cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL logfile created on: 31/07/2013 12:34:13 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\lyly\Pictures\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 44,99% Memory free
6,21 Gb Paging File | 4,30 Gb Available in Paging File | 69,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,30 Gb Total Space | 93,11 Gb Free Space | 41,88% Space Free | Partition Type: NTFS
Drive D: | 10,59 Gb Total Space | 1,79 Gb Free Space | 16,88% Space Free | Partition Type: NTFS

Computer Name: PC-DE-LYLY | User Name: lyly | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013/07/30 22:32:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\lyly\Pictures\Downloads\OTL.exe
PRC - [2013/07/30 15:00:33 | 000,051,992 | ---- | M] (cake bake) -- C:\Program Files\Web Cake\WDesktop.Updater.exe
PRC - [2013/07/12 08:35:06 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/07/03 10:04:58 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2013/03/07 22:32:38 | 000,248,240 | ---- | M] (Facebook) -- C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
PRC - [2013/01/13 14:25:14 | 000,225,792 | ---- | M] () -- C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
PRC - [2012/11/14 15:45:30 | 000,526,208 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
PRC - [2012/11/14 15:45:28 | 007,220,608 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2012/11/14 15:45:28 | 004,067,200 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2012/11/14 15:45:28 | 001,640,320 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2012/10/16 11:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 17:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2011/08/26 10:36:24 | 000,214,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/08/26 10:23:06 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/02/17 10:59:38 | 000,953,744 | ---- | M] (Razer USA Ltd) -- C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
PRC - [2009/07/27 04:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/06/10 15:24:32 | 005,545,632 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
PRC - [2009/06/03 14:41:02 | 000,392,864 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/02/09 19:14:02 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/02/09 19:14:02 | 000,116,096 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 19:13:36 | 000,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2008/12/25 14:41:20 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/25 14:41:16 | 001,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/12/17 17:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/11/28 19:04:26 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/18 20:35:44 | 000,914,224 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2008/10/26 22:49:40 | 000,237,657 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\stacsv.exe
PRC - [2008/10/26 22:48:30 | 000,450,659 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/06/27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\AEstSrv.exe
PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/07/15 18:34:35 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c7b6efda1a28f37adc2cd7e5b4ed687b\Microsoft.VisualBasic.ni.dll
MOD - [2013/07/15 18:34:09 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d1924760b80ac50740f9ed359c6798ce\System.Management.ni.dll
MOD - [2013/07/15 18:31:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\59375bfcbdf9a51a963b71c10f6204d4\System.Runtime.Remoting.ni.dll
MOD - [2013/07/15 18:31:55 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\632affb16da1970ae3d40574d7356977\System.EnterpriseServices.ni.dll
MOD - [2013/07/15 18:31:55 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\632affb16da1970ae3d40574d7356977\System.EnterpriseServices.Wrapper.dll
MOD - [2013/07/15 18:31:54 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b369565297de5b18e488962a43164f59\System.Transactions.ni.dll
MOD - [2013/07/15 18:31:53 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\d8f9327ccf9ae9cd853d9f9c6c8807bc\System.Web.ni.dll
MOD - [2013/07/15 18:31:21 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f5180622f14e190941dc1ce318662106\System.Configuration.ni.dll
MOD - [2013/07/15 18:31:18 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\05034abc5246a6fef208f73cb912d971\Accessibility.ni.dll
MOD - [2013/07/15 18:23:48 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0df518219a24860479f1baac25264972\System.Xml.ni.dll
MOD - [2013/07/15 18:23:30 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f58a8a55eda29b5a43af20c4568f7f91\System.Windows.Forms.ni.dll
MOD - [2013/07/15 18:23:20 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6ac6cab47b69e44769c726610e7f29bc\System.Drawing.ni.dll
MOD - [2013/07/15 18:23:05 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\40569a773af7fcc0d27e7557898a74b7\System.Data.ni.dll
MOD - [2013/07/15 18:22:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/07/15 18:22:53 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bab2502c8e4a46bd0bcf25a823f46873\PresentationFramework.ni.dll
MOD - [2013/07/15 18:22:36 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0351fcca879479a85f56ba3c22eca805\PresentationCore.ni.dll
MOD - [2013/07/15 18:22:22 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\2cea08523e7d42a72c7f7a9b79444ba4\WindowsBase.ni.dll
MOD - [2013/07/15 18:22:18 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e3cc2cbffd5fb21da64e93d9b6c27c7c\System.ni.dll
MOD - [2013/07/15 18:22:08 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/07/12 08:35:06 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/07/03 10:04:57 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/03/07 22:32:40 | 021,014,960 | ---- | M] () -- C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\libcef.dll
MOD - [2013/03/07 22:32:38 | 000,292,272 | ---- | M] () -- C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.dll
MOD - [2013/03/07 22:32:38 | 000,179,632 | ---- | M] () -- C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\CefSharp.WinForms.dll
MOD - [2013/01/13 14:25:14 | 000,225,792 | ---- | M] () -- C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
MOD - [2012/11/14 15:45:30 | 000,963,456 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2012/10/16 11:39:02 | 000,060,504 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooWinTab.dll
MOD - [2012/10/16 11:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files\Bamboo Dock\BambooCore.exe
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/01 15:48:48 | 008,217,088 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/04/01 15:41:58 | 002,267,648 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll
MOD - [2009/06/10 15:24:32 | 005,545,632 | ---- | M] () -- C:\Windows\System32\WTMKM.exe
MOD - [2009/04/11 08:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/11 04:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/30 06:42:27 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009/03/30 06:42:26 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/03/30 06:42:26 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_fr_b77a5c561934e089\System.resources.dll
MOD - [2009/03/30 06:42:26 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_fr_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2009/03/30 06:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 06:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/02/25 03:16:59 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009/02/25 03:16:59 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_fr_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009/02/09 19:13:26 | 000,066,856 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus.dll
MOD - [2009/02/05 03:25:19 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3287.21145__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:19 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3287.21223__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:19 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3287.21130__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:19 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3287.21147__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:19 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3287.21203__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:19 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3287.21183__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3287.21142__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3287.21170__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3287.21137__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:18 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3287.21189__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:18 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3287.21224__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:18 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3287.21189__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:18 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3287.21137__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:18 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3287.21188__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:17 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3287.21222__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3287.21222__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:16 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3287.21172__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:16 | 000,716,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3287.21138__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:16 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3287.21148__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:16 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3287.21197__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:16 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3287.21147__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:16 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3287.21181__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:16 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3287.21171__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3287.21150__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:16 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3287.21181__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:15 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3287.21166__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:15 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3287.21171__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:15 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3287.21182__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009/02/05 03:25:15 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3287.21151__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009/02/05 03:25:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3287.21170__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3287.21171__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3287.21182__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/02/05 03:25:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/02/05 03:25:14 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/02/05 03:25:13 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/02/05 03:25:13 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/02/05 03:25:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/02/05 03:25:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/02/05 03:25:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/02/05 03:25:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009/02/05 03:25:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/02/05 03:25:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/02/05 03:25:13 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/02/05 03:25:13 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/02/05 03:25:12 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009/02/05 03:25:11 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/02/05 03:25:11 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/02/05 03:25:10 | 000,532,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3287.21211__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/02/05 03:25:10 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3287.21141__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/02/05 03:25:10 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3287.21217__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/02/05 03:25:10 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3287.21215__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/02/05 03:25:10 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3287.21232__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/02/05 03:25:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/02/05 03:25:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/02/05 03:25:10 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/02/05 03:25:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/02/05 03:25:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009/02/05 03:25:10 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009/02/05 03:25:10 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009/02/05 03:25:10 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3287.21241__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009/02/05 03:25:10 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3287.21128__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/02/05 03:25:09 | 001,073,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3287.21134__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/02/05 03:25:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3287.21129__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009/02/05 03:25:09 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3287.21128__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/02/05 03:25:09 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3287.21130__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/02/05 03:25:09 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/02/05 03:25:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/02/05 03:25:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3287.21217__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/02/05 03:25:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/02/05 03:25:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/02/05 03:25:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3287.21127__90ba9c70f846762e\APM.Server.dll
MOD - [2009/02/05 03:25:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3287.21128__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/02/05 03:25:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/12/31 14:36:16 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/12/25 14:41:24 | 000,881,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008/11/18 12:03:14 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/11/18 11:57:08 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/11/18 11:57:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/11/18 11:56:58 | 000,118,784 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/11/18 11:56:56 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/11/18 11:56:40 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/11/18 11:56:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/11/18 11:56:40 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/10/29 18:34:28 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007/08/14 14:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 14:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 14:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2006/08/29 09:29:00 | 000,180,224 | ---- | M] () -- C:\Windows\System32\ATWTINK.DLL


