OTL logfile created on: 13/03/2017 08:25:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utilisateur\Desktop Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,93 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 21,28% Memory free 6,07 Gb Paging File | 3,51 Gb Available in Paging File | 57,82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 112,31 Gb Total Space | 38,33 Gb Free Space | 34,12% Space Free | Partition Type: NTFS Computer Name: PORT02 | User Name: Utilisateur | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2017/03/13 08:21:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\OTL.exe PRC - [2017/03/13 08:11:04 | 009,483,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Antivirus\AVGUI.exe PRC - [2017/03/10 14:25:33 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2017/03/02 11:58:04 | 000,110,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Antivirus\wsc_proxy.exe PRC - [2017/03/02 11:57:56 | 000,263,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Antivirus\AVGSvc.exe PRC - [2017/03/02 11:57:54 | 005,595,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Antivirus\aswidsagent.exe PRC - [2017/03/02 11:57:48 | 000,279,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Antivirus\afwServ.exe PRC - [2017/02/27 17:28:16 | 001,557,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Framework\Common\avguix.exe PRC - [2017/02/27 17:28:14 | 001,022,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\Framework\Common\avgsvcx.exe PRC - [2017/01/19 16:48:54 | 006,575,984 | ---- | M] (Reimage®) -- C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe PRC - [2017/01/19 16:48:50 | 006,574,448 | ---- | M] (Reimage®) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe PRC - [2016/09/12 10:46:16 | 002,801,664 | ---- | M] () -- C:\Program Files\ONconnect\resources\service\win\ONconnect_service.exe PRC - [2016/04/25 17:35:26 | 001,049,368 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe PRC - [2016/03/31 12:29:38 | 001,220,376 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update\vuagent.exe PRC - [2014/06/02 09:56:30 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/02/04 11:29:16 | 000,160,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvservice.exe PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009/05/21 14:28:38 | 000,874,768 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe PRC - [2009/05/21 13:04:14 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/10/14 20:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe PRC - [2008/10/01 07:57:40 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe PRC - [2008/08/26 13:23:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2008/08/06 17:06:44 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe PRC - [2008/08/06 17:06:42 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe PRC - [2008/07/30 15:05:22 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe PRC - [2008/07/30 15:05:22 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe PRC - [2008/07/23 01:02:13 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE PRC - [2008/07/21 11:10:54 | 000,768,552 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008/07/15 17:04:08 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe PRC - [2008/07/15 17:04:08 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2008/06/06 01:20:15 | 000,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe PRC - [2008/06/06 01:20:15 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe PRC - [2008/06/06 01:20:14 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe PRC - [2008/04/15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2008/04/15 16:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2008/04/03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe PRC - [2008/01/02 12:02:02 | 000,230,424 | ---- | M] (Mindspark) -- C:\Program Files\InternetSpeedTracker_9t\bar\2.bin\APPINTEGRATOR.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2017/03/02 11:58:12 | 048,936,448 | ---- | M] () -- C:\Program Files\AVG\Antivirus\libcef.dll MOD - [2017/03/02 11:58:03 | 000,656,040 | ---- | M] () -- C:\Program Files\AVG\Antivirus\ffl2.dll MOD - [2017/03/02 11:57:58 | 000,171,208 | ---- | M] () -- C:\Program Files\AVG\Antivirus\JsonRpcServer.dll MOD - [2017/03/02 11:50:51 | 048,920,064 | ---- | M] () -- C:\Program Files\AVG\UiDll\2623\libcef.dll MOD - [2016/09/12 10:46:16 | 002,801,664 | ---- | M] () -- C:\Program Files\ONconnect\resources\service\win\ONconnect_service.exe MOD - [2015/06/11 18:38:44 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\9ed54bd36f7a81d4731bb89a68d2331d\System.Runtime.Remoting.ni.dll MOD - [2015/06/11 18:38:36 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7ab415caf2ad8089175641002dd8745f\System.Configuration.ni.dll MOD - [2015/05/17 17:42:20 | 012,435,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cfc67257c4d6c5b249fc8aa03244ceb\System.Windows.Forms.ni.dll MOD - [2015/05/17 17:42:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9afe14022b9c4efc92c9abcc6f56da10\System.Drawing.ni.dll MOD - [2015/03/13 16:54:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\2ad8556b674a2a0a82dcd0456cca0714\System.IdentityModel.Selectors.ni.dll MOD - [2015/03/13 16:54:41 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0da6b8070bd799d25d8a0add408201e8\System.Runtime.Serialization.ni.dll MOD - [2015/03/13 16:54:39 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\33885d43dd449533027218599f4d10a2\SMDiagnostics.ni.dll MOD - [2015/03/13 16:53:59 | 005,465,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a224433c0fb9281862f36823e86822fc\System.Xml.ni.dll MOD - [2015/03/13 16:52:46 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cf2c94955471d68d3708b1fbf613ae46\System.ni.dll MOD - [2015/01/11 13:40:16 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll MOD - [2009/12/09 07:54:53 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2009/03/29 21:42:28 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2008/10/01 07:57:40 | 000,054,784 | ---- | M] () -- C:\Program Files\Sony\Marketing Tools\Win32Interop.dll MOD - [2008/08/26 13:25:05 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll MOD - [2008/08/26 13:25:05 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll MOD - [2008/07/21 10:57:32 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll MOD - [2008/01/01 17:02:29 | 001,071,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\35922eb396233542a185181d6296670e\System.IdentityModel.ni.dll MOD - [2008/01/01 17:02:26 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\26e6d18fd51e7bad6ff2943a130023bf\System.ServiceModel.ni.dll MOD - [2008/01/01 17:02:06 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2491c904663cde26534dbeef0c7b27dd\Microsoft.VisualBasic.ni.dll MOD - [2008/01/01 17:02:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6668c8b476bb82dc118c0c5d30f3c104\System.ServiceProcess.ni.dll MOD - [2008/01/01 17:01:59 | 011,909,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\9ae8787cf9c9340184207c108026aceb\System.Web.ni.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2017/03/10 14:25:33 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2017/03/02 11:57:56 | 000,263,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Antivirus\AVGSvc.exe -- (AVG Antivirus) SRV - [2017/03/02 11:57:54 | 005,595,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Running] -- C:\Program Files\AVG\Antivirus\aswidsagent.exe -- (avgbIDSAgent) SRV - [2017/03/02 11:57:48 | 000,279,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Antivirus\afwServ.exe -- (AVG Firewall) SRV - [2017/02/27 17:28:14 | 001,022,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\Framework\Common\avgsvcx.exe -- (avgsvc) SRV - [2017/02/17 14:23:44 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2017/01/19 16:48:50 | 006,574,448 | ---- | M] (Reimage®) [Auto | Running] -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe -- (ReimageRealTimeProtector) SRV - [2016/03/31 12:29:38 | 001,220,376 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\vuagent.exe -- (VUAgent) SRV - [2014/12/11 09:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/02/04 11:29:16 | 000,160,544 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvservice.exe -- (nvservice) SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009/05/21 14:28:38 | 000,874,768 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2009/05/21 13:04:14 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2008/08/26 13:23:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/08/06 17:06:42 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2008/07/30 15:05:22 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService) SRV - [2008/07/23 01:02:13 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService) SRV - [2008/07/15 17:04:08 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2008/04/15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2008/01/21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Carousb.sys -- (CAROUSB) DRV - [2017/03/10 15:38:24 | 000,466,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgsp.sys -- (avgSP) DRV - [2017/03/02 11:58:15 | 000,279,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgVmm.sys -- (avgVmm) DRV - [2017/03/02 11:58:15 | 000,185,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgStmXP.sys -- (avgStmXP) DRV - [2017/03/02 11:58:15 | 000,107,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgMonFlt.sys -- (avgMonFlt) DRV - [2017/03/02 11:58:15 | 000,063,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgRvrt.sys -- (avgRvrt) DRV - [2017/03/02 11:58:15 | 000,061,616 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgRdr.sys -- (avgRdr) DRV - [2017/03/02 11:58:15 | 000,035,128 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avgHwid.sys -- (avgHwid) DRV - [2017/03/02 11:57:55 | 000,757,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgSnx.sys -- (avgSnx) DRV - [2017/03/02 11:57:50 | 000,294,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgNdis2.sys -- (avgNdis2) DRV - [2017/03/02 11:57:50 | 000,025,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgNdis.sys -- (avgNdis) DRV - [2017/03/02 11:57:47 | 000,269,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgblogx.sys -- (avgblog) DRV - [2017/03/02 11:57:47 | 000,259,616 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgbidsdriverx.sys -- (avgbidsdriver) DRV - [2017/03/02 11:57:47 | 000,151,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgbidshx.sys -- (avgbidsh) DRV - [2017/03/02 11:57:47 | 000,134,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgbdiskx.sys -- (avgbdisk) DRV - [2017/03/02 11:57:47 | 000,043,504 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgbunivx.sys -- (avgbuniv) DRV - [2009/05/28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008/11/12 10:38:34 | 000,024,560 | ---- | M] (TheGreenBow) [Kernel | System | Running] -- C:\Windows\System32\drivers\ndistgb.sys -- (NdisTgb) DRV - [2008/07/24 01:00:41 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk) DRV - [2008/07/23 01:05:50 | 007,611,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/07/15 02:51:59 | 000,225,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) DRV - [2008/07/11 15:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall) DRV - [2008/06/26 01:08:06 | 000,022,944 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\shpf.sys -- (shpf) DRV - [2008/06/07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2008/06/06 01:20:15 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2008/04/09 09:23:34 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCAMp50.sys -- (PCAMp50) DRV - [2008/04/09 09:23:34 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50) DRV - [2008/04/01 01:07:00 | 000,014,720 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyPI.sys -- (SPI) DRV - [2008/04/01 01:06:51 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP) DRV - [2008/03/28 01:02:13 | 000,068,096 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2008/02/18 15:14:38 | 000,106,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Gt51Ip.sys -- (GT72NDISIPXP) DRV - [2008/02/08 11:00:22 | 000,059,648 | ---- | M] (Option N.V.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gt72ubus.sys -- (GT72UBUS) DRV - [2008/01/21 03:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) DRV - [2007/11/30 10:16:02 | 000,021,504 | ---- | M] (Option N.V.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gtscser.sys -- (GTSCSER) DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi) DRV - [2007/03/30 11:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gtptser.sys -- (GTPTSER) DRV - [2006/11/10 04:20:26 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avastc&type=756 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=756&hspart=avast&hsimp=yhs-corp&p={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avastc&type=756 IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB} IE - HKLM\..\SearchScopes\{78E88D9E-36F5-46C7-9380-B5E08B9A949D}: "URL" = http://www.google.fr/search?hl=fr&q={searchTerms}&meta= IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://fr.search.yahoo.com/yhs/search?type=756&hspart=avast&hsimp=yhs-corp&p={searchTerms} IE - HKLM\..\SearchScopes\{a0892e19-6051-4ae6-9a5f-91542a166b2b}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm025^YYA^fr&si=downloadispeed&ptb=545B945A-9899-4588-B5AD-40A30F4A9BA0&ind=2015020914&n=781ac772&psa=&st=sb&searchfor={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851639 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {78E88D9E-36F5-46C7-9380-B5E08B9A949D} IE - HKU\.DEFAULT\..\SearchScopes\{78E88D9E-36F5-46C7-9380-B5E08B9A949D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {78E88D9E-36F5-46C7-9380-B5E08B9A949D} IE - HKU\S-1-5-18\..\SearchScopes\{78E88D9E-36F5-46C7-9380-B5E08B9A949D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SNYK IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.sonystyle-europe.comht [Binary data over 200 bytes] IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avastc&type=756 IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search?type=756&hspart=avast&hsimp=yhs-corp&p={searchTerms} IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avastc&type=756 IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\URLSearchHook: {b287e6b2-868b-4ac1-acce-c69eb5fd29d1} - No CLSID value found IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB} IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLL_fr&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=PapNGi49FgcoJJFMsz5WoSpU4Fk?q={searchTerms} IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes\{78E88D9E-36F5-46C7-9380-B5E08B9A949D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_fr IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://fr.search.yahoo.com/yhs/search?type=756&hspart=avast&hsimp=yhs-corp&p={searchTerms} IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\SearchScopes\{a0892e19-6051-4ae6-9a5f-91542a166b2b}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^BBQ^xdm025^YYA^fr&si=downloadispeed&ptb=545B945A-9899-4588-B5AD-40A30F4A9BA0&ind=2015020914&n=781ac772&psa=&st=sb&searchfor={searchTerms} IE - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.countryCode: "FR" FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)" FF - prefs.js..browser.search.defaultenginename: "Yahoo! (Avast)" FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)" FF - prefs.js..browser.search.defaulturl: "https://fr.search.yahoo.com/yhs/search" FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)" FF - prefs.js..browser.search.region: "FR" FF - prefs.js..browser.search.selectedEngine: "Yahoo! (Avast)" FF - prefs.js..browser.startup.homepage: "https://fr.yahoo.com/?fr=hp-avastc&type=756" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0 FF - prefs.js..keyword.URL: "https://fr.search.yahoo.com/yhs/search" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0 ESR\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 52.0 ESR\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 52.0 ESR\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 52.0 ESR\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/05/17 17:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions [2017/03/10 10:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Firefox\Profiles\i3f97q9h.default\extensions [2017/03/02 12:58:59 | 000,009,409 | ---- | M] () -- C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\i3f97q9h.default\searchplugins\yahoo-avast.xml [2017/03/10 14:25:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found. O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {9e28b297-11d4-4293-aa6f-558658ee66ae} - No CLSID value found. O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AvgUi] C:\Program Files\AVG\Framework\Common\avguirnx.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AVGUI.exe] C:\Program Files\AVG\Antivirus\AvLaunch.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Internet Speed Tracker AppIntegrator 32-bit] C:\PROGRA~1\INTERN~3\bar\2.bin\AppIntegrator.exe (Mindspark) O4 - HKLM..\Run: [Internet Speed Tracker EPM Support] "C:\PROGRA~1\INTERN~3\bar\2.bin\9tmedint.exe" T8EPMSUP.DLL,S File not found O4 - HKLM..\Run: [Internet Speed Tracker Search Scope Monitor] "C:\PROGRA~1\INTERN~3\bar\1.bin\9tsrchmn.exe" /m=2 /w /h File not found O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation) O4 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003..\Run: [ONconnectService] C:\Program Files\ONconnect\resources\service\win\ONconnect_service.exe () O4 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003..