02:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=A45D184DF6A8803DA13A0B329517A64A -- C:\Windows\winsxs\wow64_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.1.7600.16385_none_e818845daa1b69db\appmgmts.dll [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe [2010/11/20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe [2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe [2009/07/14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe [2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe [2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe [2016/08/29 16:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe [2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe [2016/08/29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\SysWOW64\hidserv.dll [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=2BC6F6A1992B3A77F5F41432CA6B3B6B -- C:\Windows\winsxs\wow64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_3cf5e466d58070d9\hidserv.dll [2009/07/14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\SysNative\hidserv.dll [2009/07/14 02:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) MD5=BD9EB3958F213F96B97B1D897DEE006D -- C:\Windows\winsxs\amd64_microsoft-windows-hid-user_31bf3856ad364e35_6.1.7600.16385_none_32a13a14a11faede\hidserv.dll [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 14:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011/03/11 07:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011/03/11 07:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2009/07/14 02:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=0DE3069D6E09BA262856EF31C941BEFE -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_c29fba0fc87cc5a4\imm32.dll [2010/11/20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\SysWOW64\imm32.dll [2010/11/20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) MD5=A6F09E5669D9A19035F6D942CAA15882 -- C:\Windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll [2009/07/14 02:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\SysNative\imm32.dll [2009/07/14 02:41:09 | 000,167,424 | ---- | M] (Microsoft Corporation) MD5=AA2C08CE85653B1A0D2E4AB407FA176C -- C:\Windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2016/03/17 23:31:09 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=002E17D37479281C5D241A189F973C5F -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23392_none_fc697e97baac5d5b\kernel32.dll [2016/09/09 19:00:02 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=007F92891ADD2F4785ABBD84966B51EF -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23543_none_fca09249ba82e54b\kernel32.dll [2016/01/22 07:06:30 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=0395FCC1F6DE5155ACB84F6BBF771B45 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23338_none_fcb05fdbba764dbf\kernel32.dll [2016/01/22 07:15:31 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=0547E50F916294862FDAF11A4D701547 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19135_none_f1cf15fa6cfaa2ce\kernel32.dll [2015/07/15 04:20:03 | 001,164,288 | ---- | M] (Microsoft Corporation) MD5=093861BB2A36B95CE824683714737CAD -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_f2648115860f42d7\kernel32.dll [2016/01/17 01:30:18 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=09421707EE6879FBAF337184C3279117 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23334_none_f257b46186192668\kernel32.dll [2016/10/11 16:31:56 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=0B5A8B1E0A3CF06802CEF191FC802736 -- C:\Windows\SysNative\kernel32.dll [2016/10/11 16:31:56 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=0B5A8B1E0A3CF06802CEF191FC802736 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23572_none_f22a77e9863b5dcc\kernel32.dll [2016/02/10 19:51:32 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=10F0BAFDBB4C0D4B73D135AD65562938 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23349_none_f251e5e7861cc10c\kernel32.dll [2015/09/29 04:10:53 | 001,164,800 | ---- | M] (Microsoft Corporation) MD5=11C18D613F66CB5CE829B821599ED339 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19018_none_f1e7b4ca6ce7b9ca\kernel32.dll [2012/10/04 18:41:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DC3504CA4C57900F1557E9A3F01D272 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll [2012/10/04 18:32:16 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=1DDCACAB8DA5399E5521051923016B18 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_efe8cbf06fd422f3\kernel32.dll [2015/07/22 18:52:03 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=1E679BB6671C67B2097A5E53D884D4D0 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18939_none_fc27e76ca15799bc\kernel32.dll [2015/10/01 19:06:41 | 001,166,336 | ---- | M] (Microsoft Corporation) MD5=2E52D789C4B17017556ED45D771DA5EB -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23226_none_f26482fb860f3ffe\kernel32.dll [2015/07/22 23:03:57 | 001,164,288 | ---- | M] (Microsoft Corporation) MD5=313D319AB74D0218F44CC66BE393E38A -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23142_none_f24ae0158623155d\kernel32.dll [2015/10/20 02:05:40 | 001,164,800 | ---- | M] (Microsoft Corporation) MD5=386BF677B78B66AABBA92C0FCA0579A6 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19045_none_f1c444286d02c198\kernel32.dll [2015/05/25 19:22:03 | 001,163,776 | ---- | M] (Microsoft Corporation) MD5=3A2E4CB43CC4AE0195F686146ADCAD3D -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_f22a6e6b863b6c09\kernel32.dll [2016/09/09 19:20:44 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=409B4B2F559F62F136FC14B8BFC18931 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23543_none_f24be7f786222350\kernel32.dll [2015/10/20 01:44:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=4166C05FA57548E6518D7EE20896C0A5 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19045_none_fc18ee7aa1638393\kernel32.dll [2016/01/16 19:37:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=426462DFDE05F334131C67D24C6A2DF4 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19131_none_fc1fbf24a15eff6d\kernel32.dll [2016/10/11 16:18:43 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=43FF98F4DEDA983D5B5B5F5FBE914CAB -- C:\Windows\SysWOW64\kernel32.dll [2016/10/11 16:18:43 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=43FF98F4DEDA983D5B5B5F5FBE914CAB -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23572_none_fc7f223bba9c1fc7\kernel32.dll [2016/02/11 19:44:34 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=4E3E2F8EA0920FC793634479866C5198 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19160_none_f1a9a4c46d1777ee\kernel32.dll [2015/07/15 18:48:28 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=50159C0AEE9029D43B7E27022B6C0B37 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_fcae5b7bba7820c3\kernel32.dll [2016/01/22 07:28:09 | 001,164,288 | ---- | M] (Microsoft Corporation) MD5=57194C298622069B98BC40FD80A2BEFF -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23338_none_f25bb58986158bc4\kernel32.dll [2016/01/17 01:17:15 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=591DDCCA27EFC5A931084B6D4B4542B6 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23334_none_fcac5eb3ba79e863\kernel32.dll [2009/07/14 02:41:13 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=5B4B379AD10DEDA4EDA01B8C6961B193 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_efb2d6e86ffc8f55\kernel32.dll [2016/10/07 16:12:57 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5D58A9A092CC9F1AEAF8A2CFCFFF5B95 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23569_none_fc90f42dba8db537\kernel32.dll [2015/05/25 19:05:29 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5EA4D6D52DB2679B8F9DE67A7F8BC41A -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_fc7f18bdba9c2e04\kernel32.dll [2012/10/04 17:36:32 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=5FA395364EE727E4BEE6B1406C207F98 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll [2009/07/14 02:11:23 | 000,836,608 | ---- | M] (Microsoft Corporation) MD5=606ECB76A424CC535407E7A24E2A34BC -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.16385_none_fa07813aa45d5150\kernel32.dll [2016/02/10 19:30:00 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=60A14A0BB9BAFD0B37FF6E2FDE66C19D -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23349_none_fca69039ba7d8307\kernel32.dll [2012/11/30 06:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=65C113214F7B05820F6D8A65B1485196 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll [2015/10/20 01:45:50 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=6D2B6BCAE365F879F958BCAB2B0EBC9D -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23250_none_fc92bbcdba8dbdc2\kernel32.dll [2012/10/04 18:29:16 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6EED0D77C20137948979EA47360A890B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_f0726aa188f1bfe4\kernel32.dll [2015/07/23 00:56:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=6F5C056D1AEB8713E403259B5FB38EE8 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23142_none_fc9f8a67ba83d758\kernel32.dll [2015/05/25 19:19:02 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=6FDF03A3B110C5264F52F979335AE301 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_f1b2cb706d0f2e6d\kernel32.dll [2016/04/09 07:54:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=7214F85DDE720F547C88746044A9DF50 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23418_none_fcc60199ba661304\kernel32.dll [2015/07/15 19:10:48 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=72585BDAF2EC5237EBD71D540657D6A2 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll [2014/03/04 10:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=76161B9D78A275F8F28DD67436013110 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll [2014/04/12 03:32:01 | 001,164,800 | ---- | M] (Microsoft Corporation) MD5=77BBBF70BCE286CD19E1E68F248363FA -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll [2010/11/20 14:26:42 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=7A6326D96D53048FDEC542DF23D875A0 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll [2016/01/22 07:06:50 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=8A4577DE02C55182ED46202BA2E06DA5 