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2013/07/30 15:00:33 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Program Files\Web Cake\WDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/12 08:35:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/03 10:04:57 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 09:53:36 | 000,162,408 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/11/14 15:45:30 | 000,526,208 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV - [2011/08/26 10:23:06 | 006,132,576 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/08/11 05:35:00 | 004,239,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/06/03 14:41:02 | 000,392,864 | ---- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2009/02/09 19:14:02 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/02/09 19:14:02 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2008/12/17 17:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/10/26 22:49:40 | 000,237,657 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\stacsv.exe -- (STacSV)
SRV - [2008/06/27 17:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\AEstSrv.exe -- (AESTFilters)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp60.sys -- (ZDPSp60)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\lsmyugdt.sys -- (lsmyugdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2013/06/28 15:56:13 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/06/28 15:56:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/06/28 15:56:13 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/05/09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/12 10:54:52 | 000,013,728 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV - [2012/10/12 10:20:38 | 000,069,024 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wachidrouter.sys -- (WacHidRouter)
DRV - [2012/10/12 10:20:38 | 000,011,680 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/12/16 09:23:14 | 000,103,424 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RzSynapse.sys -- (RzSynapse)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/24 17:12:28 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\ZDCndis5.sys -- (ZDCNDIS5)
DRV - [2009/04/17 03:17:54 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009/03/08 19:15:14 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2008/12/31 16:00:52 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/28 19:04:24 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/02/05 03:02:58] [Kernel | Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/10/26 22:50:56 | 000,391,168 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/10/23 11:42:10 | 000,107,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/09/04 19:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/08/06 18:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/07/29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008/03/27 13:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/03/27 13:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/01/21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/09/18 13:48:22 | 000,030,329 | ---- | M] (NAVMAN) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Navcar.sys -- (Navcar)
DRV - [2001/05/07 12:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{D75447C9-4DAE-48F1-833C-DF6FAA6CD835}: "URL" = http://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fr/
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes\{f3b72d01-2629-481c-874d-02926e33dd7b}: "URL" = http://www.wibeez.com/meteo?search&q={searchTerms}
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\SearchScopes\BD3D227939364FCEB9BD385D5615D252: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=airmsd&cd=2XzuyEtN2Y1L1QzutDtDtBtAzz0BzzzyyEzzyCtDyD0DyBtBtN0D0Tzu0CyDtBtDtN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1T1L1C1H1B1Q&cr=722425854&ir=
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-995685742-3574865275-925459661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.defaulturl: "http://s1.bubbledock.com/store/fr_fr"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"
FF - prefs.js..extensions.enabledAddons: %7B9c0d17d7-581a-4152-97cf-de56684ec7f8%7D:1.0.0.54
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: d8222698-19e5-4827-b79e-0a077ea8eb7a%407b662f6d-3899-41e4-8864-6393447568da.com:0.91.11
FF - prefs.js..extensions.enabledAddons: newtaburl%40sogame.cat:2.2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\lyly\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\lyly\AppData\Roaming\Mozilla\Firefox\Profiles\v1l76jpn.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0: C:\Users\lyly\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lyly\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lyly\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\lyly\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/06/13 17:30:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/03 10:04:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/03 10:04:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/03 10:04:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/03 10:04:50 | 000,000,000 | ---D | M]