\Run: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (Safer-Networking Ltd.) O7 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..Trusted Domains: localhost ([]http in Intranet local) O15 - HKU\S-1-5-21-4024500516-990328175-2225845768-1003\..Trusted Ranges: GD ([http] in Intranet local) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96B8C7D9-9895-4C36-94B5-535929532A49}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop WallPaper: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3911CF56-9EF2-39BA-846A-C27BD3CD0685} - .NET Framework ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4903D172-DCCB-392F-93A3-34CA9D47FE3D} - .NET Framework ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2017/03/13 08:21:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\OTL.exe [2017/03/10 14:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2017/03/10 11:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Reimage Protector [2017/03/10 11:25:52 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage [2017/03/10 11:14:29 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2017/03/10 11:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2017/03/10 11:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2017/03/10 11:13:44 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Intel [2017/03/10 11:13:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2017/03/10 11:12:23 | 000,160,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvservice.exe [2017/03/10 11:12:20 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2017/03/10 11:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2017/03/10 11:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis [2017/03/10 11:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\Corel [2017/03/10 11:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel [2017/03/10 10:49:01 | 000,000,000 | ---D | C] -- C:\CYDELogs [2017/03/10 10:43:50 | 000,000,000 | ---D | C] -- C:\CAT-Logs [2017/03/09 17:35:03 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\LogMeIn [2017/03/09 17:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn [2017/03/09 17:34:00 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\join.me [2017/03/02 12:00:29 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\AVG [2017/03/02 11:58:28 | 000,757,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgSnx.sys [2017/03/02 11:58:28 | 000,466,008 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgsp.sys [2017/03/02 11:58:28 | 000,294,848 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgNdis2.sys [2017/03/02 11:58:28 | 000,279,760 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgVmm.sys [2017/03/02 11:58:28 | 000,269,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgblogx.sys [2017/03/02 11:58:28 | 000,259,616 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbidsdriverx.sys [2017/03/02 11:58:28 | 000,185,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgStmXP.sys [2017/03/02 11:58:28 | 000,151,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbidshx.sys [2017/03/02 11:58:28 | 000,134,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbdiskx.sys [2017/03/02 11:58:28 | 000,107,376 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgMonFlt.sys [2017/03/02 11:58:28 | 000,063,136 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgRvrt.sys [2017/03/02 11:58:28 | 000,061,616 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgRdr.sys [2017/03/02 11:58:28 | 000,043,504 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbunivx.sys [2017/03/02 11:58:28 | 000,035,128 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgHwid.sys [2017/03/02 11:58:24 | 000,329,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgBoot.exe [2017/03/02 11:57:50 | 000,025,784 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgNdis.sys [2017/03/02 11:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2017/03/02 11:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2017/03/02 11:51:34 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\CEF [2017/03/02 11:50:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2017/03/02 11:50:01 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\AvgSetupLog [2017/03/02 11:50:01 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\Avg [2017/03/02 11:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg [2017/03/02 10:29:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\vlc [2008/01/02 11:55:18 | 005,847,536 | ---- | C] (Internet Speed Tracker) -- C:\Users\Utilisateur\AppData\Local\InternetSpeedTrackerAuto.exe [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2017/03/13 08:29:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2017/03/13 08:21:41 | 000,002,305 | ---- | M] () -- C:\Users\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk [2017/03/13 08:21:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\OTL.exe [2017/03/13 08:18:11 | 000,724,904 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2017/03/13 08:18:11 | 000,637,048 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2017/03/13 08:18:11 | 000,146,828 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2017/03/13 08:18:10 | 000,120,554 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2017/03/13 08:16:16 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2017/03/13 08:14:40 | 000,130,483 | ---- | M] () -- C:\ProgramData\nvModes.dat [2017/03/13 08:14:40 | 000,130,483 | ---- | M] () -- C:\ProgramData\nvModes.001 [2017/03/13 08:14:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2017/03/13 08:14:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2017/03/13 08:14:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2017/03/13 08:14:10 | 3149,811,712 | -HS- | M] () -- C:\hiberfil.sys [2017/03/13 08:13:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2017/03/13 08:02:26 | 347,241,486 | ---- | M] () -- C:\Windows\MEMORY.DMP [2017/03/10 15:38:24 | 000,466,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgsp.sys [2017/03/10 15:10:01 | 000,000,150 | ---- | M] () -- C:\Windows\Reimage.ini [2017/03/10 11:29:03 | 000,000,000 | ---- | M] () -- C:\History [2017/03/10 11:18:01 | 000,375,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2017/03/10 11:10:51 | 000,000,599 | ---- | M] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk [2017/03/10 09:04:22 | 000,000,652 | ---- | M] () -- C:\Program Files\Common Files\cfgbak.tgb [2017/03/09 17:35:01 | 000,000,889 | ---- | M] () -- C:\Users\Utilisateur\Desktop\join.me.lnk [2017/03/09 10:21:58 | 000,000,747 | ---- | M] () -- C:\Users\Public\Desktop\AVG.lnk [2017/03/02 12:59:00 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2017/03/02 11:58:15 | 000,279,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgVmm.sys [2017/03/02 11:58:15 | 000,185,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgStmXP.sys [2017/03/02 11:58:15 | 000,107,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgMonFlt.sys [2017/03/02 11:58:15 | 000,063,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgRvrt.sys [2017/03/02 11:58:15 | 000,061,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgRdr.sys [2017/03/02 11:58:15 | 000,035,128 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgHwid.sys [2017/03/02 11:58:05 | 000,329,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgBoot.exe [2017/03/02 11:57:55 | 000,757,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgSnx.sys [2017/03/02 11:57:50 | 000,294,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgNdis2.sys [2017/03/02 11:57:50 | 000,025,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgNdis.sys [2017/03/02 11:57:47 | 000,269,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgblogx.sys [2017/03/02 11:57:47 | 000,259,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbidsdriverx.sys [2017/03/02 11:57:47 | 000,151,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbidshx.sys [2017/03/02 11:57:47 | 000,134,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbdiskx.sys [2017/03/02 11:57:47 | 000,043,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgbunivx.sys [2017/03/02 11:47:24 | 000,000,181 | ---- | M] () -- C:\Windows\wininit.ini [2017/02/17 14:23:43 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2017/02/17 14:23:43 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2017/03/13 08:29:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2017/03/10 11:29:03 | 000,000,000 | ---- | C] () -- C:\History [2017/03/10 11:25:05 | 000,000,150 | ---- | C] () -- C:\Windows\Reimage.ini [2017/03/10 11:10:51 | 000,000,599 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk [2017/03/10 09:04:22 | 000,000,652 | ---- | C] () -- C:\Program Files\Common Files\cfgbak.tgb [2017/03/09 17:35:01 | 000,000,889 | ---- | C] () -- C:\Users\Utilisateur\Desktop\join.me.lnk [2017/03/09 17:35:01 | 000,000,889 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk [2017/03/02 11:54:44 | 000,000,747 | ---- | C] () -- C:\Users\Public\Desktop\AVG.lnk [2017/02/05 12:08:37 | 000,000,181 | ---- | C] () -- C:\Windows\wininit.ini [2015/01/11 14:14:04 | 000,003,584 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/09 18:27:14 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/01/23 10:03:32 | 000,001,356 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\d3d9caps.dat [2008/08/26 09:57:43 | 000,130,483 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008/08/26 09:57:10 | 000,130,483 | ---- | C] () -- C:\ProgramData\nvModes.