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19135_none_fc23c04ca15b64c9\kernel32.dll [2016/01/16 19:58:46 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=8EC342039B7C4B5E596147EC1F4B9051 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19131_none_f1cb14d26cfe3d72\kernel32.dll [2016/03/16 19:48:33 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=97027CD66BA95E4C832600EE57F97241 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23391_none_f213d3fb864c8209\kernel32.dll [2016/03/16 19:31:52 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=991D33667BEB392CD6C9828893F165B0 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23391_none_fc687e4dbaad4404\kernel32.dll [2015/07/23 01:02:40 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=9C261AB78DE420AA52FC08D69FD5745D -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18939_none_f1d33d1a6cf6d7c1\kernel32.dll [2012/11/30 05:57:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9CC2571E3646B9A24296AD7ADCC71682 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll [2015/07/15 04:19:54 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=9D0A88DF1CCB89596DDB876093CD16A4 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_f1d80b4a6cf423c6\kernel32.dll [2015/09/29 03:57:52 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9E83A4F6E776F7A3E5F7FB90180FBC0B -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19018_none_fc3c5f1ca1487bc5\kernel32.dll [2016/09/02 16:16:47 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=9FFAA819B32476804ED0FED6DD245094 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23539_none_fcb163f1ba756164\kernel32.dll [2015/09/28 21:15:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A0CFCED64576C13EC04AD7B39940BE93 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23223_none_fcb62c6fba72b5f4\kernel32.dll [2015/07/15 18:53:35 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A38E10B4143A19F32D64517B6A1FCB98 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll [2015/07/15 19:09:09 | 001,164,288 | ---- | M] (Microsoft Corporation) MD5=A3A71E4BEE2BA121C969B39AD1EB30FC -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_f259b12986175ec8\kernel32.dll [2016/02/11 19:38:23 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A51056F0AB2386C1032977E89BCB267A -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19160_none_fbfe4f16a17839e9\kernel32.dll [2012/10/04 17:54:17 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=A6778FC49011313995A4D718F624CC74 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17135_none_fa3d7642a434e4ee\kernel32.dll [2012/11/30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=AC0B6F41882FC6ED186962D770EBF1D2 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll [2016/04/09 07:57:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=ACEDF96749861DB3DA92AE9B9D94FE72 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23418_none_f271574786055109\kernel32.dll [2012/11/30 06:52:53 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B3BEA6420D482356E53B7C728E05C637 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll [2016/03/17 23:53:15 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=B46D03BABD31B23E6FCB226CB22D4D6B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23392_none_f214d445864b9b60\kernel32.dll [2012/11/30 06:38:48 | 001,162,752 | ---- | M] (Microsoft Corporation) MD5=B6B1AB98BA656BA1D8E0CA03F59DED51 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_f03d5b4f891964f0\kernel32.dll [2016/10/07 16:32:25 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=BBCAD604A848F959CCF81ECBDC8BB8C4 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23569_none_f23c49db862cf33c\kernel32.dll [2015/07/15 03:54:33 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C3856345C4FB053140237236D1146242 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_fc2cb59ca154e5c1\kernel32.dll [2015/10/20 02:11:29 | 001,166,336 | ---- | M] (Microsoft Corporation) MD5=C86A77F9C93B7E04E4044B1D12E4E085 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23250_none_f23e117b862cfbc7\kernel32.dll [2014/04/12 03:05:53 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C8C41EBEE097FEB29FB816854D3AD1E7 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll [2012/11/30 06:06:48 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=C95793F4BE3471AEED92F5BF367BE69E -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_fa1637baa451ba0e\kernel32.dll [2016/09/02 16:30:50 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=C9805CDE0B275E7554F9023497169B9B -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23539_none_f25cb99f86149f69\kernel32.dll [2015/07/15 03:58:52 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=CA1A5EE549FE248BC127C1A5CAB72B70 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_fcb92b67ba7004d2\kernel32.dll [2014/03/04 10:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=D2A513EE880D71BDE7F0257F38B9D019 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll [2012/10/04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D4F3176082566CEFA633B4945802D4C4 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll [2015/12/30 