[2011/04/28 09:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lyly\AppData\Roaming\mozilla\Extensions
[2009/11/21 14:07:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lyly\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2013/07/31 11:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lyly\AppData\Roaming\mozilla\Firefox\Profiles\v1l76jpn.default\extensions
[2012/05/16 11:28:09 | 000,000,000 | ---D | M] (VimGlasses Plugin) -- C:\Users\lyly\AppData\Roaming\mozilla\Firefox\Profiles\v1l76jpn.default\extensions\{9c0d17d7-581a-4152-97cf-de56684ec7f8}
[2013/07/30 14:53:51 | 000,000,000 | ---D | M] ("Plus-HD-3.5") -- C:\Users\lyly\AppData\Roaming\mozilla\Firefox\Profiles\v1l76jpn.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com
[2013/07/30 19:22:24 | 000,000,000 | ---D | M] (NewTabURL) -- C:\Users\lyly\AppData\Roaming\mozilla\Firefox\Profiles\v1l76jpn.default\extensions\newtaburl@sogame.cat
[2013/07/30 14:53:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lyly\AppData\Roaming\mozilla\Firefox\Profiles\v1l76jpn.default\extensions\d8222698-19e5-4827-b79e-0a077ea8eb7a@7b662f6d-3899-41e4-8864-6393447568da.com\chrome\content\extensionCode
[2013/07/30 19:22:17 | 000,051,994 | ---- | M] () (No name found) -- C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\extensions\newtaburl@sogame.cat.xpi
[2013/07/30 14:53:23 | 000,002,273 | ---- | M] () -- C:\Users\lyly\AppData\Roaming\mozilla\firefox\profiles\v1l76jpn.default\searchplugins\bingp.xml
[2013/07/31 11:27:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/07/03 10:04:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/03 10:04:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/07/03 10:04:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/13 17:30:22 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2009/09/30 20:22:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/07/25 21:58:53 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www1.delta-search.com/?babsrc=HP_ss&mntrId=55F9002100C015BE&affID=119357&tsp=4959
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\1.23.11_0\crossrider
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm\1.23.11_0\
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.3.4.1_0\
CHR - Extension: No name found = C:\Users\lyly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui File not found
O4 - HKLM..\Run: [BambooCore] C:\Program Files\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MacrokeyManager] C:\Windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-995685742-3574865275-925459661-1000..\Run: [Facebook Update] C:\Users\lyly\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-995685742-3574865275-925459661-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-995685742-3574865275-925459661-1000..\Run: [NTRedirect] C:\Windows\system32\rundll32.exe "C:\Users\lyly\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run File not found
O4 - HKU\S-1-5-21-995685742-3574865275-925459661-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [] File not found
O4 - HKU\S-1-5-20..\RunOnce: [] File not found
O4 - Startup: C:\Users\lyly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\lyly\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-995685742-3574865275-925459661-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06D3539F-EE31-4A63-863E-74228A3A97D7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\lyly\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\lyly\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/07/31 12:05:40 | 000,000,000 | ---D | C] -- C:\Users\lyly\AppData\Roaming\Malwarebytes
[2013/07/31 12:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/31 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/31 12:05:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/07/31 12:05:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/07/31 11:54:23 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/07/31 11:50:20 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\lyly\Desktop\mbam-setup-1.75.0.1300.exe
[2013/07/31 11:49:28 | 000,562,430 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\lyly\Desktop\JRT.exe
[2013/07/30 20:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2013/07/30 20:30:07 | 000,000,000 | ---D | C] -- C:\ZHP
[2013/07/30 14:55:42 | 000,000,000 | ---D | C] -- C:\Users\lyly\AppData\Roaming\Web Cake
[2013/07/30 14:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Web Cake
[2013/07/30 14:53:58 | 032,682,464 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Users\lyly\Documents\TeamSpeak3-Client-win32-3.0.10 [1].exe
[2013/07/30 14:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\Plus-HD-3.5
[2013/07/29 08:54:28 | 000,000,000 | ---D | C] -- C:\Users\lyly\AppData\Roaming\wacomid-desktop-launcher
[2013/07/03 10:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/07/31 12:47:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/31 12:41:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-995685742-3574865275-925459661-1000UA.job
[2013/07/31 12:14:03 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/31 12:05:13 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/31 11:50:33 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\lyly\Desktop\mbam-setup-1.75.0.1300.exe
[2013/07/31 11:50:03 | 000,562,430 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\lyly\Desktop\JRT.exe
[2013/07/31 11:45:08 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-995685742-3574865275-925459661-1000UA.job
[2013/07/31 11:42:59 | 000,001,274 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-updater.job
[2013/07/31 11:42:57 | 000,001,806 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-firefoxinstaller.job
[2013/07/31 11:42:57 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/31 11:42:55 | 000,001,882 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-chromeinstaller.job
[2013/07/31 11:42:55 | 000,001,186 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-codedownloader.job
[2013/07/31 11:42:53 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\Plus-HD-3.5-enabler.job
[2013/07/31 11:42:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/31 11:42:33 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/31 11:42:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/31 11:42:16 | 3218,284,544 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/31 11:32:29 | 000,000,098 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/07/31 11:25:40 | 000,666,633 | ---- | M] () -- C:\Users\lyly\Desktop\adwcleaner.exe
[2013/07/30 22:19:05 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin
[2013/07/30 21:14:09 | 000,001,768 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/07/30 21:14:09 | 000,001,645 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/07/30 21:14:09 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2013/07/30 20:45:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-995685742-3574865275-925459661-1000Core.job
[2013/07/30 18:48:56 | 000,006,836 | ---- | M] () -- C:\Users\lyly\AppData\Local\d3d9caps.dat
[2013/07/30 14:57:00 | 000,000,920 | ---- | M] () -- C:\Users\lyly\Desktop\TeamSpeak3.lnk
[2013/07/30 14:53:58 | 032,682,464 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Users\lyly\Documents\TeamSpeak3-Client-win32-3.0.10 [1].exe
[2013/07/29 17:41:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-995685742-3574865275-925459661-1000Core.job
[2013/07/24 16:27:43 | 000,001,745 | ---- | M] () -- C:\Users\lyly\AppData\Local\recently-used.xbel
[2013/07/24 08:38:13 | 000,719,884 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2013/07/24 08:38:13 | 000,632,152 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/24 08:38:13 | 000,144,680 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2013/07/24 08:38:13 | 000,118,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/24 08:37:29 | 000,045,568 | ---- | M] () -- C:\Users\lyly\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/15 18:20:11 | 003,733,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/15 17:47:18 | 000,002,039 | ---- | M] () -- C:\Users\lyly\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/07/09 13:58:14 | 000,016,896 | ---- | M] () -- C:\Users\Public\Documents\Projet_magazine_en_ligne-2.wps
[2013/07/09 13:58:14 | 000,001,230 | ---- | M] () -- C:\Users\lyly\AppData\Roaming\wklnhst.dat
[2013/07/09 13:46:48 | 000,016,384 | ---- | M] () -- C:\Users\lyly\Documents\Projet_magazine_en_ligne-2.wps
[2013/07/03 08:13:39 | 151,175,833 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/07/31 12:05:13 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/31 11:27:32 | 000,000,098 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/07/31 11:25:33 | 000,666,633 | ---- | C] () -- C:\Users\lyly\Desktop\adwcleaner.exe
[2013/07/30 22:19:05 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin
[2013/07/30 21:59:21 | 3218,284,544 | -HS- | C] () -- C:\hiberfil.sys
[2013/07/30 20:30:14 | 000,001,768 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk
[2013/07/30 20:30:14 | 000,001,645 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk
[2013/07/30 20:30:14 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk
[2013/07/30 14:57:00 | 000,000,920 | ---- | C] () -- C:\Users\lyly\Desktop\TeamSpeak3.lnk
[2013/07/30 14:54:46 | 000,001,274 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-updater.job
[2013/07/30 14:54:39 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-enabler.job
[2013/07/30 14:54:05 | 000,001,186 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-codedownloader.job
[2013/07/30 14:53:43 | 000,001,806 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-firefoxinstaller.job
[2013/07/30 14:53:28 | 000,001,882 | ---- | C] () -- C:\Windows\tasks\Plus-HD-3.5-chromeinstaller.job
[2013/07/24 16:27:43 | 000,001,745 | ---- | C] () -- C:\Users\lyly\AppData\Local\recently-used.xbel
[2013/07/09 13:47:46 | 000,016,896 | ---- | C] () -- C:\Users\Public\Documents\Projet_magazine_en_ligne-2.wps
[2013/07/09 13:43:57 | 000,016,384 | ---- | C] () -- C:\Users\lyly\Documents\Projet_magazine_en_ligne-2.wps
[2013/06/28 15:56:13 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/06/27 11:39:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/06/27 11:39:31 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/03/28 10:03:43 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/28 10:03:42 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/08/28 08:31:54 | 000,006,836 | ---- | C] () -- C:\Users\lyly\AppData\Local\d3d9caps.dat
[2012/04/08 19:54:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\db81202744b520957b5987349718abcd_c
[2012/01/08 15:57:37 | 000,000,552 | ---- | C] () -- C:\Users\lyly\AppData\Local\d3d8caps.dat
[2011/01/06 11:08:13 | 000,000,042 | ---- | C] () -- C:\Users\lyly\.gtk-bookmarks
[2010/04/23 12:53:34 | 000,001,230 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\wklnhst.dat
[2009/12/21 20:19:35 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId3_3
[2009/12/18 19:39:46 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId3_2
[2009/12/06 19:49:19 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId0_4
[2009/12/04 23:01:13 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId0_3
[2009/12/02 21:04:08 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId0_2
[2009/12/02 19:24:58 | 000,000,169 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\D2Info0
[2009/12/02 19:24:58 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId0_1
[2009/12/01 19:59:25 | 000,000,181 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\D2Info1
[2009/12/01 19:59:25 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId1_2
[2009/11/20 11:01:34 | 000,000,173 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\D2Info3
[2009/11/20 11:01:34 | 000,000,008 | ---- | C] () -- C:\Users\lyly\AppData\Roaming\DofusAppId3_1
[2009/09/27 11:00:54 | 000,045,568 | ---- | C] () -- C:\Users\lyly\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2006/11/02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010/12/06 23:40:31 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\36-image converter
[2010/05/22 18:02:53 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Acreon
[2010/12/07 19:04:51 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Ambient Design
[2012/08/10 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\AnkamaCertificates
[2009/12/02 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\app
[2010/12/06 16:16:06 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Artweaver
[2012/11/07 19:08:32 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Canon
[2011/01/10 18:20:15 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Caricatool
[2012/02/21 22:35:38 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/04/08 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2010/04/20 19:05:23 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DOFUS
[2011/08/04 10:19:52 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus 2
[2009/12/01 20:01:59 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus 2 Online
[2010/04/21 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/04 23:01:13 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/06 19:49:19 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/04/20 19:04:14 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012/08/10 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus2
[2009/12/01 19:59:25 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DofusOnline-2.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
[2009/10/10 15:16:48 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
[2010/01/02 12:55:31 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\EA
[2010/10/09 12:25:44 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Electronic Arts
[2011/08/22 20:51:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
[2011/08/30 10:36:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\go
[2012/04/11 09:09:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\gtk-2.0
[2010/01/08 10:24:27 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Icones
[2012/08/04 20:38:19 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\inkscape
[2013/01/24 21:37:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Mumble
[2011/12/31 12:06:36 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Origin
[2012/07/08 17:43:34 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PDAppFlex
[2011/07/11 10:14:32 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PhotoFiltre
[2013/01/01 11:11:01 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PhotoFiltre 7
[2010/12/07 19:33:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Pixia
[2009/12/02 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/10/27 16:28:14 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\SecondLife
[2011/06/29 13:34:03 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Smith Micro
[2012/07/08 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/09/28 18:08:35 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\StoneTrip
[2011/03/01 14:09:56 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Studio-Scrap3
[2012/04/11 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\SYSTEMAX Software Development
[2013/07/09 13:48:21 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Template
[2013/07/30 15:44:57 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\TS3Client
[2011/03/31 17:41:35 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Unity
[2013/01/13 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Wacom
[2013/07/29 08:54:28 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\wacomid-desktop-launcher
[2013/01/13 14:33:06 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013/07/31 11:06:29 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Web Cake
[2009/09/27 13:20:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WildTangent
[2011/06/03 09:49:09 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WindSolutions