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2006/11/02 13:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2015/02/18 03:02:58 | 011,587,584 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2009/05/16 09:58:09 | 000,000,000 | ---D | M] -- C:\Users\PP\AppData\Roaming\InterVideo [2009/08/19 09:14:31 | 000,000,000 | ---D | M] -- C:\Users\PP\AppData\Roaming\Sage [2011/07/12 22:13:07 | 000,000,000 | ---D | M] -- C:\Users\PP\AppData\Roaming\uTorrent [2009/03/17 09:42:18 | 000,000,000 | ---D | M] -- C:\Users\PP\AppData\Roaming\Vodafone [2009/03/09 18:28:01 | 000,000,000 | ---D | M] -- C:\Users\PP\AppData\Roaming\Windows Small Business Server [2017/03/02 12:00:29 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\AVG [2015/01/11 11:14:48 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Company Name [2015/01/25 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\InterVideo [2017/02/05 12:27:02 | 000,000,000 | ---D | M] -- C:\Users\Utilisateur\AppData\Roaming\Oxylane [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009/04/10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/08/26 18:58:21 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2011/02/22 17:00:42 | 000,000,729 | ---- | M] () -- C:\drvopt.ini [2017/03/13 08:14:10 | 3149,811,712 | -HS- | M] () -- C:\hiberfil.sys [2017/03/10 11:29:03 | 000,000,000 | ---- | M] () -- C:\History [2017/03/13 08:14:09 | 3463,389,184 | -HS- | M] () -- C:\pagefile.sys [2017/03/13 08:29:34 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2008/01/21 03:43:58 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini [color=#A23BEC]< %PROGRAMFILES%\*. >[/color] [2008/10/01 07:41:33 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites [2014/05/07 08:40:02 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe [2008/08/26 10:27:18 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint [2008/10/01 07:57:44 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft [2017/03/02 11:55:33 | 000,000,000 | ---D | M] -- C:\Program Files\AVG [2009/03/17 10:01:41 | 000,000,000 | ---D | M] -- C:\Program Files\BNP [2009/03/11 16:00:40 | 000,000,000 | ---D | M] -- C:\Program Files\Box Operator [2017/03/10 11:14:30 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco [2011/07/12 22:09:20 | 000,000,000 | ---D | M] -- C:\Program Files\Clarus [2017/03/10 11:14:28 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files [2015/01/11 11:14:41 | 000,000,000 | ---D | M] -- C:\Program Files\Company Name [2008/08/26 09:18:28 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT [2017/03/10 11:09:21 | 000,000,000 | ---D | M] -- C:\Program Files\Corel [2008/01/01 00:54:36 | 000,000,000 | ---D | M] -- C:\Program Files\DrWeb [2009/01/23 10:00:36 | 000,000,000 | -HSD | M] -- C:\Program Files\Fichiers communs [2014/05/07 08:58:51 | 000,000,000 | ---D | M] -- C:\Program Files\Google [2008/10/01 07:48:50 | 000,000,000 | ---D | M] -- C:\Program Files\Google BAE [2017/03/10 11:08:35 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2008/10/01 07:57:57 | 000,000,000 | ---D | M] -- C:\Program Files\Intel [2007/12/31 23:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2015/02/09 20:59:39 | 000,000,000 | ---D | M] -- C:\Program Files\InternetSpeedTracker_9t [2017/03/10 11:08:12 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo [2009/12/29 12:03:31 | 000,000,000 | ---D | M] -- C:\Program Files\Java [2017/03/10 09:07:00 | 000,000,000 | ---D | M] -- C:\Program Files\Ligne 100 Edition Pilotee [2014/05/06 15:59:29 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2015/05/17 17:16:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight [2009/03/09 18:49:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business [2009/01/23 16:45:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server [2009/01/23 11:04:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio [2009/05/04 08:11:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works [2014/05/06 16:07:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2014/05/07 07:16:59 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2017/03/13 08:00:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2017/03/13 08:00:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service [2006/11/02 13:37:40 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild [2009/01/23 10:28:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2017/03/10 11:12:20 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation [2017/02/05 12:25:57 | 000,000,000 | ---D | M] -- C:\Program Files\ONconnect [2008/10/01 07:55:07 | 000,000,000 | ---D | M] -- C:\Program Files\Option [2017/03/10 09:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\OrangeBS [2008/10/01 07:50:19 | 000,000,000 | ---D | M] -- C:\Program Files\Picasa2 [2014/06/01 17:27:53 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime [2008/08/26 10:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek [2006/11/02 13:37:40 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2017/03/10 15:23:19 | 000,000,000 | ---D | M] -- C:\Program Files\Reimage [2008/10/01 07:53:46 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio [2017/02/05 12:26:07 | 000,000,000 | ---D | M] -- C:\Program Files\Silabs [2015/05/17 17:21:29 | 000,000,000 | R--D | M] -- C:\Program Files\Skype [2008/01/02 11:44:06 | 000,000,000 | ---D | M] -- C:\Program Files\Sony [2010/09/26 08:23:48 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2017/03/02 11:48:29 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy 2 [2006/11/02 14:01:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2011/07/12 20:53:04 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN [2008/08/26 10:03:23 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM [2008/01/22 14:41:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar [2008/01/22 14:41:16 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration [2008/01/22 14:41:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender [2015/05/17 17:38:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal [2014/05/07 07:17:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail [2007/12/31 23:00:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2009/01/23 10:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT [2008/01/22 14:41:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery [2014/05/07 07:17:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices [2008/01/22 14:41:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar [2017/03/10 09:09:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Small Business Server [2017/03/10 09:04:36 | 000,000,000 | ---D | M] -- C:\Program Files\ZyXEL [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys [color=#A23BEC]< MD5 for: APPMGMTS.DLL >[/color] [2009/04/10 23:28:18 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=0FE769CAE5855B53C90E23F85E7E89FF -- C:\Windows\System32\appmgmts.dll [2009/04/10 23:28:18 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=0FE769CAE5855B53C90E23F85E7E89FF -- C:\Windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.0.6002.18005_none_83ba6170592b6c85\appmgmts.dll [2008/01/21 03:25:30 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=C56DED3FE618C8BAE1AAAF4E801CCB3E -- C:\Windows\winsxs\x86_microsoft-windows-g..oftwareinstallation_31bf3856ad364e35_6.0.6001.18000_none_81cee8645c09a139\appmgmts.dll [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/04/10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009/04/10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [color=#A23BEC]< MD5 for: AUTOCHK.EXE >[/color] [2009/04/10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe [2009/04/10 23:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe [2008/01/21 03:25:09 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2008/01/21 03:24:11 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys [2008/01/21 03:24:11 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2008/01/21 03:24:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe [color=#A23BEC]< MD5 for: HIDSERV.DLL >[/color] [2009/04/10 23:28:20 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\System32\hidserv.dll [2009/04/10 23:28:20 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=84067081F3318162797385E11A8F0582 -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hidserv.dll [2006/11/02 10:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=8FA640195279ACE21BEA91396A0054FC -- C:\Windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6000.16386_none_d47586718a839763\hidserv.