19:55:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=D6BAC40F57558E09045E52F0BD995524 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23313_none_fcc0fe41ba6a972a\kernel32.dll [2012/10/04 17:56:24 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=DE7A37CB1F48526A78A2D42786411578 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21335_none_fac714f3bd5281df\kernel32.dll [2015/12/30 19:41:31 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=E149FE1FD23748986551F4E1F5752090 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19110_none_fc345eb2a14fae34\kernel32.dll [2012/11/30 06:43:53 | 001,161,216 | ---- | M] (Microsoft Corporation) MD5=E3BC37881D92EB59EE0BA3B854A54D1E -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.17179_none_efc18d686ff0f813\kernel32.dll [2012/11/30 05:51:54 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=E747ADB6223DBBE1BB138F08A09ADAD6 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7600.21386_none_fa9205a1bd7a26eb\kernel32.dll [2010/11/20 13:08:56 | 000,837,632 | ---- | M] (Microsoft Corporation) MD5=E80758CF485DB142FCA1EE03A34EAD05 -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll [2012/10/04 18:37:46 | 001,162,240 | ---- | M] (Microsoft Corporation) MD5=F3C594D0DA3ACFA6C7B781A490AB4282 -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll [2015/05/25 18:59:51 | 001,114,112 | ---- | M] (Microsoft Corporation) MD5=F81920ADB15012CF4E9FF8238C85686A -- C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_fc0775c2a16ff068\kernel32.dll [2015/09/28 19:16:20 | 001,166,336 | ---- | M] (Microsoft Corporation) MD5=FA37233F148A06C9995854B890DEACBD -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23223_none_f261821d8611f3f9\kernel32.dll [2015/12/30 19:57:55 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=FE0C67D8D5D54F37B3A92E129A15C03A -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19110_none_f1dfb4606ceeec39\kernel32.dll [2015/12/30 20:09:48 | 001,163,264 | ---- | M] (Microsoft Corporation) MD5=FF40A21D0127E86406C4E62924BE85CA -- C:\Windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23313_none_f26c53ef8609d52f\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2009/07/14 02:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll [2010/11/20 14:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll [2013/09/07 03:04:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll [2010/11/20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll [2016/05/11 18:02:42 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=963D7FA2110EB9E03AB0D200E6AE2614 -- C:\Windows\SysNative\mswsock.dll [2016/05/11 18:02:42 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=963D7FA2110EB9E03AB0D200E6AE2614 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.23451_none_16d487565d2c454c\mswsock.dll [2013/09/08 03:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll [2016/05/11 16:19:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=A88241C2A519AFD2C99A40000F9113E6 -- C:\Windows\SysWOW64\mswsock.dll [2016/05/11 16:19:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=A88241C2A519AFD2C99A40000F9113E6 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.23451_none_bab5ebd2a4ced416\mswsock.dll [2013/09/07 03:24:39 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=BDDB1FD258B92DEE00F222D3304B5D9C -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll [2013/09/08 03:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll [2009/07/14 02:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010/11/20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2015/10/13 00:04:07 | 000,949,184 | ---- | M] (Microsoft Corporation) MD5=901D1BE3F8567B5D02747B1174FF708F -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.23235_none_0661f94b4bdbc702\ndis.sys [2009/07/14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [2015/10/13 05:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\SysNative\drivers\ndis.sys [2015/10/13 05:57:21 | 000,950,720 | ---- | M] (Microsoft Corporation) MD5=F7309F42555F8AAB7144A51A1F2585B0 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.19030_none_05d3592832c2ab5e\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010/11/20 14:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2010/11/20 14:33:46 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=05D78AA5CB5F3F5C31160BDB955D0B7C -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys [2014/01/24 03:37:55 | 001,684,928 | ---- | M] (Microsoft Corporation) MD5=1A29A59A4C5BA6F8C85062A613B7E2B2 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18378_none_045a363833b85029\ntfs.sys [2009/07/14 02:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys [2011/03/11 07:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) MD5=378E0E0DFEA67D98AE6EA53ADBBD76BC -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_0273f3c63691c4ea\ntfs.sys [2016/01/08 20:20:23 | 001,683,904 | ---- | M] (Microsoft Corporation) MD5=3ABD1BD4844C446FF1423B983566EB47 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.23318_none_052499dd4ca564c7\ntfs.sys [2016/01/11 20:11:08 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=47B2D0B31BDC3EBE6090228E2BA3764D -- C:\Windows\SysNative\drivers\ntfs.sys [2016/01/11 20:11:08 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=47B2D0B31BDC3EBE6090228E2BA3764D -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.19116_none_0498fa9833899528\ntfs.sys [2014/01/24 03:40:06 | 001,684,416 | ---- | M] (Microsoft Corporation) MD5=48B6047F82D5A8D0AEC71593F4ACD79B -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22580_none_04d102ad4ce53e53\ntfs.sys [2011/03/11 07:25:53 | 001,685,888 | ---- | M] (Microsoft Corporation) MD5=867C1395F0100CBE9ACD73B1C2741149 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_032ca00d4f8d24c5\ntfs.sys [2011/03/11 07:19:20 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=87B104128D4D3BA3C13098BAEBF38082 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys [2013/04/12 15:36:57 | 001,679,208 | ---- | M] (Microsoft Corporation) MD5=91127EC56F7BA2182EA1340DC00F98E5 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.21499_none_02e8d2a34fbedaf2\ntfs.sys [2013/04/12 15:36:37 | 001,653,096 | ---- | M] (Microsoft Corporation) MD5=9A6089B056EA1B83B36424FC9D0A300E -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.17281_none_0262018e36a05758\ntfs.sys [2011/03/11 07:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) MD5=A2F74975097F52A00745F9637451FDD8 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys [2013/04/12 15:16:02 | 001,686,888 | ---- | M] (Microsoft Corporation) MD5=A6AE4551BF8EED09FA3B6FCDF472F3E1 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.22297_none_04cd2f154ce71430\ntfs.sys [2013/04/12 15:45:08 | 001,656,680 | ---- | M] (Microsoft Corporation) MD5=B98F8C6E31CD07B2E6F71F7F648E38C0 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.18127_none_048f41be3390b0cf\ntfs.sys [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011/03/11 07:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011/03/11 07:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 14:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2009/07/14 02:39:28 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=19117589BA265AAF89BEBE1E9040000C -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_83bbe97eac162e90\proquota.exe [2010/11/20 13:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\SysWOW64\proquota.exe [2010/11/20 13:17:30 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E77BAB79F078654782F83F0A0AEFE31 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_29ce61c2f0a740f4\proquota.exe [2009/07/14 02:14:29 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=8CDF71E78469BE54C29C1AD2FC8DE611 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.1.7600.16385_none_279d4dfaf3b8bd5a\proquota.exe [2010/11/20 14:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\SysNative\proquota.exe [2010/11/20 14:25:04 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=C6C83C0DF40E11FA1F06625E95E41DE7 -- C:\Windows\winsxs\amd64_microsoft-windows-proquota_31bf3856ad364e35_6.1.7601.17514_none_85ecfd46a904b22a\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll [2010/11/20 14:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll [2009/07/14 02:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010/11/20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2012/02/11 07:29:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=567977DC43CC13C4C35ED7084C0B84D5 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16962_none_32533f26db2c36c0\spoolsv.exe [2012/02/11 07:26:04 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=807B5B0E287027F72AC37B0CDA9512DA -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.21149_none_32f955f1f433834b\spoolsv.exe [2012/02/11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\SysNative\spoolsv.exe [2012/02/11 07:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=85DAA09A98C9286D4EA2BA8D0E644377 -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17777_none_3433cdb2d8563d50\spoolsv.exe [2009/07/14 02:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe [2010/11/20 14:25:21 | 000,559,104 | ---- | M] (Microsoft Corporation) MD5=B96C17B5DC1424D56EEA3A99E97428CD -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe [2012/02/11 07:20:28 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=B9D7A4858CF32A6A15D2763F1DE47E0E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.21921_none_34ed7a43f150b682\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe [2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe [2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2014/10/14 03:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\SysNative\termsrv.dll [2014/10/14 03:13:06 | 000,683,520 | ---- | M] (Microsoft Corporation) MD5=008CD4EBFABCF78D0F19B3778492648C -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18637_none_ecb2935b6af13c52\termsrv.dll [2009/07/14 02:41:55 | 000,706,560 | ---- | M] (Microsoft Corporation) MD5=0F05EC2887BFE197AD82A13287D2F404 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_ea94336f6df51e09\termsrv.dll [2010/11/20 14:27:26 | 000,680,960 | ---- | M] (Microsoft Corporation) MD5=2E648163254233755035B46DD7B89123 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll [2014/07/17 03:07:44 | 000,681,984 | ---- | M] (Microsoft