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/12/06 23:40:31 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\36-image converter
[2010/05/22 18:02:53 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Acreon
[2012/08/24 08:15:21 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Adobe
[2010/12/07 19:04:51 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Ambient Design
[2012/08/10 09:28:46 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\AnkamaCertificates
[2009/12/02 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\app
[2012/08/11 11:49:49 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Apple Computer
[2010/12/06 16:16:06 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Artweaver
[2009/09/26 18:09:25 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\ATI
[2011/07/12 20:16:52 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\AVS4YOU
[2012/11/07 19:08:32 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Canon
[2011/01/10 18:20:15 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Caricatool
[2012/02/21 22:35:38 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/04/08 18:29:10 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2012/06/15 15:55:47 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\CyberLink
[2010/04/20 19:05:23 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DOFUS
[2011/08/04 10:19:52 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus 2
[2009/12/01 20:01:59 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus 2 Online
[2010/04/21 13:54:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/04 23:01:13 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/06 19:49:19 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/04/20 19:04:14 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012/08/10 09:35:11 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Dofus2
[2009/12/01 19:59:25 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DofusOnline-2.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
[2009/10/10 15:16:48 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\DofusOnline.D3C9F6CBD45122AC696063EA7CD9E35E7469708A.1
[2010/01/02 12:55:31 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\EA
[2010/10/09 12:25:44 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Electronic Arts
[2011/08/22 20:51:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
[2011/08/30 10:36:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\go
[2012/04/11 09:09:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\gtk-2.0
[2010/04/09 09:45:59 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\hewlett-packard
[2009/09/26 18:03:55 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\HP TCS
[2013/07/27 19:56:35 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\HpUpdate
[2010/01/08 10:24:27 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Icones
[2009/09/26 18:08:57 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Identities
[2012/08/04 20:38:19 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\inkscape
[2010/04/16 19:03:56 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\InstallShield
[2009/09/26 18:12:34 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Macromedia
[2013/07/31 12:05:40 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Malwarebytes
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Media Center Programs
[2012/11/11 13:25:57 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Media Player Classic
[2012/06/14 18:37:01 | 000,000,000 | --SD | M] -- C:\Users\lyly\AppData\Roaming\Microsoft
[2011/01/14 14:01:24 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Mozilla
[2013/01/24 21:37:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Mumble
[2011/12/31 12:06:36 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Origin
[2012/07/08 17:43:34 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PDAppFlex
[2011/07/11 10:14:32 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PhotoFiltre
[2013/01/01 11:11:01 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\PhotoFiltre 7
[2010/12/07 19:33:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Pixia
[2009/12/02 19:25:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2011/10/27 16:28:14 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\SecondLife
[2013/07/31 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Skype
[2011/06/11 11:55:31 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\skypePM
[2011/06/29 13:34:03 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Smith Micro
[2012/07/08 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/09/28 18:08:35 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\StoneTrip
[2011/03/01 14:09:56 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Studio-Scrap3
[2012/04/11 21:40:20 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\SYSTEMAX Software Development
[2010/05/07 20:59:38 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\teamspeak2
[2013/07/09 13:48:21 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Template
[2013/07/30 15:44:57 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\TS3Client
[2011/03/31 17:41:35 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Unity
[2010/10/26 10:00:55 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\vlc
[2013/01/13 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Wacom
[2013/07/29 08:54:28 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\wacomid-desktop-launcher
[2013/01/13 14:33:06 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2013/07/31 11:06:29 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\Web Cake
[2009/09/27 13:20:17 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WildTangent
[2011/06/03 09:49:09 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WindSolutions
[2010/08/22 00:14:53 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WinRAR
[2013/01/13 14:23:37 | 000,000,000 | ---D | M] -- C:\Users\lyly\AppData\Roaming\WTablet

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/06/26 12:49:05 | 000,272,384 | ---- | M] () -- C:\Users\lyly\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
[2009/09/29 21:29:08 | 000,006,144 | ---- | M] (Electronic Arts Canada) -- C:\Users\lyly\AppData\Roaming\EA\EASW\GameFace\DetectOpenGLConsole.exe
[2009/09/29 21:29:08 | 000,005,120 | ---- | M] (Electronic Arts Canada) -- C:\Users\lyly\AppData\Roaming\EA\EASW\GameFace\DownloadSourcePhotoConsole.exe
[2010/01/02 12:55:36 | 000,030,208 | ---- | M] (Electronic Arts Canada) -- C:\Users\lyly\AppData\Roaming\EA\EASW\GameFace\FileDownloadConsole.exe
[2009/10/08 11:30:41 | 000,013,312 | ---- | M] (Electronic Arts Canada) -- C:\Users\lyly\AppData\Roaming\EA\EASW\GameFace\PhotoFaceConsole.exe
[2009/09/29 21:29:04 | 000,009,216 | ---- | M] (Electronic Arts Canada) -- C:\Users\lyly\AppData\Roaming\EA\EASW\GameFace\UploadPhotofitConsole.exe
[2013/07/29 08:36:08 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\lyly\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009/10/04 21:44:47 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\lyly\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2012/04/08 16:46:55 | 000,010,134 | R--- | M] () -- C:\Users\lyly\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
[2010/09/09 14:09:25 | 000,010,134 | R--- | M] () -- C:\Users\lyly\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/01/24 20:49:16 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Users\lyly\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2011/01/24 20:49:16 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Users\lyly\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2011/09/28 18:08:34 | 000,205,120 | ---- | M] () -- C:\Users\lyly\AppData\Roaming\StoneTrip\Player\S3DCrashReporter.exe
[2011/09/28 18:08:34 | 000,061,904 | ---- | M] () -- C:\Users\lyly\AppData\Roaming\StoneTrip\Player\S3DOptions.exe
[2011/09/28 18:08:05 | 000,077,848 | ---- | M] (Stonetrip) -- C:\Users\lyly\AppData\Roaming\StoneTrip\Web Player\S3D Web Player-uninst.exe
[2013/07/26 06:02:29 | 000,052,504 | ---- | M] (Bake Cake) -- C:\Users\lyly\AppData\Roaming\Web Cake\WebCakeDesktop.exe
[2011/06/03 09:44:34 | 003,461,560 | ---- | M] (WindSolutions) -- C:\Users\lyly\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
[2011/06/03 09:47:48 | 007,626,888 | ---- | M] (WindSolutions) -- C:\Users\lyly\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransManager.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ALG.EXE >[/color]
[2008/01/21 04:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\System32\alg.exe
[2008/01/21 04:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/01/23 13:16:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2009/01/23 13:16:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2009/01/23 13:16:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2009/01/23 13:16:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

[color=#A23BEC]< MD5 for: CSRSS.EXE >[/color]
[2008/01/21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe

[color=#A23BEC]< MD5 for: CTFMON.EXE >[/color]
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\System32\ctfmon.exe
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe

[color=#A23BEC]< MD5 for: DISK.SYS >[/color]
[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2007/05/17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS >[/color]
[2006/11/02 10:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006/11/02 10:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_f55d5e51\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[color=#A23BEC]< MD5 for: INTELIDE.SYS >[/color]
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\intelide.sys
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\intelide.sys
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\intelide.sys
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\intelide.sys
[2006/11/02 11:49:24 | 000,014,952 | ---- | M] (Microsoft Corporation) MD5=97469037714070E45194ED318D636401 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\intelide.sys
[2009/01/23 13:16:34 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\System32\drivers\intelide.sys
[2009/01/23 13:16:34 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\intelide.sys
[2009/01/23 13:16:34 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\intelide.sys
[2009/01/23 13:16:34 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=F8E9F542139BDFFF29EF38A41E894F21 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\intelide.sys
[2009/01/23 13:16:34 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=F8E9F542139BDFFF29EF38A41E894F21 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\intelide.sys