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2008/04/15 16:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2008/04/15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys [2008/04/22 01:20:50 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys [2008/04/22 01:21:02 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (RAID)\IaStor.sys [2008/04/22 01:20:50 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys [2008/04/22 01:20:50 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys [2008/04/22 01:21:02 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_054cd65f\iaStor.sys [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys [color=#A23BEC]< MD5 for: IMM32.DLL >[/color] [2008/01/21 03:24:50 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=EC17194A193CD8E90D27CFB93DFA9A2E -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll [2009/04/10 23:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\imm32.dll [2009/04/10 23:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll [color=#A23BEC]< MD5 for: KERNEL32.DLL >[/color] [2009/02/13 09:21:09 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=1987D817D08F5EAF0B7F334026FDDB79 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll [2014/02/06 02:56:54 | 000,894,464 | ---- | M] (Microsoft Corporation) MD5=695DB97B018FB06F693F37108322AA1E -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_9587d7775386a817\kernel32.dll [2015/05/08 23:51:41 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=700178867665441A00AB3215B5450C7A -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23688_none_95df6f4c6cc92ab5\kernel32.dll [2014/02/06 03:43:24 | 000,894,976 | ---- | M] (Microsoft Corporation) MD5=B439D7A2127B81EC7274019D14784D75 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_961b47b06c9d0ce7\kernel32.dll [2009/02/13 08:26:37 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=B82C7AC1D559F0FD088792171D64C7F3 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll [2009/02/13 08:13:01 | 000,875,520 | ---- | M] (Microsoft Corporation) MD5=BB792054BD990EC05D9E260D50FEAD39 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll [2009/04/10 23:28:22 | 000,891,392 | ---- | M] (Microsoft Corporation) MD5=BB8509089E7DF514310814E1B2593FFC -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll [2009/02/13 09:49:05 | 000,888,832 | ---- | M] (Microsoft Corporation) MD5=DB6E3731E6F5C8AE2843F80B5787F7C6 -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll [2008/01/21 03:24:40 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=DC2338093F91BA4E0512208E60206DDD -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll [2015/05/09 00:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\kernel32.dll [2015/05/09 00:08:48 | 000,894,464 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19381_none_954eccaf53b1df3c\kernel32.dll [color=#A23BEC]< MD5 for: MSWSOCK.DLL >[/color] [2009/04/10 23:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\System32\mswsock.dll [2009/04/10 23:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll [2008/01/21 03:24:28 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009/04/10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys [2009/04/10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys [2008/01/21 03:24:15 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009/04/10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008/01/21 03:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll [color=#A23BEC]< MD5 for: NTFS.SYS >[/color] [2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\System32\drivers\ntfs.sys [2013/03/03 20:07:52 | 001,082,232 | ---- | M] (Microsoft Corporation) MD5=2C1121F2B87E9A6B12485DF53CD848C7 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys [2009/04/10 23:32:50 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys [2008/01/21 03:24:15 | 001,081,912 | ---- | M] (Microsoft Corporation) MD5=B4EFFE29EB4F15538FD8A9681108492D -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys [2013/03/03 20:07:52 | 001,083,240 | ---- | M] (Microsoft Corporation) MD5=ECB54A0E9C40B00CF8FEFE5F455A1EFB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys [color=#A23BEC]< MD5 for: NTMSSVC.DLL >[/color] [2008/01/21 03:25:51 | 000,460,288 | ---- | M] (Microsoft Corporation) MD5=A7DFF9642D510BE1EEC6664CD0369953 -- C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmssvc.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys [color=#A23BEC]< MD5 for: PROQUOTA.EXE >[/color] [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\System32\proquota.exe [2006/11/02 10:45:33 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=C31AE90F24870B9A51655C36A9EB4BF3 -- C:\Windows\winsxs\x86_microsoft-windows-proquota_31bf3856ad364e35_6.0.6000.16386_none_259035db957a1715\proquota.exe [color=#A23BEC]< MD5 for: QMGR.DLL >[/color] [2008/01/21 03:25:26 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll [2009/04/10 23:28:24 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll [2009/04/10 23:28:24 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/01/21 03:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009/04/10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll [color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color] [2010/08/17 14:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [2009/04/10 23:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe [2008/01/21 03:25:09 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe [2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe [2010/08/17 15:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [2010/08/17 15:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [2010/08/17 14:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] [2008/01/21 03:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe [2008/01/21 03:24:10 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe [color=#A23BEC]< MD5 for: TERMSRV.DLL >[/color] [2014/10/11 01:34:03 | 000,452,096 | ---- | M] (Microsoft Corporation) MD5=B33E73457ED6616F6CA316694267FEE3 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_90faa76f6a97633b\termsrv.dll [2009/04/10 23:28:26 | 000,449,024 | ---- | M] (Microsoft Corporation) MD5=BB95DA09BEF6E7A131BFF3BA5032090D -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll [2008/01/21 03:24:40 | 000,448,512 | ---- | M] (Microsoft Corporation) MD5=D605031E225AACCBCEB5B76A4F1603A6 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll [2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\System32\termsrv.dll [2014/10/10 02:01:27 | 000,449,536 | ---- | M] (Microsoft Corporation) MD5=DBD84E59D631569EC3E756EF144E8431 -- C:\Windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_907ed7a2516ef937\termsrv.dll [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2008/01/21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008/01/21 03:25:16 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2006/11/02 10:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys [2009/04/10 23:32:56 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys [2009/04/10 23:32:56 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys [2012/08/21 12:47:42 | 000,225,664 | ---- | M] (Microsoft Corporation) MD5=559F1DB6586DE2EE8E25E172A0CA9A3C -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.22913_none_181f0c08125e385e\volsnap.sys [2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\drivers\volsnap.sys [2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys [2012/08/21 12:47:42 | 000,224,640 | ---- | M] (Microsoft Corporation) MD5=786DB5771F05EF300390399F626BF30A -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18679_none_175a8da4f96bddf6\volsnap.sys [2008/01/21 03:23:46 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys [2008/01/21 03:23:46 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys [color=#A23BEC]< MD5 for: WININET.DLL >[/color] [2009/04/24 16:43:32 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=07DBFC0759F61E95901AF2B2D4E83451 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll [2009/10/27 14:18:35 | 000,841,216 | ---- | M] (Microsoft Corporation) MD5=0F34E919E086E834052850B6E57050F3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21148_none_0068f216bde385f2\wininet.dll [2009/04/23 13:15:31 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=24CBE22F35941FBFD6144A5C011EA999 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll [2009/12/18 