Corporation) MD5=4FC4C50985E5B840F4D72E57286887B8 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.18540_none_eca0bf836affa9bb\termsrv.dll [2014/10/14 03:16:40 | 000,686,592 | ---- | M] (Microsoft Corporation) MD5=6A5B600AD0041E9AF564DE73B716F3D2 -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22843_none_ed2d60f8841a8fd8\termsrv.dll [2014/07/16 04:23:41 | 000,686,080 | ---- | M] (Microsoft Corporation) MD5=F4D7114060C034134A440846F411BB7F -- C:\Windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.22750_none_ed1f8e488425629d\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010/11/20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010/11/20 14:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009/07/14 02:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2015/10/30 23:17:06 | 002,487,808 | ---- | M] (Microsoft Corporation) MD5=033E70DEEE5FED5E9A3E197A2DB1A618 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18097_none_e47262d5b6ba65d6\wininet.dll [2016/06/10 20:44:23 | 002,869,248 | ---- | M] (Microsoft Corporation) MD5=03DD8828D1777DD0D946753C7947D1D2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18376_none_e4500945b6d46d5a\wininet.dll [2009/07/14 02:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) MD5=0D874F3BC751CC2198AF2E6783FB8B35 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll [2016/11/12 18:35:33 | 002,920,960 | ---- | M] (Microsoft Corporation) MD5=105954F9BEAD700A6DF4B5B489FCCB4B -- C:\Windows\SysNative\wininet.dll [2016/11/12 18:35:33 | 002,920,960 | ---- | M] (Microsoft Corporation) MD5=105954F9BEAD700A6DF4B5B489FCCB4B -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18537_none_e436517db6e85981\wininet.dll [2015/09/10 19:23:02 | 001,189,376 | ---- | M] (Microsoft Corporation) MD5=10794C49E1F610428334EB89FFFB7631 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.23206_none_7b5f7847488889d1\wininet.dll [2015/12/12 18:06:02 | 002,487,808 | ---- | M] (Microsoft Corporation) MD5=1258BDEE548BCD771DD35485CDD176EA -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18163_none_e464ed2bb6c4cf3e\wininet.dll [2016/06/10 18:45:19 | 002,392,576 | ---- | M] (Microsoft Corporation) MD5=167ADC25991BC960DDC2D9651C55B6FF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18376_none_88316dc1fe76fc24\wininet.dll [2016/10/22 17:12:44 | 002,444,800 | ---- | M] (Microsoft Corporation) MD5=19465502D25C5B7D54B792E3695C2A90 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18524_none_8816fa07fe8b8211\wininet.dll [2016/08/02 06:23:24 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=33821B684222F236711F7F8C78AA9247 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18426_none_e44037e7b6e10a98\wininet.dll [2016/09/30 06:17:38 | 002,920,960 | ---- | M] (Microsoft Corporation) MD5=364FD85609BED4649544DE7D3978908D -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18499_none_e446f595b6db08dc\wininet.dll [2016/09/01 01:43:05 | 002,445,824 | ---- | M] (Microsoft Corporation) MD5=42B01C859A89EEA6237DBD9A290DF857 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18449_none_8823589ffe8218f3\wininet.dll [2010/11/20 13:21:36 | 000,980,992 | ---- | M] (Microsoft Corporation) MD5=44214C94911C7CFB1D52CB64D5E8368D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll [2016/01/22 06:07:28 | 002,120,704 | ---- | M] (Microsoft Corporation) MD5=5CB71C6DB91BAC78E1F0E9953CAB8969 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18204_none_88356937fe74fb90\wininet.dll [2016/09/30 05:46:52 | 002,444,288 | ---- | M] (Microsoft Corporation) MD5=61677B630A8BF2C21391C21537FACBE6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18499_none_88285a11fe7d97a6\wininet.dll [2016/08/02 05:56:28 | 002,393,088 | ---- | M] (Microsoft Corporation) MD5=64829F4ED34D8339EC39D32204718ADD -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18426_none_88219c63fe839962\wininet.dll [2015/10/30 22:51:28 | 002,011,136 | ---- | M] (Microsoft Corporation) MD5=832CA97817B20B74E2D74A8154630311 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18097_none_8853c751fe5cf4a0\wininet.dll [2016/04/23 04:12:38 | 002,121,216 | ---- | M] (Microsoft Corporation) MD5=8EF022E16150BFAFC7DBB795C43C6BA2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18314_none_882b9995fe7c30d8\wininet.dll [2015/09/10 18:49:47 | 000,981,504 | ---- | M] (Microsoft Corporation) MD5=9919EF5A110C249DCC274E826D78A0FA -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.19003_none_1eb43d3477102fa5\wininet.dll [2015/09/10 18:49:58 | 000,982,016 | ---- | M] (Microsoft Corporation) MD5=A4A2DCA1D339CD1C023C772038691FF9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.23206_none_1f40dcc3902b189b\wininet.dll [2009/07/14 02:41:56 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=B1037F0131C9A010D611F6914E03CD92 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_78982c5c3286110a\wininet.dll [2015/10/22 11:46:34 | 001,818,112 | ---- | M] (Microsoft Corporation) MD5=B5EB5BD3066959611E1F7A80FD6CC172 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll [2015/11/10 00:17:36 | 002,011,136 | ---- | M] (Microsoft Corporation) MD5=B60461B5CED2BFAE1A870C61C66966C4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18124_none_884239b7fe6b124d\wininet.dll [2015/09/16 04:11:12 | 002,487,808 | ---- | M] (Microsoft Corporation) MD5=BD06D875FB79E92DAF724C91DE743AFA -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18059_none_e46e341db6be33bc\wininet.dll [2016/02/08 18:19:35 | 002,597,376 | ---- | M] (Microsoft Corporation) MD5=C15649DEABA6B45562009663673E23D1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18230_none_e45760b9b6cf5247\wininet.dll [2015/09/10 19:10:16 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=C8EC3CAF82805722D8F08D54D8CFE8BB -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.19003_none_7ad2d8b82f6da0db\wininet.dll [2016/01/22 06:31:43 | 002,597,376 | ---- | M] (Microsoft Corporation) MD5=CB10939701B2B334E5AC019823FD43EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18204_none_e45404bbb6d26cc6\wininet.dll [2016/03/31 00:30:51 | 002,596,864 | ---- | M] (Microsoft Corporation) MD5=D2E3B1DEDF6F6177D8C32B2516703A93 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18282_none_e45c349bb6cb043c\wininet.dll [2016/04/23 04:51:54 | 002,596,864 | ---- | M] (Microsoft Corporation) MD5=D88379C0F2BDCEA5ADBDAD175B2F23E9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18314_none_e44a3519b6d9a20e\wininet.dll [2015/11/08 21:53:08 | 002,487,808 | ---- | M] (Microsoft Corporation) MD5=E2C385B0D816AD37616BD4C4204D0633 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18124_none_e460d53bb6c88383\wininet.dll [2015/09/16 03:37:26 | 002,011,136 | ---- | M] (Microsoft Corporation) MD5=E401E66CCB2AE219CF41F7F901C410C1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18059_none_884f9899fe60c286\wininet.dll [2015/10/22 11:46:34 | 002,332,160 | ---- | M] (Microsoft Corporation) MD5=E6CB36B85BE59095337427E853A5B65A -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_e440068bb6e1438c\wininet.dll [2016/05/20 21:46:53 | 002,597,888 | ---- | M] (Microsoft Corporation) MD5=EA1B9D3C7D11CA407AA89CBB266139CF -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18349_none_e44cc40fb6d76e38\wininet.dll [2016/10/27 18:16:51 | 002,920,448 | ---- | M] (Microsoft Corporation) MD5=ECFCBD328C57E6EE2966B52A179016AE -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18524_none_e435958bb6e8f347\wininet.dll [2016/02/08 20:43:04 | 002,121,216 | ---- | M] (Microsoft Corporation) MD5=EDB9618FF3238EF0FC2734F584B13A33 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18230_none_8838c535fe71e111\wininet.dll [2016/03/31 00:05:23 | 002,121,216 | ---- | M] (Microsoft Corporation) MD5=EE3825FFE3F31B7FCB7B4A284197361B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18282_none_883d9917fe6d9306\wininet.dll [2016/09/01 00:10:42 | 002,921,472 | ---- | M] (Microsoft Corporation) MD5=F28B26DE031D6C7AC3F393417191A22F -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18449_none_e441f423b6df8a29\wininet.dll [2016/11/12 18:05:59 | 002,444,800 | ---- | M] (Microsoft Corporation) MD5=F4F5123B45BFCFD2F035280FDCB5BBBE -- C:\Windows\SysWOW64\wininet.dll [2016/11/12 18:05:59 | 002,444,800 | ---- | M] (Microsoft Corporation) MD5=F4F5123B45BFCFD2F035280FDCB5BBBE -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18537_none_8817b5f9fe8ae84b\wininet.dll [2010/11/20 14:27:28 | 001,188,864 | ---- | M] (Microsoft Corporation) MD5=F6C5302E1F4813D552F41A0AC82455E5 -- C:\Windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll [2016/05/20 21:42:45 | 002,121,216 | ---- | M] (Microsoft Corporation) MD5=FDD35A049C278F21F475C488FDA918AB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18349_none_882e288bfe79fd02\wininet.dll [2015/12/12 17:41:25 | 002,011,136 | ---- | M] (Microsoft Corporation) MD5=FFA261B9252C71A6910B4F19FDC1EA57 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18163_none_884651a7fe675e08\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe [2014/03/04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe [2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe [2014/03/04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe [2014/07/17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe [2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe [2014/07/16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe [2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe [2016/03/10 14:07:16 | 000,960,480 | ---- | M] (MalwareBytes) MD5=F86A4139730504047F52CCFB8C47E9F5 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2010/11/20 14:27:29 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll [2016/05/11 16:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\SysWOW64\ws2_32.dll [2016/05/11 16:19:26 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=59EA5753EBDAE42CF92FD5B6E7AE4D53 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_f51a458f45d91b4c\ws2_32.dll [2009/07/14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll [2010/11/20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll [2009/07/14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll [2016/05/11 18:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\SysNative\ws2_32.dll [2016/05/11 18:02:50 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=FBE1086227040618A569C27F74A12F3D -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.23451_none_5138e112fe368c82\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2016/11/12 18:21:32 | 013,653,504 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ieframe.