[color=#A23BEC]< MD5 for: MOUNTMGR.SYS >[/color]
[2008/01/21 04:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\System32\drivers\mountmgr.sys
[2008/01/21 04:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\mountmgr.sys

[color=#A23BEC]< MD5 for: MRXSMB.SYS >[/color]
[2011/04/29 15:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1E94971C4B446AB2290DEB71D01CF0C2 -- C:\Windows\System32\drivers\mrxsmb.sys
[2011/04/29 15:24:40 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1E94971C4B446AB2290DEB71D01CF0C2 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18462_none_81390d734e728aac\mrxsmb.sys
[2010/02/23 13:16:50 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1F0DAA8676E0B3D00C2EC1F82B140A1C -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22346_none_81dc4772677c5da2\mrxsmb.sys
[2009/04/11 06:14:28 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=317EB668973951BAD512EE8BEBF9ED25 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18005_none_817ce6414e3f3a6f\mrxsmb.sys
[2011/04/29 14:51:45 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=43E584A3CA783C3D7A610B0C21E290E1 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22910_none_801049446a431416\mrxsmb.sys
[2010/02/23 13:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=454341E652BDF5E01B0F2140232B073E -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18213_none_8170198d4e491e00\mrxsmb.sys
[2011/02/22 14:51:30 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=45C648D35CA74FE5D6D799728B1F9C45 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22859_none_7fee0a486a5b6ac2\mrxsmb.sys
[2011/04/29 14:49:35 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=5734A0F2BE7E495F7D3ED6EFD4B9F5A1 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18644_none_7f6a3a11513a332d\mrxsmb.sys
[2011/02/22 15:23:59 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=5FE5CF325F5B02EBC60832D3440CB414 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18409_none_8180ef014e3b9467\mrxsmb.sys
[2009/12/04 18:14:15 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=64B76496CCEA0A56CC0B1F9B32605F8F -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21173_none_7debfa986d4ab84f\mrxsmb.sys
[2009/12/04 18:12:51 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=66592E91051728C3571B0D77175686AB -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18375_none_7f4ac4e55151a8e2\mrxsmb.sys
[2009/12/04 17:56:09 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=66DE1A2B389A1969CA1751B276108E45 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18158_none_8149d9694e650f50\mrxsmb.sys
[2009/12/04 18:08:29 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7295B41FBCA3231841A7EDFF34A7BD14 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22281_none_81ac046a67a1518c\mrxsmb.sys
[2010/02/23 13:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7AFC42E60432FD1014F5342F2B1B1F74 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18431_none_7f7205535134d0e9\mrxsmb.sys
[2010/02/23 15:14:41 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=8AF705CE1BB907932157FAB821170F27 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.17025_none_7d9a6dfd5402bf7e\mrxsmb.sys
[2011/02/22 16:56:08 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=8B478E8E8F90FB25C3684C35F5AD2907 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22594_none_81a43b0e67a6b0f7\mrxsmb.sys
[2009/12/04 18:16:23 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=B81A462840C1C9FE6B4EAB893402F3D2 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22575_none_7fd463966a6f45d3\mrxsmb.sys
[2011/04/29 15:00:00 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=B99F961821C20CA8326A7197913E0298 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22634_none_81e51c7c67760678\mrxsmb.sys
[2010/02/23 13:30:49 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=BBB0D31B477CFF3B4F737ED0367F635F -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21230_none_7e143b506d2cf9ad\mrxsmb.sys
[2008/01/21 04:24:11 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C4AD205530888404E2B5FC8D9319B119 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18000_none_7f916d35511d6f23\mrxsmb.sys
[2011/02/22 14:51:53 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=CC752D233EF39875CA6885D9415BA869 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18604_none_7f9579c15119c369\mrxsmb.sys
[2010/02/23 13:30:23 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=D92DB980E8F791286750127C8E371A7D -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22641_none_7ff0d4186a5a89cb\mrxsmb.sys
[2009/12/04 18:27:45 | 000,101,888 | ---- | M] (Microsoft Corporation) MD5=F6805DC6823B90393D561BDB163468F6 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.16971_none_7d608517542eb295\mrxsmb.sys

[color=#A23BEC]< MD5 for: MRXSMB10.SYS >[/color]
[2009/04/11 06:14:36 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=05716F0203B5C774A87384A1FF7B968F -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18005_none_8a900495489078d1\mrxsmb10.sys
[2009/01/23 13:29:05 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0883E1ADA541F4201ECAF63C29F2DCAC -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22252_none_88fa1b3264b308d9\mrxsmb10.sys
[2009/01/23 13:29:05 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0A986B34F1678A2697574D7B1664E2DD -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18130_none_88841dab4b86fe7f\mrxsmb10.sys
[2010/02/23 13:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=2A4901AFF069944FA945ED5BBF4DCDE3 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8a8337e1489a5c62\mrxsmb10.sys
[2009/01/23 13:29:05 | 000,211,456 | ---- | M] (Microsoft Corporation) MD5=2BBD3970018270D2C6A0B069F568154E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16738_none_86a5e1554e593846\mrxsmb10.sys
[2011/02/22 15:24:10 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=30B9C769446AF379A2AFB72B0392604D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18409_none_8a940d55488cd2c9\mrxsmb10.sys
[2010/02/23 13:16:58 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=32E743994055D8D4729E2F2E0EF4758D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8aef65c661cd9c04\mrxsmb10.sys
[2009/12/04 17:56:16 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=346611D7523B520FAA86B76753CC9874 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18158_none_8a5cf7bd48b64db2\mrxsmb10.sys
[2009/12/04 18:27:52 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=3B6200FE9DEEF1F9BBF576A80082A741 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16971_none_8673a36b4e7ff0f7\mrxsmb10.sys
[2009/01/23 13:24:18 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=3C9B1B7D11B08B465598C6B87A8B1735 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22175_none_88e77a5264c08f99\mrxsmb10.sys
[2010/02/23 15:14:51 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=47E13AB23371BE3279EEF22BBFA2C1BE -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.17025_none_86ad8c514e53fde0\mrxsmb10.sys
[2011/07/06 17:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=4FCCB34D793B116423209C0F8B7A3B03 -- C:\Windows\System32\drivers\mrxsmb10.sys
[2011/07/06 17:31:47 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=4FCCB34D793B116423209C0F8B7A3B03 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18490_none_8a29bb6f48ddea33\mrxsmb10.sys
[2010/02/23 13:30:28 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=581305791239FAC6B5B4225AB0C7A7E4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8903f26c64abc82d\mrxsmb10.sys
[2011/07/06 16:57:14 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=6684E2D7B246961AE5001B151DBC653B -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22939_none_8916ca5a649c6e69\mrxsmb10.sys
[2008/01/21 04:24:10 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=67E55CED3FC143C82A8197988BFC1F9A -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18000_none_88a48b894b6ead85\mrxsmb10.sys
[2011/07/06 16:56:47 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=6B5FA5ADFACAC9DBBE0991F4566D7D55 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18664_none_8867b88d4b9ba971\mrxsmb10.sys
[2009/01/23 13:24:18 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=7F14576D4F7B1930F951FE585201BBA4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18068_none_886bae514b981fe3\mrxsmb10.sys
[2011/07/06 17:01:24 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=84B2A28F4C5D77C6EDC138315AF6802A -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22672_none_8acafa8c61e981f0\mrxsmb10.sys
[2010/02/23 13:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=8A75752AE17924F65452746674B14B78 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18431_none_888523a74b860f4b\mrxsmb10.sys
[2011/02/22 16:56:16 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=8B9A354A4607FC140EAB8E5D37C5D403 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22594_none_8ab7596261f7ef59\mrxsmb10.sys
[2011/02/22 14:52:11 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=9049DDDD4BD27D43D82F5968F1DA76E4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18604_none_88a898154b6b01cb\mrxsmb10.sys
[2009/12/04 18:14:25 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=95764A2DFB3746407BBD6223BF1CE145 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21173_none_86ff18ec679bf6b1\mrxsmb10.sys
[2010/02/23 13:30:59 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=A6130566AC4178473B5DAC8F8F74407D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21230_none_872759a4677e380f\mrxsmb10.sys
[2009/12/04 18:12:58 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=AA9496B3B8F1D3CB2D2A731BA05464E0 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18375_none_885de3394ba2e744\mrxsmb10.sys
[2009/12/04 18:16:35 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=B04E30592FD96F3D543A1329CE0FD562 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22575_none_88e781ea64c08435\mrxsmb10.sys
[2009/12/04 18:08:40 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=BB74E8E0DE15AF95703AAAD907BEDF5E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22281_none_8abf22be61f28fee\mrxsmb10.sys
[2011/02/22 14:51:39 | 000,213,504 | ---- | M] (Microsoft Corporation) MD5=F221BCD71034354B9AB6A1B33EED313E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22859_none_8901289c64aca924\mrxsmb10.sys
[2009/01/23 13:29:05 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=F813456C00B904DC3B6558CAD7B13BBA -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.20904_none_874beea267621c08\mrxsmb10.sys