14:05:50 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=27DFDEA0533477C8923FC874F6439CF0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18385_none_01977b41a20f6796\wininet.dll [2009/08/27 15:02:34 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=2BD22AA29893876347BA1BE62487748A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16916_none_fffdec59a4af2c65\wininet.dll [2009/07/18 12:47:51 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=387B0601FCA64AF5117C321E46C4C4E2 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll [2009/03/03 05:32:59 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=3ED9859939928CA568F487AB42175A33 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22389_none_0225174ebb296f95\wininet.dll [2009/10/27 15:11:14 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=3F564B34F047885934DA5D3479ED0716 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18130_none_03aefd399f11af79\wininet.dll [2009/07/18 12:35:05 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=408A0A6E83333F98D564D95CDBB6D3C6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll [2008/04/25 05:35:23 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=44FD3968AD885026D94450832A78DE8A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll [2008/01/21 03:25:01 | 000,825,856 | ---- | M] (Microsoft Corporation) MD5=455D715A840579BDC1CF8E5C1DA76849 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll [2008/10/16 05:38:28 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=4944C9FFE8903A276590D4215F74B937 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22288_none_0224151ebb2a5917\wininet.dll [2009/12/18 13:24:16 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=4D36519B1212659127A4CFCC19E33049 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22585_none_022119f2bb2d0487\wininet.dll [2009/12/16 12:44:23 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=565B8A25FB59E8E1F5ED59C95F72B7D7 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18167_none_03958f7b9f23b4ad\wininet.dll [2009/08/27 13:56:34 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=5E382486BCCCF4C50A810E2DF18C8CDB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22212_none_04503a70b81d4a0f\wininet.dll [2009/08/27 14:32:41 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=604E16194F1E60084B948ACAE8334E0F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18319_none_01e72bdda1d3095b\wininet.dll [2014/06/07 00:02:16 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=61D9AD9E55D7A1E10C0EF701ADE1C486 -- C:\Windows\SoftwareDistribution\Download\f75631262b2b215924167fd56bf20c6a\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_c1b0f0a3dfd7c4e3\wininet.dll [2014/05/06 15:55:46 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=62077F806BC59CBD5A404338D710D133 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll [2008/10/16 05:24:00 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=622FE627D15DD920238A993021F0A4D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20937_none_0072e7b0bddc2041\wininet.dll [2009/04/24 17:05:41 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=64EAF7CF461A15DB4EAEB1D50A10E88E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll [2009/01/15 05:19:13 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=65647F41CEC0C8EEC9DF5BC1168EC76C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll [2015/05/31 00:49:49 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6788C8BBFD00EA99D6DA2AB5EA4F9A2C -- C:\Windows\System32\wininet.dll [2015/05/31 00:49:49 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=6788C8BBFD00EA99D6DA2AB5EA4F9A2C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16659_none_c1c3c4c5dfc870d1\wininet.dll [2009/01/16 06:00:04 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=6A986C2CD30633447DAB21A4852E40D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll [2009/03/03 05:40:12 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=6E115E2D3FAE5077A361A5BCE78FF170 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18226_none_01d9592da1dddc20\wininet.dll [2009/12/18 13:25:50 | 000,841,216 | ---- | M] (Microsoft Corporation) MD5=6F837BD5085F73A8FF0425AA6705A8D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21184_none_0039b13ebe07905a\wininet.dll [2014/11/24 22:34:25 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=771EE57063F9F6798DC2E52DC0042912 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_c274a018f8c93b7b\wininet.dll [2009/04/24 17:00:16 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=77C60DD61D21777734B1C945540473A4 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll [2009/07/18 12:56:28 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=7FCA93009963EE8A7AF1740661412F1E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll [2009/04/10 23:28:26 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=8777B44511D8BCCF47B5A7CBDC02DE11 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll [2009/07/18 13:17:15 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=87D84C48693EB949350FA938D63512D8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll [2009/03/03 05:18:09 | 000,828,416 | ---- | M] (Microsoft Corporation) MD5=88B57405AC5B2BF513069086F8963635 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21023_none_00798e96bdd7d236\wininet.dll [2009/10/27 14:20:19 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=8C8A7E47DBB25EB94C29152BD08CF436 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18349_none_01c6bc19a1eb5d2e\wininet.dll [2008/10/16 05:47:35 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=8F89FFECF6989DD7D9ECCEC6D95D7419 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18157_none_01b9e7cda1f54c23\wininet.dll [2008/04/25 05:23:11 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=9191790BF02A8D759EC2B4E4FA868407 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll [2015/05/31 00:56:17 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=A04528F5740D17A8AAB95FAE38BFD82D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20774_none_c232c046f8fac9ca\wininet.dll [2008/04/25 05:22:01 | 000,826,880 | ---- | M] (Microsoft Corporation) MD5=A86218059C228E7691A13E4CB63C4CDF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll [2014/11/24 21:35:25 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=AA680F0065A505118BDD9181BCE7C83D -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll [2009/03/03 05:20:12 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=BA68744F8FE1BAAC35362F18774972A3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16830_none_ffe248dfa4c4cf16\wininet.dll [2009/10/27 16:05:11 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=BA95D134FE1A3577A174D9A85D6ED1F1 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16945_none_ffdc7c4ba4c866e1\wininet.dll [2009/10/27 13:53:54 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=C50C20FB2B5B5F228F7B1BA8925107B0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22252_none_0424fac0b83db9d3\wininet.dll [2009/08/27 14:17:42 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=C628812EA5016B1C3E13E082940D5AF6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22508_none_027a9a30bae97104\wininet.dll [2009/12/18 13:52:36 | 000,832,512 | ---- | M] (Microsoft Corporation) MD5=C7A318E74FEF945EBFF855C1513CD96C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16982_none_ffae3bbda4eb8aa0\wininet.dll [2009/12/17 13:04:17 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=C86BBCF0DA44F2B36C9AA59032916EF0 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22290_none_03f7ba7cb85ff6e9\wininet.dll [2014/05/28 17:32:59 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=CFD26829131439B71D0109F9D5345573 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll [2014/06/06 22:47:40 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=D19775732C5F0850BB46E4B5CF4E8C39 -- C:\Windows\SoftwareDistribution\Download\f75631262b2b215924167fd56bf20c6a\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_c230bdccf8fc99f5\wininet.dll [2009/07/18 13:16:25 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=D1E1447C4E2077BDFFDD547972FEBDEB -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll [2009/08/27 14:40:40 | 000,840,704 | ---- | M] (Microsoft Corporation) MD5=D5709010F06FEC697CCB2831D0821E0B -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21116_none_00876146bdccff71\wininet.dll [2009/08/27 13:40:58 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=D88D19604AACE2101B13260322FB4A3A -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18100_none_03cf6cfd9ef95ba6\wininet.dll [2009/04/24 17:22:31 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=D94BDEEF2E47EB4A46B957253C697F01 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll [2014/02/27 18:24:37 