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\​*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*​.sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2016/08/26 19:31:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I019EPH.lnk [2016/12/06 15:53:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I0S58N9 [2015/11/15 14:33:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I0UQWFR.lnk [2016/12/13 15:13:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I1FZSMN [2016/06/13 13:58:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I1WYCIW.lnk [2016/11/03 13:20:23 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I4B2UHG [2016/02/07 16:15:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I4HAOH3.txt [2015/11/05 19:44:18 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I540TCU [2016/11/03 13:20:12 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$I8TW01G [2015/11/27 08:44:44 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IBKJPEQ.lnk [2016/06/13 13:58:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IBZEILX.lnk [2016/11/03 13:20:05 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$ICRIFRO [2016/02/05 18:28:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$ID0N951.ini [2016/08/26 19:32:39 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IE6XQY4.lnk [2016/11/03 15:45:47 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IER9ZM7.lnk [2016/06/13 13:58:11 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IEYSPR5.lnk [2016/11/04 11:31:55 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IJHMD1W [2016/11/03 14:33:54 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IL6KY0M [2016/11/04 21:18:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IMPOF3S.lnk [2016/03/04 19:31:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$INH60FT.exe [2016/02/05 18:28:56 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IPO8HEP.dll [2017/03/04 19:14:10 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IPRJGAU.lnk [2016/01/17 18:42:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IQ60Z78 [2016/03/14 18:19:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IQE5OBP.mp3 [2017/02/03 10:16:36 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IR1Q52N [2016/08/26 20:08:05 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IRIUER1.lnk [2016/03/14 18:19:07 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IRWQGO2.mp3 [2016/02/07 16:15:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IRYF1EC.ini [2016/08/26 20:09:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IS4JKHJ [2016/06/14 20:09:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$ISGW5DE.lnk [2016/03/06 18:35:49 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$ITCNXAV [2016/02/05 18:29:46 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IW2IVDZ.dll [2017/02/21 22:17:48 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IYGOMJG.conf [2016/06/14 16:17:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$IZWPF2R [2017/02/21 22:06:59 | 000,002,054 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$RPRJGAU.lnk [2017/02/21 22:16:31 | 000,001,472 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\$RYGOMJG.conf [2015/10/17 11:47:22 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-4230350224-2592694478-3465487610-1000\desktop.ini [2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009/07/14 06:08:49 | 000,032,482 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2015/10/17 12:08:14 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [color=#E56717]========== Files - Unicode (All) ==========[/color] [2016/02/10 07:11:33 | 000,029,191 | ---- | M] ()(C:\Users\Pc\Documents\??? ????????.docx) -- C:\Users\Pc\Documents\جال التعليمي.docx [2016/02/10 07:11:32 | 000,029,191 | ---- | C] ()(C:\Users\Pc\Documents\??? ????????.docx) -- C:\Users\Pc\Documents\جال التعليمي.docx [2015/12/31 10:54:05 | 000,000,000 | ---D | M](C:\Users\Pc\Documents\?? ??????? 18 ? 258 ???? ???????? ( ??? ????? - ??? 2 ?????) - ??????? ?????? ?????????_files) -- C:\Users\Pc\Documents\حل التمرين 18 ص 258 مادة الفيزياء ( شعب علمية - سنة 2 ثانوي) - منتديات طاسيلي الجزائرية_files [2015/12/31 10:54:04 | 000,097,975 | ---- | M] ()(C:\Users\Pc\Documents\?? ??????? 18 ? 258 ???? ???????? ( ??? ????? - ??? 2 ?????) - ??????? ?????? ?????????.html) -- C:\Users\Pc\Documents\حل التمرين 18 ص 258 مادة الفيزياء ( شعب علمية - سنة 2 ثانوي) - منتديات طاسيلي الجزائرية.html [2015/12/31 10:54:04 | 000,000,000 | ---D | C](C:\Users\Pc\Documents\?? ??????? 18 ? 258 ???? ???????? ( ??? ????? - ??? 2 ?????) - ??????? ?????? ?????????_files) -- C:\Users\Pc\Documents\حل التمرين 18 ص 258 مادة الفيزياء ( شعب علمية - سنة 2 ثانوي) - منتديات طاسيلي الجزائرية_files [2015/12/31 10:53:56 | 000,097,975 | ---- | C] ()(C:\Users\Pc\Documents\?? ??????? 18 ? 258 ???? ???????? ( ??? ????? - ??? 2 ?????) - ??????? ?????? ?????????.html) -- C:\Users\Pc\Documents\حل التمرين 18 ص 258 مادة الفيزياء ( شعب علمية - سنة 2 ثانوي) - منتديات طاسيلي الجزائرية.html < End of report >