[color=#A23BEC]< MD5 for: MRXSMB20.SYS >[/color]
[2010/02/23 13:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=28B3F1AB44BDD4432C041581412F17D9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8cb9a1f386f18fd3\mrxsmb20.sys
[2007/10/26 03:40:16 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=30A67C7D8B80281028916DED6A64AEC9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.16586_none_88a4376b8cdaca70\mrxsmb20.sys
[2011/04/29 14:51:47 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3102FA9B03B64DCA925D64E9F2ED7689 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22910_none_8b59d1aaa2eb85e9\mrxsmb20.sys
[2008/01/21 04:24:28 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=3268B8C3FA92BFC086355C39B45E9CC9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18000_none_8adaf59b89c5e0f6\mrxsmb20.sys
[2011/04/29 15:00:08 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=393BE8A8F7A86DDA38352B41A794C60B -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22634_none_8d2ea4e2a01e784b\mrxsmb20.sys
[2010/02/23 13:30:53 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=3D475E770D3AB2D0C5E3E1386871F9DA -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21230_none_895dc3b6a5d56b80\mrxsmb20.sys
[2011/02/22 16:56:11 | 000,080,384 | ---- | M] (Microsoft Corporation) MD5=57FEB0AFD532CA3327D0560FDC20B167 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22594_none_8cedc374a04f22ca\mrxsmb20.sys
[2011/04/29 14:49:44 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=5C80D8159181C7ABF1B14BA703B01E0B -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18644_none_8ab3c27789e2a500\mrxsmb20.sys
[2009/12/04 18:14:17 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=7E1B134C0EDD4AF6564A50559A4C9268 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21173_none_893582fea5f32a22\mrxsmb20.sys
[2010/02/23 15:14:42 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=90B3FC7BD6B3D7EE7635DEBBA2187F66 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.17025_none_88e3f6638cab3151\mrxsmb20.sys
[2011/02/22 14:52:04 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=91DC069B6831EF564E7D8C97EAF0343E -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18604_none_8adf022789c2353c\mrxsmb20.sys
[2010/02/23 13:16:50 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=98A085E296A9BA865CAE56C1BCB1A0F6 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8d25cfd8a024cf75\mrxsmb20.sys
[2010/02/23 13:30:23 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=A4BD317F6D6AD2B3A1FF81DC063748D4 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8b3a5c7ea302fb9e\mrxsmb20.sys
[2011/04/29 15:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C3CB1B40AD4A0124D617A1199B0B9D7C -- C:\Windows\System32\drivers\mrxsmb20.sys
[2011/04/29 15:24:42 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C3CB1B40AD4A0124D617A1199B0B9D7C -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18462_none_8c8295d9871afc7f\mrxsmb20.sys
[2009/04/11 06:14:29 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=C70C50D101B92B45C42BA11EA9FE6CD1 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18005_none_8cc66ea786e7ac42\mrxsmb20.sys
[2010/02/23 13:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=F4D0F3252E651F02BE64984FFA738394 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18431_none_8abb8db989dd42bc\mrxsmb20.sys
[2011/02/22 14:51:31 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=F6A5D115BCD1EABADA4E94E697027F1A -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22859_none_8b3792aea303dc95\mrxsmb20.sys
[2011/02/22 15:24:02 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=FEA239B3EC4877E2B7E23204AF589DDF -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18409_none_8cca776786e4063a\mrxsmb20.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

[color=#A23BEC]< MD5 for: RASACD.SYS >[/color]
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys

[color=#A23BEC]< MD5 for: RDPCDD.SYS >[/color]
[2008/01/21 04:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\System32\drivers\RDPCDD.sys
[2008/01/21 04:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.0.6001.18000_none_d4db241b3e3ef7e4\RDPCDD.sys

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
[2008/01/21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2013/03/09 03:16:53 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=44A40B18D9F6315D35F4539A41ECDE0D -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23076_none_ae64f5fc2fa90438\smss.exe
[2008/01/21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009/04/11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2013/05/02 03:27:42 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=AF2F8F104F119DD10AFA8B54A006F1B6 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.23103_none_aeada6782f72f1c3\smss.exe
[2013/03/09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\System32\smss.exe
[2013/03/09 03:28:08 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=BE7480C91E89EB82FC080F772C220AE4 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18805_none_ae2630391653543e\smss.exe

[color=#A23BEC]< MD5 for: SPOOLSV.EXE >[/color]
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2009/04/11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) MD5=524BFBEA40E6E404737CCBC754647A2E -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[2008/01/21 04:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe

[color=#A23BEC]< MD5 for: STORPORT.SYS >[/color]
[2008/01/21 04:24:03 | 000,123,960 | ---- | M] (Microsoft Corporation) MD5=39AD2C7B9C05C1CCD12480890DBA4EB5 -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6001.18000_none_277c4ea9302ee5d3\Storport.sys
[2009/04/11 08:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\System32\drivers\Storport.sys
[2009/04/11 08:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6002.18005_none_2967c7b52d50b11f\Storport.sys

[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2009/01/23 13:14:02 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2013/05/08 05:40:36 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=078218D74C4EFC2CE7E4C6DF22A94F2F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[2009/04/11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2011/09/20 23:02:55 | 000,913,280 | ---- | M] (Microsoft Corporation) MD5=16731B631F28F63CD9F4CB60940E7DDD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2011/06/17 22:13:55 | 000,905,104 | ---- | M] (Microsoft Corporation) MD5=2756186E287139310997090797E0182B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[2012/03/30 14:39:11 | 000,905,600 | ---- | M] (Microsoft Corporation) MD5=27D470DABC77BC60D0A3B0E4DEB6CB91 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2013/01/04 13:28:19 | 000,914,792 | ---- | M] (Microsoft Corporation) MD5=3535CD93F944C00F098E73E12EE7FEB6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2013/05/08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\System32\drivers\tcpip.sys
[2013/05/08 06:37:21 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=548E198BAE21EFC21F8B5F0C1728AD27 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2011/06/17 22:13:55 | 000,913,296 | ---- | M] (Microsoft Corporation) MD5=6647FCE6FC4970DAAFE5C64C794513D3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2013/01/04 13:28:18 | 000,905,576 | ---- | M] (Microsoft Corporation) MD5=74E2D020C47BB2B2FCCBA29A518A7EB4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2011/09/20 23:02:55 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=814A1C66FBD4E1B310A517221F1456BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[2009/01/23 13:14:02 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2012/03/30 14:39:11 | 000,914,304 | ---- | M] (Microsoft Corporation) MD5=EE7E10BED85C312C1D5D30C435BDDA9F -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[2008/01/21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