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=DE4746B5D70281B4CA9847947B94B314 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.19044_none_03a815c79f164d40\wininet.dll [2014/05/28 17:35:22 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=E267DC5D759E11BB895C41E7EFC1A54C -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll [2015/04/10 16:20:33 | 001,129,472 | ---- | M] (Microsoft Corporation) MD5=E38E89A0939A42F5EE4292DFC48772DF -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16644_none_c1c9933fdfc4d62d\wininet.dll [2009/04/24 17:01:22 | 000,828,928 | ---- | M] (Microsoft Corporation) MD5=E7D90AF9B0C7FA98DF353E022EE1C63E -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll [2015/04/10 01:25:23 | 001,130,496 | ---- | M] (Microsoft Corporation) MD5=EA51D068CE82A1E7FC338D0D36E83AA3 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20758_none_c24c6146f8e6f744\wininet.dll [2014/02/27 16:56:41 | 000,842,240 | ---- | M] (Microsoft Corporation) MD5=EBB89E928A79054DDCD8BCDCE074E6B6 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.23333_none_043b8600b82cb210\wininet.dll [2008/10/16 05:40:37 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=F18C1B151A0B18C35BF0919A9BA0FA0F -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16764_none_ffc5d85da4d98b1e\wininet.dll [2009/10/27 14:07:40 | 000,834,048 | ---- | M] (Microsoft Corporation) MD5=F1D8D50E054ADDF05D708A8676868763 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22550_none_023c8844bb193201\wininet.dll [2008/04/25 05:09:57 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=F40594128A6BFDA6C3F0900796895078 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll [2009/01/15 07:11:16 | 000,827,392 | ---- | M] (Microsoft Corporation) MD5=FB79A2AA5E92653B9A394FE26D799BF8 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll [2009/07/18 17:06:20 | 000,827,904 | ---- | M] (Microsoft Corporation) MD5=FCB4E3234667317905333B6A4CDF85FC -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll [2009/01/15 05:16:03 | 000,826,368 | ---- | M] (Microsoft Corporation) MD5=FF35D495AC08549154D1D96990513CD9 -- C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2008/01/21 03:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe [2008/01/21 03:24:09 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe [color=#A23BEC]< MD5 for: WININIT.INI >[/color] [2017/03/02 11:47:24 | 000,000,181 | ---- | M] () MD5=367D30682A609D8E97885E8AA1507277 -- C:\Windows\wininit.ini [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2008/01/21 03:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [2008/01/21 03:25:17 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe [color=#A23BEC]< MD5 for: WS2_32.DLL >[/color] [2008/01/21 03:25:16 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll [2008/01/21 03:25:16 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\​*.sys /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*​.sav >[/color] [color=#A23BEC]< c:\$recycle.bin\*.* /s >[/color] [2008/10/01 07:58:53 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-1052282564-2062203770-2682790607-500\desktop.ini [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I0I47LT.avi [2011/07/12 21:49:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I4YRVUO.avi [2011/07/12 21:52:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I5LSSXY [2011/07/12 22:02:31 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I62CCL9.torrent [2011/07/12 21:50:20 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I6T78C9 [2011/07/12 21:52:08 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$I92XAJO.exe [2011/07/12 22:02:21 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IAXYNGC.torrent [2011/07/12 22:01:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IDZO6M8.lnk [2011/07/12 21:52:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IIQS1DV.torrent [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IK8AEBV.avi [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IKB97UQ.avi [2011/07/12 21:49:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IN187FI.avi [2011/07/12 21:57:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$INNS129 [2011/07/12 21:50:06 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IR9458B [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IRQ02ZM [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IS8IEXU.avi [2011/07/12 21:56:39 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$ITL3MF8.lnk [2011/07/12 21:49:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$ITWOUUW.avi [2011/07/12 21:49:30 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IUTBTA6.avi [2011/07/12 22:14:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IV93ZWR.avi [2011/07/12 21:49:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IWC9MXW.avi [2011/07/12 22:02:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$IWURGLN.lnk [2011/07/12 21:55:52 | 361,869,312 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R0I47LT.avi [2011/07/12 20:41:59 | 733,290,496 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R4YRVUO.avi [2011/07/12 21:36:28 | 000,040,253 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R62CCL9.torrent [2011/07/12 21:33:53 | 000,639,352 | ---- | M] (BitTorrent, Inc.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R92XAJO.exe [2011/07/12 20:12:44 | 000,029,193 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RAXYNGC.torrent [2011/07/12 21:36:23 | 000,000,584 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RDZO6M8.lnk [2011/07/12 21:36:28 | 000,040,253 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RIQS1DV.torrent [2011/07/12 21:49:04 | 362,174,464 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RK8AEBV.avi [2011/07/12 21:49:04 | 362,528,768 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RKB97UQ.avi [2011/07/12 21:18:34 | 1472,781,944 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RN187FI.avi [2011/07/12 21:49:04 | 361,465,856 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RS8IEXU.avi [2011/07/12 21:34:35 | 000,000,758 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RTL3MF8.lnk [2011/07/12 21:21:27 | 1472,767,312 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RTWOUUW.avi [2011/07/12 20:42:27 | 735,684,608 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RUTBTA6.avi [2011/07/12 21:49:04 | 361,834,496 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RV93ZWR.avi [2011/07/12 21:24:09 | 1472,149,334 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RWC9MXW.avi [2011/07/12 21:34:35 | 000,000,776 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RWURGLN.lnk [2009/03/09 18:28:24 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\desktop.ini [2011/07/12 20:33:27 | 000,000,635 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Ben Harper-Give Till Its Gone-2011 - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,696 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Black Swan 2010.TRUE FRENCH.DVDRIP.XViD-FiCTiON.[rsl] - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,686 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Inception - French - DVDRip - XviD - 1CDRip - [DDR] - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,686 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Inglorious Bastards (2009) DVDrip R5 XviD AC3 -MDMA - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,642 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\L.Arnacoeur.FRENCH.DVDRip.XviD-AYMO - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,660 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\L.Avocat.2011.FRENCH.DVDSCR.LD.XViD-SERUM - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,560 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\La Faille - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,693 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\La Saga Rocky les 6 films.French.DVDrip.Xvid.AC3-FwD - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,627 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Last.Night.2010.BDRip.XviD-iLG - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,626 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Le Parrain-1 & 2-(Yacine34)-!!! - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,696 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Le.Dernier.Des.Templiers.FRENCH.DVDRip.AC3.XViD-DVDFR - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,587 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Legendes d'automne - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,590 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Les simpson le film - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,686 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\rambo_1_2_3_4_Megapack_(Dutchsubs)_(2LIONS)-WaRlOrD - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,654 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Rien.A.Declarer.FRENCH.DVDRip.XviD-AYMO - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,618 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Rocky 5 (1990) [TnT24.Info] - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,569 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Rocky balboa - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,557 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Rocky IV - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\SEVEN - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,711 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Sex.Friends.2011.TRUEFRENCH TS.MD.REPACK.1CD.XviD-SERENiTY - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,680 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\Simon & Garfunkel - The Best Of Simon & Garfunkel - Raccourci.lnk [2011/07/12 20:33:27 | 000,000,660 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R5LSSXY\The.Tourist.2010.French.MD.DvDScR.XviD-FR - Raccourci.lnk [2011/04/11 13:39:20 | 000,007,044 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\GottenAppsContextMenu.xml [2011/04/03 09:27:00 | 000,254,760 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\ldrtbuTor.dll [2011/04/11 13:39:20 | 000,005,738 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\OtherAppsContextMenu.xml [2011/03/28 17:22:54 | 000,176,936 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\prxtbuTor.dll [2011/04/11 13:39:20 | 000,006,588 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\SharedAppsContextMenu.xml [2011/04/17 09:37:48 | 004,239,144 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\tbuTor.dll [2010/12/23 16:05:04 | 000,000,026 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\toolbar.cfg [2011/04/11 13:39:20 | 000,005,737 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\ToolbarContextMenu.xml [2011/04/11 13:39:22 | 000,093,792 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\uninstall.exe [2011/04/11 13:39:22 | 000,065,832 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$R6T78C9\uTorrentBar_FRToolbarHelper.exe [2011/04/11 13:39:20 | 000,007,044 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\GottenAppsContextMenu.xml [2011/07/11 19:40:38 | 000,048,850 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\La Saga Rocky les 6 films.French.DVDrip.Xvid.AC3-FwD.nfo [2011/04/03 09:27:00 | 000,254,760 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\ldrtbuTor.dll [2011/04/11 13:39:20 | 000,005,738 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\OtherAppsContextMenu.xml [2011/03/28 17:22:54 | 000,176,936 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\prxtbuTor.dll [2011/04/11 13:39:20 | 000,006,588 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\SharedAppsContextMenu.xml [2011/04/17 09:37:48 | 004,239,144 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\tbuTor.dll [2010/12/23 16:05:04 | 000,000,026 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\toolbar.cfg [2011/04/11 13:39:20 | 000,005,737 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\ToolbarContextMenu.xml [2011/04/11 13:39:22 | 000,093,792 | ---- | M] (Conduit Ltd.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\uninstall.exe [2011/04/11 13:39:22 | 000,065,832 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RNNS129\uTorrentBar_FRToolbarHelper.exe [2011/07/12 21:34:35 | 000,639,352 | ---- | M] (BitTorrent, Inc.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RR9458B\uTorrent.exe [2011/07/03 19:59:08 | 000,639,352 | ---- | M] (BitTorrent, Inc.) -- c:\$recycle.bin\S-1-5-21-3199949992-3702179158-2434200206-1155\$RR9458B\uTorrent\uTorrent.exe [2008/08/26 09:25:20 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-3324169334-3727715051-778738716-500\desktop.ini [2017/03/09 14:36:27 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I0SX0JO.jpg [2017/03/06 12:05:01 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I0ZPTQC.jpeg [2017/03/10 08:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I340ZN8.exe [2017/03/06 10:01:09 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I4C8MG2.JPG [2017/03/10 08:59:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I4T0F7T [2017/03/10 09:00:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I5C0XZY.doc [2017/03/10 09:00:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I68D40H.lnk [2017/03/10 09:18:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I7IL1BR.exe [2017/03/10 08:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I7VGUZ3.gpx [2017/03/09 15:19:35 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$I9TYVLF.JPG [2017/03/06 10:01:05 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IADNR2H.PNG [2017/03/06 09:49:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IC4KAP5.pdf [2017/03/06 12:05:50 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ICL5XJJ.jpg [2017/03/09 17:22:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ICYIWFL.mov [2017/03/06 10:01:02 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ID2MA1F.jpg [2017/03/10 09:00:15 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IG4NPL9.lnk [2017/03/10 08:58:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IGJ3V2W.jpg [2017/03/09 17:03:04 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IH2NGOM.jpeg [2017/03/10 09:24:52 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$II96BAW.jpeg [2017/03/09 16:58:37 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ILN3K8B.jpg [2017/03/06 15:23:22 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IOBQNWW.jpg [2017/03/10 15:21:26 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IOFWA7J [2017/03/10 08:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IOJI12Z.gpx [2017/03/09 17:21:59 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IQ2F6AN.PNG [2017/03/10 09:01:13 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ITYV9HW.lnk [2017/03/10 08:58:42 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IUJ0JXU.xlsx [2017/03/10 08:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IWVM8S0.gpx [2017/03/10 08:59:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$IX82ESJ.exe [2017/03/02 11:49:48 | 003,449,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R340ZN8.exe [2017/02/17 15:45:06 | 000,022,528 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R5C0XZY.doc [2006/11/02 13:50:47 | 000,000,258 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R68D40H.lnk [2015/07/28 17:52:34 | 000,821,920 | ---- | M] (Safer-Networking Ltd. ) -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R7IL1BR.exe [2017/03/07 09:11:25 | 000,147,558 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R7VGUZ3.gpx [2017/03/06 09:55:26 | 000,188,467 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R9TYVLF.JPG [2017/03/06 09:38:53 | 001,164,454 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RADNR2H.PNG [2017/03/06 09:47:56 | 000,067,942 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RC4KAP5.pdf [2016/10/03 11:56:12 | 011,540,397 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RCYIWFL.mov [2015/01/11 13:57:25 | 000,000,301 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RG4NPL9.lnk [2017/03/09 17:20:42 | 000,052,453 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RGJ3V2W.jpg [2017/03/06 10:05:39 | 001,189,875 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RI96BAW.jpeg [2017/03/06 09:51:23 | 000,081,733 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RLN3K8B.jpg [2017/03/06 11:59:34 | 000,206,499 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ROJI12Z.gpx [2017/03/09 17:19:08 | 000,868,218 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RQ2F6AN.PNG [2006/11/02 13:50:47 | 000,000,240 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RTYV9HW.lnk [2008/01/14 22:39:20 | 000,008,033 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RUJ0JXU.xlsx [2017/03/09 10:22:23 | 000,195,798 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RWVM8S0.gpx [2017/02/05 12:24:46 | 024,166,816 | ---- | M] (Geonaute ) -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$RX82ESJ.exe [2009/01/23 10:06:04 | 000,000,129 | -HS- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\desktop.ini [2015/01/11 11:19:19 | 000,576,736 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$R4T0F7T\Ccleaner.exe [2017/03/10 11:10:51 | 000,000,617 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-4024500516-990328175-2225845768-1003\$ROFWA7J\Corel WinDVD BD.lnk [2006/11/02 14:01:23 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2006/11/02 14:01:23 | 000,032,614 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2014/05/07 08:45:44 | 000,001,002 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job < End of report >