[color=#A23BEC]< MD5 for: TERMDD.SYS >[/color]
[2006/11/02 11:50:28 | 000,050,792 | ---- | M] (Microsoft Corporation) MD5=2C549BD9DD091FBFAA0A2A48E82EC2FB -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\termdd.sys
[2009/04/11 08:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\System32\drivers\termdd.sys
[2009/04/11 08:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\termdd.sys
[2009/04/11 08:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\termdd.sys
[2008/01/21 04:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\termdd.sys
[2008/01/21 04:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[color=#A23BEC]< MD5 for: WIN32K.SYS >[/color]
[2010/10/18 16:01:21 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=041D6ADE410A2FAD7451DADA50B807AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22778_none_b93974c5b3d5e6c3\win32k.sys
[2009/01/23 12:59:25 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=0FB1E39EE209B26B70A8C1E1A56D38DF -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_b7425913b6bceacf\win32k.sys
[2012/06/13 15:20:53 | 002,055,680 | ---- | M] (Microsoft Corporation) MD5=0FC10D6827D1C7B7F0C6F8D0F24CFF75 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22876_none_bb1dedb1b0fdfdd5\win32k.sys
[2009/04/21 13:55:06 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=13D686DF9652E7A397B2C3DA89881C34 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys
[2009/08/14 15:53:16 | 002,035,712 | ---- | M] (Microsoft Corporation) MD5=18406CE410C1A4394FE1A8246D10567F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18311_none_b8e9afca9a8df67d\win32k.sys
[2011/06/02 14:59:29 | 002,042,368 | ---- | M] (Microsoft Corporation) MD5=1AB81DE60826E31BCA3644C34C35006D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18653_none_b8c076609aac9064\win32k.sys
[2013/01/04 03:38:50 | 002,048,512 | ---- | M] (Microsoft Corporation) MD5=1C1F3014453865E805A8708751743A48 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18764_none_ba9d203e97da0f6c\win32k.sys
[2011/11/23 15:35:46 | 002,052,096 | ---- | M] (Microsoft Corporation) MD5=1C8C01C1E0645CC64B79B89D6529EE71 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22745_none_bb3d5b45b0e69384\win32k.sys
[2009/08/14 15:29:56 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=26AC4A647E67C7A7064309CBF1AAE3AC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22200_none_bb639005b0cab34a\win32k.sys
[2010/06/21 15:47:04 | 002,045,952 | ---- | M] (Microsoft Corporation) MD5=2AB7745E006D3692A6B758F9A97386A8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22428_none_bb55f649b0d3b032\win32k.sys
[2010/12/31 15:59:47 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=2EE9A7A6563BEB2D325028BFA1639A94 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22560_none_bb22b62fb0fb5265\win32k.sys
[2012/11/23 03:18:15 | 002,055,680 | ---- | M] (Microsoft Corporation) MD5=356E2AE3A0E98DE62EEC887AFE693A91 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22984_none_bb111f17b107e43f\win32k.sys
[2013/01/04 03:39:36 | 002,056,704 | ---- | M] (Microsoft Corporation) MD5=3B196D544F8BEAF33ADC8C3D75020DA0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23013_none_bb5ba663b0d03a93\win32k.sys
[2010/10/18 15:31:24 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=4A2D1819212071B0AA0DD47DD6D2DC7B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18328_none_bacc597e97b61068\win32k.sys
[2011/06/02 15:12:16 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=4CD2681A8C7613567F5DFAE6EA4589C4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22653_none_bb3088dfb0f07fa0\win32k.sys
[2013/04/10 03:27:51 | 002,056,704 | ---- | M] (Microsoft Corporation) MD5=5166BB01CC845F3E247B345A8293C121 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23094_none_bb06274db1103372\win32k.sys
[2009/01/23 13:18:38 | 002,029,568 | ---- | M] (Microsoft Corporation) MD5=541DF3F03A378BDD96A917A4CB8C71A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_b7833c67b68c3d77\win32k.sys
[2010/08/31 16:33:39 | 002,046,464 | ---- | M] (Microsoft Corporation) MD5=5A259D684426F7DCBD6D435347955FF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22478_none_bb1fe6adb0fc3be7\win32k.sys
[2012/01/12 21:52:56 | 002,044,416 | ---- | M] (Microsoft Corporation) MD5=5A62BE9757C7D75120E7C7B2FF513379 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18569_none_baa21de497d593d1\win32k.sys
[2009/01/23 12:59:25 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=5B1E0409A9A6C415543732F21B2B7CC6 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_b96c781fb3b0201f\win32k.sys
[2009/04/21 13:55:42 | 002,030,080 | ---- | M] (Microsoft Corporation) MD5=633B5887DC689EB3ECF2F0994F506F40 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys
[2008/01/21 04:24:35 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
[2012/05/15 21:51:08 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=6B4E654E8616A176D595DF915A426BF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18633_none_babc8dd297c2a51b\win32k.sys
[2010/05/01 15:53:49 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=6E78D8BB909579F9CBA6C8410C5C1697 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18468_none_b8baa41a9ab030ba\win32k.sys
[2009/01/23 12:59:25 | 002,027,008 | ---- | M] (Microsoft Corporation) MD5=6FF39E07708091C05FC748DB2DE833EA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_b6e7fd209d7b409d\win32k.sys
[2009/04/11 06:24:16 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=71C61AFCD453F3153B0EB4F988EE669D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18005_none_badef2c697a8950c\win32k.sys
[2011/06/02 14:59:32 | 002,042,880 | ---- | M] (Microsoft Corporation) MD5=7380515AC4AD02062931817CC226486D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22927_none_b96e87e3b3ae3c05\win32k.sys
[2012/06/13 15:40:21 | 002,047,488 | ---- | M] (Microsoft Corporation) MD5=755A0ABC76E18B6E7707A0F2CDA6D4F3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18647_none_bab5bf0e97c72668\win32k.sys
[2012/04/02 15:23:35 | 002,053,120 | ---- | M] (Microsoft Corporation) MD5=7A21DD418F77118E5AEE3A97A3911184 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22831_none_bb442befb0e20f5e\win32k.sys
[2012/01/12 21:29:17 | 002,052,608 | ---- | M] (Microsoft Corporation) MD5=7A3A2BAE1222EEBE7DBB0FA83DB4A971 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22777_none_bb1eec15b0fd1a05\win32k.sys
[2013/06/04 03:50:43 | 002,049,024 | ---- | M] (Microsoft Corporation) MD5=7AB206A2C22648EFC67224D6D3CA918A -- C:\Windows\System32\win32k.sys
[2013/06/04 03:50:43 | 002,049,024 | ---- | M] (Microsoft Corporation) MD5=7AB206A2C22648EFC67224D6D3CA918A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18861_none_ba9a214697dcc08e\win32k.sys
[2010/12/31 15:24:31 | 002,039,296 | ---- | M] (Microsoft Corporation) MD5=7BE33568CBC736ACD18BF868CCFDD721 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22824_none_b96b851fb3b0f2d9\win32k.sys
[2010/12/31 15:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18573_none_b8aad4a29abccb1f\win32k.sys
[2009/08/14 15:27:17 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=8705038245789561EE714D12CC3368CE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18091_none_ba79a25297f52b29\win32k.sys
[2011/11/23 15:37:27 | 002,043,904 | ---- | M] (Microsoft Corporation) MD5=877DF507423D06A4F71BAB4B9C70314F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18544_none_bab2bc4a97c9dd3c\win32k.sys
[2013/03/05 03:40:56 | 002,049,024 | ---- | M] (Microsoft Corporation) MD5=88FB35233A80BB42FF5B4E722705FEF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18800_none_bada008497acff91\win32k.sys
[2012/10/12 16:29:30 | 002,047,488 | ---- | M] (Microsoft Corporation) MD5=8A9E46EB3A8C3AB5450B0661437BFA27 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18709_none_bae3013897a4e679\win32k.sys
[2010/08/31 15:39:46 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=8B8F4094E0C58022F8CBA3D33E45E244 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18523_none_b8e0e43e9a943f6a\win32k.sys
[2009/01/23 13:18:38 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=8BE357305D4BBEC35DBBE7D5536EE8C9 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_b9326941b3dc439f\win32k.sys
[2012/11/23 03:35:53 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=8D48BB1E33E4861271074788EC750BF3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18739_none_bac2917497bd3a4c\win32k.sys
[2009/01/23 12:59:25 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=8F2DA4DDC21250ABA9206352A1080299 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_b8e4dbe89a90b303\win32k.sys
[2010/05/01 22:27:32 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=92D62DCB0C488707CCDBC4044C62920C -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22682_none_b928a137b3e36d83\win32k.sys
[2012/07/04 16:02:46 | 002,047,488 | ---- | M] (Microsoft Corporation) MD5=92D85E8A4129FE44A3266266AC8D151D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18661_none_ba9a1d7a97dcc640\win32k.sys
[2012/02/02 17:06:28 | 002,052,608 | ---- | M] (Microsoft Corporation) MD5=930463628D0C21E4F4D752A4F4595BF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22790_none_bb024a37b113a086\win32k.sys
[2009/01/23 13:18:38 | 002,032,640 | ---- | M] (Microsoft Corporation) MD5=9304DD0014438C06261994960E24418A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_b8cd3d629aa2b55e\win32k.sys
[2009/08/14 16:01:34 | 002,031,104 | ---- | M] (Microsoft Corporation) MD5=9352E049F234BFA756C840CD8BDF4FFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16908_none_b71543169d58fafc\win32k.sys
[2012/04/02 15:36:21 | 002,044,928 | ---- | M] (Microsoft Corporation) MD5=98BB495043BD5E98B2E8D2B8239390ED -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18607_none_bae0febe97a6b6a4\win32k.sys
[2010/06/21 15:18:15 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=A0F8D73E65CD93F90FE9410FB17CD154 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18496_none_b89833c29aca51df\win32k.sys
[2009/04/21 13:39:47 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=A1696D4E327DB3FC815DAE837DC3D8B8 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys
[2012/05/15 21:37:08 | 002,053,120 | ---- | M] (Microsoft Corporation) MD5=A8E2159B3FE3A1F739BA7703C1AEA206 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22860_none_bb22bbe1b0fb49da\win32k.sys
[2009/01/23 13:18:38 | 002,027,520 | ---- | M] (Microsoft Corporation) MD5=A90760D6F915CBB28E7F240668881BDE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_b6db2e869d852707\win32k.sys
[2011/03/03 14:53:48 | 002,040,832 | ---- | M] (Microsoft Corporation) MD5=A91142A46B8FC7CFBD22F78515756EF1 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18612_none_b8eab5c69a8d0749\win32k.sys
[2012/02/02 17:16:25 | 002,044,416 | ---- | M] (Microsoft Corporation) MD5=AAEFA77DFDAB01F9EF195FD881DAB235 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18580_none_ba837b7297ede7a4\win32k.sys
[2009/04/21 13:42:33 | 002,034,688 | ---- | M] (Microsoft Corporation) MD5=AB4D93D30AA6B51598ADAFB6AAAB5962 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys
[2010/05/01 16:26:07 | 002,045,440 | ---- | M] (Microsoft Corporation) MD5=ABC44865039F3D6B055F7418A83802CC -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22396_none_bb08445bb10e43f4\win32k.sys
[2011/06/02 15:34:49 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=AD40B88FEA23C51404C40948C3160285 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18475_none_ba934aea97e14d3f\win32k.sys
[2011/09/06 17:18:22 | 002,051,584 | ---- | M] (Microsoft Corporation) MD5=B2855D835DBB342F9B058012254DB767 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22711_none_bb59c9e1b0d1da55\win32k.sys
[2010/06/21 15:25:11 | 002,036,736 | ---- | M] (Microsoft Corporation) MD5=B39C0D9A2B67487FCCF50345E44F8125 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22716_none_b97853b9b3a70c6f\win32k.sys
[2012/11/13 03:17:40 | 002,055,680 | ---- | M] (Microsoft Corporation) MD5=B982BB0A58B4487734712416DDB0DA87 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22977_none_bb1eefe1b0fd1453\win32k.sys
[2011/03/03 15:25:11 | 002,041,856 | ---- | M] (Microsoft Corporation) MD5=BE9AC15503AD65C35D9EF649539C4E3F -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18417_none_bad62b0697aed847\win32k.sys
[2012/07/04 15:34:55 | 002,055,680 | ---- | M] (Microsoft Corporation) MD5=C1F5D39166C2F1A7D753E372F31265BB -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22889_none_bb161ea3b10365cb\win32k.sys
[2013/04/09 03:36:18 | 002,049,024 | ---- | M] (Microsoft Corporation) MD5=C2DD5271193B4CCF11D63319DA0CA7AE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18817_none_bad6329e97aecce3\win32k.sys
[2010/08/31 15:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=C2F2451A71234D5CF5D0E6C6546FAC6D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18305_none_badef87897a88c81\win32k.sys
[2010/06/21 15:37:03 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=C803AEA1F4ED11CBBFFBEFF2FE78D463 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18275_none_ba93471e97e152f1\win32k.sys
[2010/08/31 15:38:10 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=CFDC1586D84A187D38512528F60CA7E5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22754_none_b94b1375b3c94985\win32k.sys
[2009/08/14 15:46:38 | 002,036,224 | ---- | M] (Microsoft Corporation) MD5=D4F9530BB031E0BAEDBE08B21BE52ADD -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22497_none_b922cef1b3e70dd9\win32k.sys
[2009/04/21 15:26:36 | 002,034,176 | ---- | M] (Microsoft Corporation) MD5=D8882CAF965DCBDE4278C88842D0ACFE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys
[2012/10/12 16:06:22 | 002,055,680 | ---- | M] (Microsoft Corporation) MD5=DA77701AB0FDFC077D1745367FF4B862 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22949_none_bb416039b0e2f32e\win32k.sys
[2013/06/04 03:27:32 | 002,057,216 | ---- | M] (Microsoft Corporation) MD5=DBF0F6D93A72715C9923FD8FA5FABED3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23132_none_bb450827b0e15645\win32k.sys
[2013/03/05 03:26:26 | 002,056,704 | ---- | M] (Microsoft Corporation) MD5=DCD02C9E35AABFFCA1B02AE146FD6BD2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.23071_none_bb18c647b102af8b\win32k.sys
[2010/05/01 16:13:48 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=DE14B77E9A30588F944163BD0911EDEA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18253_none_baa6e66297d2e861\win32k.sys
[2009/04/21 14:04:30 | 002,028,032 | ---- | M] (Microsoft Corporation) MD5=F0F292B8E028D69ACF49A9A78FBE4B78 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys
[2009/08/15 23:08:32 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=F140B984628DA0171AC67548A0515572 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21108_none_b79eb803b676ce08\win32k.sys
[2012/11/13 03:36:35 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=F167606EC2C01D804FC72F8F84E73E19 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18733_none_babc8fb897c2a242\win32k.sys
[2011/03/03 14:51:31 | 002,041,344 | ---- | M] (Microsoft Corporation) MD5=F56A9A30BA307D902C661A71B46F75F3 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22867_none_b943464db3ceaea2\win32k.sys
[2011/09/06 15:30:12 | 002,043,392 | ---- | M] (Microsoft Corporation) MD5=FC8AC0F6116A2454DEE43680494784E4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18512_none_bad12b7a97b356bb\win32k.sys
[2011/03/03 17:19:03 | 002,050,560 | ---- | M] (Microsoft Corporation) MD5=FCDC7F76EB218887230BE86AC6EBAC9B -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22601_none_bb6497e7b0c9c13d\win32k.sys
[2010/12/31 15:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) MD5=FD9B62599B3AD261D203040BC7DDEC65 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18365_none_ba9e18f097d93427\win32k.sys
[2010/10/18 17:02:01 | 002,046,976 | ---- | M] (Microsoft Corporation) MD5=FDFC6B42F398A78C490616EA9DE3BCF5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22506_none_bb699773b0c542c9\win32k.sys
[2010/10/18 15:56:44 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=FEC8A2CE367AFB7D91ABC0B16478B171 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18539_none_b8dc160e9a96f365\win32k.sys

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/12/31 14:37:46 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\ATIDEMGX.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:EC77041F

< End of report >

Publicité

Signaler le contenu de ce document

Publicité